codeql

mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	39551fd84d	Merge pull request #9114 from geoffw0/xxe7 C++: Repair support for createLSParser in the CWE-611 XXE query.	2022-05-12 15:47:53 +01:00
Jeroen Ketema	941485d66f	Merge pull request #9130 from jketema/cpp17-init C++: Handle C++17 if and switch initializers	2022-05-12 16:37:44 +02:00
Anders Schack-Mulligen	8c8440a58a	Merge pull request #9101 from hvitved/dataflow/include-hidden Data flow: Add `Configuration::includeHiddenNodes()`	2022-05-12 15:36:12 +02:00
Geoffrey White	df30d2286c	Merge branch 'main' into xxe7	2022-05-12 14:35:16 +01:00
Jeroen Ketema	723f3b09fe	C++: Address review comments	2022-05-12 15:09:06 +02:00
Erik Krogh Kristensen	762f7bf7fe	Merge pull request #9115 from erik-krogh/fileAndFolder JS: resolve main module when there is a folder with the same name as the main file	2022-05-12 14:55:28 +02:00
Jeroen Ketema	72823e9576	Apply suggestions from code review Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2022-05-12 14:54:43 +02:00
Taus	e8b7262712	Merge pull request #9133 from tausbn/devcontainer-install-test-extension-dependencies Devcontainer: Install test dependencies	2022-05-12 14:51:18 +02:00
Joe Farebrother	59e400d2e0	Merge pull request #7723 from joefarebrother/redos Java: Add ReDoS queries	2022-05-12 13:50:38 +01:00
Erik Krogh Kristensen	4bef451156	Merge pull request #9021 from erik-krogh/actions JS: promote `js/actions/injection` out of experimental	2022-05-12 14:38:38 +02:00
Taus	12b34bcf04	Devcontainer: Install test dependencies These _should_ get installed automatically if missing, by in my experience this can be a bit flaky. Installing theme here should make this a bit more robust.	2022-05-12 12:17:04 +00:00
Rasmus Wriedt Larsen	7cd51d6147	Merge pull request #9126 from RasmusWL/moduleimport-with-dots Python: Fully disallow `API::moduleImport` of module with dots	2022-05-12 14:16:25 +02:00
AlexDenisov	dd900e622c	Merge pull request #9107 from redsun82/swift-arena Swift: `TrapOutput`	2022-05-12 14:09:18 +02:00
Rasmus Wriedt Larsen	795adf0566	Python: Fix `API::moduleImport("foo.bar")`	2022-05-12 13:33:00 +02:00
Rasmus Wriedt Larsen	3844c5b5c0	Python: Add change-note	2022-05-12 13:32:59 +02:00
Rasmus Wriedt Larsen	f8253f5fef	Python: Fully disallow `API::moduleImport` of module with dots Inspired by discussion about this for MaD in https://github.com/github/codeql/pull/8883#discussion_r865858084	2022-05-12 13:30:26 +02:00
Rasmus Wriedt Larsen	597a8414d9	Python: Add test of `API::moduleImport` with dots This is currently semi-works -- the import is allowed, but doesn't always work when used :\|	2022-05-12 13:29:16 +02:00
Nick Rolfe	234a36ff61	Merge pull request #9119 from github/nickrolfe/non-us-spelling-fixes Fix non-US spellings and the corresponding query	2022-05-12 12:29:14 +01:00
Erik Krogh Kristensen	fef4455ccc	apply suggestion from doc review Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>	2022-05-12 13:28:45 +02:00
Jeroen Ketema	e23e5e5b12	C++: Add change notes for C++17 `if` and `switch` initializers	2022-05-12 12:56:50 +02:00
Jeroen Ketema	894380d701	C++: Update stats file	2022-05-12 12:56:50 +02:00
Jeroen Ketema	97bba115da	C++: Add upgrade and downgrade script	2022-05-12 12:56:50 +02:00
Jeroen Ketema	71c019e126	C++: Handle C++17 switch initializers	2022-05-12 12:56:50 +02:00
Jeroen Ketema	ebbd9c5b90	C++: Handle C++17 if initializers	2022-05-12 12:56:50 +02:00
Tom Hvitved	0a7892797e	Merge pull request #8938 from hvitved/ruby/with-without-mad-tokens Ruby: Introduce `With(out)Element` MaD input tokens	2022-05-12 11:49:51 +02:00
Nick Rolfe	12a43b6fae	C++: fix another use of AnalysedString	2022-05-12 10:38:13 +01:00
Harry Maclean	e8972b814f	Merge pull request #8635 from hmac/hmac/io-popen Ruby: Model IO.popen	2022-05-12 21:17:55 +12:00
Nick Rolfe	a86b5a1586	C++: fix changenote formatting	2022-05-12 09:26:30 +01:00
Anders Schack-Mulligen	e0c74d4390	Merge pull request #9124 from github/workflow/coverage/update Update CSV framework coverage reports	2022-05-12 09:06:07 +02:00
Anders Schack-Mulligen	fad7d9ae72	Merge pull request #9120 from igfoo/igfoo/fixes Kotlin: Fix some alerts	2022-05-12 08:29:34 +02:00
Erik Krogh Kristensen	b1e8b3332c	resolve main module when there is a folder with the same name as the main file	2022-05-12 08:20:30 +02:00
Erik Krogh Kristensen	6014614a31	Merge pull request #9103 from erik-krogh/nextParam JS: add support for typed NextJS route-handlers	2022-05-12 08:18:26 +02:00
github-actions[bot]	acaf4517c0	Add changed framework coverage reports	2022-05-12 00:17:30 +00:00
Chris Smowton	85dc1090fe	Merge pull request #9116 from smowton/smowton/feature/accept-conditional-cookie-security Java: tolerate `cookie.setSecure(request.isSecure())`	2022-05-11 21:29:14 +01:00
Tom Hvitved	46ab25b61e	Merge pull request #9098 from aschackmull/dataflow/perf Dataflow: Performance fixes	2022-05-11 20:41:48 +02:00
Nick Rolfe	7cd6dc1a74	CPP: add changenote for AnalysedString -> AnalyzedString	2022-05-11 18:16:26 +01:00
Ian Lynagh	33e17f1665	Kotlin: Fix some alerts	2022-05-11 17:58:50 +01:00
Nick Rolfe	e1b277386a	Fix non-US spellings: s/analyse/analyze	2022-05-11 17:48:27 +01:00
Nick Rolfe	2d246a4034	QL for QL: fix checking spelling of 'analyze' in multi-line comments `.` does not match a newline in `regexpMatch`, so we were missing some comments.	2022-05-11 17:43:39 +01:00
Nick Rolfe	0af1976b74	JS: fix typos in qldoc comment	2022-05-11 17:42:43 +01:00
Paolo Tranquilli	ddb567b639	Swift: remove `Tag` nested alias in `TrapLabel`	2022-05-11 17:44:00 +02:00
Ian Lynagh	cfde0a1491	Merge pull request #9109 from igfoo/igfoo/kotlin_merge Initial Kotlin support	2022-05-11 16:16:22 +01:00
Paolo Tranquilli	f1413f29c6	Swift: move back file opening code	2022-05-11 16:53:51 +02:00
Tony Torralba	5be30209c1	Merge pull request #9036 from luchua-bc/java/hardcoded-jwt-key Java: CWE-321 Query to detect hardcoded JWT secret keys	2022-05-11 16:31:34 +02:00
Henry Mercer	6ecc542ca3	Merge pull request #9117 from github/henrymercer/java/tag-telemetry Java: Tag telemetry queries with `telemetry`	2022-05-11 15:13:35 +01:00
Henry Mercer	a626078423	Merge pull request #9118 from github/henrymercer/csharp/tag-telemetry C#: Tag telemetry queries with `telemetry`	2022-05-11 15:13:29 +01:00
Anders Schack-Mulligen	4884520ee1	Dataflow: Review fix.	2022-05-11 15:40:49 +02:00
Chris Smowton	f7e1f3e1a5	Remove URL fragment from Google search	2022-05-11 14:38:09 +01:00
Tom Hvitved	5df87d526c	Sync files	2022-05-11 15:17:27 +02:00
Tom Hvitved	884d3b2ff4	Ruby: Introduce `With(out)Element` MaD input tokens	2022-05-11 15:17:27 +02:00

1 2 3 4 5 ...

36662 Commits