hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 09:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
58,537 Commits 1,741 Branches 165 Tags
05080924de1ecfffcdbf630e20bd6c448be6f352
Commit Graph

58537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan Brandauer
6f7d78183f Java: add endpoints for parameters of overridden methods in automodel application mode 2023-09-07 15:49:57 +02:00
Stephan Brandauer
dff8259e78 Java: support remote sources in automodel positive example extraction 2023-09-07 15:49:57 +02:00
Stephan Brandauer
fcabca4581 Java: Export MaD output in application mode extraction queries 2023-09-07 15:49:57 +02:00
Stephan Brandauer
8d133f86c7 Java: replace getArgIndex by getMaDInput 2023-09-07 15:49:57 +02:00
Stephan Brandauer
902a585b47 Java: remove isArgOf predicate 2023-09-07 15:49:57 +02:00
Stephan Brandauer
caaf2f83d7 Java: enable model exclusion characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
344aa9cb6b Java: enable local call characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
afc5aedd0a Java: enable exception characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
a526b79211 Java: enable unexploitable is/exists characteristics also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
f55d950be3 Java: update application mode extraction test expectations after adding source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
937e452ce0 Java: add extensibleType to sampling keys 2023-09-07 15:49:57 +02:00
Stephan Brandauer
eb1e29d284 Java: add new endpoint class for source candidates in application mode 2023-09-07 15:49:57 +02:00
Stephan Brandauer
7cfcbf6b71 Java: add extensible type to endpoint class in application mode 2023-09-07 15:49:56 +02:00
Alexander Eyers-Taylor
df2b313c5e Merge pull request #14155 from alexet/reach-end-of-function-return 
CPP: Make functions that reach the end return.
 2023-09-07 13:58:43 +01:00
Alex Eyers-Taylor
43a72f2a8e CPP:Add tests for the aliased IR. 2023-09-07 13:42:31 +01:00
Alex Eyers-Taylor
404145dd1b CPP: Update tests 2023-09-07 13:42:31 +01:00
Alex Eyers-Taylor
b44c4587a4 CPP: Remove sucessors of non-returning IR calls. 2023-09-07 12:58:20 +01:00
Alex Eyers-Taylor
e8dfecc4a4 CPP: Fix test result 2023-09-07 12:49:13 +01:00
Alex Eyers-Taylor
d603b7ac3c CPP: Make functions that reach the end return. 
This is UB in C++ but not C where it is only bad if the result is used.
 2023-09-07 12:39:48 +01:00
Michael B. Gale
3b708993c7 Go: Add diagnostic for 1.21 toolchain error 2023-09-07 11:51:20 +01:00
erik-krogh
bf3fe3cd66 add new qhelp for clear-text-logging 2023-09-07 12:39:13 +02:00
Michael B. Gale
38892bb51b Merge pull request #13999 from github/mbg/csharp/standalone/dotnet-version 
C# Standalone: Install .NET SDK specified in `global.json`
 2023-09-07 11:30:53 +01:00
Rasmus Wriedt Larsen
ec0529d68c Merge pull request #14145 from p-/p--asyncio-cmdi-exec 
Python: Support for command injection sinks found in the `asyncio` module
 2023-09-07 11:27:50 +02:00
Rasmus Wriedt Larsen
bfb4be26c2 Python: Autoformat 2023-09-07 10:31:39 +02:00
Rasmus Wriedt Larsen
54c456d95d Python: Apply suggestions from code review 2023-09-07 10:28:46 +02:00
Rasmus Wriedt Larsen
d4c3dfffec Merge pull request #14158 from RasmusWL/fix-ssrf-example 
Python: Fix typo in SSRF example
 2023-09-07 10:22:21 +02:00
Rasmus Wriedt Larsen
c85ea9a0c0 Python: Fix typo in SSRF example 2023-09-07 09:45:02 +02:00
Michael B. Gale
ccbc6f446a Use git ls-files to find DLLs to index 2023-09-06 22:17:08 +01:00
Tom Hvitved
718e491800 C#: Clear TRAP stack when calling PopulateGenerics 2023-09-06 21:12:01 +02:00
Tom Hvitved
334502a3de Merge pull request #14153 from github/revert-14082-csharp/bump-dependencies 
Revert "C#: Bump all dependencies"
 2023-09-06 21:10:56 +02:00
Mathias Vorreiter Pedersen
3f6346737c Update 2023-09-06-as-defining-argument-off-by-one-fix.md 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2023-09-06 19:48:48 +01:00
Mathias Vorreiter Pedersen
87925abaa2 C++: Add change note. 2023-09-06 17:26:08 +01:00
Mathias Vorreiter Pedersen
14faa5d020 C++: Fix off-by-one in 'asDefiningArgument' so that the domain of the argument is '[1..]' like 'asIndirectArgument'. 2023-09-06 17:19:44 +01:00
Peter Stöckli
7aa5d2dc8a Python: move asyncio CMDi related tests to stdlib tests 2023-09-06 16:54:18 +02:00
Robert Marsh
5bdd9597d2 Merge branch 'main' into rdmarsh2/swift/dictionary-flow-tuples 2023-09-06 14:50:16 +00:00
Mathias Vorreiter Pedersen
12a717e3af Merge pull request #14141 from github/alexdenisov/unresolved-ast-nodes 
Swift: add queries for unresolved AST nodes
 2023-09-06 15:40:11 +01:00
Tom Hvitved
6e0ff56788 Revert "C#: Bump all dependencies" 2023-09-06 16:23:38 +02:00
Peter Stöckli
ede7d8fb6a Python: apply suggestions from code review for asyncio 2023-09-06 15:47:07 +02:00
Mathias Vorreiter Pedersen
2bed77de09 Merge branch 'main' into deduplicate-dataflow-results-take-3 2023-09-06 14:12:36 +01:00
Mathias Vorreiter Pedersen
4cbe82353f C++: Accept more test changes. 2023-09-06 13:58:28 +01:00
Mathias Vorreiter Pedersen
b22199982e C++: Add change note. 2023-09-06 13:08:21 +01:00
Michael Nebel
a8e427ffe1 Merge pull request #14097 from michaelnebel/csharp/extractorerrormessages 
C#: Update extractor_messages relation schema.
 2023-09-06 14:01:36 +02:00
Cornelius Riemenschneider
76f1c7a4cd Merge pull request #14137 from github/dependabot/github_actions/actions/checkout-4 
Bump actions/checkout from 2 to 4
 2023-09-06 13:13:30 +02:00
Cornelius Riemenschneider
79d210f7bd Update .github/workflows/ruby-build.yml 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-09-06 12:19:46 +02:00
Mathias Vorreiter Pedersen
3eb2da4c03 C++: No need to remove duplications manually. 2023-09-06 09:29:11 +01:00
Tom Hvitved
3a9c34c3c6 Merge pull request #14132 from hvitved/csharp/data-flow-property-write 
C#: Fix logic for flow into property writes
 2023-09-06 08:49:53 +02:00
Erik Krogh Kristensen
a11db7a80a Merge pull request #14148 from github/dependabot/cargo/ql/chrono-0.4.29 
Bump chrono from 0.4.28 to 0.4.29 in /ql
 2023-09-06 07:25:13 +02:00
dependabot[bot]
7f73c59304 Bump chrono from 0.4.28 to 0.4.29 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.28 to 0.4.29.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.28...v0.4.29)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 03:58:08 +00:00
Mathias Vorreiter Pedersen
570b08e2e9 Merge pull request #14143 from alexet/global-from-unreachble 
CPP: Handle globals flowing into "UnreacheachedInstruction"
 2023-09-05 16:58:55 +01:00
Peter Stöckli
9027eac312 Python: add change notes for asyncio CMDi sinks 2023-09-05 16:14:56 +02:00