hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-15 03:39:32 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,316 Commits 1,758 Branches 167 Tags
yoff/python-use-shared-control-flow
Commit Graph

87316 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
224934645e Swift: Add type inference tests for key path expressions 2026-05-04 11:00:38 +02:00
Tom Hvitved
038f9a2c2f Swift: Split type inference tests into multiple files 2026-05-04 10:55:06 +02:00
Anders Schack-Mulligen
c7904b12c8 Java: Fix reference in deprecated code. 2026-05-04 10:52:27 +02:00
Anders Schack-Mulligen
17fded4aa5 Java: Delete old deprecated code. 2026-05-04 10:52:27 +02:00
Paolo Tranquilli
77cdafd55e Merge pull request #21785 from github/codeql-spark-run-25308467256 
Update changelog documentation site for codeql-cli-2.25.3
 2026-05-04 10:42:33 +02:00
Paolo Tranquilli
1c20e78593 Docs: replace build mode: none with build-mode: none 2026-05-04 10:26:50 +02:00
github-actions[bot]
5546025f12 update codeql documentation 2026-05-04 08:19:28 +00:00
Tom Hvitved
1f3a8319ed Update csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-05-04 09:41:00 +02:00
Anders Schack-Mulligen
21a0d1444f C#: Add change note. 2026-05-01 13:13:40 +02:00
Anders Schack-Mulligen
e012981e5b C#: Accept test changes for out/ref SSA location changes. 2026-05-01 10:32:18 +02:00
Anders Schack-Mulligen
351e9cc914 C#: Accept test changes. 2026-05-01 10:28:15 +02:00
Anders Schack-Mulligen
439a67a3fe C#: Fix toString for capture definitions. 2026-05-01 10:26:50 +02:00
Anders Schack-Mulligen
5fbba0e9fe C#: Delete ParameterDefaultDefinition. 2026-05-01 10:24:23 +02:00
Anders Schack-Mulligen
d3df5ce110 C#: Deprecate ParameterDefinition in favour of SsaParameterInit. 2026-05-01 10:22:53 +02:00
Mathias Vorreiter Pedersen
154d213fd2 Merge pull request #21768 from github/speed-up-unchecked-leap-year-after-modification 
C++: Speed up `cpp/leap-year/unchecked-after-arithmetic-year-modification`
 2026-04-30 16:06:17 +01:00
Michael Nebel
4446f42846 Merge pull request #21684 from michaelnebel/csharp/improve-reachability-checks 
C#: Improve BMN feed checking & handling.
 2026-04-30 15:53:52 +02:00
Owen Mansel-Chan
87c35e6401 Merge pull request #21654 from MarkLee131/fix/sensitive-log-hash-sanitizer 
Java: treat hash/encrypt/digest methods as sensitive-log sanitizers
 2026-04-30 13:21:03 +01:00
Anders Schack-Mulligen
ff8ab191d1 C#: Drop caching for deprecated predicates. 2026-04-30 13:58:55 +02:00
Anders Schack-Mulligen
77807c83f8 C#: Exclude entry definitions from qualifier definitions. 2026-04-30 13:56:21 +02:00
Anders Schack-Mulligen
e0421dbf53 C#: Reinstate toString for SSA data flow nodes. 2026-04-30 13:56:16 +02:00
Anders Schack-Mulligen
bedadc9f04 C#: Deprecate some SSA internals. 2026-04-30 13:54:21 +02:00
Anders Schack-Mulligen
55b83ca22a C#: Deprecate Ssa::Definition in favour of SsaDefinition. 2026-04-30 13:54:20 +02:00
Anders Schack-Mulligen
de96b5acfd C#: Deprecate Ssa::ImplicitDefinition. 2026-04-30 13:54:20 +02:00
Anders Schack-Mulligen
80d5e27b46 C#: Deprecate Ssa::ImplicitEntryDefinition. 2026-04-30 13:54:15 +02:00
Anders Schack-Mulligen
65f647a8c0 C#: Replace Ssa::UncertainDefinition with SsaUncertainWrite. 2026-04-30 13:49:23 +02:00
Anders Schack-Mulligen
9a7eb8dfb9 C#: Replace Ssa::PhiNode with SsaPhiDefinition. 2026-04-30 13:49:23 +02:00
Anders Schack-Mulligen
6ecdf3fe32 C#: Replace Ssa::ImplicitParameterDefinition with SsaParameterInit. 2026-04-30 13:49:19 +02:00
Tom Hvitved
4042bbec5b Swift: Add type inference tests 2026-04-30 13:45:57 +02:00
Anders Schack-Mulligen
31e06bc0a9 C#: Remove SSA location overrides. 2026-04-30 12:56:58 +02:00
Anders Schack-Mulligen
dc34b10cb6 C#: Replace Ssa::ExplicitDefinition with SsaExplicitWrite. 2026-04-30 12:52:51 +02:00
Anders Schack-Mulligen
a6c7f27fc1 C#: Deprecate Definition.getEnclosingCallable. 2026-04-30 12:46:28 +02:00
Anders Schack-Mulligen
ed6cdfc227 C#: Move isLiveOutRefParameterDefinition to top-level. 2026-04-30 12:46:27 +02:00
Anders Schack-Mulligen
9345c44e0f C#: Delete test for Definition.getElement. 2026-04-30 12:46:23 +02:00
Anders Schack-Mulligen
c88a22ccf8 C#: Replace most uses of Ssa::Definition with SsaDefinition. 2026-04-30 12:45:25 +02:00
Anders Schack-Mulligen
2545f06b52 C#: Deprecate member predicate Definition.getAReadAtNode. 2026-04-30 12:42:24 +02:00
Anders Schack-Mulligen
83c7a33e53 C#: Deprecate member predicates Definition.getAFirstRead and getAFirstReadAtNode. 2026-04-30 12:42:21 +02:00
Anders Schack-Mulligen
fb438bf512 C#: Remove references to getAFirstReadAtNode. 2026-04-30 11:55:55 +02:00
Anders Schack-Mulligen
e5d219a039 C#: Simplify library instantiations. 2026-04-30 11:50:59 +02:00
Anders Schack-Mulligen
72d21a9a56 C#: Instantiate shared SSA wrappers. 2026-04-30 11:48:27 +02:00
Anders Schack-Mulligen
7ef9e1b939 C#: Rename SsaImpl input. 2026-04-30 11:46:20 +02:00
Tom Hvitved
a473fdb709 Merge pull request #21759 from hvitved/csharp/cfg-params 
C#: Include parameters and their defaults in the CFG
 2026-04-30 11:31:06 +02:00
Owen Mansel-Chan
fed42d655f Merge pull request #21656 from MarkLee131/fix/trust-boundary-regexp-barrier 
Java: add RegexpCheckBarrier to trust-boundary-violation sanitizers
 2026-04-29 14:59:01 +01:00
Michael Nebel
03d70b9f94 C#: Add another nuget.config integration test. 2026-04-29 15:47:32 +02:00
Michael Nebel
e29770c2b5 C#: Fix missing slash in comments. 2026-04-29 15:27:47 +02:00
MarkLee131
28a6ff208c Merge remote-tracking branch 'origin/main' into fix/sensitive-log-hash-sanitizer 
# Conflicts:
#	java/ql/test/query-tests/security/CWE-532/SensitiveLogInfo.expected
#	java/ql/test/query-tests/security/CWE-532/Test.java
 2026-04-29 20:59:59 +08:00
Tom Hvitved
e14b654e8a Update shared/controlflow/codeql/controlflow/ControlFlowGraph.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2026-04-29 14:57:35 +02:00
MarkLee131
51e2a5418b Java: move EncryptedSensitiveMethodCall into Sanitizers.qll 
Address review feedback by moving the shared method-name-based encryption/hash/digest
check into Sanitizers.qll, and reference it from both CleartextStorageQuery.qll and
SensitiveLoggingQuery.qll instead of duplicating the definition.
 2026-04-29 20:56:36 +08:00
MarkLee131
75162bb9eb Update java/ql/test/query-tests/security/CWE-532/Test.java 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-04-29 20:53:58 +08:00
MarkLee131
49d014cbac Merge branch 'main' into fix/trust-boundary-regexp-barrier 2026-04-29 20:48:22 +08:00
MarkLee131
d27ee86242 Java: refactor trust-boundary sanitizers into TrustBoundaryValidationSanitizer subclasses 
Address review feedback by introducing dedicated subclasses of
TrustBoundaryValidationSanitizer for SimpleTypeSanitizer, RegexpCheckBarrier,
and the HttpServletSession type check, so isBarrier only references the
abstract class.
 2026-04-29 20:46:11 +08:00