hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-01 20:00:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,971 Commits 1,769 Branches 168 Tags
codeql-cli-2.25.3
Commit Graph

86971 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
a01b211f79 Merge pull request #19185 from hvitved/rust/ssa-capture-psudeo-read-dominate 
Rust: Fix `capturedCallRead`
 2025-04-02 19:16:55 +02:00
Jon Janego
e0d9dad9c2 Merge branch 'main' into jonjanego/useless-expression-tags 2025-04-02 10:51:52 -05:00
Jon Janego
d8ef4fc25d Update javascript/ql/src/Expressions/ExprHasNoEffect.ql 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-04-02 10:22:27 -05:00
Idriss Riouak
145c141e63 Merge pull request #19202 from github/idrissrio/trailing-return 
C++: update expected test results after extractor changes
 2025-04-02 17:01:14 +02:00
Óscar San José
f4515515fe Merge pull request #19204 from github/oscarsj/migrate-builders-macos-15 
Run pytest server with `sudo` and higher `nice` value
 2025-04-02 16:59:11 +02:00
Chris Smowton
e865d07a70 Merge pull request #19187 from smowton/smowton/feature/jakarta-persistence 
Java: generalise `javax.persistence` models to also recognise `jakarta.persistence`.
 2025-04-02 15:56:29 +01:00
Óscar San José
18c901bee4 Merge branch 'main' into oscarsj/migrate-builders-macos-15 2025-04-02 16:11:58 +02:00
Michael Nebel
16142a287a C#: Add NoDisposeCallOnLocalIDisposableBad file and update test expected output. 2025-04-02 15:43:52 +02:00
Simon Friis Vindum
001735bfb8 Rust: Take internal IDs of a smaller class 2025-04-02 15:39:58 +02:00
Michael Nebel
2193bece90 C#: Update test expected output. 2025-04-02 15:30:48 +02:00
idrissrio
14a84c3209 C++: update expected test results after extractor changes 2025-04-02 15:20:06 +02:00
Owen Mansel-Chan
ecd09edf64 Add stubs for gogf/gf and uptrace/bun 2025-04-02 14:17:40 +01:00
Owen Mansel-Chan
1687042c3b Add Bun models and tests 2025-04-02 14:17:39 +01:00
Owen Mansel-Chan
ddb7da4c13 Add gogf models and tests 2025-04-02 14:17:37 +01:00
Ed Minnix
9cf4117120 Add tests for gogf/gf/database/gdb 2025-04-02 14:17:35 +01:00
Ed Minnix
db65a6ff85 [gogf] Model github.com/gogf/gf/database/gdb 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-04-02 14:17:34 +01:00
Ed Minnix
c54f0d82e2 [bun] Model github.com/uptrace/bun 2025-04-02 14:17:32 +01:00
Owen Mansel-Chan
89e853b4be Don't use non-existent dependency 
This makes some go tooling, like `go mod tidy`, not work.
 2025-04-02 14:17:31 +01:00
Owen Mansel-Chan
88b061e27e Add change note 2025-04-02 14:17:30 +01:00
Michael Nebel
93d0f364d6 C#: Add ConstantConditionBad file. 2025-04-02 15:00:05 +02:00
Nicolas Will
10564fac4d Add @ps-codeql to CODEOWNERS for experimental cryptography 
This pull request adds @github/ps-codeql as a code owner of `**/experimental/quantum/` to support the development of post-quantum cryptography-related libraries and queries.

We’ll be committing stable but experimental work to these directories as it becomes ready for public use, with a near-term goal of moving it out of experimental.

To get started, we’d also need write access to `github/codeql`.

cc @adityasharad @lcartey
 2025-04-02 14:20:24 +02:00
Asger F
6c3bc941c5 Merge branch 'main' into js/name-resolution-independent-fixes 2025-04-02 14:15:44 +02:00
Asger F
2c40359143 JS: Change note 2025-04-02 14:12:07 +02:00
Asger F
30a9cd7c8a JS: Include document as a DOM value 2025-04-02 14:09:52 +02:00
Michael Nebel
6820cbabc8 C#: Accept file sync mismatch for C# testfiles if they are identical modulo comments. 2025-04-02 14:01:00 +02:00
Asger F
9ebaac82cf JS: Add tests for Response object sink 2025-04-02 13:47:18 +02:00
Geoffrey White
fbde235253 Rust: Rename the test as well. 2025-04-02 12:16:10 +01:00
Geoffrey White
02245af3ca Rust: Rename the query file. 2025-04-02 12:11:55 +01:00
Geoffrey White
9fc0ee185b Rust: Change the query ID to rust/summary/summary-statistics-reduced. 2025-04-02 12:03:20 +01:00
Taus
f461763938 Merge pull request #19186 from github/tausbn/actions-fix-gettargetpath-performance 
Actions: Fix bad performance in `getTargetPath`
 2025-04-02 12:53:56 +02:00
Napalys
390d9ffe66 Added change note 2025-04-02 12:50:53 +02:00
Napalys
b16b407f89 Add rimraf model and update tests for path injection vulnerabilities 2025-04-02 12:49:48 +02:00
Napalys
14999c19da Added test cases for rimraf library. 2025-04-02 12:46:48 +02:00
Tom Hvitved
8663f3b8b2 Rust: Add another disjunct to postWithInFlowExclude 2025-04-02 12:32:28 +02:00
Geoffrey White
c737ee9b52 Rust: Accept another consistency check failure. 2025-04-02 10:58:56 +01:00
Michael Nebel
22c943657a C#: Update change note. 2025-04-02 11:21:11 +02:00
Michael Nebel
d7f5ce2492 C#: Update log forging expected test output. 2025-04-02 11:21:07 +02:00
Michael Nebel
cf75493fe9 C#: Consider Enums and System.DateTimeOffset as having a sanitizing effect. 2025-04-02 11:21:05 +02:00
Michael Nebel
08159896f3 C#: Convert cs/log-forging tests to inline expectations. 2025-04-02 11:21:03 +02:00
Michael Nebel
60e3b4351a C#: Fix simple types testcases. 2025-04-02 11:21:01 +02:00
Michael Nebel
024712c073 C#: Temporarily comment out considering Enums as having a sanitizing effect. 2025-04-02 11:20:59 +02:00
Chris Smowton
77e4d9e692 Fix stray references to the javax package name 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2025-04-02 10:03:49 +01:00
Joe Farebrother
c37809a187 Reduce scope of allowImplicitRead to avoid cartesian product. 2025-04-02 09:35:50 +01:00
Joe Farebrother
2d6476ad21 Update names and alert message 2025-04-02 09:35:43 +01:00
Joe Farebrother
11830bf661 Move to separate folder 2025-04-02 09:35:39 +01:00
Joe Farebrother
5b7200a041 Use flow path in alerts 2025-04-02 09:35:32 +01:00
Joe Farebrother
08b4281187 Update query message and remove field case 2025-04-02 09:35:25 +01:00
Joe Farebrother
efdb4a6d82 Use global dataflow for loop variable capture 2025-04-02 09:35:17 +01:00
Anders Schack-Mulligen
e6cf737f99 Merge pull request #19178 from aschackmull/csharp/pressa-useuse 
C#: Update PreSSA to reference the new use-use predicates.
 2025-04-02 10:30:36 +02:00
Anders Schack-Mulligen
47b1c3d3ce Merge pull request #19154 from aschackmull/ssa/variablecapture 
Ssa: Replace phi-read references in VariableCapture with default use-use flow
 2025-04-02 10:16:17 +02:00