hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,141 Commits 1,690 Branches 160 Tags
2ad28ab4db31cd4f265f727d606f0af1bbb3eb0d
Commit Graph

47141 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
2ad28ab4db add library inputs as a source to poly-redos 2022-11-22 13:05:34 +01:00
Erik Krogh Kristensen
158ea26dd1 Merge pull request #11362 from erik-krogh/read-only-cache 
CI: use read-only-cache when running on a PR
 2022-11-22 13:04:34 +01:00
Erik Krogh Kristensen
f67219965e Merge pull request #11082 from erik-krogh/shellArr 
JS: treat arrays that gets executed with shell:true as a sink for `js/shell-command-constructed-from-input`
 2022-11-22 13:03:50 +01:00
Erik Krogh Kristensen
b2267c0e49 Merge pull request #11343 from erik-krogh/redundantAssignment 
QL: add redundant-assignment query
 2022-11-22 13:03:14 +01:00
Erik Krogh Kristensen
06386b2cdd Merge pull request #11072 from erik-krogh/slicing 
JS: poly-redos: don't sanitize calls through substring calls that just remove the start
 2022-11-22 13:02:09 +01:00
Tom Hvitved
ed841aee30 Merge pull request #11329 from hvitved/csharp/qltest-ci 
C#: Add workflow for running QL tests
 2022-11-22 11:36:16 +01:00
Anders Peter Fugmann
d799466e9d Merge pull request #11338 from andersfugmann/update_swift_codeowners 
Swift: set @github/codeql-swift as owner
 2022-11-22 11:24:19 +01:00
Erik Krogh Kristensen
ef270232dc Merge pull request #11358 from erik-krogh/rubyDelPacks 
Ruby: delete the target/packs folder in the `compile-queries` job
 2022-11-22 10:56:52 +01:00
erik-krogh
10c602d9fb CI: use read-only-cache when running on a PR 2022-11-22 10:20:09 +01:00
Anders Schack-Mulligen
15aa8b62b8 Merge pull request #11359 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-11-22 09:47:38 +01:00
Tom Hvitved
313767539a C#: Add workflow for running QL tests 2022-11-22 09:32:44 +01:00
github-actions[bot]
e70eb3a3ee Add changed framework coverage reports 2022-11-22 00:19:21 +00:00
erik-krogh
29055f7709 delete packs 2022-11-22 00:12:33 +01:00
Jami
8a73675483 Merge pull request #11070 from jcogs33/java-regex-injection 
Java: Promote regex injection query from experimental
 2022-11-21 15:04:26 -05:00
Mathias Vorreiter Pedersen
c2ac60fc34 Merge pull request #11311 from MathiasVP/repair-mustflow 
C++: Repair `MustFlow` library for use-use flow
 2022-11-21 19:13:10 +00:00
Jami Cogswell
9e2ec9d12f apply docs review suggestion 2022-11-21 13:39:46 -05:00
Edoardo Pirovano
6c33ddcd47 Merge pull request #11349 from github/edoardo/2.11.4-mergeback 
Merge `rc/3.8` into `main`
 2022-11-21 18:08:27 +00:00
Erik Krogh Kristensen
af367a5fdf Merge pull request #11348 from erik-krogh/cache-full-extractor 
Ruby: cache the entire extractor
 2022-11-21 18:06:32 +01:00
erik-krogh
76ceb49841 re-introduce the paths requirements in the ruby workflows 2022-11-21 17:55:57 +01:00
Erik Krogh Kristensen
53ba22ab5c simplify pack creation 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-11-21 17:55:57 +01:00
erik-krogh
3b7ce0680d Ruby: build queries on an XL worker, and use all the threads 2022-11-21 17:55:57 +01:00
erik-krogh
999e8ed0d0 Ruby: remove the path on branch pushes, for caching 2022-11-21 17:55:57 +01:00
erik-krogh
b1db390200 Ruby: use compilation cache in the ruby-build workflow 2022-11-21 17:55:57 +01:00
erik-krogh
9c792902c7 Ruby: cache the entire extractor 2022-11-21 17:55:57 +01:00
erik-krogh
64707f4f7b remove redundant assignments 2022-11-21 17:45:05 +01:00
erik-krogh
937365141f QL: add redundant-assignment query 2022-11-21 17:41:02 +01:00
Tony Torralba
e28f1ffe18 Merge pull request #11346 from atorralba/atorralba/java/fix-path-models 
Java: Fix a couple of taint models for `java.nio.file.Path(s)`
 2022-11-21 16:57:00 +01:00
Erik Krogh Kristensen
4f08000a2e Merge pull request #11344 from erik-krogh/all-the-cache 
Ruby: Use compilation cache for the qltest CI workflow
 2022-11-21 16:26:29 +01:00
Mathias Vorreiter Pedersen
7e80a57724 C++: Make ql-for-ql happy. 2022-11-21 15:13:19 +00:00
Erik Krogh Kristensen
b4661f4a59 Merge pull request #11245 from erik-krogh/rb-redosMod 
Ruby: use the shared regex pack
 2022-11-21 15:34:20 +01:00
Tony Torralba
01dcf6a9ac Merge pull request #11340 from atorralba/atorralba/disabled-poms 
Java: Handle disabled Maven repositories
 2022-11-21 15:31:53 +01:00
Tony Torralba
5000a14451 Add change note 2022-11-21 15:22:26 +01:00
Mathias Vorreiter Pedersen
fcd9dd0be4 Update cpp/ql/lib/change-notes/2022-11-16-must-flow.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-11-21 14:18:20 +00:00
Taus
8f4eb7107a Merge pull request #10861 from tausbn/python-clean-up-import-resolution 
Python: Clean up import resolution
 2022-11-21 15:18:08 +01:00
erik-krogh
57a7f89485 change merge-base to merge_base 2022-11-21 15:15:12 +01:00
Tony Torralba
57656d0a7e Fix a couple of java.nio.file.Path(s) MaD rows 2022-11-21 15:14:02 +01:00
erik-krogh
f50778ae26 Ruby: set ram usage to 52GB in the qltest workflow 2022-11-21 15:02:14 +01:00
erik-krogh
a9c95a3230 ruby: delete the path requirement when running qltest on branches 2022-11-21 14:39:56 +01:00
erik-krogh
4af8d5769a use compilation cache in ruby qltest 2022-11-21 14:35:12 +01:00
erik-krogh
24a973e545 run ruby qltest on a single XL worker 2022-11-21 14:35:12 +01:00
erik-krogh
af58329931 split saving the compilation cache into a shared workflow 2022-11-21 14:35:10 +01:00
Tom Hvitved
d189ba52c0 Merge pull request #11341 from hvitved/cfg/multi-edge-workaround 
CFG: Workaround in test output for origin/target pairs with multiple edges
 2022-11-21 14:34:17 +01:00
Jeroen Ketema
78ad9ba60f Merge pull request #11262 from rdmarsh2/rdmarsh2/cpp/deprecate-ast-gvn 
C++: deprecate AST-based GVN
 2022-11-21 13:38:54 +01:00
Tom Hvitved
f7fc61e39d Merge pull request #11336 from hvitved/ruby/ci-check-undefined-labels 
Ruby: Add `--check-undefined-labels` to QL test job
 2022-11-21 13:36:52 +01:00
AlexDenisov
6f52fe81d1 Merge pull request #11331 from github/redsun82/swift-codegen-skip-unchanged 
Swift: skip QL code generation on untouched files
 2022-11-21 13:34:41 +01:00
Tom Hvitved
0d89f57680 Swift: Update expected test output 2022-11-21 12:55:40 +01:00
Tom Hvitved
2fac505221 Ruby: Update expected test output 2022-11-21 12:52:27 +01:00
Tom Hvitved
e7ed056b6f Sync files 2022-11-21 12:00:36 +01:00
Tom Hvitved
8c9431d278 CFG: Workaround in test output for source/sink pairs with multiple edges 2022-11-21 11:58:59 +01:00
Jeroen Ketema
752bc2e980 C++: Accept test changes after AST-based GVN deprecation 2022-11-21 11:45:09 +01:00