hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-25 06:37:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,786 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
c2f2a0578b Merge pull request #12868 from github/redsun82/bazel-6.1.2 
Bazel: update to 6.1.2
 2023-04-19 14:06:08 +02:00
Owen Mansel-Chan
219c1686fd Wrap return values of moveToTemporaryGopath in a struct 2023-04-19 12:40:23 +01:00
Erik Krogh Kristensen
d7325ba4e1 Merge pull request #12856 from p-/p--non-constant-open-improvments 
Ruby: Add additional sanitizers for Kernel.open or IO.read or similar sinks with a non-constant value
 2023-04-19 13:39:16 +02:00
Michael Nebel
b410791f28 C#: Re-factor InsecureRandomness to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
e94b492404 C#: Delete inaccessible/dead data flow configuration in JsonWebTokenHandlerLib. 2023-04-19 13:36:30 +02:00
Michael Nebel
f976eeb909 C#: Re-factor on AppendCookieTracking to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
1b128a21e6 C#: Re-factor AuthCookieName to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
1979a78f02 C#: Re-factor RequestForgery to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
b7e36b7dec C#: Re-factor NoDisposeCallOnLocalIDisposable to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
5580023ec3 C#: Re-factor FormatInvalid to use the new API. 2023-04-19 13:36:30 +02:00
Owen Mansel-Chan
1bb006f43e Move defer statements to the right place 
It turns out that extracting defer statements into a separate function
changes behaviour.
 2023-04-19 12:20:52 +01:00
Owen Mansel-Chan
641f16b0df Factor out extract() 2023-04-19 12:20:52 +01:00
Owen Mansel-Chan
a611769b43 Factor out installDependencies() 2023-04-19 12:20:51 +01:00
Owen Mansel-Chan
d61d595b21 Factor out function buildWithCustomCommands 2023-04-19 12:20:51 +01:00
Owen Mansel-Chan
b45c0ff848 Factor out buildWithoutCustomCommands 2023-04-19 12:20:51 +01:00
Owen Mansel-Chan
b76e655735 Factor out moving code to temp dir in gopath 2023-04-19 12:20:50 +01:00
Owen Mansel-Chan
ba48eaa8a6 Factor out calculation of source dir 2023-04-19 12:20:50 +01:00
Owen Mansel-Chan
702c22b630 Refactor calculation of inLGTM 2023-04-19 12:20:49 +01:00
Owen Mansel-Chan
f0186957ca Factor out tryUpdateGoModAndGoSum 2023-04-19 12:20:49 +01:00
Owen Mansel-Chan
0bfb242e63 Factor out logic for needGopath 2023-04-19 12:20:49 +01:00
Owen Mansel-Chan
b169f1bfdf Factor out code to fix go vendor issues 2023-04-19 12:20:48 +01:00
Owen Mansel-Chan
f872a11b85 Factor out initial ModMode calculation 2023-04-19 12:20:48 +01:00
Owen Mansel-Chan
2d8d9773c4 Factor out depMode calculation 2023-04-19 12:20:47 +01:00
Owen Mansel-Chan
d613bc8a28 Update checks for files or dirs existing 
The previous way is considered outdated now.
 2023-04-19 12:20:47 +01:00
Geoffrey White
c092851c28 Swift: Add a test for ExtensionDecls. 2023-04-19 11:50:49 +01:00
Owen Mansel-Chan
2914480ff6 Avoid platform-specific results 
These were introduced in https://github.com/github/codeql/pull/12750 but
the relevant tests that should have caught it weren't run.
 2023-04-19 11:18:19 +01:00
Owen Mansel-Chan
1cf626f712 Use latest patch version of Go 1.20 for tests 2023-04-19 11:18:09 +01:00
Tony Torralba
4e60697042 Merge pull request #12866 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-19 11:16:21 +02:00
Paolo Tranquilli
83674751fc Bazel: update to 6.1.2 2023-04-19 11:12:02 +02:00
Mathias Vorreiter Pedersen
8d62d5916e Merge pull request #12807 from MathiasVP/dataflow-for-keypaths 
Swift: Dataflow for keypaths
 2023-04-19 10:00:49 +01:00
Peter Stöckli
672cb92fbd Ruby: improve non-constant-kernel-open, recursive step for freeze 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-04-19 10:50:59 +02:00
Asger F
1c2fdc8df9 JS: Ignore more webpack modules 2023-04-19 10:29:14 +02:00
Harry Maclean
c44fbc1063 Merge pull request #12786 from hmac/merge-extractor-binaries 
Ruby/QL: Merge extractor binaries
 2023-04-19 15:17:25 +07:00
Paolo Tranquilli
e93686cdfc Merge branch 'main' into redsun82/swift-logging-assertions-and-prints 2023-04-19 09:16:19 +02:00
Arthur Baars
dcca0e0c6c JavaScript: switch to shared YamlPopulator 2023-04-19 08:34:38 +02:00
Michael Nebel
1caca21552 Merge pull request #12829 from michaelnebel/csharp/refactordataflow4 
C#: Re-factor tainttracking and dataflow configurations to use the new API.
 2023-04-19 08:32:36 +02:00
Harry Maclean
30468dd059 QL: Rename extractor to codeql-extractor-ql 2023-04-19 06:30:09 +00:00
Harry Maclean
ab4eba11ec Ruby: Rename extractor to codeql-extractor-ruby 2023-04-19 06:27:27 +00:00
Tony Torralba
62f5a5dcd5 Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers 
Java: Add line break sanitizers to java/log-injection
 2023-04-19 08:20:04 +02:00
Nate Johnson
4ae8377713 Merge branch 'main' into js-insecure-http-parser 2023-04-18 22:00:13 -04:00
Nate Johnson
78229bb264 Moved into experimental 2023-04-18 21:59:14 -04:00
github-actions[bot]
7abc029872 Add changed framework coverage reports 2023-04-19 00:16:15 +00:00
Robert Marsh
3c2b4e8456 C++: AST-based wrapper for new range analysis 2023-04-18 15:52:43 -04:00
Edward Minnix III
fc3c776bdc Permit CodeQL's own tests 
Removing `%/test/%` accidentally removed our own test cases.

Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-04-18 15:31:49 -04:00
Mathias Vorreiter Pedersen
9aca2d8533 Merge pull request #12861 from MathiasVP/ignore-more-instructions-for-dataflow 
C++: Ignore a few more instructions in dataflow
 2023-04-18 18:17:11 +01:00
Geoffrey White
c7ea08aa73 Swift: Fix inline expectations. 2023-04-18 17:32:38 +01:00
Mathias Vorreiter Pedersen
fb1a871777 Merge pull request #12855 from MathiasVP/fix-joins-in-use-after-free 
C++: Fix bad self-join in `cpp/use-after-free`
 2023-04-18 17:13:03 +01:00
Nora Dimitrijević
7f675d8c3b Swift: more CapturedDecl test cases 2023-04-18 16:50:38 +02:00
Nora Dimitrijević
96f06f8eca Swift: refactor the public API wrt captures 
This exposes capture- and access-related methods under different names.
 2023-04-18 16:50:37 +02:00
Ed Minnix
83d5cde01d Change isInTestFile to ignore %/test/% 2023-04-18 10:27:20 -04:00