hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-10 23:41:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,274 Commits 1,777 Branches 169 Tags
codeql-cli-2.25.4
Commit Graph

87274 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
b0bd7a983f C++: Add MaD syntax for an arbitrary number of dereferences. 2024-06-21 12:47:42 +01:00
Mathias Vorreiter Pedersen
4dc13e850e C++: Add summaries for std dequence containers. 2024-06-21 12:47:40 +01:00
Mathias Vorreiter Pedersen
716df0c7ce C++: Support a richer language in MaD summaries for selecting member functions. 2024-06-21 12:47:39 +01:00
Mauro Baluda
b75514c990 Merge branch 'github:main' into main 2024-06-21 13:36:38 +02:00
Chris Smowton
cfb48ace73 Java: document extraction system requirements 
Note that a `java` binary is at least highly recommended for Java extraction, and in many circumstances a hard requirement. The same goes for `mvn` and `gradle`.
 2024-06-21 11:53:36 +01:00
Kasper Svendsen
988d0671bb Merge pull request #16734 from kaspersv/kaspersv/doc-intern-sets-builtin 
Document builtin InternSets module
 2024-06-21 12:06:40 +02:00
Tom Hvitved
a8758c0160 Ruby: Handle element references with blocks 2024-06-21 12:04:55 +02:00
Tom Hvitved
d7ce2be040 Ruby: Up/downgrade scripts 2024-06-21 12:04:53 +02:00
Rasmus Lerchedahl Petersen
280a9b4408 Python: Support Model Editor 2024-06-21 11:47:51 +02:00
Tom Hvitved
dff3ce2a9f Merge pull request #16794 from hvitved/ruby/sinatra-flow 
Ruby: Rework `Sinatra.FilterJumpStep`
 2024-06-21 11:38:10 +02:00
Tom Hvitved
21c9f33419 Ruby: Bump tree-sitter-ruby 2024-06-21 10:17:59 +02:00
Mathias Vorreiter Pedersen
c357cc9f08 C++: Add change note. 2024-06-21 08:54:12 +01:00
Mathias Vorreiter Pedersen
69490c62cd C++: Add qlpack dependency. 2024-06-21 08:54:10 +01:00
Mathias Vorreiter Pedersen
6bf22bda58 C++: Replace allocation models with models from extensible predicates. 2024-06-21 08:54:09 +01:00
Alvaro Muñoz
06918b0492 Remove custom scan action 2024-06-21 09:19:37 +02:00
Tom Hvitved
8ea4f85de3 Ruby: Rework Sinatra.FilterJumpStep 2024-06-21 08:57:59 +02:00
Tom Hvitved
95c764eff6 Fix Sinatra test to properly output pathgraph 2024-06-21 08:57:19 +02:00
Erik Krogh Kristensen
db768960f4 Merge pull request #15060 from am0o0/amammad-js-envinjection 
JS: Env Injection query
 2024-06-20 21:27:21 +02:00
Erik Krogh Kristensen
555d7e5958 Merge pull request #14293 from am0o0/amammad-js-CodeInjection_dynamic_import 
JS: Dynamic import as code injection sink
 2024-06-20 21:19:57 +02:00
erik-krogh
0de4fd8430 add test for the better type-narrowing in TS 5.5 2024-06-20 20:55:44 +02:00
erik-krogh
9966be6975 update to the stable release of TypeScript 5.5 2024-06-20 20:47:43 +02:00
erik-krogh
b936f725b5 update to 5.5.1-rc 2024-06-20 20:43:01 +02:00
erik-krogh
a691ec01b3 add test for the inferred type predicates in TS5.5 2024-06-20 20:42:59 +02:00
erik-krogh
5336a1a251 upgrade TypeScript to 5.5-beta 2024-06-20 20:42:57 +02:00
Erik Krogh Kristensen
60ed51781e Merge pull request #16790 from github/max-schaefer-patch-1 
JavaScript: Fix CodeQL alert in extractor
 2024-06-20 20:20:00 +02:00
Erik Krogh Kristensen
e84028d01e Merge pull request #14088 from am0o0/amammad-js-JWT 
JS: decoding JWT without signature verification
 2024-06-20 20:13:40 +02:00
Mathias Vorreiter Pedersen
d308178781 C++: Add extensible predicate for allocation. 2024-06-20 16:26:52 +01:00
Mathias Vorreiter Pedersen
ce5ab4c4b7 C++: Add qlpack dependency. 2024-06-20 16:26:50 +01:00
Mathias Vorreiter Pedersen
3457551264 C++: Replace deallocation models with models from extensible predicates. 2024-06-20 16:26:49 +01:00
Jeroen Ketema
0e04a59c08 Merge pull request #16795 from jketema/test-cleanup 
C++: Remove unneeded options from tests
 2024-06-20 16:24:07 +02:00
Mathias Vorreiter Pedersen
e5c20b13cf C++: Add extensible predicate for deallocation. 2024-06-20 14:51:09 +01:00
Jeroen Ketema
4c4c15b425 C++: Remove unneeded options from tests 2024-06-20 14:21:34 +02:00
Owen Mansel-Chan
aa35bd771b Fix bug removing "vendor/" from package paths 2024-06-20 13:18:21 +01:00
Asger F
a36e39359f Merge pull request #16739 from RasmusWL/js-array-steps 
JS: Allow many Array steps to be used in type-tracking
 2024-06-20 11:39:46 +02:00
Rasmus Lerchedahl Petersen
a7386b6670 Python: include new documentation 2024-06-20 11:25:25 +02:00
Rasmus Lerchedahl Petersen
f0e68887d4 Python: autoformat 2024-06-20 10:59:39 +02:00
yoff
b4fdf3c342 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-06-20 10:57:54 +02:00
Rasmus Wriedt Larsen
596102d3fb Update javascript/ql/lib/change-notes/2024-06-14-type-tracking-array-steps.md 
Co-authored-by: Asger F <asgerf@github.com>
 2024-06-20 10:07:49 +02:00
Alvaro Muñoz
1e4df62a39 Merge pull request #45 from github/change_packages 
Move from githubsecuritylab packages to github
 2024-06-20 09:51:17 +02:00
Alvaro Muñoz
4619128c11 Move from githubsecuritylab packages to github 2024-06-20 09:50:36 +02:00
Owen Mansel-Chan
754fd8e84c Drop leading . from getQualifiedName for built-in functions 
So it will be "panic" instead of ".panic".
 2024-06-19 22:04:21 +01:00
Owen Mansel-Chan
68a661f3c7 Write out whole function names 2024-06-19 21:58:31 +01:00
Owen Mansel-Chan
b79711b17e Move deprecated notice to top of comment 2024-06-19 21:58:28 +01:00
aegilops
1ecd72727d Renamed README to CUSTOMIZING, removed details from qhelp and referenced md doc instead 2024-06-19 17:59:43 +01:00
aegilops
a07639f4f6 Set severity to 7.0, in line with other configuration queries 2024-06-19 17:43:41 +01:00
aegilops
26f1b36736 Fixed formatting 2024-06-19 17:41:58 +01:00
aegilops
252c9e9416 Added data extension to set defaults, updated help, added README to explain customization 2024-06-19 17:27:17 +01:00
Max Schaefer
2be171746b JavaScript: Fix CodeQL alert in extractor 
This doesn't make a difference in practice because we only run the method on arrays of even length, but we might as well fix it.
 2024-06-19 17:13:01 +01:00
Rasmus Lerchedahl Petersen
5cb37f5c4c python: Document MaD format 
- add a few tests reflecting the documentation
- make the mentioned sink-kinds have an effect on relevant queries
 2024-06-19 17:00:15 +02:00
Mathias Vorreiter Pedersen
901fac4282 C++: Support 'Element' content in flow summaries. 2024-06-19 13:40:06 +01:00