hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,671 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

3504 Commits

Author SHA1 Message Date
Michael Nebel
40204911bc C#: Only allow source propgatation upwards in the call stack if the call path consists of unique call targets (to avoid unwanted virtual dispatch). This severely tightens the generation of extrapolated sources. 2024-06-19 14:10:49 +02:00
Michael Nebel
1c3ceacf04 C#: Some renaming and re-factoring. 2024-06-18 13:05:21 +02:00
Michael Nebel
b5d6a6db7e C#: Use the same types as sanitizers for source and sink model as we use for summary model generation. 2024-06-18 13:05:12 +02:00
Michael Nebel
a29446a566 C#/Java: Address review comments. 2024-06-14 10:46:19 +02:00
Michael Nebel
91ebeee429 C#: Perceive field and property reads as additional flow steps in sink extrapolation. 2024-06-12 14:16:26 +02:00
github-actions[bot]
8a25081a0e Post-release preparation for codeql-cli-2.17.5 2024-06-10 15:33:08 +00:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Chanel
7b5297b882 Merge branch 'main' into jb1/chanely-insecure-sql-connection 2024-06-05 09:02:13 -07:00
Chanel Young
716e2737d1 formatting 2024-06-05 09:01:10 -07:00
Michael Nebel
8b75bb2ba9 C#: The model generator should consider System.Type and System.DateTime as sanitizers. 2024-05-31 12:50:18 +02:00
Michael Nebel
121378a262 C#: Add change-note. 2024-05-31 12:50:02 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Michael Nebel
5a25967019 C#: Address review comments. 2024-05-28 13:38:23 +02:00
Michael Nebel
c59c7cf02a C#: Use manual sink callables as exclusion for extrapolated sinks. 2024-05-24 12:50:48 +02:00
Michael Nebel
a8feda2e2b C#: Introduce lifting of callables in the model generator. 2024-05-24 12:50:48 +02:00
Michael Nebel
3ad29d843d C#: Re-factor model generator specific to align with Java. 2024-05-24 12:50:48 +02:00
Michael Nebel
95473c06fc Merge pull request #16520 from michaelnebel/csharp/fixsummarizedcallabledataflow 
C#: Make the flow summary filtering in the adapter.
 2024-05-24 12:48:03 +02:00
Dave Bartolomeo
f498e05099 Merge branch 'main' into dbartol/v1 2024-05-23 14:37:28 -04:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Tom Hvitved
f517c00658 Merge pull request #16559 from hvitved/csharp/callable-always-returns-true 
C#: Simplify logic in `JsonWebTokenHandlerLib.qll`
 2024-05-23 09:25:19 +02:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Michael Nebel
2449074f3d C#: Remove the DataFlowSummarizedCallable as this narrowing is now handled in the adapter. 2024-05-22 15:11:41 +02:00
Tom Hvitved
39019b3b62 C#: Simplify logic in JsonWebTokenHandlerLib.qll 2024-05-22 14:24:32 +02:00
Tom Hvitved
bebcd679a4 Address review comments 2024-05-21 14:51:52 +02:00
Tom Hvitved
454687d583 Data flow: Synthesize parameter return nodes 2024-05-21 14:47:42 +02:00
Chanel Young
5ee7004a62 fp case if encrypt set in initializer 2024-05-16 17:59:17 -07:00
Michael Nebel
763d53afed C#: Remove the override and ext column from the summaries printing test. 2024-05-16 15:08:45 +02:00
github-actions[bot]
32e8b5c667 Post-release preparation for codeql-cli-2.17.3 2024-05-14 21:14:08 +00:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00
Michael Nebel
79c6834aa3 Merge pull request #16374 from michaelnebel/java/narrowsuperimpl 
Java: Improve finding best type for models and lifting.
 2024-05-14 13:12:04 +02:00
Joe Farebrother
513a319149 Change cwe to 348 2024-05-13 22:38:47 +01:00
Joe Farebrother
20a1e22c44 Add missing CWE tags 2024-05-09 10:33:48 +01:00
Michael Nebel
f00ad7c0e7 C#/Java: Invert api filtering logic. 2024-05-08 14:42:53 +02:00
Michael Nebel
e64a2d6c9c C#: Align telemetry implementation with Java. 2024-05-03 12:48:14 +02:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Tamas Vajk
1d45e3a558 C#: Store buildless extraction timing information and return in telemetry query 2024-04-26 14:59:31 +02:00
Tom Hvitved
d8d7688f88 C#: Fix another bad join 2024-04-23 15:39:59 +02:00
Tom Hvitved
6aa4c5c187 C#: Fix a bad join 2024-04-23 11:47:55 +02:00
Tamas Vajk
c11adc8c28 C#: Adjust known type telemetry query 2024-04-18 08:49:48 +02:00
Michael Nebel
4d3d07a964 Merge pull request #16215 from michaelnebel/csharp/telemetryissupported 
C#: Take more sources and sinks into account when reporting in the te…
 2024-04-17 15:29:46 +02:00
Alexander Eyers-Taylor
da3fa22cbd Merge pull request #16228 from github/post-release-prep/codeql-cli-2.17.1 
Post-release preparation for codeql-cli-2.17.1
 2024-04-17 11:24:34 +01:00
github-actions[bot]
622e176a16 Post-release preparation for codeql-cli-2.17.1 2024-04-16 14:21:32 +00:00
Michael Nebel
e7bfd7df62 C#: Take more sources and sinks into account when reporting in the telemetry queries. 2024-04-16 16:05:16 +02:00
Michael Nebel
f69737b407 C#: Move parallelsink to the library qlpack. 2024-04-16 16:05:16 +02:00
Michael Nebel
58635bdbd6 Merge pull request #16121 from michaelnebel/csharp/modelgenexcludeset 
C#: Exclude properties with both a getter and setter as candidates for modelling.
 2024-04-16 14:49:07 +02:00
Tom Hvitved
6bf05eb29a C#: Exclude delegate and dynamic calls from extractor telemetry 2024-04-16 12:53:39 +02:00
Joe Farebrother
3567c30020 Set precision to high 2024-04-16 09:41:46 +01:00
github-actions[bot]
9bfe4ea90a Release preparation for version 2.17.1 2024-04-15 17:34:47 +00:00