hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 09:11:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
53,610 Commits 1,689 Branches 159 Tags
0bfb242e63c1eb2f1b786faa2ab86fd00a6ba4f4
Commit Graph

53610 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
0bfb242e63 Factor out logic for needGopath 2023-04-19 12:20:49 +01:00
Owen Mansel-Chan
b169f1bfdf Factor out code to fix go vendor issues 2023-04-19 12:20:48 +01:00
Owen Mansel-Chan
f872a11b85 Factor out initial ModMode calculation 2023-04-19 12:20:48 +01:00
Owen Mansel-Chan
2d8d9773c4 Factor out depMode calculation 2023-04-19 12:20:47 +01:00
Owen Mansel-Chan
d613bc8a28 Update checks for files or dirs existing 
The previous way is considered outdated now.
 2023-04-19 12:20:47 +01:00
Owen Mansel-Chan
2914480ff6 Avoid platform-specific results 
These were introduced in https://github.com/github/codeql/pull/12750 but
the relevant tests that should have caught it weren't run.
 2023-04-19 11:18:19 +01:00
Owen Mansel-Chan
1cf626f712 Use latest patch version of Go 1.20 for tests 2023-04-19 11:18:09 +01:00
Tony Torralba
4e60697042 Merge pull request #12866 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-19 11:16:21 +02:00
Mathias Vorreiter Pedersen
8d62d5916e Merge pull request #12807 from MathiasVP/dataflow-for-keypaths 
Swift: Dataflow for keypaths
 2023-04-19 10:00:49 +01:00
Harry Maclean
c44fbc1063 Merge pull request #12786 from hmac/merge-extractor-binaries 
Ruby/QL: Merge extractor binaries
 2023-04-19 15:17:25 +07:00
Michael Nebel
1caca21552 Merge pull request #12829 from michaelnebel/csharp/refactordataflow4 
C#: Re-factor tainttracking and dataflow configurations to use the new API.
 2023-04-19 08:32:36 +02:00
Harry Maclean
30468dd059 QL: Rename extractor to codeql-extractor-ql 2023-04-19 06:30:09 +00:00
Harry Maclean
ab4eba11ec Ruby: Rename extractor to codeql-extractor-ruby 2023-04-19 06:27:27 +00:00
Tony Torralba
62f5a5dcd5 Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers 
Java: Add line break sanitizers to java/log-injection
 2023-04-19 08:20:04 +02:00
github-actions[bot]
7abc029872 Add changed framework coverage reports 2023-04-19 00:16:15 +00:00
Mathias Vorreiter Pedersen
9aca2d8533 Merge pull request #12861 from MathiasVP/ignore-more-instructions-for-dataflow 
C++: Ignore a few more instructions in dataflow
 2023-04-18 18:17:11 +01:00
Mathias Vorreiter Pedersen
fb1a871777 Merge pull request #12855 from MathiasVP/fix-joins-in-use-after-free 
C++: Fix bad self-join in `cpp/use-after-free`
 2023-04-18 17:13:03 +01:00
Edward Minnix III
09502c60d5 Merge pull request #12812 from egregius313/egregius313/java/dataflow/refactor-tests 
Java: Refactor Test DataFlow configurations to new API
 2023-04-18 10:22:30 -04:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Mathias Vorreiter Pedersen
6e5f09f7bb C++: Ignore more instructions in dataflow. 2023-04-18 13:32:24 +01:00
Mathias Vorreiter Pedersen
231b0fcab2 Swift: Add more tests. 2023-04-18 12:01:08 +01:00
Tony Torralba
ba49386e6c Merge pull request #12806 from GeekMasher/main 
Java: Add missing write-file models for Java IO / NIO
 2023-04-18 11:15:53 +02:00
Mathias Vorreiter Pedersen
61aba4683f C++: Fix bad self-join in 'cpp/use-after-free'. 
Before:
```ql
[2023-04-18 09:17:24] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 in 3903ms (size: 130544).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 with tuple counts:
        533787724  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs WITH ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           130544  ~0%    {2} r2 = JOIN r1 WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                          return r2
```

After:
```ql
[2023-04-18 10:09:34] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk in 2ms (size: 18380).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk with tuple counts:
        18380  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                      return r1
```
 2023-04-18 10:14:45 +01:00
Arthur Baars
e5d89b969a Merge pull request #12780 from aibaars/shared-yaml-lib 
JS: extract YAML library to a shared pack
 2023-04-18 11:09:53 +02:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Paolo Tranquilli
d777fd950f Merge pull request #12760 from github/redsun82/swift-logging-compiler 
Swift: route compiler diagnostics through our log
 2023-04-18 10:03:29 +02:00
Tony Torralba
99ad43b21e Merge pull request #12853 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-18 09:34:52 +02:00
Kasper Svendsen
9d34d090ab Merge pull request #12843 from kaspersv/kaspersv/prevent-bad-js-join-order 
Prevent JS join order regression
 2023-04-18 09:09:43 +02:00
Paolo Tranquilli
b8c55612e5 Swift: route compiler diagnostics through our log 2023-04-18 08:46:31 +02:00
Ed Minnix
e6a2528c38 Refactor XSS and SpringJDBC tests to lib configurations 2023-04-17 23:48:06 -04:00
Ed Minnix
49521f6de8 Refactor tests which extends Configuration 2023-04-17 23:48:06 -04:00
Ed Minnix
66f971e70d Refactor query tests 2023-04-17 23:48:06 -04:00
Ed Minnix
93bd2a9409 Refactor PathSanitizer test 2023-04-17 23:48:06 -04:00
Ed Minnix
547f00c3d1 Refactor Spring test 2023-04-17 23:48:06 -04:00
Ed Minnix
9631b6545f Refactor Ratpack test 2023-04-17 23:48:06 -04:00
Ed Minnix
e0e5bb131b Refactor RabbitMQ test 2023-04-17 23:48:06 -04:00
Ed Minnix
2579852e90 Refactor jms test 2023-04-17 23:48:06 -04:00
Ed Minnix
6cda285d56 Refactor Guice test 2023-04-17 23:48:06 -04:00
Ed Minnix
8d0e3ac033 Refactor Guava test 2023-04-17 23:48:06 -04:00
Ed Minnix
38e65ee36d Refactor apache-http test 2023-04-17 23:48:06 -04:00
Ed Minnix
f745642252 Refactor Android tests 2023-04-17 23:48:06 -04:00
Ed Minnix
95c28967cc Refactor dataflow library tests 2023-04-17 23:48:06 -04:00
Ed Minnix
0c380cdd72 Formatting fixes 2023-04-17 23:48:06 -04:00
Ed Minnix
13ec7db1ea Kotlin tests 2023-04-17 23:48:06 -04:00
github-actions[bot]
3c2a3abb13 Add changed framework coverage reports 2023-04-18 00:15:30 +00:00
Erik Krogh Kristensen
03e76378ca Merge pull request #12850 from smiddy007/remove-unused-example-files 
JS: Remove unused example files and edit qhelp to match
 2023-04-17 23:29:15 +02:00
Jami
a149c41baf Merge pull request #12155 from jcogs33/jcogs33/add-heuristic-ssrf-models 
Java: add ssrf models discovered with heuristics
 2023-04-17 15:45:48 -04:00
Mathias Vorreiter Pedersen
bb8c3de6b2 Merge pull request #12599 from rdmarsh2/rdmarsh2/range-analysis-overflow 
C++: add overflow detection to new range analysis
 2023-04-17 20:18:44 +01:00
Jami Cogswell
25786f61be Java: minorAnalysis in change note 2023-04-17 13:48:04 -04:00
smiddy007
e4ec1ae261 Update InsufficientPasswordHash.qhelp 
change file name to original
 2023-04-17 13:18:47 -04:00