hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

1460 Commits

Author SHA1 Message Date
Owen Mansel-Chan
3f7c37e1ed Treat container flow as taint flow in global taint flow 2024-12-12 11:41:32 +00:00
Owen Mansel-Chan
e13c4b7550 Treat container flow as taint flow in localTaintStep 2024-12-12 10:41:23 +00:00
Owen Mansel-Chan
75331ea268 Add change note 2024-12-06 15:03:34 +00:00
Owen Mansel-Chan
67572712ea Fix flow out of varargs param with models-as-data 
This still doesn't allow for a variadic out parameter to be defined as
a source using MaD. This is due to the lack of an implicit store step
at sources, to match implicit read steps at sinks.
 2024-12-06 15:00:40 +00:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00
Anders Schack-Mulligen
03fdceb0fd Merge pull request #18191 from aschackmull/dataflow/remove-deprecated-lib 
Dataflow: Delete the old configuration-class based api.
 2024-12-04 11:31:46 +01:00
Anders Schack-Mulligen
e846855bca Go: Remove deprecated configuration classes referencing deleted api. 2024-12-03 20:08:44 +01:00
Anders Schack-Mulligen
cca27e4c77 Add change notes for all languages. 2024-12-03 19:42:33 +01:00
Anders Schack-Mulligen
fbff4b6e21 Go: Delete deprecated data flow api. 2024-12-03 14:42:14 +01:00
Owen Mansel-Chan
0e94ee81ae Don't getUnderlyingType before looking through pointer type 
If `T` is the type of an embedded field, it is invalid for `T` to be a
named type defined to be a pointer type (`type T *S`). It is also
invalid for `T` to be a type parameter. So this `getUnderlyingType()` is
redundant.
 2024-11-26 22:25:56 +00:00
Owen Mansel-Chan
2cba97e87d Small stylistic improvement 2024-11-26 22:25:55 +00:00
Owen Mansel-Chan
1bc1472b0b Add change note 2024-11-26 22:25:53 +00:00
Owen Mansel-Chan
4990f16ba5 Refactor struct field predicate to remove redundancy 2024-11-26 22:25:48 +00:00
Owen Mansel-Chan
8dc0688b6f Fix bug 2024-11-26 22:25:47 +00:00
Owen Mansel-Chan
141259c003 Update go/ql/lib/ext/slices.model.yml 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-11-26 14:48:20 +00:00
Owen Mansel-Chan
196634ecdb Model slices package 
Skipping functions that involve iterators for now.
 2024-11-26 12:01:09 +00:00
Alexander Eyers-Taylor
c0474c4e45 Revert "Revert "Post-release preparation for codeql-cli-2.19.4"" 2024-11-21 15:37:52 +00:00
Alexander Eyers-Taylor
4effe9e364 Revert "Post-release preparation for codeql-cli-2.19.4" 2024-11-21 14:43:15 +00:00
Owen Mansel-Chan
9aede5f433 Merge pull request #17494 from owen-mc/go/reinstate-mad-with-fixes 
Go: reinstate models-as-data sink conversions with fixes
 2024-11-20 14:50:47 +00:00
Owen Mansel-Chan
69ad69c38a Move change note out of C# folder 2024-11-20 14:21:28 +00:00
Owen Mansel-Chan
d9a830e008 Add log function prefix "With" for heuristic logger 2024-11-20 13:50:59 +00:00
github-actions[bot]
3909df75dc Post-release preparation for codeql-cli-2.19.4 2024-11-19 17:54:03 +00:00
Owen Mansel-Chan
dd87b1a9de Convert os.stdin model to MaD 2024-11-19 16:59:47 +00:00
Owen Mansel-Chan
bf824cac0a Allow package-level variables in MaD 2024-11-19 16:59:42 +00:00
github-actions[bot]
9783a11565 Release preparation for version 2.19.4 2024-11-19 16:21:37 +00:00
Owen Mansel-Chan
e57d8983f5 Add heuristic logger calls 2024-11-19 11:41:51 +00:00
Owen Mansel-Chan
9fc0dc5690 Fix typo in unrelated QLDoc 2024-11-19 11:41:40 +00:00
Owen Mansel-Chan
81907bc743 Set Subtypes column correctly 
We set it to False when it has no meaning and True otherwise.
 2024-11-19 11:22:36 +00:00
Owen Mansel-Chan
8cbab0c66e Model logrus.FieldLogger using models-as-data 2024-11-19 11:18:20 +00:00
Owen Mansel-Chan
d37c816bd9 Model some Xorm methods in QL 2024-11-19 11:18:17 +00:00
Owen Mansel-Chan
25cd4d4585 Model some squirrel methods in QL 
We need to put a restriction on the type of the argument.
 2024-11-19 11:18:15 +00:00
Owen Mansel-Chan
a0729fc760 Fix typo in package path 
Co-authored-by: Edward Minnix III <egregius313@github.com>
 2024-11-19 11:18:13 +00:00
Owen Mansel-Chan
35cbc162b0 Convert logging sinks to use MaD 2024-11-19 11:18:11 +00:00
Owen Mansel-Chan
85c7e8c221 Convert gocb nosql-injection sinks to MaD 2024-11-19 11:18:09 +00:00
Owen Mansel-Chan
fbaad09179 Convert mongodb nosql-injection sinks to MaD 2024-11-19 11:18:02 +00:00
Owen Mansel-Chan
b4c84be3be Convert database/sql/driver sql-injection sinks to MaD 2024-11-19 11:15:48 +00:00
Owen Mansel-Chan
e4eef6791a Convert database/sql sql-injection sinks to MaD 2024-11-19 11:15:42 +00:00
Owen Mansel-Chan
4cca6cff59 Convert Beego orm sql-injection sinks to MaD 2024-11-19 11:13:32 +00:00
Owen Mansel-Chan
2282a8184b Convert Bun sql-injection sinks to MaD 2024-11-19 11:13:30 +00:00
Owen Mansel-Chan
1c305aa8f3 Convert Xorm sql-injection sinks to MaD 2024-11-19 11:13:28 +00:00
Owen Mansel-Chan
1ab50fc62c Convert Gorm sql-injection sinks to MaD 2024-11-19 11:13:26 +00:00
Owen Mansel-Chan
fb050e8b43 Convert sqlx sql-injection sinks to MaD 2024-11-19 11:13:23 +00:00
Owen Mansel-Chan
d9d3e74e8c Convert gogf/gf sql-injection sinks to MaD 2024-11-19 11:13:17 +00:00
Owen Mansel-Chan
1315a1e9ae Upgrade and convert gorqlite sql-injection sinks to MaD 2024-11-19 11:13:13 +00:00
Owen Mansel-Chan
924467bebe Convert squirrel sql-injection sinks to MaD (non-existent methods removed) 
Various non-existent methods were modeled, and I couldn't find any
evidence that they used to exist. They aren't in the stubs or tests. I
have removed them.
 2024-11-19 11:13:10 +00:00
Owen Mansel-Chan
5745969462 Set subtypes=false when it has no meaning 2024-11-16 19:34:23 +00:00
Kevin Stubbings
eb3a76ddce Merge branch 'github:main' into path-sanitizers 2024-11-12 16:03:00 -08:00
Kevin Stubbings
8744f158bd New tests 2024-11-12 15:44:47 -08:00