hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,864 Commits 1,671 Branches 157 Tags
2824c98efb577b1ff4d43c04ee4ab60a908c5edb
Commit Graph

1640 Commits

Author SHA1 Message Date
Óscar San José
2824c98efb Merge pull request #21025 from github/oscarsj/mergeback-rc-3-20-into-main 
Mergeback rc/3.20 into main
 2025-12-15 11:59:58 +01:00
Owen Mansel-Chan
af2fbd8dda Merge pull request #20929 from owen-mc/go/fix-data-flow-consistency-checks 
Go: fix small issues highlighted by data flow consistency checks
 2025-12-12 17:01:43 +00:00
Óscar San José
d972af9ef8 Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main 2025-12-12 13:22:08 +01:00
Anders Schack-Mulligen
5ab26e481b Add dummy instantiations for other languages. 2025-12-11 16:24:27 +01:00
github-actions[bot]
2854330759 Post-release preparation for codeql-cli-2.23.8 2025-12-08 15:49:10 +00:00
github-actions[bot]
66c51e979e Release preparation for version 2.23.8 2025-12-08 14:38:23 +00:00
Óscar San José
bc6133de5c Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.20 2025-12-05 19:31:47 +01:00
Owen Mansel-Chan
a20c8cfd52 Add post-update nodes for implicit field read nodes 2025-12-04 12:00:02 +00:00
Owen Mansel-Chan
dcfa721037 (Refactor) Make lookThroughImplicitFieldRead public 2025-12-04 12:00:00 +00:00
Owen Mansel-Chan
9bf20702c6 Remove identity steps 2025-12-04 11:59:58 +00:00
Anders Schack-Mulligen
78e1879c9e Use more flowTo. 2025-12-03 14:12:08 +01:00
Anders Schack-Mulligen
dc6d3fe7ba Use flowFrom. 2025-12-03 14:04:18 +01:00
github-actions[bot]
085faa2bdb Post-release preparation for codeql-cli-2.23.7 2025-12-02 16:39:43 +00:00
github-actions[bot]
a045b317ac Release preparation for version 2.23.7 2025-12-02 15:31:27 +00:00
Owen Mansel-Chan
afb810cdeb Fix double space in change note 2025-12-02 13:32:58 +00:00
Owen Mansel-Chan
848677e580 Merge pull request #20917 from owen-mc/go/enable-data-flow-consistency-checks 
Go: enable data flow consistency checks
 2025-12-02 10:52:47 +00:00
github-actions[bot]
19a13467e0 Release preparation for version 2.23.7 2025-12-01 16:07:37 +00:00
Asger F
b8cff77cab Merge pull request #20873 from github/shared-xml-discard 
Share XML discard predicates
 2025-12-01 10:06:02 +01:00
Asger F
6257bed089 Sync OverlayXml.qll 2025-11-28 09:23:49 +01:00
Owen Mansel-Chan
fb0b4071a7 Remove redundant import 2025-11-28 02:09:17 +00:00
Owen Mansel-Chan
2058c4a79c Remove redundant char pred 2025-11-28 02:08:19 +00:00
Owen Mansel-Chan
6fbed9037f Be more specific to avoid CP 2025-11-26 14:39:58 +00:00
Owen Mansel-Chan
1d0fcd77d8 Add change note 2025-11-26 11:24:04 +00:00
Owen Mansel-Chan
eca9ec59c4 Add exclusions to data flow consistency checks 2025-11-26 11:12:44 +00:00
Asger F
dbf14c190a Factor XML discard predicates into OverlayXml.qll 2025-11-26 11:48:32 +01:00
Joe Farebrother
c7b16a043e Address reviews - update comments, remove unneeded stubs 2025-11-25 14:36:00 +00:00
Joe Farebrother
c6110ed541 Split SecureCookies into query specific files 2025-11-25 14:35:47 +00:00
Joe Farebrother
5b702d963e Refactor parts of SensitiveCookieNameConfig 2025-11-25 14:35:42 +00:00
Joe Farebrother
03d63dec2e Address reviews - rename and update doc comments 2025-11-25 14:35:29 +00:00
Joe Farebrother
1bd5005fc1 Fix typos 2025-11-25 14:35:17 +00:00
Joe Farebrother
2b1cd846b3 Fixes and doc updates 2025-11-25 14:34:10 +00:00
Joe Farebrother
5094784a4b Add modeling for gin 2025-11-25 14:33:43 +00:00
Joe Farebrother
74c424dc4c Fixes, add secure query 2025-11-25 14:33:33 +00:00
Joe Farebrother
7d76619bea Implement cookie write concepts and httponly query 2025-11-25 14:33:23 +00:00
Owen Mansel-Chan
349e8ca589 Remove unnecessary import 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
adbc1efe59 Fix diff-informed predicates 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
69ecdcb4cd Fix capitalization of class names 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
52d7e2dd18 Add query for hashing sensitive data with weak hashing algorithm 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
713e19f6f1 Make non-path query for encryption only 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f34a625ac2 Model cryptographic operations 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
fac5296efc Avoid duplicate results using in-barriers 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
34b2e3e2bf Copy the structure of the Javascript query 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
5c403d374e Move crypto qll files from query pack to library pack 2025-11-19 14:36:26 +00:00
github-actions[bot]
5ee45af3aa Post-release preparation for codeql-cli-2.23.6 2025-11-18 09:53:12 +00:00
github-actions[bot]
18fa6799ce Release preparation for version 2.23.6 2025-11-17 16:38:07 +00:00
Nick Rolfe
e5ba4143ff Go: add change-note for path transformer fixes 2025-11-11 15:47:53 +00:00
Nick Rolfe
44654bdef6 Go: avoid overlay-discarding @file entities 
...since they are shared between base and overlay
 2025-11-07 16:52:22 +00:00
Nick Rolfe
734cba7b9c Go: add discard predicates for XML entities 
This is adapted from the implementation for Java.

Since the HTML/XML extractor is not (yet) incremental, it will extract
files that were not in the diff. These discard predicates are intended
to cope with that, while also being robust against a future version
where the extractor *is* overlay-aware.
 2025-11-07 16:52:21 +00:00
Nick Rolfe
e4c9bb3c5c Go: enable overlay compilation 2025-11-07 16:52:19 +00:00
Nick Rolfe
50e01283da Go: overlay workaround for cgo-processed files 2025-11-07 16:52:17 +00:00