hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-10 05:00:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
53,707 Commits 1,679 Branches 158 Tags
02ae44a91164d88226570bde0bbc06bc4fa3d4ef
Commit Graph

53707 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
02ae44a911 Update docs/codeql/codeql-language-guides/analyzing-data-flow-in-swift.rst 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-05-03 14:48:27 +01:00
Geoffrey White
02dc9be239 Swift: Fix the versions in 'examples' as well. 2023-05-03 14:31:48 +01:00
Geoffrey White
2999b5fea1 Swift: Mathias's fix for the non-constant format example. 2023-05-03 14:29:39 +01:00
Geoffrey White
1084d7ff0e Swift: Correct a couple more cases. 2023-05-03 13:35:07 +01:00
Geoffrey White
2fd8b87bcd Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-05-03 13:31:27 +01:00
Geoffrey White
837f16c212 Swift: Address singleton set literal warning 2023-04-28 12:16:28 +01:00
Geoffrey White
74274e834e Swift: Add the four complete examples from the doc pages to the examples directory. 2023-04-27 16:52:00 +01:00
Geoffrey White
e2e8e5ddd3 Swift: Add swift-further-reading.rst 2023-04-27 14:04:13 +01:00
Geoffrey White
08854136fe Swift: QLDoc consistency. 2023-04-27 13:55:09 +01:00
Geoffrey White
5e7159f800 Swift: Minor edits. 2023-04-26 18:49:24 +01:00
Geoffrey White
f2cb2b324e Swift: Add analyzing-data-flow-in-swift.rst 2023-04-26 18:02:32 +01:00
Geoffrey White
5f0d334b8d Swift: Add basic-query-for-swift-code.rst. 2023-04-24 14:18:23 +01:00
Erik Krogh Kristensen
b0efff0110 Merge pull request #12904 from github/dependabot/cargo/ql/tracing-subscriber-0.3.17 
Bump tracing-subscriber from 0.3.16 to 0.3.17 in /ql
 2023-04-24 11:05:36 +02:00
Erik Krogh Kristensen
b16444dd22 Merge pull request #12903 from github/dependabot/cargo/ql/regex-1.8.1 
Bump regex from 1.8.0 to 1.8.1 in /ql
 2023-04-24 11:05:13 +02:00
dependabot[bot]
5e274c9664 Bump tracing-subscriber from 0.3.16 to 0.3.17 in /ql 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.16 to 0.3.17.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.16...tracing-subscriber-0.3.17)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-24 04:12:25 +00:00
dependabot[bot]
a5e919b6cb Bump regex from 1.8.0 to 1.8.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits/1.8.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-24 04:12:06 +00:00
Erik Krogh Kristensen
4bf03e7962 Merge pull request #12897 from github/dependabot/cargo/ql/regex-1.8.0 
Bump regex from 1.7.3 to 1.8.0 in /ql
 2023-04-21 12:57:33 +02:00
Asger F
f3b14e13b2 Merge pull request #12841 from asgerf/rb/api-graph-class-nodes 
Ruby: add API node representing a module/class object
 2023-04-21 10:59:51 +02:00
Michael Nebel
239a763ef9 Merge pull request #12845 from michaelnebel/csharp/xssrefactor 
C#: Re-factor Xss to use the new data flow API.
 2023-04-21 08:55:07 +02:00
dependabot[bot]
149753c052 Bump regex from 1.7.3 to 1.8.0 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.7.3 to 1.8.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-21 04:03:04 +00:00
Nora Dimitrijević
1f861fda25 Merge pull request #12736 from d10c/swift/capture-flow 
Swift: Closure Capture Helper APIs
 2023-04-20 18:45:56 +02:00
Michael Nebel
0fdeeba46f C#: Re-refactor Xss to use the new API. 2023-04-20 18:38:15 +02:00
Edward Minnix III
76f8d460e7 Merge pull request #12851 from egregius313/egregius313/mad/add-groovy-stubs-to-isInTestFile 
Java: Add `*/test/*` to model generator's list of ignored paths
 2023-04-20 11:06:38 -04:00
Paolo Tranquilli
00436828a9 Merge pull request #12883 from github/redsun82/swift-default-output-dir 
Swift: aggregate default output directories
 2023-04-20 16:58:31 +02:00
Paolo Tranquilli
c7378a1e5b Merge branch 'main' into redsun82/swift-default-output-dir 2023-04-20 15:12:07 +02:00
Arthur Baars
94e0828ab9 Merge pull request #12793 from aibaars/js-yaml-extractor 
JavaScript: switch to shared YamlPopulator
 2023-04-20 14:46:06 +02:00
Michael Nebel
aa8291e13f Merge pull request #12870 from michaelnebel/csharp/refactordataflow6 
C#: Re-factor data flow and taint tracking configurations to use the new API.
 2023-04-20 14:31:20 +02:00
Kasper Svendsen
51b6da4183 Merge pull request #12875 from kaspersv/kaspersv/prevent-ruby-join-order-regression 
Prevent Ruby join order regression
 2023-04-20 13:50:40 +02:00
Erik Krogh Kristensen
377aa68bb3 Merge pull request #12854 from natejohnson05/js-insecure-http-parser 
JS - NodeJS CWE-444 InsecureHTTPParser
 2023-04-20 13:09:45 +02:00
Paolo Tranquilli
60c723e7cc Swift: aggregate default output directories 
In case the extractor is run in isolation for debugging/testing, this
will avoid littering the current working directory with artifacts, and
instead having a single `extractor-out` directory to inspect or clean
up.

Also extractor logs have been nested into a `swift` directory, as the
log directory provided by the `codeql` cli is actually shared between
languages.
 2023-04-20 09:20:11 +02:00
Jeroen Ketema
b6a7661c7e Merge pull request #12880 from MathiasVP/use-after-free-fps 
C++: Add some use-after-free FP tests
 2023-04-19 20:07:10 +02:00
Nate Johnson
88411ce439 Merge branch 'main' into js-insecure-http-parser 2023-04-19 13:36:24 -04:00
Mathias Vorreiter Pedersen
533e1d818b C++: Add some use-after-free FPs. 2023-04-19 17:01:55 +01:00
Geoffrey White
7285704807 Merge pull request #12876 from geoffw0/extensiondecl 
Swift: Improve ExtensionDecl.toString
 2023-04-19 16:41:48 +01:00
Geoffrey White
e895cac569 Merge pull request #12877 from geoffw0/deprecated 
Swift: Delete deprecated classes
 2023-04-19 16:41:25 +01:00
Geoffrey White
3779d8423f Swift: Autoformat. 2023-04-19 14:57:17 +01:00
Jeroen Ketema
aa3e8d6b87 Merge pull request #12815 from jketema/anon 
C++: Update test expectations after extractor changes
 2023-04-19 15:51:56 +02:00
Geoffrey White
4484574301 Swift: Rename clashing CleartextStorage modules. 2023-04-19 14:29:25 +01:00
Geoffrey White
10c222e7e2 Swift: Remove deprecated classes from queries. 2023-04-19 14:26:03 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
49dccaa89d Swift: Fix other tests. 2023-04-19 14:16:24 +01:00
Owen Mansel-Chan
23934292f0 Merge pull request #12834 from owen-mc/go/refactor-autobuilder 
Go: Refactor autobuilder
 2023-04-19 14:10:23 +01:00
Owen Mansel-Chan
65c1f4a151 Merge pull request #12873 from owen-mc/go/fix-platform-specific-tests 
Go: Fix platform specific tests
 2023-04-19 13:52:14 +01:00
Kasper Svendsen
ba6bb79dd3 Prevent Ruby join order regression 2023-04-19 14:42:27 +02:00
Geoffrey White
e9ffefaa96 Swift: Improve ExtensionDecl.toString. 2023-04-19 13:38:04 +01:00
Jeroen Ketema
1a876f7762 C++: Update test expectations after extractor changes 2023-04-19 14:12:00 +02:00
Owen Mansel-Chan
3ca04338ca Use named initialization for struct 2023-04-19 13:06:51 +01:00
Paolo Tranquilli
c2f2a0578b Merge pull request #12868 from github/redsun82/bazel-6.1.2 
Bazel: update to 6.1.2
 2023-04-19 14:06:08 +02:00
Owen Mansel-Chan
219c1686fd Wrap return values of moveToTemporaryGopath in a struct 2023-04-19 12:40:23 +01:00
Erik Krogh Kristensen
d7325ba4e1 Merge pull request #12856 from p-/p--non-constant-open-improvments 
Ruby: Add additional sanitizers for Kernel.open or IO.read or similar sinks with a non-constant value
 2023-04-19 13:39:16 +02:00