hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-15 03:54:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
61,654 Commits 1,736 Branches 164 Tags
0307354d6ed1be402d42b1892bde7fa59b3abbbe
Commit Graph

61654 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nora Dimitrijević
0307354d6e Relax the C++ dbscheme for link_targets/2 2023-12-05 22:03:40 +01:00
Chuan-kai Lin
5b62c0cb53 Merge pull request #15016 from github/revert-15003-dependabot/github_actions/actions/labeler-5 
Revert "Bump actions/labeler from 4 to 5"
 2023-12-05 12:43:16 -08:00
Chuan-kai Lin
ba57a0363c Revert "Bump actions/labeler from 4 to 5" 2023-12-05 12:09:56 -08:00
Tom Hvitved
dde83b6415 Merge pull request #14709 from hvitved/ruby/shared-type-tracking 
Ruby: Adopt shared type tracking library
 2023-12-05 20:12:06 +01:00
Ian Lynagh
2c625e34b5 Merge pull request #15008 from igfoo/igfoo/kot-arr-taint 
Kotlin: Track taint through Array.get/set
 2023-12-05 18:30:21 +00:00
Taus
a09078a5ca Merge pull request #14777 from yoff/python/remove-ssa-nodes-from-dataflow-graph 
Python: remove EssaNodes
 2023-12-05 18:10:27 +01:00
Henti Smith
33a0de07b6 Merge pull request #15002 from github/dependabot/github_actions/actions/setup-dotnet-4 
Bump actions/setup-dotnet from 3 to 4
 2023-12-05 15:35:00 +00:00
Henti Smith
0232cd032c Merge pull request #15003 from github/dependabot/github_actions/actions/labeler-5 
Bump actions/labeler from 4 to 5
 2023-12-05 15:34:47 +00:00
Ian Lynagh
8ea155ef24 Kotlin: Add changenote 2023-12-05 14:48:02 +00:00
Ian Lynagh
babf1d6648 Kotlin: Track Kotlin's Array.set when tracking taint 2023-12-05 14:42:45 +00:00
Ian Lynagh
124487c57c Kotlin: Add more taint tests 2023-12-05 14:42:45 +00:00
Ian Lynagh
821b4c727e Kotlin: Add Array.get(_) support to taint tracking 2023-12-05 14:41:32 +00:00
Ian Lynagh
9953794101 Kotlin: Add an extra test case for Kotlin array taint 2023-12-05 14:41:32 +00:00
Jeroen Ketema
30e5e74a78 Merge pull request #15005 from jketema/ir-guards-ternary-fix 
C++: Fix IRGuards ternary behaviour
 2023-12-05 15:04:56 +01:00
Henti Smith
f66133e29e Merge branch 'main' into dependabot/github_actions/actions/labeler-5 2023-12-05 14:03:25 +00:00
Henti Smith
1d9cd0a73b Merge branch 'main' into dependabot/github_actions/actions/setup-dotnet-4 2023-12-05 14:03:23 +00:00
Tom Hvitved
c6e805faef Ruby: Add more deprecation comments 2023-12-05 14:57:15 +01:00
Michael Nebel
e6a5c50ebc Merge pull request #14953 from rpmrmartin/issue/14952 
C#: Fix a URL redirection from remote source false positive
 2023-12-05 13:02:56 +01:00
Mathias Vorreiter Pedersen
8ce4bbec33 Merge pull request #14867 from MathiasVP/reduce-duplication-from-operators 
C++: Reduce duplication from crement operations
 2023-12-05 11:57:48 +00:00
Ian Lynagh
70ff59eee1 Merge pull request #14997 from igfoo/igfoo/locs 
Kotlin: Accept some location changes in test-kotlin2/library-tests/vararg
 2023-12-05 11:18:27 +00:00
Jeroen Ketema
4d702e2eee C++: Fix IRGuards ternary behaviour 2023-12-05 12:17:46 +01:00
Jeroen Ketema
d84961571b C++: Add IRGuards test that shows that ternary behaviour is not quite correct 2023-12-05 12:16:01 +01:00
Mathias Vorreiter Pedersen
2908acfb52 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-05 11:00:17 +00:00
Mathias Vorreiter Pedersen
a8020f4f78 C++: Add barrier to prevent duplication. 2023-12-05 09:14:23 +00:00
Tom Hvitved
71d09b75fb Merge pull request #14990 from hvitved/csharp/more-nullness-tests 
C#: Add a few more `is (not) null` tests
 2023-12-05 10:14:13 +01:00
Michael Nebel
8dcdda6d21 C#: Address review comments. 2023-12-05 10:08:06 +01:00
Tony Torralba
07b76ee444 Merge pull request #15000 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-12-05 08:54:20 +01:00
Tamás Vajk
b06113a21e Merge pull request #14991 from tamasvajk/standalone/prefer-assembly-version-over-netcore-version 
C#: Prefer assembly version over netcore version in conflict resolution
 2023-12-05 08:49:08 +01:00
dependabot[bot]
eb08a508c9 Bump actions/labeler from 4 to 5 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4 to 5.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:07 +00:00
dependabot[bot]
4d68beffe0 Bump actions/setup-dotnet from 3 to 4 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3 to 4.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:03 +00:00
github-actions[bot]
48c15035b9 Add changed framework coverage reports 2023-12-05 00:16:34 +00:00
Mathias Vorreiter Pedersen
6dd941ee20 Merge pull request #14996 from jketema/toctou-test 
C++: Fix `chmod` prototype in toctou test and additional test
 2023-12-04 17:42:52 +00:00
Owen Mansel-Chan
570538b4ec Merge pull request #14938 from owen-mc/go/improve-test-unhandled-close-writable-handle 
Go: improve test unhandled close writable handle
 2023-12-04 16:56:09 +00:00
Jeroen Ketema
7f1bd499ce C++: Add test annotation 2023-12-04 17:53:08 +01:00
Mathias Vorreiter Pedersen
d9d36ff213 C++: Fix Code Scanning errors. 2023-12-04 16:53:03 +00:00
Rasmus Lerchedahl Petersen
9e1c818db6 Python: address review comments 2023-12-04 17:49:26 +01:00
Ian Lynagh
1aa1698f44 Kotlin: Accept some location changes in test-kotlin2/library-tests/vararg 2023-12-04 16:44:38 +00:00
yoff
f5c176bd12 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2023-12-04 17:41:00 +01:00
Mathias Vorreiter Pedersen
03b77dbf2a C++: Make 'node.asExpr()' behave as 'node.asDefinition()' in void contexts. 2023-12-04 16:38:13 +00:00
Jami
651653998c Merge pull request #14913 from jcogs33/jcogs33/unsafe-url-forward_path-inj-related_cve-2019-3799 
Java: add Spring models
 2023-12-04 10:18:50 -05:00
Jeroen Ketema
3e2397a3d1 C++: Fix chmod prototype in toctou test and additional test 2023-12-04 16:15:44 +01:00
Sarita Iyer
5a4ea7781e Merge pull request #14976 from github/saritai/docs-update-12431 
Document threat models
 2023-12-04 10:10:00 -05:00
Sarita Iyer
c4b6f44dff fix punctuation 2023-12-04 09:47:09 -05:00
Tamas Vajk
267125a65e Adjust comment on OrderAssemblyInfosByPreference method 2023-12-04 15:21:30 +01:00
Sarita Iyer
52a0a8333f Update customizing-library-models-for-java-and-kotlin.rst 2023-12-04 09:21:22 -05:00
Sarita Iyer
5bf93d096b Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-12-04 09:13:33 -05:00
Tamas Vajk
db22478a47 Fix expected test files 2023-12-04 14:39:20 +01:00
Tony Torralba
649dc9d1d4 Merge pull request #14993 from github/shati-patel/fix-cwe-tags 
Update inconsistent CWE tags
 2023-12-04 14:30:32 +01:00
Rasmus Lerchedahl Petersen
e091ae84ab Merge branch 'main' of https://github.com/github/codeql into python/remove-ssa-nodes-from-dataflow-graph 2023-12-04 14:05:40 +01:00
Harry Maclean
d630773575 Merge pull request #14627 from alexrford/rb/update_all_sink 
Ruby: refine `ActiveRecord` `update_all` as an SQL sink
 2023-12-04 13:02:14 +00:00