hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,671 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

2197 Commits

Author SHA1 Message Date
Edward Minnix III
0e866a5447 Merge pull request #15359 from egregius313/egregius313/csharp/dataflow/threat-modeling/add-threatmodelflowsource 
C#: Threat Modeling - Introduce `ThreatModelFlowSource`
 2024-01-23 09:02:10 -05:00
Erik Krogh Kristensen
f1d6f56621 Merge pull request #15393 from erik-krogh/deps-jan-2024 
All: delete outdated deprecations
 2024-01-23 13:52:38 +01:00
Michael Nebel
123e86e0e0 C#: Add dummy stats for inline_array_type. 2024-01-23 08:29:01 +01:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
Ed Minnix
ff6d4c6ae6 Deprecation message 2024-01-22 11:09:53 -05:00
Ed Minnix
0ff12c07c7 Convert existing mapped-property classes to directly extend DatabaseInputSource 2024-01-22 11:09:51 -05:00
Ed Minnix
51564200a1 Documentation for FlowSources library 2024-01-22 11:09:48 -05:00
Ed Minnix
83e66136ce Change note 2024-01-22 11:09:46 -05:00
Ed Minnix
3c9c07ec40 Rename SourceNode.qll to FlowSources.qll 2024-01-22 11:09:43 -05:00
Ed Minnix
392eac5f9a Refactor source node classes to use SourceNode superclass 
Refactor the existing flowsource classes to use the `SourceNode` class
to specify which threat model they support.
 2024-01-22 11:09:41 -05:00
Ed Minnix
d29df68c97 Introduce the SourceNode and ThreatModelFlowSource classes 
1. Introduces the `SourceNode` class which allows dataflow nodes
   representing sources to indicate the threat model they are associated
   with.
2. Introduces the `ThreatModelFlowSource` class which represents a
   source node which respects the threat model configuration
 2024-01-22 11:09:39 -05:00
Ed Minnix
ad093fde4f Add dependency on codeql/threat-models shared library 2024-01-22 11:09:38 -05:00
Michael Nebel
1bb6f4962d C#: Match any {digit} in the format string. 2024-01-22 14:03:37 +01:00
Michael Nebel
5016113a0f C#: Add a string.Format sanitizer to url redirect and update expected test output. 2024-01-22 11:21:35 +01:00
Michael Nebel
884f3f1505 C#: Add string interpolation expression sanitizer to url redirect and update expected test output. 2024-01-22 11:21:19 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Joe Farebrother
4de19b3ec9 Merge pull request #15039 from joefarebrother/csharp-razor-flow-page-models 
C#: Add flow steps from a PageModel to cshtml page.
 2024-01-19 10:07:25 +00:00
Michael Nebel
24855ddc64 Merge pull request #15328 from michaelnebel/csharp/inlinearrays 
C# 12: Inline array support.
 2024-01-19 09:11:26 +01:00
Michael Nebel
cb53ca4e1f Merge pull request #15367 from michaelnebel/csharp/nullablesimpletypesanitizer 
C#: Consider nullable simple types as sanitizers.
 2024-01-19 09:09:36 +01:00
Michael Nebel
43350b0664 C#: Add change note. 2024-01-18 13:55:18 +01:00
Michael Nebel
9e9b5292f2 C#: Add change note. 2024-01-18 13:50:52 +01:00
Michael Nebel
9460c91c8c C#: Also consider nullable simple types (and datetime) as simple type sanitizers. 2024-01-18 12:53:29 +01:00
Michael Nebel
8a97c8c28e C#: Add QL support for InlineArrayType. 2024-01-18 11:09:00 +01:00
Michael B. Gale
a30791833d C#: Report any extracted file as successfully extracted 2024-01-17 20:57:39 +00:00
Michael Nebel
fcb9e473c0 C#: Add upgrade and downgrade scripts. 2024-01-17 14:08:18 +01:00
Michael Nebel
5e692a882e C#: Update dbscheme with a typekind for inline arrays. 2024-01-17 14:01:05 +01:00
Alexander Eyers-Taylor
934474681d Merge pull request #15254 from github/post-release-prep/codeql-cli-2.16.0 
Post-release preparation for codeql-cli-2.16.0
 2024-01-16 14:50:40 +00:00
Michael Nebel
8d64d71583 C#: Move the gen kind enum script. 2024-01-16 14:18:41 +01:00
github-actions[bot]
57df8b92df Post-release preparation for codeql-cli-2.16.0 2024-01-15 15:00:50 +00:00
Michael Nebel
275822f80d Merge pull request #15296 from michaelnebel/csharp/getruntimeargument 
C#: Improve getRuntimeArgumentForParameter to consider named arguments.
 2024-01-12 15:57:17 +01:00
Michael Nebel
dcce93ac4c C#: Address more review comments. 2024-01-12 14:07:27 +01:00
Michael Nebel
c68f9b05cd C#: Address review comments. 2024-01-12 11:24:37 +01:00
Owen Mansel-Chan
6945289afc Merge pull request #15246 from owen-mc/java/manual-neutral-overrides-generated 
C#/Java: Manual neutral summaries should block generated summaries
 2024-01-12 10:05:18 +00:00
Michael Nebel
b03eecb5ab C#: Add support for named arguments in getRuntimeArgumentForParameter. 2024-01-11 16:19:24 +01:00
Owen Mansel-Chan
5e9ddd8c63 Apply suggestions from code review on change notes 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-01-11 15:15:21 +00:00
Owen Mansel-Chan
3c369f88bb Add change notes 2024-01-11 14:00:17 +00:00
Michael Nebel
1770beea25 C#: Update QL doc for getRuntimeArgumentForParameter. 2024-01-11 09:07:15 +01:00
Michael Nebel
4dedc454ae C#: Add change-note. 2024-01-11 09:07:15 +01:00
Michael Nebel
b2faf3618c C#: Add support for params parameters in getRuntimeArgumentForParameter. 2024-01-11 09:07:14 +01:00
Owen Mansel-Chan
7824e60acd Manual neutral summaries should block generated summaries 2024-01-10 22:25:06 +00:00
Owen Mansel-Chan
52563b01b7 Factor logic out into interpretNeutral 2024-01-10 22:25:04 +00:00
Tom Hvitved
c9cf2a899c Merge pull request #15260 from hvitved/dataflow/may-benefit-from-cctx-simplify 
Data flow: Remove column from `mayBenefitFromCallContext`
 2024-01-10 11:43:15 +01:00
Tom Hvitved
f90201eb56 Data flow: Remove column from mayBenefitFromCallContext 2024-01-09 11:34:43 +01:00
Chuan-kai Lin
c4e5506a2c Merge pull request #15242 from github/cklin/upgrade-delete-fixes-csharp 
C#: Fix upgrade delete directives
 2024-01-08 07:27:40 -08:00
github-actions[bot]
a6c8cc9551 Release preparation for version 2.16.0 2024-01-08 13:11:26 +00:00
Tamas Vajk
e70cb1f259 Code quality improvement: simplify DataFlowPrivate::isParamsArg 2024-01-08 10:00:39 +01:00
Tamas Vajk
91637d49d4 Fix null dereference false positive 2024-01-08 10:00:39 +01:00
Tamas Vajk
35ee3246bb Add change note 2024-01-08 10:00:39 +01:00
Tamas Vajk
7daeeef3a1 C#: Improve arg-param mapping logic to consider named arguments passed to params parameters 2024-01-08 10:00:39 +01:00
Tamas Vajk
9bb807431d C#: Improve arg-param mapping logic to consider arguments passed to params parameters 2024-01-08 10:00:39 +01:00