hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,035 Commits 1,703 Branches 162 Tags
454687d583b9bad53f8e64b80d08ba455dffbb0c
Commit Graph

67035 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
454687d583 Data flow: Synthesize parameter return nodes 2024-05-21 14:47:42 +02:00
yoff
358c7410c8 Merge pull request #16490 from yoff/python/rich-type-column-MaD 
Python: Rich `type` column in MaD
 2024-05-21 11:55:41 +02:00
Jeroen Ketema
bddc69e409 Merge pull request #16537 from jketema/memcmp 
C++: Fix typo in `cpp/network-to-host-function-as-array-bound`
 2024-05-21 11:14:48 +02:00
Jeroen Ketema
c8fec336ce C++: Fix typo in cpp/network-to-host-function-as-array-bound 2024-05-21 10:29:17 +02:00
Jeroen Ketema
1a60c01723 C++: Add memcmp test for cpp/network-to-host-function-as-array-bound 2024-05-21 10:27:38 +02:00
Joe Farebrother
01a6c5e82f Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics 
Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics
 2024-05-21 09:07:13 +01:00
Tom Hvitved
60ee7fb0d3 Merge pull request #16473 from hvitved/csharp/entity-framework-perf 
C#: Fix performance issue in EntityFramework modelling
 2024-05-21 10:03:21 +02:00
Tamás Vajk
1a20a624d6 Merge pull request #16498 from tamasvajk/buildless/use-nuget-from-path 
C#: Use nuget.exe from the executing machine instead of always downlo…
 2024-05-21 09:38:47 +02:00
Paolo Tranquilli
9d21e2cda3 Merge pull request #16522 from github/redsun82/lfs 
Bazel: allow LFS rules to use cached downloads without internet
 2024-05-21 08:56:47 +02:00
Tom Hvitved
d9019f9676 C#: Fix performance issue in EntityFramework modelling 2024-05-21 08:53:51 +02:00
Geoffrey White
13a7d9acb6 Merge pull request #16528 from geoffw0/docfix2 
C++: Update an instance of the name 'Semmle' in a doc page.
 2024-05-20 15:07:42 +01:00
Mathias Vorreiter Pedersen
c483a4bf04 Merge pull request #16527 from codeqlhelper/main 
C++: Static variables are initialized to zero or null by compiler
 2024-05-20 10:13:23 +01:00
Geoffrey White
0ba3cd96f5 C++: Update an instance of the name 'Semmle' in a doc page. 2024-05-20 10:02:50 +01:00
Mathias Vorreiter Pedersen
2f7766a557 C++: Autoformat. 2024-05-20 09:04:24 +01:00
Mathias Vorreiter Pedersen
df24e5982a C++: Add tests and accept test changes. 2024-05-20 09:01:42 +01:00
Mathias Vorreiter Pedersen
e8b9d7e6fa C++: Modify change note to be more aligned with existing change notes. 2024-05-20 08:52:18 +01:00
codeqlhelper
15667dcf1e Create 2024-05-19-avoid-reporting-static-variable.md 2024-05-19 21:55:35 +08:00
codeqlhelper
1d8d45b3aa Static variables are initialized to zero or null by compiler 
Static variables are initialized to zero or null by compiler, no need to get an initializer of them
 2024-05-19 21:48:43 +08:00
Erik Krogh Kristensen
bfc95c6f13 Merge pull request #16510 from erik-krogh/go-command 
Go: Update the QHelp for `go/command-injection`.
 2024-05-17 17:45:10 +02:00
Paolo Tranquilli
d01d657f89 Bazel: accept new SSH keys in git_lfs_probe.py 2024-05-17 16:39:18 +01:00
Paolo Tranquilli
170e2231d4 Bazel: allow LFS rules to use cached downloads without internet 
If the cache is prefilled, LFS rules were still trying to query LFS
urls.

Now the strategy is to first try to fetch the files from the repository
cache (which is possible by providing an empty url list and `allow_fail`
to `repository_ctx.download`), and only run the LFS protocol if that
fails. Technically this is possible by enhancing `git_lfs_probe.py` with
a `--hash-only` flag.

This is also an optimization where no uneeded access is done (including
the slightly slow SSH call) if the repository cache is warm.
 2024-05-17 16:24:38 +01:00
yoff
0ecefd6a24 Update python/ql/lib/change-notes/2024-05-17-maD-rich-type-column.md 
Co-authored-by: Taus <tausbn@github.com>
 2024-05-17 16:58:59 +02:00
Rasmus Lerchedahl Petersen
9534e56d1b Python: address review comments 2024-05-17 16:25:22 +02:00
Cornelius Riemenschneider
b639f60fa6 Merge pull request #16517 from github/criemen/paket-rewrite 
C#: Reformat project files with `paket`.
 2024-05-17 16:20:25 +02:00
Chuan-kai Lin
1a4c07a1ac Merge pull request #16425 from github/cklin/swift-entities-reorder 
Swift: Use entities in reorder directives
 2024-05-17 06:43:18 -07:00
Chuan-kai Lin
f1047606ad Merge pull request #16418 from github/cklin/cpp-entities-reorder 
C++: Use entities in reorder directives
 2024-05-17 06:43:07 -07:00
yoff
a7a12f17b5 Merge pull request #16512 from yoff/python/allow-provenance-in-additional-taint-steps 
Python: Allow provenance in additional taint steps
 2024-05-17 15:07:12 +02:00
Felicity Chapman
daf19a2468 Merge pull request #16496 from github/felicitymay/sphinx-config 
Stop building the CodeQL for VS Code docs now they've been migrated
 2024-05-17 13:37:36 +01:00
Paolo Tranquilli
ad1188be1f Merge pull request #16518 from github/redsun82/bazel-update 
Bazel: update bazel to version 7.1.2
 2024-05-17 12:14:48 +01:00
Cornelius Riemenschneider
a6ce24dc39 C#: Reformat project files with paket. 
When running `dotnet paket update` or `dotnet paket install`, `paket`
forcefully reformats the project files. This is unfortunate.
One option is to accept these changes, as they're not harmful.
They do mean that each project includes the Paket restore targets individually,
instead of doing so via `Directory.Build.targets`.
Another option would be to not merge this PR, and then I'll document that
the changes to the csproj files should be ignored when running `paket` instead.
I don't really mind either way.
 2024-05-17 12:19:53 +02:00
Paolo Tranquilli
cc4f8e038d Bazel: update bazel to version 7.1.2 2024-05-17 10:52:29 +01:00
Erik Krogh Kristensen
03cf9b702c Merge pull request #14291 from am0o0/amammad-js-CodeInjection_Shelljs 
JS: Shelljs improvement
 2024-05-17 11:14:11 +02:00
Rasmus Lerchedahl Petersen
a568873a8e Python: update test expectations 2024-05-17 10:59:49 +02:00
Rasmus Lerchedahl Petersen
92a5b6f6d6 python: add change note 2024-05-17 10:02:38 +02:00
Rasmus Lerchedahl Petersen
e66cce7fe1 python: add qldoc and refactor 
The logic of which steps an `AdditionalTaintStep` has defined
is now pushed into the defitnion of `AdditionalTaintStep`.
 2024-05-17 09:49:31 +02:00
Michael Nebel
e483948c19 Merge pull request #16513 from michaelnebel/csharp/flowsummariestest 
C#: Change the printed information in the Flow summaries tests.
 2024-05-17 09:43:28 +02:00
erik-krogh
384649b336 changes based on review, and improve the new command-injection test 2024-05-17 08:38:54 +02:00
Rasmus Lerchedahl Petersen
d4d6b48f98 python: add test for subclass instance method 2024-05-17 00:03:01 +02:00
Rasmus Lerchedahl Petersen
3d0c42f44d python: rewrite text models to use rich paths 2024-05-17 00:03:01 +02:00
Rasmus Lerchedahl Petersen
a88c007c05 python: Allow dotted paths in type column 2024-05-17 00:03:00 +02:00
Tamas Vajk
a79105e2ae C#: Use nuget.exe from the executing machine instead of always downloading it 2024-05-16 23:15:04 +02:00
erik-krogh
2848ccf0e2 fix frontend errors that Go complained about 2024-05-16 20:06:26 +02:00
erik-krogh
08c0d8ec60 autoformat go files 2024-05-16 19:59:40 +02:00
erik-krogh
9aeebc6f39 update the QHelp to add a "--" example 2024-05-16 19:49:22 +02:00
Owen Mansel-Chan
a8201a19ae Merge pull request #16506 from github/smowton/admin/gradle-version-detection-change-note 
Java: Add change note for Gradle JDK version detection
 2024-05-16 17:11:03 +01:00
Cornelius Riemenschneider
3a224871ee Merge pull request #16476 from github/criemen/update-deps 
C#: Update non-Roslyn thirdparty dependencies
 2024-05-16 17:58:10 +02:00
Alex Ford
19e2af8a1d Merge pull request #13556 from am0o0/amammad-ruby-bombs 
Ruby: Decompression Bombs
 2024-05-16 16:23:02 +01:00
Paolo Tranquilli
92699d18ac Merge pull request #16508 from github/redsun82/updated-prebuilt 
Swift: update prebuilt package
 2024-05-16 14:58:17 +01:00
am0o0
dcadda23cd update expected file 2024-05-16 15:15:27 +02:00
am0o0
f06c3fddd9 fix qhelp, fix duplicate query id 2024-05-16 15:12:31 +02:00