hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayCallerJava
Commit Graph

3040 Commits

Author SHA1 Message Date
Ed Minnix
60cf1eccae Update test results 2025-01-07 06:41:39 -05:00
Ed Minnix
0f06ddcff0 Change note 2025-01-07 06:41:37 -05:00
Ed Minnix
128c02b488 database/sql/driver tests 2025-01-07 06:41:36 -05:00
Ed Minnix
3e65c8de36 database/sql tests 2025-01-07 06:41:34 -05:00
Ed Minnix
e9fdc8a34c database source tests 2025-01-07 06:41:33 -05:00
Ed Minnix
80ad349a48 database/sql summary models for Row types 2025-01-07 06:41:31 -05:00
Ed Minnix
8093d57781 database/sql and database/sql/driver source models 2025-01-07 06:41:30 -05:00
dependabot[bot]
d7eaf9012f Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-07 03:20:27 +00:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Tom Hvitved
1b31c90d26 Implement FlowSummaryImpl stubs 2025-01-06 13:26:51 +01:00
Ed Minnix
c02430607a Add post-processing to StoredXss.qlref test 2025-01-03 13:26:29 -05:00
Kevin Stubbings
4b95ea0987 Merge branch 'main' into go-rs-cors 2024-12-17 17:35:29 -08:00
github-actions[bot]
f9d739c173 Add changed framework coverage reports 2024-12-17 00:22:24 +00:00
Michael Nebel
d0e9c3bb70 Fix failing tests on main. 2024-12-16 14:16:47 +01:00
Michael Nebel
aaf0cd5dee Merge pull request #17968 from michaelnebel/java/movetestutils 
Move test utilities to the query pack.
 2024-12-16 13:41:30 +01:00
Owen Mansel-Chan
7ab06fca2f Merge pull request #18275 from owen-mc/go/mad/variadic-params-sources 
Go: Make models-as-data source models for variadic parameters work
 2024-12-15 13:22:21 +00:00
Ed Minnix
7852c8666c Update provenance in test results 2024-12-13 15:22:17 -05:00
Ed Minnix
88256e269a Convert model from QL to MaD 2024-12-13 14:59:32 -05:00
Edward Minnix III
f844105722 Fix test result 2024-12-13 14:53:58 -05:00
Ed Minnix
f8cfa39492 Change note 2024-12-13 12:42:02 -05:00
Ed Minnix
3f9af5bfe4 Tests 2024-12-13 12:42:01 -05:00
Ed Minnix
63a3054aeb os.Args variable read 2024-12-13 12:41:59 -05:00
Owen Mansel-Chan
e9dcd69cc0 Add readStep back to local taint flow 2024-12-13 13:30:18 +00:00
Owen Mansel-Chan
3a3e053f12 Only add taint steps for implicit varargs slice post-update nodes 2024-12-13 13:17:44 +00:00
Owen Mansel-Chan
b58e6ebade Address review comments for localTaintStep 2024-12-12 22:07:15 +00:00
Michael Nebel
0bfc1b6ea8 Also move the postprocessing queries to the library pack. 2024-12-12 15:03:03 +01:00
Michael Nebel
941b0abbf6 Move modules to the library packs. 2024-12-12 15:03:01 +01:00
Owen Mansel-Chan
26b52078c0 Add change note 2024-12-12 13:41:35 +00:00
Michael Nebel
96fe1449f8 Go: Update all test util paths to point to the new location. 2024-12-12 13:54:21 +01:00
Michael Nebel
f8e0c4799d Go: Move test utilities into the query pack. 2024-12-12 13:21:35 +01:00
Owen Mansel-Chan
3f7c37e1ed Treat container flow as taint flow in global taint flow 2024-12-12 11:41:32 +00:00
Owen Mansel-Chan
e13c4b7550 Treat container flow as taint flow in localTaintStep 2024-12-12 10:41:23 +00:00
Owen Mansel-Chan
4f8645b4dd Merge pull request #18235 from owen-mc/go/varargs-out-param 
Go: Improve data flow out of variadic parameter
 2024-12-11 13:18:29 +00:00
Cornelius Riemenschneider
53ca5083a9 Upgrade bazel to 8.0.0. 
Previously, we were using 8.0.0rc1.
In particular, this upgrade means we need to explicitly
import more rules, as they've been moved out of the core bazel repo.
 2024-12-10 12:05:37 +01:00
Owen Mansel-Chan
7e5e634bc7 Update .expected files (no new results) 2024-12-06 15:41:28 +00:00
Owen Mansel-Chan
75331ea268 Add change note 2024-12-06 15:03:34 +00:00
Owen Mansel-Chan
67572712ea Fix flow out of varargs param with models-as-data 
This still doesn't allow for a variadic out parameter to be defined as
a source using MaD. This is due to the lack of an implicit store step
at sources, to match implicit read steps at sinks.
 2024-12-06 15:00:40 +00:00
Owen Mansel-Chan
8cc4cd58c6 Add failing test for flow out of varargs param with models-as-data 2024-12-06 15:00:37 +00:00
Owen Mansel-Chan
96c8af8943 Test flow out of varargs param with function models 2024-12-06 15:00:34 +00:00
Owen Mansel-Chan
1612a7a9a0 Delete accidentally committed binary 2024-12-06 15:00:33 +00:00
Owen Mansel-Chan
69f087a46d Fix pre-existing failing test in VarArgsWithFunctionModels 
It was failing for a silly reason.
 2024-12-06 15:00:31 +00:00
Owen Mansel-Chan
ec7cbf93d9 Add failing test for flow out of varargs parameter 2024-12-06 15:00:30 +00:00
Owen Mansel-Chan
1935c26b56 Trivial variable name fixes 2024-12-06 15:00:28 +00:00
dependabot[bot]
d25045c936 Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-05 03:26:59 +00:00
Henry Mercer
ccfb32e989 Merge pull request #18211 from github/post-release-prep/codeql-cli-2.20.0 
Post-release preparation for codeql-cli-2.20.0
 2024-12-04 20:45:07 +00:00
Andrew Eisenberg
1ac6c3751b Update action.yml to use artifacts@v4 
v3 is getting deprecated.
 2024-12-04 11:41:40 -08:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Owen Mansel-Chan
f56b2c912a Merge pull request #18201 from owen-mc/go/mad/improve-externalflowinheritance-tests 
Go: Fix some spurious results in ExternalFlowInheritance tests
 2024-12-04 14:24:30 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00