hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,659 Commits 1,671 Branches 157 Tags
tausbn/python-add-ast-overlay-annotations
Commit Graph

549 Commits

Author SHA1 Message Date
Tom Hvitved
0bf2bfa2f1 Rust: Take depdency renaming into account when extracting the crate graph 2025-03-19 08:39:22 +01:00
Arthur Baars
f08d1d10f1 Rust: tainted path implement basic sanitizers 2025-03-18 19:16:13 +01:00
Arthur Baars
8223dded99 Rust: TaintedPath query 2025-03-18 19:10:03 +01:00
Simon Friis Vindum
7a18da82fa Merge pull request #19000 from paldepind/rust-cleartext-transmission 
Rust: Add cleartext transmission query
 2025-03-17 14:56:57 +01:00
github-actions[bot]
51cdeefafb Post-release preparation for codeql-cli-2.20.7 2025-03-17 13:00:41 +00:00
Geoffrey White
07011f7460 Rust: Fix more after merge. 2025-03-17 12:22:09 +00:00
github-actions[bot]
2d64a618e6 Release preparation for version 2.20.7 2025-03-17 12:15:54 +00:00
Geoffrey White
f5daec9da0 Rust: Fix after merge. 2025-03-17 12:10:59 +00:00
Geoffrey White
81edb4780d Merge branch 'main' into constcrypto 2025-03-17 12:05:51 +00:00
Simon Friis Vindum
0bf826559c Rust: Apply qhelp suggestions from review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-17 07:56:37 +01:00
Tom Hvitved
89f6245772 Rust: Add telemetry for comparing against rust-analyzer 2025-03-14 14:48:15 +01:00
Simon Friis Vindum
a96a5fc737 Rust: Address PR comments 2025-03-14 13:24:16 +01:00
Simon Friis Vindum
4dbfda59cf Merge branch 'main' into rust-data-flow-split 2025-03-14 09:58:46 +01:00
Simon Friis Vindum
fb718660d9 Rust: Generate more sinks and update query description 2025-03-13 17:35:32 +01:00
Tom Hvitved
af91152f5c Address review comments 2025-03-13 15:04:59 +01:00
Simon Friis Vindum
1ae28c7907 Merge branch 'main' into rust-cleartext-transmission 2025-03-13 15:01:11 +01:00
Geoffrey White
1aa223652f Merge pull request #18977 from geoffw0/sourcesinkdoc 
Rust: Source and sink doc / tidy up
 2025-03-13 10:53:44 +00:00
Simon Friis Vindum
3c644144b1 Rust: Extract data flow node and content into separate files 2025-03-13 11:22:04 +01:00
Arthur Baars
fa79dbc89a Merge pull request #18228 from github/aibaars/crate-graph 
Rust: extract crate graph
 2025-03-13 10:00:48 +01:00
Simon Friis Vindum
4de69c70a8 Rust: Add cleartext transmission query 2025-03-13 08:45:36 +01:00
Geoffrey White
56f6a67d5f Rust: Add sinks for rust/regex-injection to stats. 2025-03-12 16:08:33 +00:00
Geoffrey White
f8112945a8 Merge branch 'main' into sourcesinkdoc 2025-03-12 16:04:56 +00:00
Simon Friis Vindum
b3601b1ac2 Merge pull request #18946 from paldepind/rust-regex-injection 
Rust: Add regular expression injection query
 2025-03-12 08:15:54 +01:00
Geoffrey White
044d0a13f0 Rust: Include WeakSensitiveDataHashing sinks as well. 2025-03-11 15:41:38 +00:00
Geoffrey White
4924a0faf3 Rust: Introduce a QuerySink class, common to all query sinks. 2025-03-11 15:41:37 +00:00
Simon Friis Vindum
1e0b78ebd3 Rust: Update regex injection description 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-03-11 12:47:12 +01:00
Geoffrey White
a0f4fa28b2 Rust: hardcoded -> hard-coded. 2025-03-11 09:40:47 +00:00
Simon Friis Vindum
b48fd99913 Rust: Applying suggestions to documentation 2025-03-10 16:30:52 +01:00
Simon Friis Vindum
5c83644360 Rust: Use CWE 20 for regex injection query 2025-03-10 14:52:25 +01:00
Simon Friis Vindum
344fea2128 Rust: Enable local threat models in tests and use active threat models for regex query 2025-03-10 13:23:20 +01:00
Geoffrey White
1ca5c593f9 Rust: Replace imports of internal.DataFlowImpl where possible. 2025-03-10 11:47:23 +00:00
Geoffrey White
e84a98bd97 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-10 11:15:23 +00:00
Arthur Baars
98a40967d2 Rust: ignore crate graph elements from summary stats and AST no-location checks 
These elements depend on the version of the standard libraries and platform, and
in addition no location information is extracted for them at the moment.

f
 2025-03-10 10:16:15 +01:00
Simon Friis Vindum
179ea041f4 Rust: Merge query implementation into one file 2025-03-10 09:09:13 +01:00
Geoffrey White
fe139e5bea Rust: Rearrange the unused variable query logic so that it's clearer what the comments apply to. 2025-03-07 14:55:34 +00:00
Geoffrey White
cc902a6ad1 Rust: Fix unused value FPs due to unexpanded macro calls as well. 2025-03-07 14:48:27 +00:00
Geoffrey White
e0839a369c Rust: Fix unused variable FPs due to unexpanded macro calls. 2025-03-07 14:40:02 +00:00
Simon Friis Vindum
494f914070 Rust: Add regular expression injection query 2025-03-07 12:37:30 +01:00
Geoffrey White
b6c9be23c1 Merge branch 'main' into constcrypto 2025-03-07 09:11:10 +00:00
Geoffrey White
42e7d1e983 Rust: Fix typo. 2025-03-06 19:09:01 +00:00
Geoffrey White
9af2d0218b Rust: Add the new sinks to stats. 2025-03-06 18:50:11 +00:00
Geoffrey White
952e417d13 Rust: Tweak some wording. 2025-03-06 18:46:37 +00:00
Geoffrey White
e564c41043 Rust: Compute security-severity tag. 2025-03-06 18:36:55 +00:00
Geoffrey White
95be12ed80 Rust: Add qhelp and examples. 2025-03-06 17:48:47 +00:00
Geoffrey White
055baf2769 Rust: Improve results on arrays (less duplication). 2025-03-06 17:48:43 +00:00
Geoffrey White
aacbfc0fd8 Rust: Improve alert messages. 2025-03-06 17:48:41 +00:00
Geoffrey White
9fb00daeec Rust: Implement the query (with one source, one sink model). 2025-03-06 17:48:39 +00:00
Geoffrey White
9a35febe80 Rust: Query framework and basic tests. 2025-03-06 13:24:05 +00:00
Tom Hvitved
b8dd2e551e Merge pull request #18919 from hvitved/rust/ast-consistency-internal 
Rust: Move `AstConsistency.qll` into `internal`
 2025-03-04 15:35:34 +01:00
Simon Friis Vindum
c89e648738 Rust: Exclude function without canonical path from model generation 2025-03-04 13:56:10 +01:00