codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Author	SHA1	Message	Date
Paolo Tranquilli	f88949a34e	Rust: emit `Const` bodies in library mode	2025-06-03 10:41:32 +02:00
Paolo Tranquilli	1110fea2a2	Rust: add upgrade/downgrade scripts for new tables	2025-06-03 10:41:32 +02:00
Paolo Tranquilli	04c9feed36	Rust: accept test changes	2025-06-03 10:41:31 +02:00
Paolo Tranquilli	667eed9b9b	Rust: store in the DB if a library function or const had a body When skipping bodies in library code, we lose the information whether a body was originally present. This can be important, for example when determining whether a trait method has a default implementation. With this change that information can be recovered via the `hasImplementation` predicate.	2025-06-03 10:41:31 +02:00
Paolo Tranquilli	77c40da51a	Rust/Codegen: fix detached predicates	2025-06-03 10:41:31 +02:00
Paolo Tranquilli	78bb41e47b	Merge branch 'main' into redsun82/rust-extract-libs	2025-06-03 10:34:11 +02:00
Tom Hvitved	ae4a425608	Merge pull request #19605 from hvitved/rust/jump-to-def-extensions Rust: Extend jump-to-def to include paths and `mod file;` imports	2025-06-03 10:19:28 +02:00
Tom Hvitved	3781de7b92	Rust: Reorder columns in `Definitions.ql` test	2025-06-03 09:53:45 +02:00
Nicolas Will	7d7ea72516	Merge pull request #19632 from bdrodes/openssl_keyagreement_instances_and_consumers Quantum: Add OpenSSL key agreement instances and consumers	2025-06-02 20:55:05 +02:00
Nicolas Will	7e7dfeb40b	Merge branch 'main' into openssl_keyagreement_instances_and_consumers	2025-06-02 20:02:53 +02:00
$REDMOND\brodes$ REDMOND\brodes	8b770bfb4d	Crypto: Remove old crypto stubs, now part of experimental/stubs.	2025-06-02 14:00:30 -04:00
$REDMOND\brodes$ REDMOND\brodes	23b6c78a23	Crypto: Revert CODEOWNERS change and remove redundant cast.	2025-06-02 13:07:31 -04:00
Tom Hvitved	52aa7e3c7d	Merge pull request #19624 from paldepind/type-inference-experiment Rust: Refactor type equality	2025-06-02 19:06:18 +02:00
Nicolas Will	8b9e5b477c	Merge pull request #19623 from trailofbits/fegge/quantum-signatures Quantum: Added signature input nodes to signature verify operation nodes	2025-06-02 18:07:48 +02:00
Paolo Tranquilli	51ef76a3c4	Merge pull request #19642 from github/redsun82/rm-windows-2019 CI: remove deprecated `windows-2019` usage	2025-06-02 18:05:19 +02:00
Napalys Klicius	aed9e9c883	Merge pull request #19634 from Napalys/js/url_obj_propagation JS: Add URL constructor taint tracking for request forgery	2025-06-02 17:32:44 +02:00
Paolo Tranquilli	baac2eecb0	Ripunzip: update default workflow versions	2025-06-02 17:30:34 +02:00
Paolo Tranquilli	b1afa6681c	CI: remove deprecated `windows-2019` usage	2025-06-02 17:26:42 +02:00
Nicolas Will	5a822462ad	Merge branch 'main' into openssl_keyagreement_instances_and_consumers	2025-06-02 16:54:22 +02:00
Nicolas Will	806fc6ae6a	Merge pull request #19564 from bdrodes/initial_openssl_tests Quantum: Add initial qltests for OpenSSL modeling	2025-06-02 16:52:27 +02:00
$REDMOND\brodes$ REDMOND\brodes	f5d24c5a7b	Crypto: Fix UnknownKeyAgreementType to OthernKeyAgreementType for JCA.	2025-06-02 10:11:53 -04:00
$REDMOND\brodes$ REDMOND\brodes	a473c96a9c	Crypto: Move crypto test stubs under experimental/stubs and remove special CODEOWNERS assignments for crypto stubs.	2025-06-02 16:10:35 +02:00
$REDMOND\brodes$ REDMOND\brodes	6b267479be	Crypto: Update crypto stubs location under 'crypto' and associate codeowners on any `test/stubs/crypto`. Minor fix to HashAlgorithmValueConsumer (remove library detector logic).	2025-06-02 16:10:35 +02:00
$REDMOND\brodes$ REDMOND\brodes	a9bdcc72eb	Crypto: Move openssl stubs to a shared stubs location. Include openssl apache license and a readme for future stub creation. Modify existing test case to reference stubs location.	2025-06-02 16:10:35 +02:00
$REDMOND\brodes$ REDMOND\brodes	0de6647927	Crypto: Adding initial openssl tests, fixing a bug in hash modeling found through tests, and updating CODEOWNERS for quantum tests	2025-06-02 16:10:35 +02:00
Fredrik Dahlgren	d0739b21e5	Restricted signature input nodes to verify nodes	2025-06-02 15:37:33 +02:00
Paolo Tranquilli	dfc03cbad1	Merge branch 'main' into redsun82/rust-extract-libs	2025-06-02 15:33:53 +02:00
Michael Nebel	21cb8b2172	Merge pull request #19638 from martincostello/dotnet-branding Fix user-facing casing of NuGet	2025-06-02 14:06:35 +02:00
Taus	9fe031d8eb	Merge pull request #19594 from sylwia-budzynska/pandas-sqli Python: Add Pandas SQLi sinks	2025-06-02 13:40:14 +02:00
Napalys Klicius	c981c4fe30	Update javascript/ql/lib/change-notes/2025-05-30-url-package-taint-step.md Co-authored-by: Asger F <asgerf@github.com>	2025-06-02 13:34:47 +02:00
Tom Hvitved	bf39058573	Merge pull request #19611 from hvitved/rust/path-resolution-std-prelude Rust: Also take the `std` prelude into account when resolving paths	2025-06-02 13:04:57 +02:00
Paolo Tranquilli	2561f3c081	Merge pull request #19585 from github/redsun82/rust-skip-unexpanded-in-libraries Rust: skip unexpanded stuff in library emission	2025-06-02 12:10:37 +02:00
Martin Costello	77a6a2d442	Fix user-facing casing of NuGet Fix user-facing strings to use "NuGet" instead of "Nuget" and "dotnet" instead of "Dotnet".	2025-06-02 09:30:16 +01:00
Paolo Tranquilli	fa3fcf0f95	Rust: skip all token trees in library mode	2025-06-02 09:32:39 +02:00
Paolo Tranquilli	7be44d2fe8	Merge branch 'main' into redsun82/rust-skip-unexpanded-in-libraries	2025-06-02 09:27:56 +02:00
Napalys Klicius	0b6a747737	Added change note	2025-05-30 18:33:59 +02:00
Napalys Klicius	b9b62fa1c1	JS: Add `URL` from `url` package constructor taint step for request forgery detection	2025-05-30 18:32:02 +02:00
Napalys Klicius	19cc3e335f	JS: Add test case for `RequestForgery` with url wrapped via package `URL`	2025-05-30 18:26:47 +02:00
$REDMOND\brodes$ REDMOND\brodes	cf015d18f1	Crypto: Add openssl key agreement instances and consumers (KEM and KEY_EXCH). Fix for raw algorithm names in all current instances. Update constants to include key agreement algorithms, previously missing. Note added in model for the possibility of ESDH.	2025-05-30 11:29:34 -04:00
Mathias Vorreiter Pedersen	f6231a37e1	Merge pull request #19627 from MathiasVP/generalize-bulk-generation Bulk MAD generator: Support databases from DCA runs	2025-05-30 14:46:36 +01:00
$REDMOND\brodes$ REDMOND\brodes	69e3a20e24	Crypto: Update crypto stubs location under 'crypto' and associate codeowners on any `test/stubs/crypto`. Minor fix to HashAlgorithmValueConsumer (remove library detector logic).	2025-05-30 09:35:33 -04:00
Mathias Vorreiter Pedersen	7cb9024cc6	Bulk generator: Flip default values for summaries, sources, and sinks.	2025-05-30 13:33:24 +01:00
Mathias Vorreiter Pedersen	0f30644afd	Bulk generator: Snake case things.	2025-05-30 13:26:53 +01:00
Mathias Vorreiter Pedersen	3444c986ec	Bulk generator: Fix field name.	2025-05-30 13:25:12 +01:00
Mathias Vorreiter Pedersen	bdf411afbc	Bulk generator: Make 'database_results' a map to simplify away the explicit sorting.	2025-05-30 13:09:55 +01:00
Mathias Vorreiter Pedersen	cdd869a970	Bulk generator: Autoformat.	2025-05-30 12:49:12 +01:00
Mathias Vorreiter Pedersen	3ddca32705	Update misc/scripts/models-as-data/bulk_generate_mad.py Co-authored-by: Simon Friis Vindum <paldepind@github.com>	2025-05-30 12:48:50 +01:00
Mathias Vorreiter Pedersen	7c2612a6a1	Bulk generator: Specify a path to the PAT instead of the PAT itself.	2025-05-30 12:47:07 +01:00
Mathias Vorreiter Pedersen	1228080914	Bulk generator: Specify 'language' in the config file.	2025-05-30 12:40:21 +01:00
Mathias Vorreiter Pedersen	fc165db8ac	Bulk generator: Specify 'with-summaries', 'with-sources', and 'with-sinks' in the config file.	2025-05-30 12:40:20 +01:00

1 2 3 4 5 ...

79567 Commits