hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 05:13:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
46,122 Commits 1,697 Branches 161 Tags
508327235ae88492fc1eff47bb142bc0912e335e
Commit Graph

46122 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Dave Bartolomeo
649c3af98a Merge pull request #11127 from github/henrymercer/fix-atm-pr-checks 
ATM: Fix CodeQL pack workspace references
 2022-11-04 12:19:42 -04:00
Arthur Baars
58c0e65542 Merge pull request #11129 from aibaars/improve-weak-crypto 
Ruby: Improve weak crypto query
 2022-11-04 16:31:55 +01:00
Arthur Baars
98f4c29913 Ruby: weak crypto: do not report weak hash algorithms 
Weak hash algorithms such as MD5 and SHA1 are often
used in non security sensitive contexts and reporting
all uses is far too noisy.
 2022-11-04 15:58:50 +01:00
Erik Krogh Kristensen
418d632738 Merge pull request #11123 from erik-krogh/stableCI-followup-2 
fix typo in compile-queries workflow
 2022-11-04 15:48:27 +01:00
AlexDenisov
c7da814bca Merge pull request #11122 from github/alexdenisov/make-macos-sed-happy 
Swift: make sed on macos happy
 2022-11-04 15:45:06 +01:00
Paolo Tranquilli
0370d1a1ba Merge pull request #11008 from github/redsun82/swift-macos-integration-tests 
Swift: rework workflows
 2022-11-04 15:44:42 +01:00
Tom Hvitved
05bf86acb6 Merge pull request #11126 from hvitved/cpp/position-overrides 
C++: Let `(Indirect|Direct)Position` be sub classes of `Position`
 2022-11-04 15:35:27 +01:00
AlexDenisov
0260ecfbdb Merge branch 'main' into alexdenisov/make-macos-sed-happy 2022-11-04 15:17:08 +01:00
Henry Mercer
0b9588bf9e ATM: Add test pack to workspace 2022-11-04 14:07:14 +00:00
Henry Mercer
3e863a539a ATM: Fix CodeQL pack workspace references 
This fixes the
[ATM PR checks](https://github.com/github/codeql/actions/runs/3392995797/jobs/5639827326)
breaking on main as a result of
https://github.com/github/codeql/pull/11004.
 2022-11-04 14:03:34 +00:00
Tom Hvitved
95835b8297 C++: Let (Indirect|Direct)Position be sub classes of Position 2022-11-04 14:31:18 +01:00
erik-krogh
def9b5e2ce fix typo in compile-queries workflow 2022-11-04 13:58:29 +01:00
Erik Krogh Kristensen
265838aa2c Merge pull request #11117 from erik-krogh/stableCI-followup 
fix merge-base compilation when running directly on main
 2022-11-04 13:56:41 +01:00
AlexDenisov
476bbfbdb7 Update qltest.sh 2022-11-04 13:04:24 +01:00
Erik Krogh Kristensen
91b33f72b5 update name and comment to reflect that it also runs on rc branches 2022-11-04 12:50:18 +01:00
Tamás Vajk
545dd8b8d8 Merge pull request #11106 from tamasvajk/kotlin-binop-ext 
Kotlin: Extract extension binary operators
 2022-11-04 12:41:06 +01:00
Paolo Tranquilli
2bec4479e7 Merge pull request #11029 from github/redsun82/swift-filtered-debugging 
Swift: add possibility to run the extractor under an env-specified tool
 2022-11-04 11:44:11 +01:00
erik-krogh
47289a4d33 fix merge-base compilation when running directly on main 2022-11-04 11:28:56 +01:00
Erik Krogh Kristensen
ec87a932b8 Merge pull request #11078 from erik-krogh/stableCI 
add workflow that checks compilation of all queries with the latest stable release
 2022-11-04 11:21:23 +01:00
Erik Krogh Kristensen
c82d8cbacc Merge pull request #11013 from erik-krogh/sndCmd 
JS: second-order-command-injection
 2022-11-04 10:58:50 +01:00
Paolo Tranquilli
daa4e99a2f Swift: fix executable permissions 
These were broken by a merge done in the github UI.
 2022-11-04 10:47:47 +01:00
Paolo Tranquilli
fdde84ac35 Merge branch 'main' into redsun82/swift-filtered-debugging 2022-11-04 10:42:48 +01:00
Paolo Tranquilli
858ae3dab4 Merge pull request #11116 from github/redsun82/swift-expect-failure-in-qltest 
Swift: allow expecting failure in qltest.sh
 2022-11-04 10:40:41 +01:00
Tom Hvitved
2f8dcdd602 Merge pull request #10933 from hvitved/csharp/fix-flow-into-phis 
C#: Fix flow steps into phi/uncertain def nodes
 2022-11-04 10:28:09 +01:00
Tom Hvitved
587e6739d9 Merge pull request #11060 from hvitved/dataflow/path-node-reach-charpred 
Data flow: Restrict public `PathNode`s to those that may reach a sink
 2022-11-04 10:17:09 +01:00
Paolo Tranquilli
231f2238c1 Swift: fix wrong test names 2022-11-04 10:06:57 +01:00
Paolo Tranquilli
4cfe11c319 Swift: allow expecting failure in qltest.sh 2022-11-04 10:03:00 +01:00
Anders Schack-Mulligen
331b8c0144 Merge pull request #10904 from aschackmull/java/joinorders 
Java: Fix some join-orders.
 2022-11-04 09:24:31 +01:00
Nora Dimitrijević
924f999aa8 Merge pull request #11104 from github/swift/webviewjoinorder 2022-11-03 16:44:17 +01:00
Erik Krogh Kristensen
1f51bd4594 add dash in description 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-03 16:24:59 +01:00
Tamas Vajk
16cb4c5aaa Kotlin: Extract extension binary operators 2022-11-03 16:11:23 +01:00
Tamas Vajk
70561cabaf Kotlin: Add test cases for extension binary operators 2022-11-03 16:10:32 +01:00
Tom Hvitved
1711efcc47 C#: Update expected test output 2022-11-03 15:52:30 +01:00
Tom Hvitved
a533c95640 C++: Update expected test output 2022-11-03 15:52:30 +01:00
Tom Hvitved
d3488da0c2 Data flow: Sync files 2022-11-03 15:52:30 +01:00
Tom Hvitved
cc87d2e38b Data flow: Restrict public PathNodes to those that may reach a sink 2022-11-03 15:52:30 +01:00
Nora Dimitrijević
0e67100cad Swift: fix bad join order in WebView/JsExportedSource 
The `getName = getName` join was happening too early,
before the methods themselves have been enumerated.
 2022-11-03 15:30:04 +01:00
Henry Mercer
12ab95668c Merge pull request #11098 from github/henrymercer/summary-metrics-consistent-naming 
Summary metrics: Improve consistency of naming
 2022-11-03 14:05:23 +00:00
Henry Mercer
8060b30cce Merge pull request #11099 from github/henrymercer/atm-labeler 
Add ATM to labeler
 2022-11-03 13:49:35 +00:00
Erik Krogh Kristensen
5918e0184c quote $CHANNEL 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-11-03 14:17:44 +01:00
Mathias Vorreiter Pedersen
1ca7c5b97d Merge pull request #11091 from JarLob/assign 
Fix AV Rule 76
 2022-11-03 13:06:10 +00:00
erik-krogh
96ec54e5be fix minor issues in qhelp 2022-11-03 14:01:58 +01:00
erik-krogh
b5666888b1 rewrite @description of second-order-command-injection 2022-11-03 14:00:29 +01:00
erik-krogh
83a8b1afb8 use fetch-codeql action 2022-11-03 13:49:15 +01:00
Henry Mercer
7ce4629b12 Add ATM to labeler 2022-11-03 11:55:19 +00:00
Henry Mercer
dd264c6dfb Consistently mention language in metric names 
This improves consistency between the lines of code queries and the
number of successfully extracted files queries.
 2022-11-03 11:44:10 +00:00
Mathias Vorreiter Pedersen
ad0b36a0c9 C++: Add change note. 2022-11-03 11:41:38 +00:00
Henry Mercer
c60d071239 Lowercase "lines" 2022-11-03 11:40:22 +00:00
Tony Torralba
83caf01778 Merge pull request #11096 from atorralba/atorralba/swift/unit 
Swift: Move the Unit class to its own file
 2022-11-03 12:00:57 +01:00