codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Author	SHA1	Message	Date
Owen Mansel-Chan	0414555e43	Merge pull request #20741 from aegilops/java-kotlin-sensitive-logging-substring-barriers java: Added Java/Kotlin Sensitive Logging barriers (substrings)	2025-11-26 09:55:14 +00:00
Asger F	0245b9d609	Merge pull request #20911 from asgerf/js/next-folders JS: Fix project layout detection for Next.js apps	2025-11-26 09:09:54 +01:00
Simon Friis Vindum	7278bc75ca	Rust: Remove unused function in XSS tests	2025-11-26 08:57:47 +01:00
Owen Mansel-Chan	f0dec21b9b	Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers	2025-11-25 23:24:58 +00:00
Joe Farebrother	83eadbad60	Add namespace models	2025-11-25 16:56:36 +00:00
Joe Farebrother	85cb3e026c	Merge pull request #20762 from joefarebrother/go-insecure-cookie Go: Promote non-httponly cookie query, and add insecure cookie query	2025-11-25 16:39:45 +00:00
Mathias Vorreiter Pedersen	295dc6971f	Merge branch 'main' into ignore-non-type-template-params	2025-11-25 15:37:25 +00:00
Simon Friis Vindum	7c7663629e	Rust: Fix typo in change note for XSS query Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2025-11-25 16:13:11 +01:00
Asger F	5b4e114955	JS: Add test	2025-11-25 16:04:30 +01:00
Mathias Vorreiter Pedersen	73b6fa69a9	C++: Fix Code Scanning alert.	2025-11-25 15:03:26 +00:00
Mathias Vorreiter Pedersen	0deac833e4	C++: Accept test changes.	2025-11-25 14:59:09 +00:00
Asger F	a91969b7e1	JS: Change note	2025-11-25 15:58:11 +01:00
Mathias Vorreiter Pedersen	05737af165	C++: Only support non-type template parameters in tail position.	2025-11-25 14:55:44 +00:00
Mathias Vorreiter Pedersen	faa55f50e7	C++: Add another test with a template function whose non-type template parameter is in tail position.	2025-11-25 14:55:18 +00:00
Asger F	e95b3590f0	JS: Fix project layout detection for Next.js apps Some parts of the code did not handle case where 'pages' was located at 'app/pages'.	2025-11-25 15:54:45 +01:00
Joe Farebrother	cece73bdbf	Remove references to gorilla	2025-11-25 14:36:16 +00:00
Joe Farebrother	c7b16a043e	Address reviews - update comments, remove unneeded stubs	2025-11-25 14:36:00 +00:00
Joe Farebrother	c6110ed541	Split SecureCookies into query specific files	2025-11-25 14:35:47 +00:00
Joe Farebrother	5b702d963e	Refactor parts of SensitiveCookieNameConfig	2025-11-25 14:35:42 +00:00
Joe Farebrother	03d63dec2e	Address reviews - rename and update doc comments	2025-11-25 14:35:29 +00:00
Joe Farebrother	1bd5005fc1	Fix typos	2025-11-25 14:35:17 +00:00
Joe Farebrother	6282c34396	Update formatting	2025-11-25 14:35:09 +00:00
Joe Farebrother	a25861d8a3	Update integration test	2025-11-25 14:35:02 +00:00
Joe Farebrother	ed483dd5b2	Add change note	2025-11-25 14:34:57 +00:00
Joe Farebrother	d633120f4d	Update integration tests	2025-11-25 14:34:48 +00:00
Joe Farebrother	536e885f18	Remove experimental query	2025-11-25 14:34:41 +00:00
Joe Farebrother	fa30041498	Add qhelp & fix tests	2025-11-25 14:34:28 +00:00
Joe Farebrother	2b1cd846b3	Fixes and doc updates	2025-11-25 14:34:10 +00:00
Joe Farebrother	8d544e5b15	Add tests	2025-11-25 14:33:51 +00:00
Joe Farebrother	5094784a4b	Add modeling for gin	2025-11-25 14:33:43 +00:00
Joe Farebrother	74c424dc4c	Fixes, add secure query	2025-11-25 14:33:33 +00:00
Joe Farebrother	7d76619bea	Implement cookie write concepts and httponly query	2025-11-25 14:33:23 +00:00
Mathias Vorreiter Pedersen	26e5320a80	Merge pull request #20901 from MathiasVP/canonical-content C++: Don't use `Field`s to define `FieldContent`	2025-11-25 13:54:19 +00:00
Simon Friis Vindum	9ae4c14ffb	Rust: Address PR feedback	2025-11-25 14:20:17 +01:00
Jeroen Ketema	861ca7526e	Merge branch 'main' into canonical-content	2025-11-25 14:08:42 +01:00
Mathias Vorreiter Pedersen	2024f32e81	C++: Add an example with missing flow.	2025-11-25 12:36:29 +00:00
Simon Friis Vindum	4f13ae3fc9	Rust: Add qldoc	2025-11-25 13:35:14 +01:00
Simon Friis Vindum	393da4567e	Rust: Add tests for `Enum`	2025-11-25 13:35:12 +01:00
Simon Friis Vindum	50e8d0ca20	Rust: Add `isFieldless` and `isUnitOnly` to `Enum`	2025-11-25 13:35:11 +01:00
Simon Friis Vindum	b4ae58871a	Rust: Tweak existing `isStruct` predicates	2025-11-25 13:35:10 +01:00
Mathias Vorreiter Pedersen	47ab307410	C++: Respond to review comments.	2025-11-25 12:06:58 +00:00
Alexander Köplinger	458f8570e8	Fix KeyError: 'name' in python/extractor/imp.py on Python 3.14 Follow-up to https://github.com/github/codeql/pull/20630 The fix didn't fully work since when we raise the ImportError in `find_module` we don't pass a named argument into the format string which causes a `KeyError`. We need to use a format string without named arguments, like Python 3.13 and earlier did.	2025-11-25 12:38:55 +01:00
Geoffrey White	1c2d8bb70e	Merge pull request #20851 from geoffw0/access-invalid-pointer-fp Rust: Improve rust/access-invalid-pointer	2025-11-25 09:49:07 +00:00
Simon Friis Vindum	411d1fa861	Rust: Fix grammar and typos Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-11-25 09:31:00 +01:00
Simon Friis Vindum	ce25def71e	Rust: Update integration test expected files	2025-11-25 08:23:52 +01:00
Joe Farebrother	b0be8184ac	Add taint test	2025-11-24 16:54:21 +00:00
Geoffrey White	5893dc699d	Rust: Change the majority of variant tests to be on AES not DES, since the focus of these new tests should be the block mode not the encryption algorithm.	2025-11-24 16:29:23 +00:00
Geoffrey White	daead038ab	Merge pull request #20829 from geoffw0/cert-checks Rust: New Query rust/disabled-certificate-check	2025-11-24 15:21:58 +00:00
Mathias Vorreiter Pedersen	eb6b08591d	Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-11-24 15:01:09 +00:00
Mathias Vorreiter Pedersen	2e53370716	Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-11-24 15:01:00 +00:00

... 7 8 9 10 11 ...

84884 Commits