hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,280 Commits 1,671 Branches 157 Tags
oscarsj/test-cpp-internal-checks
Commit Graph

2193 Commits

Author SHA1 Message Date
Michael Nebel
fe854812ec C#: Add read and store steps for delegate calls. 2024-11-06 16:29:13 +01:00
github-actions[bot]
f107d16b4e Post-release preparation for codeql-cli-2.19.3 2024-11-04 17:20:08 +00:00
github-actions[bot]
cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
Anders Schack-Mulligen
b556590ef8 Merge pull request #17663 from aschackmull/dataflow/speculative-flow 
Dataflow: Add support for speculative taint flow.
 2024-10-31 08:12:43 +01:00
Tom Hvitved
7910af159c C#: Take mapped locations into account in Comments.qll 2024-10-28 14:21:10 +01:00
Michael Nebel
c1b1c62616 C#: Address review comments. 2024-10-23 15:25:52 +02:00
Michael Nebel
b7b6feed04 C#: Re-generate .NET 8 Runtime models. 2024-10-23 13:08:17 +02:00
Michael Nebel
9cd9ebfda9 C#: Add manual models for StringWriter. 2024-10-23 13:08:15 +02:00
Michael Nebel
87caf3d826 C#: Add change note. 2024-10-23 13:08:14 +02:00
Michael Nebel
d3a359b498 C#: Update .NET 8 models. 2024-10-23 13:08:13 +02:00
Michael Nebel
00ccd20452 C#: Delete all .NET 8 Runtime models. 2024-10-23 13:08:11 +02:00
Michael Nebel
b2b1a3ea65 C#: Consider string.ReplaceLineEndings(string) as a sanitizer for log forging. 2024-10-21 12:03:59 +02:00
Anders Schack-Mulligen
c20f12fa6c Add qldoc. 2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen
7b43100af5 C#: Add support for speculative taint flow. 2024-10-16 14:35:19 +02:00
Anders Schack-Mulligen
c80627a3d3 Dataflow: add plumbing for adding provenance to state-steps. 2024-10-16 14:35:18 +02:00
github-actions[bot]
079ab77a38 Post-release preparation for codeql-cli-2.19.2 2024-10-15 12:16:59 +00:00
github-actions[bot]
255f55cf1a Release preparation for version 2.19.2 2024-10-15 10:29:25 +00:00
Tom Hvitved
5d925d36d3 C#: Adopt shared ConditionalCompletionSplitting implementation 2024-10-09 11:02:15 +02:00
Chad Bentz
2458d16426 Clarify threat model flow sources comment in LogForgingQuery.qll 2024-10-01 23:04:22 -04:00
Anders Schack-Mulligen
6081ba5902 Merge pull request #17604 from aschackmull/java/neutral-overrides 
Java/C#: Add overrides to the interpretation of neutral MaD models.
 2024-10-01 14:55:54 +02:00
github-actions[bot]
e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Anders Schack-Mulligen
a8f55d93cb C#: Add overrides to the interpretation of neutral MaD models. 2024-09-30 15:23:27 +02:00
Tom Hvitved
7c473c38c0 Merge pull request #17585 from hvitved/shared/cfg-scope-no-first-consistency 
Shared: Add CFG consistency check for scopes with missing entry points
 2024-09-26 14:05:08 +02:00
Rasmus Wriedt Larsen
381ea93ec3 Merge pull request #17424 from RasmusWL/active-threat-model-source 
Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
 2024-09-26 13:08:17 +02:00
Michael Nebel
297d32180c Merge pull request #17582 from michaelnebel/csharp/attributecollectionsinks 
C#: `AttributeCollection` is no longer considered a HTML sink.
 2024-09-26 09:17:31 +02:00
Michael Nebel
1dcc6ac2b1 C#: Address review comments. 2024-09-25 17:06:19 +02:00
Tom Hvitved
1bd504bf61 C#: Restrict CfgScope 2024-09-25 16:43:15 +02:00
Michael Nebel
d00e27916d C#: No longer consider attribute collections as HTML sinks. 2024-09-25 14:12:59 +02:00
Chuan-kai Lin
1cd8af54f2 Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Rasmus Wriedt Larsen
63c3a71d95 Merge branch 'main' into active-threat-model-source 2024-09-23 11:18:14 +02:00
Anders Schack-Mulligen
3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
Chris Smowton
0deefaddc5 Merge pull request #17483 from smowton/smowton/feature/csharp-dataflow-fewer-nodes-including-virtual-dispatch 
C#: Restrict dataflow node creation to source and source-referenced entities [virtual-dispatch-inclusive variant]
 2024-09-19 15:33:47 +01:00
Chris Smowton
bb82dc1b18 Change note 2024-09-19 15:12:11 +01:00
Chris Smowton
bc9eb993b8 Remove unnecessary fromSource conditions 2024-09-19 15:08:08 +01:00
Michael Nebel
4a9e3ee3aa Merge pull request #17363 from michaelnebel/modelgen/fieldbasedimprovements 
C#/Java: Content based model generation improvements.
 2024-09-19 10:49:11 +02:00
Michael Nebel
24a101297c Merge pull request #15884 from michaelnebel/csharp/cleanupcil 
C#: CIL and Dotnet cleanup (removal).
 2024-09-18 11:43:41 +02:00
Michael Nebel
295861d577 Merge pull request #17459 from michaelnebel/csharp/accessormad 
C#: Add MaD support for `Attribute.Getter` and `Attribute.Setter`.
 2024-09-18 09:11:51 +02:00
Chris Smowton
3e91f0f53f Expand range of callables requiring nodes to include unbound declarations of generic instantiations, static targets, and methods that have a body even if not flagged fromSource 2024-09-17 15:00:15 +01:00
Chris Smowton
349268cbf7 Expand the range of callables used in source to include potential virtual dispatch targets and referenced callables (e.g., in assigning a delegate) 2024-09-17 15:00:14 +01:00
Chris Smowton
66f48f767e Restrict dataflow node creation to source and source-referenced entities 2024-09-17 15:00:13 +01:00
Tom Hvitved
d680a549bd Merge pull request #16936 from hvitved/csharp/ssa-integration 
C#: Adopt shared SSA data-flow integration
 2024-09-17 13:45:31 +02:00
Michael Nebel
8d0cb07ba2 C#: Update the internal MaD attribute documentation. 2024-09-17 09:27:37 +02:00
Chris Smowton
30be6803c3 Merge pull request #17480 from github/post-release-prep/codeql-cli-2.19.0 
Post-release preparation for codeql-cli-2.19.0
 2024-09-16 16:06:58 +01:00
github-actions[bot]
79be301984 Post-release preparation for codeql-cli-2.19.0 2024-09-16 14:09:32 +00:00
Michael Nebel
bdc00841c0 C#: Add change note. 2024-09-16 15:45:14 +02:00
Michael Nebel
308aca632e C#: Make support for Attribute.Getter and Attribute.Setter in MaD. 2024-09-16 15:45:09 +02:00
Michael Nebel
3c97bcb790 C#: Exclude properties from the Attribute selection. 2024-09-16 15:45:03 +02:00
Michael Nebel
5de9e7c3ad C#: Add change note. 2024-09-16 15:39:44 +02:00
Michael Nebel
add033249f Merge pull request #17475 from michaelnebel/csharp/indexerattributes 
C#: Extract attributes on indexers.
 2024-09-16 15:26:53 +02:00