hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,672 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

78658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jami
538dee81b6 Merge pull request #18214 from jcogs33/jcogs33/java/file-getname-path-sanitizer 
Java: add File.getName as a path injection sanitizer
 2024-12-11 10:18:02 -05:00
Simon Friis Vindum
94b037fad1 Rust: Instantiate variable capture library for data flow 2024-12-11 15:44:17 +01:00
Joe Farebrother
e6794a9af1 Add change note 2024-12-11 14:27:57 +00:00
Owen Mansel-Chan
1420bce36a Move import statement in SpringWebClient.qll 2024-12-11 14:19:24 +00:00
Simon Friis Vindum
e8357a648d Rust: Add additional data flow tests 2024-12-11 14:56:16 +01:00
Tom Hvitved
40d9460698 Data flow: Remove unused column from flowThroughOutOfCall 2024-12-11 14:35:32 +01:00
Anders Schack-Mulligen
066cfa31d2 Merge pull request #18258 from aschackmull/dataflow/simplify-apapprox3 
Dataflow: Simplify references to access paths from prior stage.
 2024-12-11 14:23:31 +01:00
Owen Mansel-Chan
4f8645b4dd Merge pull request #18235 from owen-mc/go/varargs-out-param 
Go: Improve data flow out of variadic parameter
 2024-12-11 13:18:29 +00:00
Tom Hvitved
fc70024f52 C#: Remove false-positive reflection calls in dataflow 2024-12-11 14:15:58 +01:00
Tom Hvitved
22aaf74184 Merge pull request #18231 from hvitved/rust/models-as-data-summaries 
Rust: Models-as-data for flow summaries
 2024-12-11 13:37:09 +01:00
Joe Farebrother
2019ddfa7f Qldoc improvements + add a few extra tests 2024-12-11 12:25:40 +00:00
Asger F
f8abc5afee Merge pull request #18204 from asgerf/jss/flow-labels 
JS: Migrate away from FlowLabel class in TaintedPath
 2024-12-11 13:20:48 +01:00
Asger F
889100a243 Java: update test output with provenance 2024-12-11 13:19:47 +01:00
Asger F
afdbf2c3c6 Java: update test to account for key,val 2024-12-11 13:19:36 +01:00
Asger F
736388809d Java: MethodAccess -> MethodCall 2024-12-11 13:19:25 +01:00
Ian Lynagh
34aefb4bc5 Merge pull request #18268 from igfoo/igfoo/kot-tests-ignore 
Kotlin: git-ignore .testproj directories in tests
 2024-12-11 12:08:44 +00:00
Joe Farebrother
5c8ef28d12 Add missing qldoc and revert accidentilly commited threat model change 2024-12-11 12:04:16 +00:00
Ian Lynagh
699734611e Kotlin: git-ignore .testproj directories in tests 2024-12-11 12:00:23 +00:00
Michael Nebel
f7ad150636 C#: Update global.json for cshtml_standalone_flowsteps. 2024-12-11 12:57:42 +01:00
Owen Mansel-Chan
ec5d655d7f Look up remote name instead of using origin 2024-12-11 11:02:45 +00:00
Asger F
f9c0ba3826 Ruby: use DeduplicatePathGraph in CodeInjection query 2024-12-11 11:48:15 +01:00
Asger F
815581dc11 JS: Update to account for key,val pairs on edges 2024-12-11 11:48:13 +01:00
Owen Mansel-Chan
aaa4361120 Rearrange member predicates in ControlFlow::Node 
Put all the ones which might need to be overrridden by subclasses
together for ease of reading.
 2024-12-11 10:34:18 +00:00
Owen Mansel-Chan
79f4f78fc2 Make separate classes for control flow node kinds 
This puts all the logic of a particular control flow node kind into one
place and makes it easier to add new kinds.
 2024-12-11 10:34:16 +00:00
Asger F
5aa1242117 Shared: use a call bit when tracking reachability to/from a discriminator 2024-12-11 11:29:14 +01:00
Asger F
0eb543e0a9 Java: add test for spurious flow from path graph deduplication 2024-12-11 11:29:13 +01:00
Asger F
8efdc2df7b Shared: change note 2024-12-11 11:29:11 +01:00
Asger F
cba7b98f7a Shared: Add DataFlow::DeduplicatePathGraph 2024-12-11 11:29:10 +01:00
Anders Schack-Mulligen
cac131df37 Dataflow: Rename a couple of predicates. 2024-12-11 11:22:42 +01:00
Anders Schack-Mulligen
d6a4080baf Dataflow: Address review comment. 2024-12-11 11:18:57 +01:00
Cornelius Riemenschneider
f0971684e3 Merge pull request #18257 from github/criemen/bazel-8-00 
Upgrade bazel to 8.0.0.
 2024-12-11 11:14:41 +01:00
Paolo Tranquilli
a36d226d0c Merge pull request #18247 from github/redsun82/executable-scripts 
Make scripts executable
 2024-12-11 10:42:57 +01:00
Tom Hvitved
baf186fed7 Address review comments 2024-12-11 10:28:32 +01:00
Owen Mansel-Chan
ba9d21ec98 Merge pull request #17970 from owen-mc/java/lightweight-IR-layer 
Java: IPA the CFG (second try)
 2024-12-10 23:57:52 +00:00
Joe Farebrother
bcb08bbc7b Update test output 2024-12-10 19:24:05 +00:00
Joe Farebrother
29a90235e8 Improve tests and use API graphs 2024-12-10 19:09:45 +00:00
Joe Farebrother
d2ed92d6d0 Added tests 2024-12-10 19:09:20 +00:00
Joe Farebrother
d2b0d7a743 Add missing qldoc 2024-12-10 19:07:53 +00:00
Joe Farebrother
89167da177 Model flow steps for lxml 2024-12-10 19:01:14 +00:00
Mathias Vorreiter Pedersen
0acef590b1 C++: Add more MaD models. 2024-12-10 18:29:48 +00:00
Mathias Vorreiter Pedersen
64464b39c6 C++: Add tests for a few string-related classes. 2024-12-10 18:28:12 +00:00
Mathias Vorreiter Pedersen
c5bb907fe0 C++: Also handle varargs in MaD parsing. 2024-12-10 18:25:56 +00:00
Mathias Vorreiter Pedersen
c604c44a55 C++: Add CStringT model and accept tests. 2024-12-10 18:22:06 +00:00
Mathias Vorreiter Pedersen
73ff33888b C++: Add CStringT tests. 2024-12-10 18:18:37 +00:00
Mathias Vorreiter Pedersen
ba0ba15e88 C++: Add CSimpleStringT model and accept tests. 2024-12-10 18:13:42 +00:00
Mathias Vorreiter Pedersen
b42bffc55c C++: Add CSimpleStringT tests. 2024-12-10 18:10:54 +00:00
Mathias Vorreiter Pedersen
fb75f54951 C++: Add another typedef. 2024-12-10 18:07:45 +00:00
Owen Mansel-Chan
5b575113c3 Update test-kotlin2 2024-12-10 15:56:15 +00:00
Owen Mansel-Chan
4978a6eb37 Fix getasuccessor kotlin 
The change in results shows that there are now fewer control flow nodes.
We have removed precisely those with no successor or predecessor.
 2024-12-10 15:26:20 +00:00
Owen Mansel-Chan
5e0c3ab715 Fix kotlin tests 2024-12-10 15:26:19 +00:00