hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-08 08:34:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
70,588 Commits 1,731 Branches 164 Tags
0cd4ccb79039de28ecbcad3b0e537302ef435c5d
Commit Graph

70588 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
0cd4ccb790 C#/Java: Update model generator expected test output. 2024-09-26 12:49:18 +02:00
Michael Nebel
b041829569 Shared: steps in synthetic path chains should just mention the same synthetic fields. 2024-09-26 12:49:07 +02:00
Michael Nebel
aae8660acc C#/Java: Add some examples of missing synthetic field element flow. 2024-09-26 12:00:29 +02:00
Michael Nebel
58513cadbf C#/Java: Add model generator test examples. 2024-09-26 12:00:25 +02:00
Michael Nebel
6cd548f410 Shared: Only exclude API and parameter combinations where we could get more than three summaries. 2024-09-26 12:00:04 +02:00
Chris Smowton
76914c40c9 Merge pull request #17591 from github/smowton/admin/java-23-change-note 
Add change note for Java 23 support
 2024-09-26 10:14:21 +01:00
Michael Nebel
dd993c3900 Merge pull request #17509 from michaelnebel/modelgen/parammodule 
C#/Java: Re-factor the model generator to be a parameterized module.
 2024-09-26 10:57:16 +02:00
Michael Nebel
297d32180c Merge pull request #17582 from michaelnebel/csharp/attributecollectionsinks 
C#: `AttributeCollection` is no longer considered a HTML sink.
 2024-09-26 09:17:31 +02:00
Chris Smowton
ba5be80814 Typo 2024-09-25 21:32:52 +01:00
Chris Smowton
2c9488e475 Add change note for Java 23 support 2024-09-25 21:32:24 +01:00
Ian Lynagh
a9ecb26885 Merge pull request #17555 from igfoo/igfoo/kotlin2.1 
Add support for Kotlin 2.1.0-Beta1
 2024-09-25 16:25:55 +01:00
Erik Krogh Kristensen
6a184e0c2e Merge pull request #17587 from 5idg5/users/js-dom-xss-tst-file-id-conflict-fix 
Resolve id conflict with XssWithAdditionalSources.ql
 2024-09-25 17:06:20 +02:00
Michael Nebel
1dcc6ac2b1 C#: Address review comments. 2024-09-25 17:06:19 +02:00
Jeroen Ketema
0520fc2d9f Merge pull request #17583 from jketema/rm-inline 
C++: Remove `inline` pragma from sink
 2024-09-25 16:30:30 +02:00
Ian Lynagh
a6fce19b0c Kotlin: Fix build with 2.1.0-Beta1 2024-09-25 15:23:35 +01:00
Ian Lynagh
5a03c35e9c Kotlin: Add 2.1.0-Beta1 2024-09-25 15:23:34 +01:00
Ian Lynagh
f193084f9f Kotlin: Add 2.1.0-Beta1 jars 2024-09-25 15:23:33 +01:00
Ian Lynagh
a8cad4963e Kotlin: 2.1.0 is supported 2024-09-25 15:23:31 +01:00
Sid Gawri
e8c68fff7f resolve id conflict with dom based xss test ql 2024-09-25 10:01:59 -04:00
Felicity Chapman
85cc596041 Merge pull request #17586 from github/felicitymay-patch-1 
Fix link to change logs on landing page
 2024-09-25 14:40:56 +01:00
Jeroen Ketema
7289476c80 Merge pull request #17576 from jketema/formatting 
C++: Do not wrap quoted text to the next line
 2024-09-25 15:32:16 +02:00
Felicity Chapman
53e33d3ef3 Fix link to change logs on landing page 2024-09-25 14:28:09 +01:00
Felicity Chapman
0baa9e9ac1 Merge pull request #17580 from github/felicitymay-fix-dropdown-links 
Revert changes that made the links in the drop-down on CodeQL docs site relative
 2024-09-25 14:16:14 +01:00
Tom Hvitved
90869ec96a Merge pull request #17558 from hvitved/rust/cfg-consistency-queries 
Rust: Enable CFG consistency checks
 2024-09-25 15:14:44 +02:00
Tom Hvitved
79620c1a89 Address review comment 2024-09-25 14:18:44 +02:00
Michael Nebel
af80797eda C#: Add change note. 2024-09-25 14:13:06 +02:00
Michael Nebel
e89a47f2f5 C#: Update XSS expected test output. 2024-09-25 14:13:03 +02:00
Michael Nebel
d00e27916d C#: No longer consider attribute collections as HTML sinks. 2024-09-25 14:12:59 +02:00
Michael Nebel
28c48fb471 C#: Add Xss attribute collection test example and update expected output. 2024-09-25 14:12:55 +02:00
Jeroen Ketema
0ee1383732 C++: Remove inline pragma from sink 2024-09-25 14:04:31 +02:00
Anders Schack-Mulligen
cc63abf0af Merge pull request #17578 from aschackmull/cpp/fix-inline-sink2 
Cpp: Replace sink inlining with a forward scan from source.
 2024-09-25 13:54:48 +02:00
Arthur Baars
f57dd0a596 Merge pull request #17552 from github/aibaars/diagnostics 
Rust: extract parse errors as diagnostics
 2024-09-25 13:15:24 +02:00
Felicity Chapman
329c3c7c56 Make links in drop-down absolute 2024-09-25 10:59:22 +01:00
Owen Mansel-Chan
0ae10ece39 Merge pull request #17571 from jsoref/issue-17570 
Downgrade IncorrectIntegerConversionQuery precision to high
 2024-09-25 09:58:43 +01:00
Tom Hvitved
cbc2389493 Rust: Accept CFG inconsistencies 2024-09-25 10:56:46 +02:00
Tom Hvitved
d299380a5a Rust: Enable CFG consistency checks 2024-09-25 10:56:44 +02:00
Tom Hvitved
f428fdc57c Rust: Run codegen 2024-09-25 10:55:18 +02:00
Tom Hvitved
8c956e8276 Rust: Add LogicalOperation.qll 2024-09-25 10:55:16 +02:00
Tom Hvitved
3bd5c6e445 Rust: Implement {BinaryExpr,PrefixExpr}.toString() 2024-09-25 10:55:15 +02:00
Tom Hvitved
1fb9835f23 Merge pull request #17557 from hvitved/rust/cfg-improvements 
Rust: CFG improvements
 2024-09-25 10:54:49 +02:00
Anders Schack-Mulligen
3a1b618a74 Cpp: Replace sink inlining with a forward scan from source. 2024-09-25 10:28:23 +02:00
Jeroen Ketema
29061a08ad C++: Do not wrap quoted text to the next line 
Wrapping breaks the highlighting in VSCode, making the QLDoc
difficult to read.
 2024-09-25 09:43:05 +02:00
Tom Hvitved
6e493f2baa Address review comments 2024-09-25 09:09:29 +02:00
Josh Soref
a9e07a88af Downgrade IncorrectIntegerConversionQuery precision to high 
`very-high` implies near 0 false positives and we have run into a number and an entire class

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2024-09-24 22:08:00 -04:00
Chris Smowton
590e93d8ed Merge pull request #17360 from smowton/smowton/admin/go-function-pretty-printer 
Go: Expose whether functions are variadic in their pp() output
 2024-09-24 21:47:50 +01:00
Arthur Baars
5714811071 Rust: fix panic when the last character in a range is multi-byte 2024-09-24 19:26:02 +02:00
Chris Smowton
d673d24ca6 Revise notation to more closely resemble real Go 2024-09-24 17:22:26 +01:00
Chris Smowton
11755482e4 Update test expectation (now signature types pretty-print indicating if they are variadic) 2024-09-24 17:18:10 +01:00
Chris Smowton
40035a0b62 Improve pretty-printer 2024-09-24 17:18:09 +01:00
Chris Smowton
4d3a140dd7 Expose whether functions are variadic in their pp() output 2024-09-24 17:18:08 +01:00