hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,968 Commits 1,693 Branches 160 Tags
3a224871eeb98b6f4f0de8b4503dbdb82f094b95
Commit Graph

66968 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cornelius Riemenschneider
3a224871ee Merge pull request #16476 from github/criemen/update-deps 
C#: Update non-Roslyn thirdparty dependencies
 2024-05-16 17:58:10 +02:00
Alex Ford
19e2af8a1d Merge pull request #13556 from am0o0/amammad-ruby-bombs 
Ruby: Decompression Bombs
 2024-05-16 16:23:02 +01:00
Paolo Tranquilli
92699d18ac Merge pull request #16508 from github/redsun82/updated-prebuilt 
Swift: update prebuilt package
 2024-05-16 14:58:17 +01:00
am0o0
dcadda23cd update expected file 2024-05-16 15:15:27 +02:00
am0o0
f06c3fddd9 fix qhelp, fix duplicate query id 2024-05-16 15:12:31 +02:00
Alex Ford
78dc6502f5 Merge branch 'main' into amammad-ruby-bombs 2024-05-16 13:53:31 +01:00
Michael Nebel
b1329fd806 Merge pull request #16362 from michaelnebel/java/removelocalqueries 
Java: Remove local query variants.
 2024-05-16 14:34:04 +02:00
yoff
ea3cc51286 Merge pull request #16194 from yoff/python/test-constructor-MaD-path 
Python: test the MaD path for constructor calls
 2024-05-16 13:52:30 +02:00
Cornelius Riemenschneider
47f679dc34 C#: Remove version constraints on most dependencies. 
This means that `dotnet paket update` will pull in the
latest matching versions of all dependencies, except
the pinned roslyn versions.
GitInfo also remains pinned, as we're removing that
dependency when converting the build to bazel anyways.

This removes a whole bunch of transitive dependencies
we no longer need, resulting in a smaller distribution,
and hopefully a smaller build.
 2024-05-16 13:51:36 +02:00
Cornelius Riemenschneider
8dc9c95be4 Merge pull request #16376 from github/criemen/dotnet-paket 
C#/C++: Convert C# code to use `paket` package manager
 2024-05-16 13:45:25 +02:00
Owen Mansel-Chan
2dd42f7aa5 Merge pull request #16509 from owen-mc/go/fix-missing-underlying-types 
Go: make two barriers recognise named types whose underlying types are integer types
 2024-05-16 12:41:42 +01:00
Owen Mansel-Chan
2b7394cd42 Merge pull request #16305 from github/go/value-flow-instead-of-taint-flow 
Go: Use value flow instead of taint flow for `go/incorrect-integer-conversion`
 2024-05-16 12:40:53 +01:00
Asger F
499c4df79b Merge pull request #13554 from am0o0/amammad-js-bombs 
JS: Decompression Bombs
 2024-05-16 13:25:41 +02:00
Erik Krogh Kristensen
a2994c073a Merge pull request #16507 from erik-krogh/up-insecure-randomness 
JS: Update the insecure-randomness QHelp
 2024-05-16 12:52:09 +02:00
Owen Mansel-Chan
8cc118f781 Add change note 2024-05-16 11:16:54 +01:00
Owen Mansel-Chan
b008f98782 Fix missing getUnderlyingType() calls 
In both cases we also care about named types whose underlying type is
an integer type.
 2024-05-16 11:10:15 +01:00
Paolo Tranquilli
451f601a65 Swift: update prebuilt package 2024-05-16 11:07:07 +01:00
Max Schaefer
98d2c848bb Merge pull request #16497 from github/max-schaefer/comparison-with-wider-type 
Java: Add tests for `comparison-with-wider-type`.
 2024-05-16 10:59:59 +01:00
Cornelius Riemenschneider
74e446ea3b Paket/C#: Only pull in the tool restore targt via InitialTargets. 2024-05-16 11:42:20 +02:00
erik-krogh
56dff8540f add an example of how to get a floating point value between 0 and 1 2024-05-16 11:15:07 +02:00
erik-krogh
066f3b61a2 RandomSource is deprecated, it's crypto now 2024-05-16 11:14:50 +02:00
Owen Mansel-Chan
410543f26b Add change note 2024-05-16 10:10:22 +01:00
Owen Mansel-Chan
e71cf0ff1d Use value flow instead of taint flow 2024-05-16 10:10:18 +01:00
Owen Mansel-Chan
5dbb91f508 Merge pull request #16504 from owen-mc/go/allow-array-reads-from-named-types 
Go: allow read and store steps from named types
 2024-05-16 09:47:54 +01:00
Tamás Vajk
c4d33fbede Merge pull request #16505 from tamasvajk/fix/pin-sdk-version-in-test 
C#: Pin dotnet SDK version in integration test relying on razor sourc…
 2024-05-16 10:18:17 +02:00
Tamas Vajk
62faab320b C#: Pin dotnet SDK version in integration test relying on razor source generator 2024-05-16 09:00:53 +02:00
yoff
5076b1a214 Merge pull request #16135 from sylwia-budzynska/gradio-model 
Python: Add Gradio models
 2024-05-16 09:00:50 +02:00
Owen Mansel-Chan
6ffa821aa3 Add change note 2024-05-16 00:41:28 +01:00
Owen Mansel-Chan
21ff705b73 Fix bug with read/store steps and named types 2024-05-16 00:35:45 +01:00
Owen Mansel-Chan
1af3374322 Add tests for data flow through ranged for loops 
Including the case where the type of the domain is a named type rather
than an array type or map type or whatever.
 2024-05-16 00:32:30 +01:00
Cornelius Riemenschneider
1b22e0879a Paket/C#: Automatically restore tools for CSharp.sln. 
This is not a general fix, as we not always build the
solution file, but this should improve the DX for
local developers that use the solution file.
 2024-05-15 21:51:33 +02:00
Chris Smowton
4617c055e2 Merge pull request #16336 from smowton/smowton/admin/android-8-test 
Java: Add Android Gradle Plugin 8 and Spring Boot 3 tests
 2024-05-15 16:23:21 +01:00
Chris Smowton
a50584c665 Comment on Java version selection testing strategy 2024-05-15 14:52:09 +01:00
Chris Smowton
44edff7661 AGP 8 test: ignore and remove the .gradle directory 2024-05-15 14:52:09 +01:00
Chris Smowton
9c823d708d Expose toolchains to some Android tests, which would otherwise now try to upgrade to JDK17 2024-05-15 14:52:09 +01:00
Chris Smowton
c328957bf3 Add Spring Boot 3 test 2024-05-15 14:52:09 +01:00
Chris Smowton
7e13c88f1d Add Android 8 integration test 2024-05-15 14:52:09 +01:00
Sylwia Budzynska
72493a6bd1 Change classes to private 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-05-15 15:08:27 +02:00
Cornelius Riemenschneider
950e8c85e7 Paket: Prevent recursion into ql/csharp/ql directory. 2024-05-15 14:17:04 +02:00
Cornelius Riemenschneider
a158e40cc2 MSBuild: Move paket restore target inclusion to global file. 2024-05-15 14:17:02 +02:00
Cornelius Riemenschneider
90bb0ba33f Paket: Mark lockfile as generated. 2024-05-15 14:17:01 +02:00
Cornelius Riemenschneider
8f207e7a06 Add dotnet tool restore to local CI. 2024-05-15 14:16:47 +02:00
Max Schaefer
3c47c1137d Simplify query. 2024-05-15 12:49:45 +01:00
Max Schaefer
d406646414 Java: Add tests for comparison-with-wider-type. 2024-05-15 12:45:19 +01:00
Cornelius Riemenschneider
3f020a96e4 Remove unused dependency. 2024-05-15 13:37:05 +02:00
Cornelius Riemenschneider
25b7214064 C++: Move Windows autobuilder to paket dependencies. 2024-05-15 13:36:51 +02:00
Cornelius Riemenschneider
723850394d Add paket files to .gitignore. 2024-05-15 13:28:03 +02:00
Cornelius Riemenschneider
f1616d3c26 Add auto-generated paket restore targets. 2024-05-15 13:28:01 +02:00
Cornelius Riemenschneider
45167cf9f1 C#: Switch over dependencies in msbuild files to paket. 2024-05-15 13:28:00 +02:00
Cornelius Riemenschneider
04c26056a1 C#: Commit paket-based dependency tree. 2024-05-15 13:27:58 +02:00