codeql

mirror of https://github.com/github/codeql.git synced 2026-04-20 06:24:03 +02:00

Author	SHA1	Message	Date
yoff	4b53e1c034	Merge pull request #18304 from yoff/ruby/performance-queries Ruby: Query for database calls in a loop	2025-02-17 13:16:07 +01:00
Asger F	4e325d9f1c	JS: Convert some exception steps to legacy	2025-02-17 11:53:50 +01:00
Owen Mansel-Chan	6045d9bb22	Merge pull request #18792 from github/workflow/coverage/update Update CSV framework coverage reports	2025-02-17 10:45:36 +00:00
Asger F	08b9d934c0	JS: Add a negative test	2025-02-17 11:37:44 +01:00
Asger F	352924fb8c	JS: Handle a few other stringification contexts	2025-02-17 11:36:28 +01:00
Asger F	33ab7db98a	JS: Handle Array.prototype.toString calls	2025-02-17 11:25:03 +01:00
Asger F	a74b203c86	JS: Add test with implicit array stringification	2025-02-17 11:21:46 +01:00
Asger F	d87534c7d0	JS: Model Array#toString	2025-02-17 11:13:36 +01:00
Asger F	e8d1703224	JS: Add test for flow through Buffer.concat This flow was lost since the existing model of concat() boxes its return value in ArrayElement. There is no explicit model of Buffer.concat.	2025-02-17 11:12:51 +01:00
Paolo Tranquilli	91b3d108bb	Python: upgrade cargo dependencies This required some code changes because of some breaking changes in `clap` and `tree-sitter`. Also needed to assign a new bazel repo name to the `crates_vendor` to avoid name conflicts in `MODULE.bazel`.	2025-02-17 10:56:36 +01:00
Simon Friis Vindum	8b3c1ab698	Merge branch 'main' into rust-ref-pattern	2025-02-17 10:36:39 +01:00
Asger F	d79f429978	JS: Update changes to nodes/edges/subpaths No changes in actual alerts	2025-02-17 10:36:05 +01:00
Asger F	0ca9b2285b	Merge pull request #18740 from asgerf/js/more-precise-diff-informed JS: Provide more precise related locations	2025-02-17 10:27:15 +01:00
Asger F	b8f48aa711	JS: Change note	2025-02-17 10:24:57 +01:00
Asger F	97eb09fef8	JS: Accept updated test output	2025-02-17 10:19:49 +01:00
Tom Hvitved	3644de007f	Merge pull request #18767 from hvitved/ql4ql/inline-expectations QL4QL: Add query suggesting use of inline test expectations	2025-02-17 10:04:35 +01:00
Joe Farebrother	180e45d66a	Merge pull request #18599 from joefarebrother/python-qual-not-named-self-cls Python: Modernize py/not-named-self and py/not-named-cls queries	2025-02-17 08:58:34 +00:00
Asger F	e02577d3e9	Merge pull request #18768 from asgerf/js/url-search-params JS: Migrate model of URLSearchParams	2025-02-17 09:10:35 +01:00
github-actions[bot]	5af60bba80	Add changed framework coverage reports	2025-02-17 00:22:08 +00:00
erik-krogh	6ebffd59f6	add change-note	2025-02-16 19:23:44 +01:00
erik-krogh	55b8e8b748	fix the ECMAScript version to be ES2024	2025-02-16 19:06:14 +01:00
erik-krogh	01d70a6d73	add test of the new `v` flag	2025-02-16 19:01:02 +01:00
Napalys	3ec038e7b6	JS: Added predicate to check if v flag is used on regular expression	2025-02-16 18:31:08 +01:00
Napalys	4097aa9f78	JS: Added ecma2021, thus extractor now can deal with RegExp v flag	2025-02-16 18:31:06 +01:00
Jami Cogswell	61a184c1d7	Java: update more tests	2025-02-14 16:08:06 -05:00
Jami Cogswell	2bb6a3914b	Java: update tests	2025-02-14 15:16:08 -05:00
Aditya Sharad	5f4871d609	Merge pull request #18785 from martincostello/gh-18782 Fix docker SHA false positive	2025-02-15 01:33:39 +05:30
martincostello	31913c4a55	Fix test Fix failing test.	2025-02-14 19:46:46 +00:00
Jami Cogswell	c0ebeb9c7b	Java: use AdditionalTaintStep	2025-02-14 13:52:43 -05:00
martincostello	f1723321fa	Format Document Fix lint warning.	2025-02-14 18:06:00 +00:00
Martin Costello	979d604bf6	Apply suggestions from code review Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>	2025-02-14 17:21:24 +00:00
Paolo Tranquilli	ea0bd74728	Merge pull request #18567 from github/redsun82/env-dump-integration-test Rust/Swift: add integration tests checking env dumping	2025-02-14 16:52:20 +01:00
Asger F	283954d515	JS: Do not store into arrays implicitly	2025-02-14 16:06:43 +01:00
Mathias Vorreiter Pedersen	89fd2876b6	Merge pull request #18773 from MathiasVP/cleanup-ssa-internals-2 C++: Clean up some stuff in `SsaInternals`	2025-02-14 13:38:43 +00:00
martincostello	5d2409e652	Fix query Forgot to move the `and`.	2025-02-14 13:36:09 +00:00
martincostello	9a7ed7f3f7	Re-order conditions Makes for a neater diff.	2025-02-14 13:35:20 +00:00
martincostello	99bb0f0b4f	Use if then else Apply code review suggestion. Co-Authored-By: Taus <1104778+tausbn@users.noreply.github.com>	2025-02-14 13:30:55 +00:00
martincostello	cf8abb7989	Add change note Add change note.	2025-02-14 13:27:36 +00:00
Anders Schack-Mulligen	c84087cd19	Ruby: Deprecate dependencies of deprecated predicates for clarity.	2025-02-14 14:18:20 +01:00
Anders Schack-Mulligen	28cb37364c	Rust: delete dead code.	2025-02-14 14:16:21 +01:00
Owen Mansel-Chan	a9b9410104	Merge pull request #17759 from Kwstubbs/path-sanitizers Go: Add Tainted Path sanitizers	2025-02-14 13:13:19 +00:00
Owen Mansel-Chan	d8fe4d2698	Merge pull request #18489 from owen-mc/go/rename-namedtype-definedtype Go: Rename "named type" to "defined type"	2025-02-14 13:03:42 +00:00
Owen Mansel-Chan	083c756973	Merge pull request #18766 from owen-mc/go/update-framework-docs Go: Add more modeled frameworks to docs	2025-02-14 13:03:13 +00:00
Mathias Vorreiter Pedersen	9cfd3391d2	C++: Move 'getImpl' to a private non-member predicate.	2025-02-14 13:01:28 +00:00
martincostello	71bc89beda	Fix query Fix various issues with the query.	2025-02-14 12:59:02 +00:00
Martin Costello	9a29cebe58	Fix docker SHA false positive Fix false positives for pinned Docker container images.	2025-02-14 12:35:55 +00:00
Asger F	ab5fc9f4d7	JS: Implement viableImplInCallContext	2025-02-14 13:25:19 +01:00
Asger F	ff7bc7c25e	JS: Track types of classes in data flow	2025-02-14 12:44:45 +01:00
Asger F	d3c4b5d493	JS: Add test with spurious flow due to up-down calls	2025-02-14 12:42:02 +01:00
Owen Mansel-Chan	347e5ed029	Update model in test expectation	2025-02-14 10:49:51 +00:00

1 2 3 4 5 ...

76292 Commits