hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,595 Commits 1,697 Branches 161 Tags
0d0ce32ef25e8327e475bd7f178cd59822f199a3
Commit Graph

82595 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chad Bentz
0d0ce32ef2 Merge branch 'ruby-framework-grape' of github.com:felickz/codeql into ruby-framework-grape 2025-09-15 22:11:38 -04:00
Chad Bentz
fc98cd8d08 Fix naming standards 2025-09-15 22:11:33 -04:00
Chad Bentz
19cb187436 Update ruby/ql/lib/codeql/ruby/frameworks/Grape.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-15 22:03:27 -04:00
Chad Bentz
6cea93919e Merge branch 'main' into ruby-framework-grape 2025-09-15 22:02:24 -04:00
Chad Bentz
a8d4d6b563 Apply naming standards + changenote 2025-09-15 22:02:03 -04:00
Chris Smowton
c375f24598 Merge pull request #20423 from smowton/smowton/fix/length-comparison-off-by-one-fp 
JS: Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access
 2025-09-15 18:24:45 +01:00
Ian Lynagh
9231119b07 Merge pull request #20437 from github/igfoo/tweak-release-note 
C++: Tweak a release note
 2025-09-15 16:39:51 +01:00
Ian Lynagh
cc72314219 C++: Tweak a release note 2025-09-15 16:26:32 +01:00
Ian Lynagh
7860857b55 Merge pull request #20434 from github/igfoo/fix-typo 
javascript: Fix spelling error in documentation
 2025-09-15 16:21:57 +01:00
Ian Lynagh
b797df6ad5 Merge pull request #20436 from github/igfoo/fix-typo-substract 
Csharp: Fix typo in LeapYear qhelp
 2025-09-15 16:21:26 +01:00
Ian Lynagh
5cf052dec1 Csharp: Fix typo in LeapYear qhelp 
Corrects "add/substract" to "add/subtract" in the UnsafeYearConstruction.qhelp
file to improve clarity.
 2025-09-15 15:44:11 +01:00
Ian Lynagh
d0091e1b3c javascript: Fix spelling error in documentation 
Corrects the spelling of "occurrences" in the Incomplete Multi-Character
Sanitization documentation to improve clarity.
 2025-09-15 14:53:22 +01:00
Simon Friis Vindum
78389c8897 Merge pull request #20133 from paldepind/rust/type-inference-blanket-impl 
Rust: Support blanket implementations
 2025-09-15 12:46:41 +02:00
Simon Friis Vindum
af49301332 Merge pull request #20381 from paldepind/rust/request-forgery-query 
Rust: Add basic request forgery query
 2025-09-15 12:46:23 +02:00
Geoffrey White
00f644888c Merge pull request #20426 from geoffw0/cookie2 
Rust: cookie and biscotti crypto query sinks
 2025-09-15 11:07:46 +01:00
Simon Friis Vindum
35438294d1 Rust: Remove condition that always holds 2025-09-15 10:58:27 +02:00
Simon Friis Vindum
875c7da87c Rust: Improve comments in type inference 2025-09-15 10:37:38 +02:00
Simon Friis Vindum
50bdc658ba Rust: Apply documentation tweaks 2025-09-15 09:32:33 +02:00
Chad Bentz
5cfa6e83b3 Add support for route parameters(+ blocks), headers, and cookies in Grape API 2025-09-12 22:51:47 -04:00
Chad Bentz
3252bd39d2 Enhance Grape framework with additional data flow modeling and helper method support 2025-09-12 22:13:21 -04:00
Chad Bentz
738ab6fba7 Refactor Grape framework code for improved readability and consistency 2025-09-12 19:23:15 -04:00
Chad Bentz
d295acc3c3 Add initial support for Ruby Grape 2025-09-12 19:22:05 -04:00
Geoffrey White
989081ba4a Rust: Change note. 2025-09-12 18:12:59 +01:00
Geoffrey White
118ac07b71 Rust: Convert 'from' models into one generic one. 2025-09-12 18:05:30 +01:00
Geoffrey White
9f83b67a7c Rust: Model vec::from_elem. 2025-09-12 17:30:44 +01:00
Geoffrey White
e2d94127d6 Rust: Model vec::from. 2025-09-12 16:44:47 +01:00
Geoffrey White
5d3ea2f4d3 Rust: Add models for the cookie and biscotti crates. 2025-09-12 16:13:14 +01:00
Geoffrey White
2bb9e2f7be Rust: Add test cases for hardcoded cryptographic constants in cookies. 2025-09-12 15:42:56 +01:00
Simon Friis Vindum
e2e6fd0683 Rust: Address feedback from PR review 2025-09-12 16:10:58 +02:00
Simon Friis Vindum
12dcd751d3 Rust: Accept test changes 2025-09-12 15:34:09 +02:00
Simon Friis Vindum
29ba013580 Rust: Add support for resolving methods from blanket implementations 2025-09-12 15:34:04 +02:00
Chris Smowton
db5c58180e Change note 2025-09-12 14:32:12 +01:00
Chris Smowton
f5780ae369 Amend docstring 2025-09-12 14:32:10 +01:00
Chris Smowton
4fb133a43d Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access 2025-09-12 14:32:07 +01:00
Simon Friis Vindum
d10cdfb7f1 Rust: Move existing blanket implementation test 2025-09-12 15:31:42 +02:00
Simon Friis Vindum
69a1c7e1e8 Rust: Add tests with blanket implementation 2025-09-12 15:26:19 +02:00
Anders Schack-Mulligen
e8ddac08b7 Merge pull request #20377 from aschackmull/java/preconditions 
Java: Consolidate Assertions.qll and Preconditions.qll.
 2025-09-12 13:37:41 +02:00
Alexander Eyers-Taylor
e9fcd985f9 Merge pull request #20357 from github/alexet/java-global-virtual-dispatch 
Java: Make Virtual Dispatch Global, but keep SSA local.
 2025-09-12 12:20:46 +01:00
Geoffrey White
d638ee9741 Merge pull request #20404 from geoffw0/rustanalyzerdoc 
Rust: add `rust-analyzer` update instructions
 2025-09-12 11:17:10 +01:00
Jeroen Ketema
7c35835e25 Merge pull request #20422 from jketema/go-log 
Go: Retrofit the change log to mention Go 1.25
 2025-09-12 11:20:03 +02:00
Jeroen Ketema
a773042c5d Merge pull request #20407 from jketema/dyn-too-many 
C++: Add `cpp/uninitialized-local` test
 2025-09-12 11:12:28 +02:00
Jeroen Ketema
0f5bd3799e Merge branch 'main' into go-log 2025-09-12 11:12:01 +02:00
Jeroen Ketema
3de9356141 Go: Retrofit the change log to mention Go 1.25 
This can only be a minor change (or something similar) to stay within the
semantic versioning contraints. This is because only the patch version of
the Go ql library pack was bumped during the release. Since there were no new
language features in Go 1.25, this might also be the most accurate choice here.
 2025-09-12 11:08:42 +02:00
Jeroen Ketema
352610d651 C++: Add GOOD annotation 2025-09-12 10:29:27 +02:00
Simon Friis Vindum
fd5b5baa8f Merge pull request #20403 from paldepind/rust/certain-struct-expr 
Rust: Infer certain type information for struct expressions
 2025-09-12 10:28:07 +02:00
Geoffrey White
92124a9033 Update rust/README.md 2025-09-12 09:01:13 +01:00
Simon Friis Vindum
b456a8c4e5 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-09-12 09:09:00 +02:00
Alex Eyers-Taylor
d5ee91b1e8 Java: Adress comments form code review. 2025-09-11 17:14:08 +01:00
Geoffrey White
aaa67a2da9 Update rust/README.md 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-09-11 17:12:22 +01:00
Ian Lynagh
ffeece1179 Merge pull request #20410 from igfoo/igfoo/bmn-med 
C++: Remove the BMN filter from some queries, but reduce precision to medium
 2025-09-11 17:01:35 +01:00