am0o0
|
1d1c476674
|
update tests and use TaintFlowTestArgString
add stubs
add missed sink models
|
2024-07-13 16:58:51 +02:00 |
|
Chris Smowton
|
1cb9f6370f
|
Use hasTaintFlow marker
|
2024-07-13 13:09:43 +02:00 |
|
Chris Smowton
|
059a1389c6
|
Run TaintedPath query on experimental tests
|
2024-07-13 13:09:26 +02:00 |
|
Chris Smowton
|
4e9a528df9
|
Move experimental tests
|
2024-07-13 13:09:08 +02:00 |
|
am0o0
|
7e5f2e2a48
|
experimentalSinkModel to sinkModel, remove one path injection sink that already exist before
|
2024-07-03 08:55:12 +02:00 |
|
am0o0
|
412472e9a4
|
add zip4j
|
2024-06-08 01:14:04 +02:00 |
|
am0o0
|
240b4cd696
|
update tests
|
2024-06-08 01:05:55 +02:00 |
|
am0o0
|
ceea475c45
|
add new s3 and spring IO path injection sinks
|
2024-06-08 01:04:20 +02:00 |
|
Cornelius Riemenschneider
|
5fa1b57aaa
|
Merge pull request #16586 from hvitved/rust-bump
Python: Use Rust 1.74
|
2024-05-24 15:30:15 +02:00 |
|
Tom Hvitved
|
386bc1eb03
|
Bazel: repin
|
2024-05-24 13:53:55 +02:00 |
|
Tom Hvitved
|
7490472772
|
Update Python to use Rust 1.74
|
2024-05-24 13:05:39 +02:00 |
|
Michael Nebel
|
95473c06fc
|
Merge pull request #16520 from michaelnebel/csharp/fixsummarizedcallabledataflow
C#: Make the flow summary filtering in the adapter.
|
2024-05-24 12:48:03 +02:00 |
|
Tom Hvitved
|
0dbce3d077
|
Merge pull request #16451 from hvitved/treesitter/codeql-verbosity
Tree-sitter: Respect verbosity defined in `CODEQL_VERBOSITY`
|
2024-05-24 11:24:01 +02:00 |
|
Tamás Vajk
|
8ae607cdce
|
Merge pull request #16577 from tamasvajk/fix/adjust-compiler-arg-test
C#: Adjust compiler argument integration test
|
2024-05-24 09:24:21 +02:00 |
|
Erik Krogh Kristensen
|
c743abad54
|
Merge pull request #14294 from am0o0/amammad-js-CodeInjection_execa
JS: provide command execution sinks for execa package
|
2024-05-24 09:20:19 +02:00 |
|
Anders Schack-Mulligen
|
5a7174dcbb
|
Merge pull request #16500 from aschackmull/java/static-field-side-effect
Java: Add support for flow through side-effects on static fields.
|
2024-05-24 09:19:31 +02:00 |
|
Michael Nebel
|
78d4745722
|
Merge pull request #16578 from michaelnebel/java/dontliftneutral
Java: Do not lift neutrals in Model generation.
|
2024-05-24 09:19:20 +02:00 |
|
Tamas Vajk
|
9aee2dc002
|
C#: Adjust compiler argument integration test
|
2024-05-24 08:39:08 +02:00 |
|
Michael Nebel
|
f5c654b669
|
Merge pull request #16579 from tamasvajk/fix/integration-test-2
C#: Fix integration test expected file
|
2024-05-24 08:16:37 +02:00 |
|
Dave Bartolomeo
|
6f67f9e887
|
Merge pull request #16564 from github/dbartol/v1
Update all pack versions to `1.0.0`
|
2024-05-23 17:32:27 -04:00 |
|
Dave Bartolomeo
|
f498e05099
|
Merge branch 'main' into dbartol/v1
|
2024-05-23 14:37:28 -04:00 |
|
Dave Bartolomeo
|
613ccaac1d
|
Add change note to all v1.0.0 packs
|
2024-05-23 13:01:22 -04:00 |
|
Arthur Baars
|
b2c64eabd4
|
Merge pull request #16572 from github/aibaars-patch-2
Java: include link to `remote source` in TrustBoundaryViolation.ql
|
2024-05-23 18:16:11 +02:00 |
|
Philip Ginsbach
|
4fbbda508b
|
Merge pull request #16580 from github/ginsbach/MonotonicAggregateModules
`monotonicAggregates` can apply to modules (see language spec)
|
2024-05-23 16:40:29 +01:00 |
|
Philip Ginsbach
|
1129df9cb7
|
'monotonicAggregates' can apply to modules (see language spec)
|
2024-05-23 16:20:54 +01:00 |
|
Tamas Vajk
|
5928ede324
|
C#: Fix integration test expected file
|
2024-05-23 16:47:35 +02:00 |
|
Michael Nebel
|
9cf0995720
|
Java: Update test expected output.
|
2024-05-23 16:33:04 +02:00 |
|
Michael Nebel
|
6f5bdfba65
|
Java: Do not lift neutrals and only generate for public endpoints.
|
2024-05-23 16:32:45 +02:00 |
|
Arthur Baars
|
b5b5fef642
|
Switch source and sink in TrustBoundaryViolation.ql
|
2024-05-23 15:53:12 +02:00 |
|
Arthur Baars
|
5c4eb3c943
|
Java: add change note
|
2024-05-23 13:06:01 +00:00 |
|
Michael Nebel
|
1e54422662
|
Java: Add neutral implementations.
|
2024-05-23 15:00:23 +02:00 |
|
Tamás Vajk
|
c0d623c056
|
Merge pull request #16567 from tamasvajk/refactor/static-extraction-state
C#: Refactor static compilation state
|
2024-05-23 14:49:33 +02:00 |
|
Anders Schack-Mulligen
|
4905612905
|
Merge pull request #16573 from aschackmull/java/dispatch-joinorder
Java: Fix join-order in viableImplInCallContext.
|
2024-05-23 14:48:25 +02:00 |
|
Arthur Baars
|
d540675b9e
|
Update TrustBoundaryViolation.ql
|
2024-05-23 12:04:47 +00:00 |
|
Tom Hvitved
|
e4cd9d86f6
|
Tree-sitter: Respect verbosity defined in CODEQL_VERBOSITY
|
2024-05-23 13:38:35 +02:00 |
|
Anders Schack-Mulligen
|
1bc3f6b0e7
|
Java: Add change note.
|
2024-05-23 13:03:06 +02:00 |
|
Tom Hvitved
|
a523be4d0a
|
Tree-sitter: Add set_tracing_level to shared extractor module
|
2024-05-23 12:58:53 +02:00 |
|
Anders Schack-Mulligen
|
bf3dbc24de
|
Java: Add support for flow through side-effects on static fields.
|
2024-05-23 12:57:57 +02:00 |
|
Anders Schack-Mulligen
|
619913b553
|
Merge pull request #16552 from aschackmull/java/no-source-dispatch-for-exact-mad
Java: Remove source dispatch when there's an exact match from a manual model.
|
2024-05-23 12:56:58 +02:00 |
|
Paolo Tranquilli
|
7da7416bcd
|
Merge pull request #16568 from github/redsun82/m1-opts
Swift: add flags and instructions for building on macOS ARM
|
2024-05-23 12:53:29 +02:00 |
|
Anders Schack-Mulligen
|
4b3e35ed52
|
Java: Fix join-order in viableImplInCallContext.
|
2024-05-23 12:49:57 +02:00 |
|
Anders Schack-Mulligen
|
f353065d26
|
Java: Allow overloading for exact model matches.
|
2024-05-23 10:50:01 +02:00 |
|
Anders Schack-Mulligen
|
0f864081cb
|
Java: Remove source dispatch when there's an exact match from a manual model.
|
2024-05-23 10:50:00 +02:00 |
|
Paolo Tranquilli
|
90a152a2bc
|
Swift: add flags and instructions for building on macOS ARM
|
2024-05-23 10:44:06 +02:00 |
|
Tamás Vajk
|
5cf7112d4c
|
Merge pull request #16541 from tamasvajk/buildless/use-nuget-config-fallback
C#: Use nuget feeds from nuget.config in fallback restore
|
2024-05-23 10:43:03 +02:00 |
|
Owen Mansel-Chan
|
4567b17a58
|
Merge pull request #16566 from github/workflow/coverage/update
Update CSV framework coverage reports
|
2024-05-23 09:42:51 +01:00 |
|
Tamas Vajk
|
7042f3222a
|
Code quality improvements
|
2024-05-23 09:49:09 +02:00 |
|
Tamas Vajk
|
c58971e632
|
C#: Refactor static compilation state
|
2024-05-23 09:47:49 +02:00 |
|
Tom Hvitved
|
11da42b049
|
Merge pull request #16134 from hvitved/csharp/autobuild-buildless-process-indirection
C#: Avoid process creation indirection in auto-builder
|
2024-05-23 09:25:58 +02:00 |
|
Tom Hvitved
|
f517c00658
|
Merge pull request #16559 from hvitved/csharp/callable-always-returns-true
C#: Simplify logic in `JsonWebTokenHandlerLib.qll`
|
2024-05-23 09:25:19 +02:00 |
|