hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,277 Commits 1,693 Branches 161 Tags
33b807f3bb2dedef59e9d1760de4bd2bd1a27725
Commit Graph

65277 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
33b807f3bb Parameters and local variables: add isAnonymous predicate 2024-03-25 16:31:36 +00:00
Edward Minnix III
7377cbb46e Merge pull request #15930 from egregius313/egregius313/csharp/mad/database/dapper-sources 
C#: Sources for the `Dapper` database library
 2024-03-25 11:21:51 -04:00
Rasmus Wriedt Larsen
d516db6abc Merge pull request #15903 from yoff/python/test-MaD-keyword-argument 
Python: test MaD syntax for keyword argument
 2024-03-25 15:51:49 +01:00
Paolo Tranquilli
dea922958b Merge pull request #16034 from github/redsun82/swift-move-integration-tests-to-internal 
Swift: prepare integration tests for internal running
 2024-03-25 14:08:47 +01:00
Paolo Tranquilli
9c9f4b956e Swift: fix db in diagnostics_test_utils.py 2024-03-25 13:53:27 +01:00
Ian Lynagh
55226c48a6 Merge pull request #16022 from igfoo/igfoo/k2_exprs 
Kotlin 2: Accept more location changes
 2024-03-25 11:38:15 +00:00
Paolo Tranquilli
7f53509022 Merge branch 'main' into redsun82/swift-move-integration-tests-to-internal 2024-03-25 12:22:00 +01:00
Paolo Tranquilli
6707fc3a7c Swift: remove wrong flag in runner.py 2024-03-25 12:20:13 +01:00
Paolo Tranquilli
148033e020 Swift: fix assertion diagnostics test 2024-03-25 12:05:22 +01:00
Chris Smowton
10afb1cd93 Merge pull request #16030 from smowton/smowton/admin/buildless-wording-update 
Java: Update buildless test expectations
 2024-03-25 10:57:56 +00:00
Paolo Tranquilli
ca5d85c57e Merge branch 'main' into redsun82/swift-move-integration-tests-to-internal 2024-03-25 11:56:48 +01:00
Paolo Tranquilli
0fa40af131 Swift: fix last references to old integration test location 2024-03-25 11:49:19 +01:00
Max Schaefer
ffbe3e6ed4 Merge pull request #16020 from github/max-schaefer/go-path-injection-qhelp 
Go: Update query help for `go/path-injection` to include example fixes.
 2024-03-25 10:25:36 +00:00
Owen Mansel-Chan
f2db9ce312 Merge pull request #16028 from owen-mc/java/sensitive-log-whitelist-tokenimage 
Java: whitelist variable name `tokenImage` for `java/sensitive-log` as it's used in code generated by JavaCC
 2024-03-25 10:02:19 +00:00
Paolo Tranquilli
5a771ad2cf Swift: bump python version 2024-03-25 10:42:16 +01:00
Tamás Vajk
d6374f65e4 Merge pull request #15957 from tamasvajk/feature/limit-message-extraction 
C#: Limit extracted compilation and extraction messages
 2024-03-25 10:30:10 +01:00
Paolo Tranquilli
762b4ce42e Swift: prepare integration tests for internal running 
This harmonizes Swift integration tests with the rest of the repository,
to prepare for the internal integration test runner to run them. The
stripped down runner is kept compatible, so that current CI can still
use it now. Maybe it will be kept for developer use.

This PR includes:
* moving the integration tests inside `ql`
* editing `qlpack.yml` so that the internal runner can use it
* change database directory to be `test-db` rather than `db`
 2024-03-25 10:17:55 +01:00
Owen Mansel-Chan
ac6c4add14 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-03-24 20:20:37 +00:00
Chris Smowton
d8686e02a8 Update test expectations 2024-03-24 17:57:27 +00:00
Owen Mansel-Chan
821f399193 Add change note 2024-03-23 23:51:52 +00:00
Owen Mansel-Chan
f4b3bae88b Add test for ParseException use of tokenImage 2024-03-23 23:48:16 +00:00
Owen Mansel-Chan
4832dc51ed Whitelist variable name tokenImage 2024-03-23 21:33:02 +00:00
Owen Mansel-Chan
63a04c056a Add test with tokenImage as used in JavaCC 2024-03-23 21:30:33 +00:00
Erik Krogh Kristensen
45ce988943 Merge pull request #16002 from erik-krogh/tarBlank 
JS: change the precision of the `js/unsafe-external-link` query to `low`
 2024-03-22 17:12:58 +01:00
Max Schaefer
034ed17227 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-03-22 15:24:29 +00:00
Jeroen Ketema
d9b0a5918c Merge pull request #16018 from jketema/tls-precision 
C++: Add precision to `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol`
 2024-03-22 16:17:34 +01:00
Jeroen Ketema
453cdfa513 C++: Add change note 2024-03-22 15:52:52 +01:00
Ian Lynagh
63e34c4dec Kotlin 2: Accept more location changes 2024-03-22 14:09:20 +00:00
Edward Minnix III
1785086ccb Merge pull request #15784 from egregius313/egregius313/csharp/dataflow/sources/file 
C#: Add source models for `file` threat model/source kind for .NET standard library
 2024-03-22 09:50:30 -04:00
Michael Nebel
a07ee8e961 C#: Update the AsList model to a value flow model. 2024-03-22 14:40:25 +01:00
Max Schaefer
bc9396e0e6 Address suggestions from review. 2024-03-22 13:19:36 +00:00
Michael B. Gale
f48e295f4a Merge pull request #16019 from p-/p--weak-enc-ecb-qhelp 
C#: add hint regarding ECB to weak encryption QHelp
 2024-03-22 13:09:08 +00:00
Michael Nebel
ca72b0583d C#: Update source and sink expected test output. 2024-03-22 13:59:47 +01:00
Erik Krogh Kristensen
7d968184fd improve the change-note 
Co-authored-by: Asger F <asgerf@github.com>
 2024-03-22 13:58:34 +01:00
Ed Minnix
4b13ad1310 Fix flow summary tests 2024-03-22 13:46:20 +01:00
Ed Minnix
9ed8ca27a1 Fix test and model 2024-03-22 13:46:19 +01:00
Ed Minnix
1f04229def Fix typo 2024-03-22 13:46:19 +01:00
Ed Minnix
73b4e8fe6a Add WithElement identifier to AsList method 2024-03-22 13:46:19 +01:00
Ed Minnix
9b23bfa038 Execute methods which return objects 
The `Execute` method returns `int` for "number of rows affected". But
some of the other `Execute*` methods return objects.
 2024-03-22 13:46:19 +01:00
Ed Minnix
5885938eaf Use wildcard signatures for Query methods 2024-03-22 13:46:19 +01:00
Ed Minnix
8223781978 Fix FlowSummaries tests 2024-03-22 13:46:19 +01:00
Ed Minnix
5ca6b40c34 Change note 2024-03-22 13:46:18 +01:00
Ed Minnix
23aeb1d878 Add tests 2024-03-22 13:46:18 +01:00
Ed Minnix
98285b5171 Add AsList summary 2024-03-22 13:46:18 +01:00
Ed Minnix
87ad170067 Dapper source models 2024-03-22 13:46:18 +01:00
Ian Lynagh
01475fd8ba Merge pull request #16011 from igfoo/igfoo/legacy_vars 
Java/Kotlin: Remove references to legacy ODASA_SNAPSHOT env var
 2024-03-22 12:38:37 +00:00
Max Schaefer
4e4cd52f63 Go: Update query help for go/path-injection to include example fixes. 2024-03-22 11:45:59 +00:00
Peter Stöckli
d62d68a40b C#: add hint regarding ECB to weak encryption QHelp 2024-03-22 12:08:30 +01:00
Rasmus Wriedt Larsen
69f6e1e263 Merge pull request #16010 from RasmusWL/perf 
Python: Two small join-order fixes
 2024-03-22 11:36:17 +01:00
Jeroen Ketema
adfb3c3d50 C++: Simplify cpp/boost/tls-settings-misconfiguration 2024-03-22 11:22:11 +01:00