hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,605 Commits 1,697 Branches 161 Tags
2e65fe9597bbbdce13cf1d6df7d5bf171ecca16a
Commit Graph

75605 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
2e65fe9597 JS: Change note 2025-01-30 20:46:30 +01:00
Asger F
6d04425790 JS: Add test 2025-01-29 11:14:21 +01:00
Asger F
d66d1a79d6 JS: Also update legacy entry point used by qltest 2025-01-29 11:14:10 +01:00
Asger F
8182190120 JS: Remove trailing whitespace 2025-01-29 10:53:26 +01:00
Asger F
bf80f0798b JS: Treat more file patterns as as tsconfig.json-like 2025-01-29 10:53:18 +01:00
Geoffrey White
a42c0f6b5b Merge pull request #18605 from geoffw0/expect 
Rust: Improve models for environment sources, expect and unwrap
 2025-01-29 09:11:30 +00:00
Asger F
f8694a34e5 Merge pull request #18397 from aegilops/angular-sources-sinks 
JavaScript CodeQL library updates: new Angular sink(s)
 2025-01-29 09:09:23 +01:00
Mathias Vorreiter Pedersen
bc50634472 Merge pull request #18616 from MathiasVP/18592-follow-up 
C++: #18592 follow-up
 2025-01-28 20:00:16 +00:00
Andrew Eisenberg
a4d9956c94 Merge pull request #18614 from github/aeisenberg/remove-pr-template 
Delete .github/pull_request_template.md
 2025-01-28 10:54:08 -08:00
Chuan-kai Lin
36d1c5602e Merge pull request #18589 from github/cklin/merge-back-2.20.2 
Mergeback from codeql-cli-2.20.2
 2025-01-28 10:04:43 -08:00
Mathias Vorreiter Pedersen
a35ed57848 Revert "C++: Don't generate parameter nodes for bodyless parameters when there is a summary of the enclosing function." 
This reverts commit ad80b36074.
 2025-01-28 17:09:45 +00:00
Mathias Vorreiter Pedersen
ff9a4d02f0 Merge pull request #18592 from MathiasVP/fix-enclosing-callable-cpp 
C++: Don't generate dataflow nodes for functions with summaries
 2025-01-28 16:57:44 +00:00
Geoffrey White
919e7978cd Rust: Add PrettyPrintModels.ql to the test. I gather this stabilized the output MaD IDs. 2025-01-28 16:23:20 +00:00
Geoffrey White
df8a92cb62 Merge pull request #6 from hvitved/expect 
Rust: Fix data flow through callbacks passed to library functions
 2025-01-28 16:12:17 +00:00
Andrew Eisenberg
4e7d364f4d Delete .github/pull_request_template.md 
The template is not useful.
 2025-01-28 07:40:56 -08:00
Mathias Vorreiter Pedersen
38b66e5a8e C++: Fix a few type errors. 2025-01-28 14:08:12 +00:00
Mathias Vorreiter Pedersen
d40322f9eb C++: (Bugfix 3) Don't conflate summarized callables and source callables in 'nodeGetEnclosingCallable'. 2025-01-28 13:59:19 +00:00
Mathias Vorreiter Pedersen
06bc8add9d C++: (Bugfix 2) Don't remap isParameterOf. 2025-01-28 13:59:17 +00:00
Mathias Vorreiter Pedersen
662e74924b C++: (Bugfix 1) There should be a callable representing the source code even if there is a summarized version. 2025-01-28 13:59:16 +00:00
Mathias Vorreiter Pedersen
01d7ab93e2 C++: Add consistency check to the MaD folder. 2025-01-28 13:59:14 +00:00
Tom Hvitved
8b82eaa633 Rust: Fix data flow through callbacks passed to library functions 2025-01-28 13:44:27 +01:00
Erik Krogh Kristensen
f0755bfb5d Merge pull request #18601 from erik-krogh/del-deps-jan-2025 
All: delete outdated deprecations
 2025-01-28 13:31:41 +01:00
Geoffrey White
f2564c351f Rust: Changes to other tests - mostly MaD IDs :(. 2025-01-28 09:22:30 +00:00
Geoffrey White
6337f5a08b Merge pull request #18586 from geoffw0/floatguards 
C++: Test and (perhaps) fix an issue with guards on floating point comparisons.
 2025-01-28 09:05:13 +00:00
Asger F
16634e6dc9 Merge pull request #18540 from JarLob/bash 
Actions: Improve bash support
 2025-01-28 09:49:58 +01:00
Geoffrey White
dfd1865b96 Rust: Add some basic flow models. 2025-01-28 08:47:15 +00:00
Geoffrey White
9d42be8305 Rust: Alphabetize lang-core.model.yml. 2025-01-28 08:47:14 +00:00
Geoffrey White
c04d619a3c Rust: Add a couple of extra data flow test cases. 2025-01-28 08:47:13 +00:00
Geoffrey White
185a23b3c6 Rust: Allow implicit flow out of content at the test sinks, so that we see our results. 2025-01-28 08:43:06 +00:00
Geoffrey White
a1980d4d08 Rust: Make sources more accurate (Option / Result contents). 2025-01-28 08:43:05 +00:00
Geoffrey White
78d0c5c529 Merge pull request #18602 from geoffw0/reqwest2 
Rust: Additional models for Reqwest
 2025-01-28 08:40:38 +00:00
erik-krogh
c7fc164680 java: remove the 2 from SafeTransformerFactoryFlow, not that the previous naming conflict has been deleted 2025-01-28 09:13:59 +01:00
Geoffrey White
fd9fb10bb9 Rust: Accept changes from fixing the ]. 2025-01-27 22:50:09 +00:00
Geoffrey White
494d8f2da0 Rust: Update MaD IDs for an unrelated test. :( 2025-01-27 22:22:41 +00:00
Geoffrey White
9d6a13cec2 Rust: Accept improved results for rust/sql-injection. Note that the lost annotations are only sources, not results, and I suspect will return when we have sufficient flow in these cases. 2025-01-27 22:22:38 +00:00
erik-krogh
a1afa20d4b add change-notes 2025-01-27 22:43:13 +01:00
erik-krogh
d46a2d4e80 ruby: delete the remainders of the old deprecated typetracking library 2025-01-27 22:38:07 +01:00
erik-krogh
90b403b40b py: delete the remainder of the deprecated TypeTracker libary 2025-01-27 22:17:18 +01:00
erik-krogh
e1b14cb0be ruby: delete now dead Ruby method 2025-01-27 22:17:13 +01:00
erik-krogh
0056e923ea js: revert the JS deprecations. The old dataflow library is not that old yet 2025-01-27 22:17:07 +01:00
erik-krogh
7b1b366d98 ruby: update ruby tests after deleting deprecated test predicates 2025-01-27 22:17:00 +01:00
erik-krogh
bd8ed1dc04 cpp: revert two cpp dataflow deprecations that take more work 2025-01-27 22:16:54 +01:00
erik-krogh
34f5f61a10 all: use my script to delete outdated deprecations 2025-01-27 22:16:48 +01:00
Geoffrey White
9ea9f3ae19 Update rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-01-27 21:09:21 +00:00
Geoffrey White
7cf872baad Rust: Adjust the tests to work around test processing of /. 2025-01-27 21:00:08 +00:00
Geoffrey White
23ac35e5ca Rust: Model more Reqwest methods (.await still doesn't work though). 2025-01-27 20:52:31 +00:00
Geoffrey White
9583a2a7d3 Rust: Additional test cases for reqwest sources. 2025-01-27 20:42:35 +00:00
Mathias Vorreiter Pedersen
4e44201ba8 C++: Remap calls to source functions to the summarized function. 2025-01-27 16:58:53 +00:00
Mathias Vorreiter Pedersen
98265dda7b Revert "C++: Don't generate dataflow nodes for instructions inside summarized callables." 
This reverts commit fc39df28b0.
 2025-01-27 16:58:46 +00:00
Tom Hvitved
253ccd1210 Merge pull request #14303 from hvitved/ruby/must-flow 
Ruby: Implement `localMustFlowStep `
 2025-01-27 12:51:29 +01:00