Maiky
|
4ef4c92e2c
|
Move Customizations and Query
|
2023-11-23 21:29:09 +01:00 |
|
Maiky
|
abd53e98a9
|
Fix minor issues
|
2023-11-23 13:17:54 +01:00 |
|
Maiky
|
413c11171e
|
Move to /experimental
|
2023-11-23 11:00:47 +01:00 |
|
Maiky
|
d661f7f482
|
Add Flow Labels
|
2023-11-22 19:50:16 +01:00 |
|
Maiky
|
acac534ed0
|
Forgot .js
|
2023-10-16 19:29:57 +02:00 |
|
Maiky
|
07ad596f77
|
Add coverage for express
|
2023-10-16 16:48:32 +02:00 |
|
Maiky
|
c0e6d7c049
|
Merge branch 'github:main' into maikypedia/javascript-cors
|
2023-10-11 12:20:42 +02:00 |
|
Tamás Vajk
|
304d7a4395
|
Merge pull request #14429 from tamasvajk/relax-metadata_handle-keyset
C#: Remove `keyset` from `metadata_handle` relation
|
2023-10-11 12:00:11 +02:00 |
|
Erik Krogh Kristensen
|
85bb14f04f
|
Merge pull request #14405 from erik-krogh/tagCall
JS: recognize tagged template literals as `DataFlow::CallNode`
|
2023-10-11 11:25:34 +02:00 |
|
Tamás Vajk
|
aa7a667919
|
Merge pull request #14421 from tamasvajk/csharp/autobuilder-test
C#: Add autobuilder test with global.json
|
2023-10-11 10:35:53 +02:00 |
|
Rasmus Wriedt Larsen
|
68d00a829e
|
Merge pull request #14430 from RasmusWL/api-graph-import-star
Python: Better allow `import *` to work with API graphs
|
2023-10-11 10:03:46 +02:00 |
|
Erik Krogh Kristensen
|
6377e92067
|
Update javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll
Co-authored-by: Asger F <asgerf@github.com>
|
2023-10-11 09:52:48 +02:00 |
|
Erik Krogh Kristensen
|
e99b1598d1
|
Merge pull request #14433 from erik-krogh/delete-expected
JS: delete an .expected file outside the test directories
|
2023-10-11 09:44:04 +02:00 |
|
Tamás Vajk
|
c587dbb72a
|
Merge pull request #14428 from tamasvajk/feature/deterministic-conflict-resolution
C#: Make conflicting assembly selection deterministic in standalone
|
2023-10-11 08:40:50 +02:00 |
|
erik-krogh
|
ccd06c78b9
|
delete an .expected file outside the test directories
|
2023-10-10 21:35:19 +02:00 |
|
Rasmus Wriedt Larsen
|
ee75b104eb
|
Python: Add change-note
|
2023-10-10 17:45:11 +02:00 |
|
Rasmus Wriedt Larsen
|
72d0dcdaba
|
Python: Workaround for module level items from import * not being LocalSourceNodes
|
2023-10-10 17:45:11 +02:00 |
|
Rasmus Wriedt Larsen
|
6521e5165c
|
Python: Extend import * with plain use
(no calls or anything)
|
2023-10-10 17:45:11 +02:00 |
|
yoff
|
f1266a3e81
|
Merge pull request #14417 from github/tausbn/python-add-flow-for-assignment-expressions
|
2023-10-10 17:09:20 +02:00 |
|
Tamas Vajk
|
4c6073ebce
|
C#: Remove keyset from metadata_handle relation
|
2023-10-10 16:49:48 +02:00 |
|
Tamas Vajk
|
2378e31c5e
|
C#: Make conflicting assembly selection deterministic
|
2023-10-10 16:32:02 +02:00 |
|
Michael B. Gale
|
be16cb4190
|
Merge pull request #14415 from github/mbg/go/dependabot-config
|
2023-10-10 14:36:34 +01:00 |
|
Michael B. Gale
|
ce905bba41
|
Apply suggestions from code review
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
|
2023-10-10 14:21:20 +01:00 |
|
Tamás Vajk
|
bc1c22cda2
|
Merge pull request #14425 from tamasvajk/standalone/nuget-download-lazy
C#: Only download nuget.exe if there are packages.config files
|
2023-10-10 14:28:43 +02:00 |
|
Rasmus Wriedt Larsen
|
2d947a4f53
|
Merge pull request #13781 from maikypedia/maikypedia/python-unsafe-deserialization
Python: Add unsafe deserialization sinks (CWE-502)
|
2023-10-10 13:30:38 +02:00 |
|
Owen Mansel-Chan
|
542d5a2451
|
Merge pull request #14414 from owen-mc/go/fix-incorrect-integer-conversion-performance-regression
Go: Change MaxValueState API to get architecture bit size
|
2023-10-10 11:27:18 +01:00 |
|
Tamas Vajk
|
1872a937d5
|
C#: Only download nuget.exe if there are packages.config files
|
2023-10-10 11:39:39 +02:00 |
|
Owen Mansel-Chan
|
fd9c1d30f9
|
Remove argument that is always one value
|
2023-10-10 10:35:04 +01:00 |
|
Owen Mansel-Chan
|
cf0411e7e2
|
Change MaxValueState API to get architecture bit size
This fixes a performance regression, though it is not clear why.
|
2023-10-10 10:35:02 +01:00 |
|
Taus
|
8e1bb4b364
|
Python: Accept moved consistency test results
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com>
|
2023-10-10 09:22:36 +00:00 |
|
Michael Nebel
|
5c44f8bbad
|
Merge pull request #14370 from michaelnebel/java/enablethreatmodels
Java: Enable threat models for most Java queries.
|
2023-10-10 09:25:47 +02:00 |
|
Tamas Vajk
|
538df1bb6d
|
C#: Add autobuilder test with global.json
|
2023-10-10 09:11:40 +02:00 |
|
Erik Krogh Kristensen
|
5cb3543899
|
Merge pull request #14420 from github/dependabot/cargo/ql/regex-1.10.0
Bump regex from 1.9.6 to 1.10.0 in /ql
|
2023-10-10 08:43:46 +02:00 |
|
dependabot[bot]
|
0e09420e7b
|
Bump regex from 1.9.6 to 1.10.0 in /ql
Bumps [regex](https://github.com/rust-lang/regex) from 1.9.6 to 1.10.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.9.6...1.10.0)
---
updated-dependencies:
- dependency-name: regex
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-10-10 03:56:00 +00:00 |
|
Erik Krogh Kristensen
|
4489e2bf28
|
Merge pull request #14403 from erik-krogh/dDEps
All: delete outdated deprecations
|
2023-10-09 21:04:55 +02:00 |
|
Jeroen Ketema
|
fe60269fdd
|
Merge pull request #14416 from jketema/revert-cgi-xss-rewrite
Revert "C++: Rewrite `cpp/cgi-xss` to not use default taint tracking"
|
2023-10-09 18:52:54 +02:00 |
|
Jeroen Ketema
|
6ff8e06ace
|
Revert "C++: Rewrite cpp/cgi-xss to not use default taint tracking"
This reverts commit b6132d2a0f.
|
2023-10-09 16:30:21 +02:00 |
|
Taus
|
e8ac258994
|
Python: Add missing flow for AssignmentExpr nodes
Also extend the tests surrounding this construct to be a bit more comprehensive.
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com>
|
2023-10-09 14:16:03 +00:00 |
|
Michael B. Gale
|
f186b93c93
|
Add dependabot configuration for Go dependencies
|
2023-10-09 15:14:17 +01:00 |
|
Robert Marsh
|
8af727734e
|
Merge pull request #13909 from rdmarsh2/rdmarsh2/swift/for-in
Swift: dataflow for `for-in` loops
|
2023-10-09 10:00:27 -04:00 |
|
Michael B. Gale
|
ebd640da04
|
Merge pull request #14391 from github/mbg/go/update-newer-go-version-needed
Go: Fix version detection and test for `newer-go-version-needed`
|
2023-10-09 14:47:37 +01:00 |
|
Erik Krogh Kristensen
|
625e889c62
|
Merge pull request #14339 from erik-krogh/range-printing
JS/PY/RB/Java: escape unicode chars in overly-large-range
|
2023-10-09 14:22:38 +02:00 |
|
Geoffrey White
|
57e32b47b7
|
Merge pull request #14386 from geoffw0/swiftperf
Swift: defaultImplicitTaintRead performance improvement
|
2023-10-09 13:07:11 +01:00 |
|
Geoffrey White
|
62b0ebf2fe
|
Merge pull request #14407 from geoffw0/grdbsinks
Swift: Add sinks for the GRDB database library to swift/hardcoded-key
|
2023-10-09 12:58:17 +01:00 |
|
erik-krogh
|
e1b2f81f43
|
Revert "update doc example to not use isBarrierGuard"
This reverts commit 28f8c1cc11.
|
2023-10-09 13:29:41 +02:00 |
|
Michael Nebel
|
cf3a62d201
|
Java: Address review comments.
|
2023-10-09 13:06:59 +02:00 |
|
Anders Schack-Mulligen
|
4a0ab4a050
|
Merge pull request #14402 from Marcono1234/marcono1234/MemberRefExpr-getReceiverExpr
Java: Add predicate `MemberRefExpr::getReceiverExpr`
|
2023-10-09 13:01:36 +02:00 |
|
Anders Schack-Mulligen
|
8c6a1be070
|
Merge pull request #14401 from Marcono1234/marcono1234/ClassInstanceExpr-type-argument-doc
Java: Adjust `ClassInstanceExpr` type argument predicates docs
|
2023-10-09 13:01:18 +02:00 |
|
Robert
|
e38ba27a65
|
Merge pull request #14408 from github/robertbrignull/telemetryLevel-docs
Update about-telemetry-in-codeql-for-visual-studio-code.rst to mention telemtry.telemetryLevel
|
2023-10-09 11:38:33 +01:00 |
|
Robert
|
ada331588f
|
Update about-telemetry-in-codeql-for-visual-studio-code.rst to mention telemtry.telemetryLevel
|
2023-10-09 11:04:52 +01:00 |
|