codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00

Author	SHA1	Message	Date
github-actions[bot]	ec97d9a304	Release preparation for version 2.17.0	2024-04-01 13:46:57 +00:00
Henry Mercer	0646744928	Merge branch 'main' into henrymercer/merge-back-rc-3.13	2024-03-26 12:59:12 +00:00
github-actions[bot]	f67b5f9158	Post-release preparation for codeql-cli-2.16.6	2024-03-25 18:17:15 +00:00
github-actions[bot]	71ab804274	Release preparation for version 2.16.6	2024-03-25 16:58:08 +00:00
Arthur Baars	c219b1a3c7	Merge pull request #16013 from github/rc/3.13 Merge rc/3.13 into main	2024-03-21 16:04:58 +01:00
Michael Nebel	6619be3137	Merge pull request #15940 from michaelnebel/csharp/sourcesinktests C#: Source- and sink tests.	2024-03-21 08:12:16 +01:00
Dave Bartolomeo	311ba8ea1b	Merge from `main` to resolve conflicts	2024-03-19 10:41:31 -04:00
Tom Hvitved	ee3e38f0eb	Simplify test interface in `FlowSummaryImpl.qll`	2024-03-19 14:35:00 +01:00
Michael Nebel	5b37ee4ec7	Re-factor TestOutput into a param module.	2024-03-19 14:20:42 +01:00
Michael Nebel	90db9b330f	C#: Add MaD source and sink test query to shared library.	2024-03-19 13:45:38 +01:00
Tom Hvitved	fc55567d90	Merge pull request #15853 from hvitved/dataflow/get-location Data flow: Replace `hasLocationInfo` with `getLocation`	2024-03-18 20:21:46 +01:00
Tom Hvitved	0cecbf5239	Update 2024-02-28-hidden-subpaths.md Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-03-18 15:36:01 +01:00
Tom Hvitved	7a3b8ebb3a	Address review comments	2024-03-18 14:49:35 +01:00
Tom Hvitved	40089e8088	Add change note	2024-03-18 14:49:35 +01:00
Tom Hvitved	d7c9bfa08b	Data flow: Account for hidden `subpath` wrappers	2024-03-18 14:47:11 +01:00
Tom Hvitved	d83500de5d	Address review comments	2024-03-18 14:24:07 +01:00
github-actions[bot]	aebe9f6992	Post-release preparation for codeql-cli-2.16.5	2024-03-18 12:16:26 +00:00
github-actions[bot]	0a6243d07b	Release preparation for version 2.16.5	2024-03-18 10:14:07 +00:00
Tom Hvitved	a13391bda1	Merge pull request #15802 from hvitved/dataflow/variable-capture-overlapping-paths Variable capture: Avoid overlapping and false-positive data flow paths	2024-03-18 10:45:55 +01:00
Tom Hvitved	d7790faece	Address review comments	2024-03-12 13:34:55 +01:00
Tom Hvitved	0e0b73a5e6	Address review comment	2024-03-12 11:22:04 +01:00
Tom Hvitved	e82e3180f0	Data flow: Replace `hasLocationInfo` with `getLocation`	2024-03-11 20:56:38 +01:00
Tom Hvitved	7a39f077d9	Data flow: Add `ConfigSig::accessPathLimit`	2024-03-11 13:01:58 +01:00
Tom Hvitved	63bb772ef9	Variable capture: Avoid overlapping and false-positive data flow paths	2024-03-08 10:00:42 +01:00
Tom Hvitved	2896bfbd9f	Merge pull request #15821 from hvitved/dataflow/clears-content-store Data flow: Allow for direct stores into nodes with `clearsContent`	2024-03-08 09:59:29 +01:00
Tom Hvitved	76564edc93	Address review comment	2024-03-07 16:50:28 +01:00
Geoffrey White	b71b43a2fb	Merge pull request #15705 from geoffw0/qldoc3 Shared: Fill some QLDoc holes	2024-03-07 14:12:51 +00:00
Tom Hvitved	22b168beee	Data flow: Allow for direct stores into nodes with `clearsContent`	2024-03-07 12:47:12 +01:00
github-actions[bot]	dc9092c9ec	Post-release preparation for codeql-cli-2.16.4	2024-03-06 22:19:33 +00:00
github-actions[bot]	2f058ffb4d	Release preparation for version 2.16.4	2024-03-06 20:56:51 +00:00
Angela P Wen	ce31f8641a	Revert "Release preparation for version 2.16.4"	2024-03-06 12:07:33 -08:00
Anders Schack-Mulligen	caa45058ae	Dataflow: Improve join-order. Join with the functional getApprox before filtering with revFlow as this is always better.	2024-03-06 11:29:08 +01:00
Anders Schack-Mulligen	55e6255e05	Dataflow: Extend the first join to also include argApa. Improves from 2024-03-04 13:29:20] Evaluated non-recursive predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@6dd478n9 in 126ms (size: 398332). Evaluated relational algebra for predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@6dd478n9 with tuple counts: 1 ~0% {2} r1 = SCAN `DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::TAccessPathApproxNone#dom#04382804` OUTPUT _, _ 1 ~0% {0} \| REWRITE WITH Tmp.0 := true, Tmp.1 := false, TEST Tmp.0 != Tmp.1 KEEPING 0 83798 ~0% {4} \| JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::returnFlowsThrough/8#ffafcf14` CARTESIAN PRODUCT OUTPUT Rhs.0, Rhs.3, Rhs.1, Rhs.2 4044102 ~3% {7} \| JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowIntoCallApaTaken/6#d989a8d1#cpe#12346_2013#join_rhs` ON FIRST 1 OUTPUT Rhs.2, Lhs.2, Lhs.3, Rhs.3, Lhs.1, Lhs.0, Rhs.1 398332 ~3% {6} \| JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::fwdFlow/9#00ae2fc8#2` ON FIRST 4 OUTPUT Lhs.6, Lhs.0, Lhs.5, _, Lhs.2, Lhs.4 398332 ~1% {6} \| REWRITE WITH Out.3 := true return r1 to [2024-03-04 15:20:26] Evaluated non-recursive predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@97bd358u in 35ms (size: 398332). Evaluated relational algebra for predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@97bd358u with tuple counts: 83798 ~0% {7} r1 = SCAN `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::returnFlowsThrough/9#53894c55` OUTPUT In.0, In.1, In.2, In.3, In.4, _, _ {5} \| REWRITE WITH Tmp.5 := true, Tmp.6 := false, TEST Tmp.5 != Tmp.6 KEEPING 5 83798 ~3% {5} \| SCAN OUTPUT In.0, In.3, In.4, In.1, In.2 416847 ~2% {7} \| JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowIntoCallApaTaken/6#d989a8d1#cpe#12346_2301#join_rhs` ON FIRST 2 OUTPUT Rhs.3, Lhs.3, Lhs.4, Lhs.1, Lhs.2, Lhs.0, Rhs.2 398332 ~3% {6} \| JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::fwdFlow/9#00ae2fc8#2` ON FIRST 4 OUTPUT Lhs.6, Lhs.0, Lhs.5, _, Lhs.2, Lhs.4 398332 ~1% {6} \| REWRITE WITH Out.3 := true return r1	2024-03-06 11:29:08 +01:00
github-actions[bot]	661e68dab5	Release preparation for version 2.16.4	2024-03-05 18:13:58 +00:00
Angela P Wen	967963a653	Revert "Release preparation for version 2.16.4"	2024-03-05 08:53:33 -08:00
Tom Hvitved	d5c34264ad	Data flow: Prune call-context sensitivity relations	2024-03-05 10:44:12 +01:00
github-actions[bot]	a67218a027	Release preparation for version 2.16.4	2024-03-04 17:42:08 +00:00
Geoffrey White	50ad45944c	Update shared/dataflow/codeql/dataflow/DataFlow.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-03-04 12:02:01 +00:00
Geoffrey White	cb1c68260e	Shared: QLDoc for ContentApprox and getContentApprox.	2024-03-01 17:36:53 +00:00
Geoffrey White	1fece75f15	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-03-01 11:10:26 +00:00
Geoffrey White	a499919239	Shared: More helpful QLDoc for simpleLocalFlowStep.	2024-02-29 17:13:40 +00:00
Geoffrey White	f834768720	Shared: Improve QLDoc for forceHighPrecision.	2024-02-29 17:09:31 +00:00
Geoffrey White	9d2dc7a3cc	Shared: Format.	2024-02-29 17:09:16 +00:00
Geoffrey White	88e3bc6865	Update shared/dataflow/codeql/dataflow/DataFlow.qll Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>	2024-02-29 17:03:30 +00:00
Geoffrey White	70465b22c7	Shared: Remove @ annotations.	2024-02-29 16:00:43 +00:00
Anders Schack-Mulligen	20bb631456	Dataflow: Prevent bad join.	2024-02-26 13:45:19 +01:00
Geoffrey White	573763a4b3	Shared: More revisions, manual and aided by further discussion with Copilot.	2024-02-22 18:59:35 +00:00
Tom Hvitved	ebee35b385	Ruby: No `fieldFlowBranchLimit` for `SummarizedCallable`s	2024-02-22 10:27:25 +01:00
Geoffrey White	7b85bb4c95	Shared: Autoformat.	2024-02-21 17:54:00 +00:00
Geoffrey White	4367b7813c	Shared: Use more standard QLDoc phrasing.	2024-02-21 17:54:00 +00:00

... 7 8 9 10 11 ...

608 Commits