hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,672 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

78658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
cea196ec61 Add concepts tests + some fixes 2024-12-09 19:55:42 +00:00
Joe Farebrother
1cb01a286d Add tests for jinja 2024-12-09 19:55:36 +00:00
Joe Farebrother
71ab82dee0 Fix qldoc, formatting, and redundant import warnings 2024-12-09 19:55:21 +00:00
Joe Farebrother
b2c13fe351 Promote template injection sinks for each framework covered 
`Cheetah` was excluded as it was last updated 15 years ago and its documentation links are dead.
 2024-12-09 19:55:17 +00:00
Joe Farebrother
60d8a85a9c Promote jinja sinks 2024-12-09 19:54:57 +00:00
Joe Farebrother
8647073433 Copy template injection to standard pack + add jinja sinks 2024-12-09 19:47:06 +00:00
Alvaro Muñoz
f6d20195b1 When trigger event is not known, do not check context trigger maps 2024-12-09 17:33:13 +01:00
Alvaro Muñoz
f3ada4a92b Update CompositeActionSources expected file 2024-12-09 17:32:26 +01:00
Alvaro Muñoz
3591db9e9c Remove artifact source as a source of PR refs 2024-12-09 17:32:09 +01:00
Alvaro Muñoz
ef713ff13b Extract GitHub context access expression into its own class 2024-12-09 17:30:10 +01:00
Mathias Vorreiter Pedersen
1266b244f5 Merge pull request #18136 from MathiasVP/model-active-template-library 
C++: Model Microsoft's "Active Template Library"
 2024-12-09 16:05:19 +00:00
Mathias Vorreiter Pedersen
0f49ba848d C++: Accept test changes. Nothing exciting to see here. 2024-12-09 16:04:46 +00:00
Mathias Vorreiter Pedersen
9bcdfb6d01 C++: VariableAddressInstructions with array types are not single-object types. 2024-12-09 15:06:22 +00:00
Asger F
66eb458134 JS: Handle match/matchAll and unknown regexps 2024-12-09 15:38:36 +01:00
Mathias Vorreiter Pedersen
8bdd10c0c2 C++: Fix spurious columns in 'CRegKey'. 2024-12-09 14:31:17 +00:00
Mathias Vorreiter Pedersen
5f33733b6e C++: Fix 'QueryValue' model. 2024-12-09 14:27:24 +00:00
Asger F
6e7c5a3707 JS: Slightly more general getRoot() 2024-12-09 15:05:45 +01:00
Asger F
be617cee4a JS: More precise handling of .exec() 2024-12-09 15:03:51 +01:00
Asger F
703cad9e95 Expand test case 2024-12-09 15:00:56 +01:00
Asger F
2a2a4d2b67 JS: Add TaintedUrlSuffixCustomizations 
Importing TaintedUrlSuffix.qll causes the flow label to materialised in unrelated queries, so:

- Renames TaintedUrlSuffix.qll to TaintedUrlSuffixCustomizations.qll
- Make the flow label class abstract
- Adds a new TaintedUrlSuffix.qll that re-exports the above file and also materialises the flow label
- Import the *Customizations.qll file from contexts where we don't want to materialise the flow label
 2024-12-09 14:59:29 +01:00
Asger F
d1694013ff JS: Update test showing accidental flow label materialisation 
This wouldn't be an issue once FlowLabel is completely deprecated but it will cause perf issues in the interim, so this is fixed in the next commit
 2024-12-09 14:59:28 +01:00
Asger F
8fe39bdd38 JS: Update query's own output after test changes 2024-12-09 14:59:27 +01:00
Asger F
71a6a47713 JS: Fix issue with new RegExp().exec() 2024-12-09 14:59:25 +01:00
Asger F
f6d0835c64 JS: Show problem with new RegExp().exec() 2024-12-09 14:59:24 +01:00
Asger F
ef833de60e JS: Replace DocumentUrl with TaintedUrlSuffix 2024-12-09 14:59:23 +01:00
Asger F
e2b2d1c9ab JS: Allow arbitrary comments in ConsistencyChecking 
Because line comments cannot be used inside JSX elements
 2024-12-09 14:59:21 +01:00
Asger F
712c69ebc8 JS: Fixup the test expectations 2024-12-09 14:59:19 +01:00
Asger F
f8ff504f5c JS: Add ClientSideUrlRedirect test consistency 
Update Consistency.ql again
 2024-12-09 14:59:18 +01:00
Cornelius Riemenschneider
7dd10f72cb Merge pull request #18243 from github/post-release-prep/codeql-cli-2.20.0 
Post-release preparation for codeql-cli-2.20.0
 2024-12-09 14:58:01 +01:00
Mathias Vorreiter Pedersen
184dfc24b9 C++: Fix 'QueryStringValue' model. 2024-12-09 13:42:39 +00:00
Mathias Vorreiter Pedersen
7f87a25768 C++: Fix 'QueryMultiStringValue' model. 2024-12-09 13:41:14 +00:00
Mathias Vorreiter Pedersen
674dbce36d C++: Add taint flow through 'CRegKey::Create'. 2024-12-09 13:38:37 +00:00
Mathias Vorreiter Pedersen
db86f6aaf9 C++: Fix annotation. 2024-12-09 13:32:22 +00:00
Alvaro Muñoz
1fa00f1065 Capture the event name rathen than the whole event 2024-12-09 14:31:10 +01:00
Cornelius Riemenschneider
badc927cf8 Merge branch 'main' into post-release-prep/codeql-cli-2.20.0 2024-12-09 14:30:53 +01:00
Mathias Vorreiter Pedersen
d3dc318ba1 C++: Make 'GetValueAt' a value-preserving step. 2024-12-09 13:26:46 +00:00
Mathias Vorreiter Pedersen
d735a1433b C++: Also flow to the return value of 'operator='. 2024-12-09 13:24:21 +00:00
Mathias Vorreiter Pedersen
dcc35a5724 Merge pull request #18221 from MathiasVP/add-microsoft-aspnetcore-mvc-model 
C#: Add a MaD model for `Microsoft.AspNetCore.Mvc.Controller.View`
 2024-12-09 13:24:02 +00:00
Michael Nebel
5624a77176 C#: Use TEST_TEMPDIR when set for test files. 2024-12-09 13:59:59 +01:00
Tom Hvitved
2f8b04b225 Rust: Models-as-data for flow summaries 2024-12-09 13:41:55 +01:00
Michael Nebel
baa248ce65 C#: Enable Semmle.Util.Tests. 2024-12-09 13:00:52 +01:00
Cornelius Riemenschneider
57053e8ba1 Merge pull request #18245 from github/criemen/csharp-win-tests 
C#: Shorten test target names to make Windows happy.
 2024-12-09 12:57:40 +01:00
Cornelius Riemenschneider
798b86f6af Disable semmle.util.tests again. 2024-12-09 12:27:49 +01:00
Cornelius Riemenschneider
526dbe5901 Address review, also run semmle-util tests. 2024-12-09 12:19:01 +01:00
Jeroen Ketema
fb5aa97077 Merge pull request #18239 from jketema/typo 
C++: Fix word duplication in change note
 2024-12-09 10:55:13 +01:00
Cornelius Riemenschneider
18560cde9d C#: Shorten test target names to make Windows happy. 2024-12-09 10:54:04 +01:00
Paolo Tranquilli
3bc822f021 Swift: add change note for Swift 6 upgrade 2024-12-09 10:31:15 +01:00
Paolo Tranquilli
f74dcc7036 Make scripts executable 2024-12-09 10:20:46 +01:00
Geoffrey White
97ab31ab00 Merge pull request #18229 from geoffw0/self 
Rust: Fix unwanted 'self' results from rust/unused-variable
 2024-12-09 08:50:03 +00:00
Michael Nebel
127518e91a Merge pull request #18234 from michaelnebel/csharp/projectdependencies 
C#: Clean up dependencies Newtonsoft.Json.
 2024-12-09 09:08:27 +01:00