codeql

mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00

Author	SHA1	Message	Date
Tom Hvitved	6eda042229	Data flow: Sync files	2022-12-15 15:29:13 +01:00
Tom Hvitved	adc738cb15	Data flow: Simplify reverse flow-through pruning	2022-12-15 15:29:12 +01:00
Tom Hvitved	d34901ac8c	Data flow: Track return position instead of return kind Reverts `bdb205a318`.	2022-12-15 15:29:12 +01:00
Tom Hvitved	1820bb4b0b	Data flow: Simplify forwards flow-through pruning	2022-12-15 15:29:11 +01:00
Tom Hvitved	cb84b557cf	Data flow: Track parameter instead of parameter position Reverts `70d2a0df8a`.	2022-12-15 15:29:11 +01:00
Tom Hvitved	d7e44a5426	Merge pull request #10714 from hvitved/ruby/initialize Ruby: Model flow through `initialize` constructors	2022-12-15 13:42:59 +01:00
Alex Ford	1b49bfe605	Merge pull request #11497 from alexrford/ruby/rails_globalid Ruby: model `rails/globalid` component	2022-12-15 10:35:15 +00:00
Tom Hvitved	b3feb4f295	Update ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll Co-authored-by: Asger F <asgerf@github.com>	2022-12-15 10:46:06 +01:00
Jami Cogswell	46b8fbc4c9	Java: update remaining models, resolve merge conflict	2022-12-15 00:33:06 -05:00
Jami	359e49044f	Merge branch 'main' into jcogs33/mad-metrics-query	2022-12-14 15:33:29 -05:00
turbo	4ec401a3f6	Tag all security queries in supported languages' experimental directories with an experimental tag	2022-12-14 17:15:50 +01:00
Tom Hvitved	c04b90bc6b	Add change note	2022-12-14 16:30:18 +01:00
Alex Ford	2af5925f38	Ruby: improve coverage of GlobalID::Identification modelling	2022-12-14 15:21:19 +00:00
Tom Hvitved	5d9c64ba6f	Ruby: Model flow through `initialize` constructors	2022-12-14 12:57:39 +01:00
Tom Hvitved	9a7628c988	Ruby: Add data flow tests for constructors	2022-12-14 12:57:39 +01:00
Tom Hvitved	25b2d11368	Merge pull request #11635 from hvitved/dataflow/approx-content Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3	2022-12-14 12:56:50 +01:00
Henry Mercer	a3933fbf4f	Bump minor versions of packs we regularly release	2022-12-13 18:59:24 +00:00
Henry Mercer	7167f078be	Merge branch 'main' into henrymercer/mergeback-3.8	2022-12-13 18:40:53 +00:00
erik-krogh	d95a4a7baf	add a second example of how to use module_eval without constructing a code-string	2022-12-13 19:33:45 +01:00
erik-krogh	ccf520a5cd	Merge branch 'main' into unsafeCodeConstruction	2022-12-13 18:31:49 +01:00
Jami Cogswell	a33436a39b	Java: update hasProvenance	2022-12-13 11:26:23 -05:00
Tom Hvitved	0c2eee2a72	Data flow: Sync files	2022-12-13 09:52:55 +01:00
Tom Hvitved	410ef4d713	Data flow: Rename stages	2022-12-13 09:52:46 +01:00
Tom Hvitved	d11cb2ee0f	Data flow: Introduce `ApproxContent` in a new pruning stage between existing stages 2 and 3	2022-12-13 09:52:45 +01:00
Jami	93d8a03e73	Merge branch 'main' into jcogs33/mad-metrics-query	2022-12-12 20:31:53 -05:00
Harry Maclean	0340549744	Ruby: Slight rewording	2022-12-13 09:45:31 +13:00
erik-krogh	e0045d2736	filter out string literals from the taint-sink meta query	2022-12-12 21:44:24 +01:00
Jami Cogswell	623068c4b9	Java: add hasProvenance predicate, remove isManuallyGenerated and isBothAutoAndManuallyGenerated	2022-12-12 11:23:46 -05:00
erik-krogh	b3a9c1ca06	Py/JS/RB: Use instanceof in more places	2022-12-12 16:06:57 +01:00
Erik Krogh Kristensen	4ff823c36b	Merge pull request #11366 from p-/p--ruby-kernel-open-addition Ruby: Add additional sinks to the `rb/kernel-open` query	2022-12-12 15:56:01 +01:00
Tom Hvitved	912aa461c7	Merge pull request #11654 from hvitved/ruby/stage-collapse Ruby: Ensure `Node::{toString,getLocation}` are computed in data flow stage	2022-12-12 13:57:47 +01:00
Michael Nebel	e0f1b38439	Merge pull request #11580 from michaelnebel/renamenegativemodels C#/Java: Rename Negative Summary Model to Neutral Model	2022-12-12 07:59:06 +01:00
Harry Maclean	6c8896d83f	Merge pull request #11337 from hmac/actionmailbox Ruby: Model ActionMailbox	2022-12-12 10:29:23 +13:00
Tom Hvitved	58549087e0	Ruby: Ensure `Node::{toString,getLocation}` are computed in data flow stage	2022-12-11 20:37:24 +01:00
Tom Hvitved	367aa35d8c	Ruby: Avoid `SummarizedCallable::propagatesFlowExt` being recursive	2022-12-11 20:37:23 +01:00
github-actions[bot]	343b7b1c8b	Post-release preparation for codeql-cli-2.11.6	2022-12-11 18:15:04 +00:00
github-actions[bot]	0b2fb4f70a	Release preparation for version 2.11.6	2022-12-10 15:49:35 +00:00
Jami Cogswell	6854845b75	Java: refactor isManuallyGenerated and isBothAutoAndManuallyGenerated	2022-12-09 18:37:50 -05:00
Michael Nebel	a14df1ca61	Ruby: Rename Negative Summary Model to Neutral Model.	2022-12-09 15:04:43 +01:00
Michael Nebel	079d48c42a	Sync files.	2022-12-09 15:04:42 +01:00
Asger F	387a673c10	Merge pull request #11567 from asgerf/js/data-extensions2 JS: Move MaD models to data extensions	2022-12-09 10:09:24 +01:00
Peter Stöckli	d2c8e70be1	Adjust expected file for TaintStep (due to changes to File.join)	2022-12-09 09:57:19 +01:00
Peter Stöckli	03fff2709b	Add suggestions to fix FileJoinSanitizer	2022-12-09 09:42:44 +01:00
Peter Stöckli	0d8c82009c	Merge branch 'main' into p--ruby-kernel-open-addition	2022-12-09 07:54:56 +01:00
Jami Cogswell	0b2f2a3f88	Java: remove predicates from NegativeSummarizedCallable	2022-12-08 23:46:55 -05:00
Tom Hvitved	2ab05a81d1	Merge pull request #11621 from hvitved/ruby/library-callable-get-param Ruby: Add `SummarizedCallable::getParameter`	2022-12-08 16:20:44 +01:00
Tom Hvitved	cbf722dad0	Ruby: Add `SummarizedCallable::getParameter`	2022-12-08 15:59:41 +01:00
erik-krogh	1a6e16f292	Merge branch 'main' into kernelLoad	2022-12-08 15:41:48 +01:00
erik-krogh	f09e10f61f	delete redundant cast	2022-12-08 15:34:26 +01:00
Chris Smowton	49bc524fd0	Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main	2022-12-08 11:12:30 +00:00

... 41 42 43 44 45 ...

4804 Commits