hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,891 Commits 1,673 Branches 157 Tags
51f11f19cccd759208c736d11925daef22d96aa7
Commit Graph

47891 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
51f11f19cc Merge pull request #11576 from ethanwilloner/main 
csharp: URI should be Uri in Owin.qll library.
 2022-12-07 09:34:51 +01:00
Asger F
afe7872838 Merge pull request #11565 from asgerf/js/rephined-variable-in-access-path 
JS: handle rephined variable in access path
 2022-12-07 09:26:38 +01:00
Michael Nebel
c1c0432c00 Merge pull request #11144 from michaelnebel/csharp/qualifiedname 
C#: Deprecate hasQualifiedName/1 and prepare for deprecating getQualifiedName/0.
 2022-12-07 09:16:38 +01:00
Tiferet Gazit
1a9dd48a88 Merge pull request #11551 from github/tiferet/endpoint-characteristics-test 
ATM: Test for contradictory endpoint characteristics
 2022-12-06 18:36:41 -08:00
tiferet
cf29cde2e8 Apply suggestions from code review 2022-12-06 18:05:04 -08:00
Chris Smowton
5d43c431c0 Merge pull request #11504 from owen-mc/fix-small-error 
Fix `mayHaveSideEffects` for `ReturnStmt`
 2022-12-06 20:15:07 +00:00
Ethan Willoner
64f58061b7 Rename 2022-12-05-owin-uri-fix.md. to 2022-12-05-owin-uri-fix.md 2022-12-06 09:13:28 -08:00
Ethan Willoner
574d6d6119 Fix comment. 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2022-12-06 09:10:22 -08:00
Owen Mansel-Chan
4789431d6e Add change note 2022-12-06 16:25:50 +00:00
Owen Mansel-Chan
d588ee375b Fix mayHaveSideEffects for ReturnStmt 
The previous code only worked when the return statement
only has one returned expression.
 2022-12-06 15:07:45 +00:00
Mathias Vorreiter Pedersen
2c500142c7 Merge pull request #11435 from jketema/rewrite-tainted-path 
C++: Rewrite `cpp/path-injection` to not use `DefaultTaintTracking`
 2022-12-06 14:54:57 +00:00
Michael Nebel
8e4190d84a Merge pull request #11516 from michaelnebel/java/externalflowcleanup 
Java: Cleanup imports of `ExternalFlow`
 2022-12-06 14:26:39 +01:00
Anders Schack-Mulligen
b579e2e7ed Merge pull request #11493 from aschackmull/java/scc-equivrel 
Java: Replace ad-hoc SCC reduction with union-find.
 2022-12-06 14:02:46 +01:00
Michael Nebel
27efb0d843 C#: Rename -> for . 2022-12-06 13:53:50 +01:00
Erik Krogh Kristensen
be168901d6 Merge pull request #11085 from dbartol/dbartol/ql-for-ql-latest 
Use latest released bundle for QL-for-QL
 2022-12-06 12:43:53 +01:00
Michael Nebel
29ccac8e93 C#: Address review comments. 2022-12-06 12:05:48 +01:00
Mathias Vorreiter Pedersen
3eea3b2f45 Merge pull request #11446 from atorralba/atorralba/swift/path-injection 
Swift: Add path injection query
 2022-12-06 11:03:26 +00:00
Michael Nebel
6b35098fb7 C#: Replace more uses of getQualifiedName/0. 2022-12-06 11:59:13 +01:00
Michael Nebel
0a3295ef3f C#: Address review comments. 2022-12-06 11:59:13 +01:00
Michael Nebel
ae4f4d6df4 C#: Add change note about deprecation of hasQualifiedName/1. 2022-12-06 11:59:13 +01:00
Michael Nebel
f7a1a4a9b7 C#: Add some missing this qualifiers. 2022-12-06 11:59:13 +01:00
Michael Nebel
38e906f854 C#: Use hasQualifiedName instead of getQualifiedName. 2022-12-06 11:59:13 +01:00
Michael Nebel
c24302bec2 C#: Replace all uses of the deprecated hasQualifiedName/1 predicate. 2022-12-06 11:59:12 +01:00
Michael Nebel
315a3a5ed3 C#: Add hasQualifiedName/3 including overrides where relevant and re-write some of the existing hasQualifiedName/2 predicates. 2022-12-06 11:59:12 +01:00
Michael Nebel
38565407c5 C#: Add small module with relevant printing predicates. 2022-12-06 11:59:12 +01:00
Michael Nebel
86c021ef7e C#: Deprecate hasQualifiedName/1. 2022-12-06 11:59:12 +01:00
Chris Smowton
3b5b121aeb Merge pull request #11553 from smowton/smowton/fix/kotlin-synthetic-noarg-constructor 
Kotlin: Extract a no-arg constuctor whenever a Kotlin class has default values for all parameters
 2022-12-06 10:07:31 +00:00
Anders Schack-Mulligen
f0ac59be25 Merge pull request #11521 from aschackmull/shared/typetracking 
Shared: Add a qlpack with a parameterized module defining type-trackers.
 2022-12-06 10:56:44 +01:00
Anders Schack-Mulligen
1b77f50fd7 Shared: Address review comments. 2022-12-06 10:42:16 +01:00
Michael Nebel
4e93429026 Merge pull request #11577 from michaelnebel/java/enablemodeldifferenceworkflow 
Java: Add Model Difference workflow on model generator changes.
 2022-12-06 10:35:52 +01:00
Michael Nebel
204766b967 Java: Adjust generated model paths in Model difference workflow. 2022-12-06 09:53:39 +01:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
Michael Nebel
6fa2193602 Java: Add Model Difference workflow on model generator changes. 2022-12-06 09:26:09 +01:00
Michael Nebel
cd5c0bec33 Merge pull request #11527 from michaelnebel/java/regeneratemodels 
Java/C#: Delete old model generator scripts and update Java model re-generator script.
 2022-12-06 09:24:13 +01:00
Jeroen Ketema
995efef5da C++: Add explanatory comment to hasFilteredFlowPath 2022-12-06 09:03:21 +01:00
Jeroen Ketema
5637d573c1 C++: Add test case that is no longer detected after latest changes 2022-12-06 08:31:22 +01:00
Tom Hvitved
b171dc9b7b Merge pull request #11477 from hvitved/ruby/call-ctx-rewrite 
Ruby: Rework call-context sensitivity logic
 2022-12-06 07:39:29 +01:00
Ethan Willoner
b886157f52 Add change note. 2022-12-06 00:27:17 +00:00
Ethan Willoner
82c0449d56 Fix bug: In OwinRequest URI should be Uri. 2022-12-06 00:01:17 +00:00
Jeroen Ketema
6dbc59d5b5 C++: Simplify isSink based on reviewer comments 2022-12-05 23:23:08 +01:00
Chris Smowton
5bb1319b0f Merge pull request #9779 from porcupineyhairs/goSqlInjection 
Golang : Add SQL sinks for `gorqlite` and `GoFrame` frameworks
 2022-12-05 16:30:22 +00:00
Chris Smowton
407e4cdd07 Don't create a default constructor for annotations, or classes that explicitly declare a no-arg constructor. 2022-12-05 16:17:51 +00:00
Tom Hvitved
7972db68bc C++: Update expected test output 2022-12-05 17:07:32 +01:00
Chris Smowton
8897f5bccc Merge pull request #11552 from smowton/smowton/fix/kotlin-toplevel-internal-names 
Kotlin: Don't add name mangling to top-level internal functions
 2022-12-05 15:36:52 +00:00
Tony Torralba
7dca1b4b06 Merge branch 'main' into atorralba/swift/path-injection 2022-12-05 16:21:22 +01:00
Mathias Vorreiter Pedersen
5b31da44e1 Merge pull request #11424 from geoffw0/alamofire3 
Swift: Alamofire taint sources
 2022-12-05 15:15:58 +00:00
Tony Torralba
bf8084080b Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-12-05 15:37:40 +01:00
Anders Schack-Mulligen
ed1fe1447b Shared: Add more precise types in TypeTracker. 2022-12-05 15:19:20 +01:00
Asger F
80777b8c50 JS: handle rephined variables in local access paths 2022-12-05 15:11:50 +01:00
Asger F
025cfe4064 JS: Add reproduction test case 2022-12-05 15:11:43 +01:00