hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
60,296 Commits 1,741 Branches 165 Tags
18c8d90a1a2ea84596689c615ebe233bccdfae38
Commit Graph

60296 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Rodes
18c8d90a1a Adding a model implementation for ODBC. 
(cherry picked from commit 04147f8d91cdf018ec03cbfdb953253e23687944)
 2023-10-31 08:52:05 -07:00
Erik Krogh Kristensen
8f58685b38 Merge pull request #14643 from aibaars/express-req-path 
Javascript: add `req.path` as remote flow source
 2023-10-31 16:36:48 +01:00
Mathias Vorreiter Pedersen
b9dfeb3aac Merge pull request #14444 from alexet/range-cases 
CPP: Add some range analysis cases
 2023-10-31 15:55:41 +01:00
Alexander Eyers-Taylor
11152deeb5 Update cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-31 13:52:33 +00:00
Mathias Vorreiter Pedersen
e75562e508 Merge pull request #14633 from github/redsun82/capture-list-vars 
Swift: add `VarDecl` children to `CaptureListExpr`
 2023-10-31 12:48:14 +01:00
Arthur Baars
5cc94e1105 Express.js: add req.path as remote input source 2023-10-31 12:44:26 +01:00
Arthur Baars
21b7a51d0a Add test case for req.path 2023-10-31 12:44:25 +01:00
Arthur Baars
1479509d93 Re-order expected test ouput 2023-10-31 12:44:25 +01:00
Chris Smowton
98032d58b8 Merge pull request #14640 from github/smowton/admin/make-go-tests-serial 
Go: mark all integration tests non-parallelisable
 2023-10-31 10:58:41 +00:00
Mathias Vorreiter Pedersen
5b17066e6c Merge pull request #14638 from geoffw0/jsevaltest 
Swift: Clean up the swift/unsafe-js-eval test
 2023-10-31 11:43:41 +01:00
Paolo Tranquilli
ea04b500a3 Swift: tweak dataflow test 2023-10-31 11:39:25 +01:00
Ian Lynagh
b841d5f923 Merge pull request #14622 from igfoo/igfoo/JavaBinarySourceElement 
Kotlin: Add support for JavaBinarySourceElement sources
 2023-10-31 10:33:48 +00:00
Tamás Vajk
81b3ff2bb8 Merge pull request #14545 from tamasvajk/standalone/remove-netstandard.library.ref 
C#: Handle `netstandard` references in standalone extraction
 2023-10-31 11:32:42 +01:00
Chris Smowton
79e1aa0498 Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
Chris Smowton
05a4c7fdc1 Add non-comment lines specifying serialisation group 2023-10-31 10:21:55 +00:00
Mathias Vorreiter Pedersen
66f4eccc30 Merge pull request #14632 from MathiasVP/share-ipa-numbering-for-indirect-nodes 
C++: Share IPA numbering for indirect nodes
 2023-10-31 11:20:41 +01:00
Paolo Tranquilli
5407b57261 Swift: add change note 2023-10-31 10:57:02 +01:00
Paolo Tranquilli
aac6cf60ee Swift: add explicative comment 2023-10-31 10:46:12 +01:00
Paolo Tranquilli
ffff10a7e8 Swift: synthesize CaptureListExpr::getVariable in QL instead of extracting it 2023-10-31 10:44:50 +01:00
Paolo Tranquilli
7bae2d9192 Swift: fix tests 2023-10-31 10:44:41 +01:00
Chris Smowton
ec72150893 Go: mark all integration tests non-parallelisable 2023-10-30 22:16:26 +00:00
Tom Hvitved
435b7df764 Merge pull request #14607 from hvitved/csharp/type-ref-dedup 
C#: Only use `getTypeRef` when there is not already a type available
 2023-10-30 19:52:58 +01:00
Geoffrey White
b259a0ff6a Swift: get rid of getRemoteData() in the tests, it's obfuscating results. 2023-10-30 17:48:51 +00:00
Geoffrey White
c8706e2ad7 Swift: Add some annotations to the clarify UnsafeJSEval.swift test. 2023-10-30 17:43:37 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Paolo Tranquilli
f81a3ec464 Swift: add VarDecl children to CaptureListExpr 2023-10-30 17:04:53 +01:00
Mathias Vorreiter Pedersen
91d224eea5 Merge pull request #14623 from alexet/dataflow-fps 
CPP: Add dataflow FP with output arguments
 2023-10-30 14:30:51 +00:00
Alex Eyers-Taylor
fb0f9ec601 CPP: Add missing rnage analysis ranges in test. 2023-10-30 14:17:03 +00:00
Alexander Eyers-Taylor
b8d45ae927 Update cpp/ql/test/library-tests/dataflow/dataflow-tests/flowOut.cpp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-10-30 14:04:45 +00:00
Ian Lynagh
e2ef0dc71d Merge pull request #14621 from igfoo/igfoo/getFileClassFqName_IrField 
Kotlin: Fix getFileClassFqName for IrField
 2023-10-30 13:54:08 +00:00
Ian Lynagh
d46442245b Merge pull request #14518 from igfoo/igfoo/trap_files 
Kotlin: Log when we start and finish writing to TRAP files
 2023-10-30 13:53:04 +00:00
Harry Maclean
dc9f171ee6 Merge pull request #14631 from hmac/hmac-dynamic-neutral-model 
JS/Ruby/Python: Add neutralModel extensible predicate
 2023-10-30 12:50:09 +00:00
Mathias Vorreiter Pedersen
b4958e7d58 C++: Accept path changes. 2023-10-30 12:44:30 +00:00
Mathias Vorreiter Pedersen
a077b70d66 C++: Accept test changes. 2023-10-30 11:54:24 +00:00
Mathias Vorreiter Pedersen
535d1e2565 C++: Define indirect instructions (and operands) using a 'Node0Impl' column instead of an instruction (or operand). 2023-10-30 11:54:24 +00:00
Ian Lynagh
55df481e5c Kotlin: Add support for JavaBinarySourceElement sources 2023-10-30 11:43:36 +00:00
Harry Maclean
083be305e1 Shared: Add neutralModel extensible predicate 
The neutralModel extensible predicate already exists in Java and C#, so
this change brings the dynamic languages more in line with static
languages. The Model Editor uses this predicate to mark endpoints as
"not interesting" from a data flow perspective.
 2023-10-30 11:31:57 +00:00
Harry Maclean
38ecde0cc1 Shared: Include data extensions in workspace 
This change allows codeql to see data extensions stored in the .github
directory inside the codeql repo. This is useful when using the CodeQL
Model Editor whilst working inside the codeql repo.
 2023-10-30 11:31:56 +00:00
Chris Smowton
78fcbd07d6 Merge pull request #14630 from github/release-prep/2.15.2 
Release preparation for version 2.15.2
codeql-cli/v2.15.2 		2023-10-30 11:26:32 +00:00
Mathias Vorreiter Pedersen
3a9ffe189e Merge pull request #14567 from github/redsun82/swift-case-variables 
Swift: clean up `VarDecl`, `NamedPattern` and `SwitchStmt` interactions
 2023-10-30 11:23:38 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Mathias Vorreiter Pedersen
9e2f0b5ed0 Merge branch 'main' into redsun82/swift-case-variables 2023-10-30 10:14:45 +00:00
Mathias Vorreiter Pedersen
c4521a30aa Merge pull request #14113 from geoffw0/implicitflow 
Swift: Flow through OpenExistentialExpr
 2023-10-30 10:08:29 +00:00
Mathias Vorreiter Pedersen
4e08ba6820 Merge pull request #14618 from geoffw0/qldoc 
Swift: QLDoc and test for getCanonicalType
 2023-10-30 10:06:26 +00:00
Tamás Vajk
b9c89750b9 Merge pull request #14493 from tamasvajk/fix/params-attribute-argument 
C#: Fix params attribute argument extraction
 2023-10-30 10:50:02 +01:00
Mathias Vorreiter Pedersen
342b3d7733 Merge pull request #14619 from MathiasVP/fix-strtol-model 
C++: Fix `strtol` model
 2023-10-30 09:41:23 +00:00
Geoffrey White
1929dead39 Merge branch 'main' into implicitflow 2023-10-27 23:35:54 +01:00
Owen Mansel-Chan
c1ecd5a0da Merge pull request #14608 from Kwstubbs/golang-cookie-reflectedxss-sanitizer 
Go: GoAdd Cookie Sanitizer to Reflected XSS
 2023-10-27 21:47:39 +01:00
Kevin Stubbings
57cbacb495 test.go change 2023-10-27 12:07:51 -07:00
Kevin Stubbings
ce0104799a Fix minor issues 2023-10-27 11:42:22 -07:00