hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,824 Commits 1,693 Branches 160 Tags
21ff705b730d1f4bed7b3bf7500a1862814d71ad
Commit Graph

66824 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
21ff705b73 Fix bug with read/store steps and named types 2024-05-16 00:35:45 +01:00
Owen Mansel-Chan
1af3374322 Add tests for data flow through ranged for loops 
Including the case where the type of the domain is a named type rather
than an array type or map type or whatever.
 2024-05-16 00:32:30 +01:00
Owen Mansel-Chan
145873f562 Merge pull request #16413 from owen-mc/go/fix-builtin-models 
Go: fix models for built-in functions
 2024-05-14 21:03:05 +01:00
yoff
04c0475251 Merge pull request #16483 from yoff/python/MaD-instance-follow-subclass 
Python: The MaD token `Instance` now follows subclasses
 2024-05-14 21:30:43 +02:00
Chris Smowton
d76182b945 Merge pull request #16468 from smowton/smowton/admin/add-buildless-timeout-tests 
Java: add test cases for Maven and Gradle stalling in buildless mode
 2024-05-14 19:13:03 +01:00
Chris Smowton
829707528b Merge pull request #16488 from smowton/smowton/admin/document-test-servers 
Java: Add comments to tests that spawn an HTTP/S server
 2024-05-14 18:11:20 +01:00
Chris Smowton
cf134331a9 Java: Add comments to tests that spawn an HTTP/S server 2024-05-14 17:48:35 +01:00
Chris Smowton
61cd93fcf3 Switch to a different black-hole IP, because Windows blocks 240.0.0.0/24 2024-05-14 17:36:50 +01:00
Chris Smowton
e699b18928 Java: add test cases for Maven and Gradle stalling in buildless mode 2024-05-14 17:36:49 +01:00
Chris Smowton
1b1367eec0 Merge pull request #16479 from smowton/smowton/admin/test-java-trust-store-inheritence 
Java: Add test case for a custom Java trust store
 2024-05-14 17:35:26 +01:00
Chris Smowton
8814e6e2bd Replace deprecated ssl.wrap_socket method 2024-05-14 15:14:27 +01:00
Owen Mansel-Chan
827d15aaa0 Test changes due to model renumbering 2024-05-14 14:40:57 +01:00
Owen Mansel-Chan
ab5e1f8a69 Fix models for min and max and improve tests 
Although the documentation makes them look variadic (and generic), they
are actually special-cased in the compiler. Like all built-in functions
they don't have a signature type, but the type of `min(a, b, c)` is
`func(int, int, int) int` and not `func(int, ...int) int`.

Go doesn't allow open-ended ranges for argument indices in
models-as-data specifications (though Ruby and Python do), so I've used
`1..1000`.
 2024-05-14 14:40:56 +01:00
Chuan-kai Lin
99335e5f29 Merge pull request #16421 from github/cklin/java-entities-reorder 
Java: Use entities in reorder directives
 2024-05-14 06:03:52 -07:00
Joe Farebrother
027e5e7291 Merge pull request #16300 from joefarebrother/python-pyramid 
Python: Model the Pyramid framework
 2024-05-14 13:24:19 +01:00
Joe Farebrother
904799b674 Merge pull request #16105 from joefarebrother/python-promote-header-injection 
Python: Promote Header Injection query from experimental
 2024-05-14 13:23:58 +01:00
Michael Nebel
79c6834aa3 Merge pull request #16374 from michaelnebel/java/narrowsuperimpl 
Java: Improve finding best type for models and lifting.
 2024-05-14 13:12:04 +02:00
Óscar San José
e65a62c727 Merge pull request #16485 from github/oscarsj/fix-lfs-probe-auth-in-cs 
make sure GITHUB_TOKEN exists and is not empty before using it in auth headers
 2024-05-14 11:49:20 +02:00
Óscar San José
9105faa3fd make sure GITHUB_TOKEN exists and is not empty before using it in auth headers 2024-05-14 11:22:07 +02:00
Óscar San José
faa2dcee24 test GITHUB_TOKEN non-emptyness before using it in auth headers 2024-05-14 11:18:18 +02:00
Joe Farebrother
a62ce4c51d Merge pull request #16461 from joefarebrother/csharp-missing-cwe-metadata 
C#: Add missing CWE tags
 2024-05-14 09:32:06 +01:00
Óscar San José
5b572a2c2a make GITHUB_TOKEN in lfs_probe a fallback rather than an override 2024-05-14 10:24:02 +02:00
Anders Schack-Mulligen
ed0717af96 Merge pull request #16478 from aschackmull/java/hasqualifiedname 
Java: Clean up some instances of getQualifiedName.
 2024-05-14 09:19:25 +02:00
Rasmus Lerchedahl Petersen
52717f8500 python: The MaD token Instance now follows subclasses 2024-05-14 08:40:19 +02:00
Joe Farebrother
513a319149 Change cwe to 348 2024-05-13 22:38:47 +01:00
Chuan-kai Lin
b34fb7c26b Merge pull request #16423 from github/cklin/python-entities-reorder 
Python: Use entities in reorder directives
 2024-05-13 10:26:55 -07:00
Chuan-kai Lin
1758a1e04b Merge pull request #16422 from github/cklin/javascript-entities-reorder 
JS: Use entities in reorder directives
 2024-05-13 10:26:41 -07:00
Chuan-kai Lin
9456eaf5d3 Merge pull request #16420 from github/cklin/go-entities-reorder 
Go: Use entities in reorder directives
 2024-05-13 10:26:04 -07:00
Chuan-kai Lin
372746ffd4 Merge pull request #16419 from github/cklin/csharp-entities-reorder 
C#: Use entities in reorder directives
 2024-05-13 10:25:50 -07:00
Chris Smowton
10e1bfcee5 Add test case for a custom Java trust store 2024-05-13 12:43:06 +01:00
Anders Schack-Mulligen
76e740bc1d Java: Clean up some instances of getQualifiedName. 2024-05-13 13:06:44 +02:00
Paolo Tranquilli
5eaaf02bf5 Merge pull request #16472 from github/redsun82/go-pre-commit 
Go: disable pre-commit hook
 2024-05-13 09:49:40 +02:00
Paolo Tranquilli
f125e732b0 Go: disable pre-commit hook 2024-05-13 09:27:35 +02:00
Paolo Tranquilli
c30ca4d9f6 Merge pull request #16398 from github/redsun82/go-make 
Go: update `make` and CI to use `bazel`
 2024-05-13 08:37:52 +02:00
Erik Krogh Kristensen
0d814e0e20 Merge pull request #16220 from erik-krogh/domainAnc 
Go: Add an example specific to domain names in missing-regexp-anchor
 2024-05-11 07:52:13 +02:00
Owen Mansel-Chan
f7e6bf7ef5 Two tests have different paths but same results 2024-05-10 23:41:00 +01:00
Owen Mansel-Chan
f8e17fe8cc Accept expected test changes 2024-05-10 23:40:59 +01:00
Owen Mansel-Chan
76946184de Accept MaD renumbering for edge provenance 2024-05-10 23:40:58 +01:00
Owen Mansel-Chan
e1c85e3581 Fix elementWrite to include flow summaries 2024-05-10 23:40:58 +01:00
Owen Mansel-Chan
8cc9838628 Add change note 2024-05-10 23:40:57 +01:00
Owen Mansel-Chan
d5aa08dbf3 Local flow steps for flow summaries for built-in functions 2024-05-10 23:40:57 +01:00
Owen Mansel-Chan
86e2b845f3 Add tests for copy (taint passes, value fails) 2024-05-10 23:40:56 +01:00
Owen Mansel-Chan
eab1569342 Update ExternalValueFlow to use value flow 2024-05-10 23:40:56 +01:00
Owen Mansel-Chan
c816412795 Create copy of ExternalTaintFlow called ExternalValueFlow 2024-05-10 23:40:55 +01:00
Owen Mansel-Chan
84b7319688 Rename test folder ExternalFlow to ExternalTaintFlow 2024-05-10 23:40:54 +01:00
Owen Mansel-Chan
f95ccd242f Remove old-style models of built-in functions 2024-05-10 23:40:54 +01:00
Owen Mansel-Chan
fcdac0aeb0 Add models for min and max built-in functions 2024-05-10 23:40:53 +01:00
Owen Mansel-Chan
1322ce35d6 Add model for built-in function copy 2024-05-10 23:40:53 +01:00
Owen Mansel-Chan
e857eedd4a Fix model for append - it is variadic 2024-05-10 23:40:52 +01:00
Erik Krogh Kristensen
462e564c19 apply suggestion from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-05-10 18:59:55 +02:00