hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

1460 Commits

Author SHA1 Message Date
amammad
e239d763dc Merge branch 'main' into amammad-go-NewFileSystemAccess 2023-09-26 02:04:59 +10:00
Asger F
d501856519 Update DataFlowImpl.qll copies 2023-09-25 10:05:29 +02:00
Anders Schack-Mulligen
6316f61af9 Go: Fix import conflict. 2023-09-22 15:09:25 +02:00
Anders Schack-Mulligen
66da997b7b Dataflow: Make use of defaults for language-specific hooks. 2023-09-22 14:54:22 +02:00
Anders Schack-Mulligen
13f7daf71e Merge pull request #13982 from aschackmull/dataflow/typeflow-calledge-pruning 
Dataflow: Add type-based call-edge pruning.
 2023-09-21 13:33:08 +02:00
github-actions[bot]
3acf5244b0 Post-release preparation for codeql-cli-2.14.6 2023-09-20 10:25:10 +00:00
github-actions[bot]
0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
amammad
52d1e45b05 add comments for better quality 2023-09-15 23:25:25 +10:00
Chris Smowton
a63bb1bbed Tidy 2023-09-15 12:58:44 +01:00
Anders Schack-Mulligen
f5a4b792bd C++/Go/Python/Ruby/Swift: Add dummy localMustFlowStep. 2023-09-13 15:43:46 +02:00
Kevin Stubbings
f9fe86a1ca Added change-notes 2023-09-12 21:34:30 -07:00
Kevin Stubbings
7d213d5bb9 Add Integer/Boolean Sanitizer 2023-09-12 21:10:11 -07:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
github-actions[bot]
abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Michael B. Gale
77369a09a4 Merge pull request #13872 from Kwstubbs/Kevin_error_sanitizer 
Go: Add sanitizer to remove paths passing through http.Error
 2023-09-04 13:25:55 +01:00
amammad
f3ea72c234 proper tests with depstubber, remove Duplicates :( 2023-09-03 04:51:05 +10:00
Kevin Stubbings
84d52b94a3 Forgot delete 2023-08-29 08:38:18 -07:00
Kevin Stubbings
ffa3bdc8bb Change note changes 2023-08-29 08:37:15 -07:00
Kevin Stubbings
29e14f7d8d Feedback, Format, Add Change Notes 2023-08-28 14:15:21 -07:00
Dave Bartolomeo
3343b78015 Merge pull request #14074 from github/post-release-prep/codeql-cli-2.14.3 
Post-release preparation for codeql-cli-2.14.3
 2023-08-28 13:34:10 -04:00
github-actions[bot]
3eba77421a Post-release preparation for codeql-cli-2.14.3 2023-08-28 15:53:49 +00:00
amammad
25c60c455e v1 2023-08-27 23:53:45 +10:00
Michael Nebel
ce6fd8ac5f Merge pull request #13432 from michaelnebel/updateissupported 
Java/C#: Update telemetry queries to report callables with sink/source neutrals as being supported.
 2023-08-22 08:39:38 +02:00
Jeroen Ketema
2d0f73d7c2 Merge pull request #13881 from jketema/shared-taint-tracking 
Introduce shared taint tracking library
 2023-08-21 12:45:49 +02:00
Michael Nebel
106ba11e10 Address review comments. 2023-08-21 09:59:02 +02:00
Michael Nebel
d66fe08661 Add QLDoc for the getKind predicate. 2023-08-21 09:59:02 +02:00
Michael Nebel
25cc561e50 Go: Sync files and make manual adjustments. 2023-08-21 09:59:01 +02:00
github-actions[bot]
098dfb4242 Release preparation for version 2.14.3 2023-08-18 14:48:15 +00:00
Michael B. Gale
a1c9deea61 Merge pull request #13867 from github/mbg/go/1.21-support 
Go: Basic Go 1.21 support
 2023-08-18 14:37:11 +01:00
Michael B. Gale
e65269be69 Add DefaultTaintSanitizer for clear 2023-08-17 17:49:46 +01:00
Jeroen Ketema
33e8310625 Merge branch 'main' into shared-taint-tracking 2023-08-17 00:14:25 +02:00
Michael B. Gale
ee58dbc6f7 Add new built-ins to builtinFunction predicate 
- `clear` isn't pure because it modifies a data structure in place
- `clear` may not be used correctly, but this is determined statically
 2023-08-15 20:16:42 +01:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Michael B. Gale
513da82510 Model data flow for min and max 2023-08-11 11:51:07 +01:00
Michael B. Gale
238049a870 Add Go 1.21 builtins 2023-08-11 10:57:10 +01:00
Owen Mansel-Chan
35a300f894 Apply suggestions from code review 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2023-08-11 10:06:14 +01:00
Owen Mansel-Chan
b7dfa2347c Put QLDoc on data flow and taint tracking modules 
We preserve all old QLDocs, but move them from the
config to the Flow module. This makes more sense than
the Config module, which is often private, and is generally
not directly accessed.
 2023-08-11 10:06:12 +01:00
Owen Mansel-Chan
08e1e8a120 Improve inaccurate deprecation comments 2023-08-10 15:50:08 +01:00
Owen Mansel-Chan
0928fa6e1f Give MyFlowstate a less generic name 2023-08-10 15:50:05 +01:00
Owen Mansel-Chan
089ea010d7 Improve QLDoc for Config::FlowState in StringBreak 2023-08-10 15:50:01 +01:00
Owen Mansel-Chan
81d4149a17 Note deprecation in QLDoc for LogInjection 2023-08-10 15:49:52 +01:00
Owen Mansel-Chan
8db3e4a9b4 Make IncorrectIntegerConversion use new API 2023-08-10 15:49:47 +01:00
Owen Mansel-Chan
b5ac0c94c6 Make ZipSlip use new API 2023-08-10 15:49:23 +01:00
Owen Mansel-Chan
7341b6156d Make XPathInjection use new API 2023-08-10 15:49:21 +01:00
Owen Mansel-Chan
a6177b3c92 Make UnsafeUnzipSymlink use new API 2023-08-10 15:49:20 +01:00
Owen Mansel-Chan
7db1daba6e Make TaintedPath use new API 2023-08-10 15:49:19 +01:00
Owen Mansel-Chan
6c91f77776 Make StringBreak use new API 2023-08-10 15:49:17 +01:00
Owen Mansel-Chan
30ae34352b Make StoredXss use new API 2023-08-10 15:49:16 +01:00
Owen Mansel-Chan
4334a51cf3 Make StoredCommand use new API 2023-08-10 15:49:15 +01:00
Owen Mansel-Chan
ac1670c0af Make SqlInjection use new API 
The extra nodes in .expected files are due to the changes from
https://github.com/github/codeql/pull/13717, which are not applied to
configuration classes extending DataFlow::Configuration or
TaintTracking::Configuration.
 2023-08-10 15:49:13 +01:00