hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 04:56:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
43,248 Commits 1,714 Branches 162 Tags
569fad667af319dd9a649637e0ccdca072229ce5
Commit Graph

43248 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
569fad667a Merge pull request #10360 from atorralba/atorralba/fix-taint-implicit-reads 
Dataflow: Fix implicit reads in taint tracking when FlowStates are used
 2022-09-09 14:28:39 +02:00
Michael Nebel
15db520a58 Merge pull request #10362 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-09-09 11:06:09 +02:00
Tony Torralba
1078cf091e Add change notes for all languages 2022-09-09 10:28:36 +02:00
Erik Krogh Kristensen
9893650f7c Merge pull request #8604 from erik-krogh/httpNode 
JS: refactor most library models away from AST nodes
 2022-09-09 10:04:17 +02:00
Erik Krogh Kristensen
25b988d179 Merge pull request #10356 from erik-krogh/selRandom 
JS: add taint-step in js/insecure-randomness for selecting a random element
 2022-09-09 09:59:25 +02:00
github-actions[bot]
ea1cdf90a1 Add changed framework coverage reports 2022-09-09 00:21:07 +00:00
Tony Torralba
7db1eb98f5 Sync files 2022-09-08 17:32:03 +02:00
Tony Torralba
1b87167d96 Add implicit reads for FlowState sinks and steps 2022-09-08 17:26:59 +02:00
Tony Torralba
d5f101d7e6 Add implicit read FlowState test 2022-09-08 17:19:39 +02:00
Robert Marsh
0feeafd0ac Merge pull request #10339 from MathiasVP/dont-use-get-unique-id-in-range-analysis 
C++: Don't use `getUniqueId` in range analysis
 2022-09-08 11:13:43 -04:00
Mathias Vorreiter Pedersen
594c40a375 Merge pull request #10355 from MathiasVP/fix-unequalIntegralSsa-standard-order 
C++: Avoid bad standard order in range analysis
 2022-09-08 14:58:44 +01:00
Tom Hvitved
b3653cc3d0 Merge pull request #10216 from hvitved/ssa/shared-lib 
SSA: Create a new `codeql/shared-ssa` library pack and move implementation there
 2022-09-08 15:39:29 +02:00
Tom Hvitved
e3948e6683 Merge pull request #10354 from hvitved/ruby/convert-flow-test 
Ruby: Convert data-flow test to use inline test expectations
 2022-09-08 15:20:58 +02:00
erik-krogh
a21a4275f3 add taint-step in js/insecure-randomness for selecting a random element 2022-09-08 15:00:00 +02:00
Mathias Vorreiter Pedersen
f119b50c2f C++: Predicate factoring to prevent a bad standard order. 2022-09-08 13:55:27 +01:00
Tom Hvitved
46127f9f59 Ruby: Convert data-flow test to use inline test expectations 2022-09-08 14:32:21 +02:00
Taus
8b8e74cc9a Merge pull request #10314 from RasmusWL/revert-alert-msgs-change 2022-09-08 13:00:47 +02:00
Asger F
df90b99b67 Merge pull request #10348 from RasmusWL/ruby-fix 
Ruby: Fix ActiveResource HTTP client request modeling
 2022-09-08 12:59:27 +02:00
Erik Krogh Kristensen
57bf92a70c Merge pull request #10347 from erik-krogh/mermaid 
JS: add a markdown step through the `mermaid` library
 2022-09-08 12:41:58 +02:00
Rasmus Wriedt Larsen
978c165cf4 Ruby: Fix ActiveResource HTTP client request modeling 
This was a conflict between the merge of
https://github.com/github/codeql/pull/9974 and
https://github.com/github/codeql/pull/10114
 2022-09-08 12:14:18 +02:00
Rasmus Wriedt Larsen
1d834799a2 Merge pull request #10114 from RasmusWL/shared-http-client-request 
Ruby/Python: Shared HTTP client request concept
 2022-09-08 11:58:06 +02:00
Jeroen Ketema
9a923d8239 Merge pull request #10311 from jketema/more-builtins 
C++: Support more builtin operations
 2022-09-08 11:55:22 +02:00
Ian Lynagh
b62193d4bf Merge pull request #10333 from igfoo/igfoo/extractStaticInitializer2 
Kotlin: Remove a cast from extractStaticInitializer
 2022-09-08 10:51:36 +01:00
Tom Hvitved
ac307137ad Merge pull request #10341 from hvitved/ruby/inline-getavaluereachablefromsource 
Ruby: Inline `getAValueReachableFromSource`
 2022-09-08 10:20:43 +02:00
Jeroen Ketema
6330be3902 C++: Update DB scheme stats file 2022-09-08 10:06:57 +02:00
Jeroen Ketema
04000be050 C++: Add DB scheme upgrade and downgrade scripts 2022-09-08 10:06:57 +02:00
Jeroen Ketema
1140d27bda C++: Add tests for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
2410321acf C++: Add change note for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
23b9b07f28 C++: Support more builtin operations 2022-09-08 10:06:57 +02:00
Michael Nebel
e265b07a93 Merge pull request #10127 from michaelnebel/csharp/clearscontent 
C#: Replace clears content with CSV summaries.
 2022-09-08 09:26:08 +02:00
Erik Krogh Kristensen
9534f31eac Merge pull request #10343 from erik-krogh/spreadFunction 
JS: recognize calls to `Function` when spread arguments are used
 2022-09-08 09:25:10 +02:00
erik-krogh
0407198dd2 add a markdown step through the mermaid library 2022-09-08 09:23:45 +02:00
Tony Torralba
2681b3d032 Merge pull request #10345 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-09-08 09:15:21 +02:00
Asger F
ada72b865f Merge pull request #10332 from asgerf/js/type-confusion-bugfix 
JS: bugfixes in TypeThroughThroughParameterTampering
 2022-09-08 09:02:16 +02:00
Harry Maclean
30c9bea8b3 Merge pull request #9974 from hmac/hmac/active-resource 
Ruby: Model ActiveResource
 2022-09-08 07:44:59 +01:00
github-actions[bot]
7e72f53631 Add changed framework coverage reports 2022-09-08 00:21:30 +00:00
Mathias Vorreiter Pedersen
417b2152d8 Merge pull request #10319 from geoffw0/cleartextbarrier 2022-09-08 00:30:57 +01:00
erik-krogh
6447234428 recognize calls to Function where spread arguments are used 2022-09-07 22:55:51 +02:00
erik-krogh
e829387cdb add failing test for call the Function with a spread argument 2022-09-07 22:54:21 +02:00
Mathias Vorreiter Pedersen
7062263885 C++: Accept test changes. 2022-09-07 21:11:52 +01:00
Tom Hvitved
0070662072 Ruby: Inline getAValueReachableFromSource 2022-09-07 20:28:38 +02:00
Mathias Vorreiter Pedersen
a052614dbf C++: Two fixes to ensure we don't use getUniqueId in the new range analysis library. (1) don't use it to rank basic blocks, and (2) don't use it in 'toString' on bounds. 2022-09-07 18:45:43 +01:00
Andrew Eisenberg
144a0455d8 Merge pull request #10146 from github/aeisenberg/remove-db-upgrades-doc 
Remove upgrade database docs
 2022-09-07 09:49:26 -07:00
Mathias Vorreiter Pedersen
76d433d4ee Merge pull request #9997 from rdmarsh2/rdmarsh2/cpp/product-flow 
C++: Experimental product flow library
 2022-09-07 17:34:39 +01:00
Andrew Eisenberg
fb8a0fc36f Merge pull request #10182 from github/aeisenberg/codeql-workspace-docs 
Add docs for codeql workspaces
 2022-09-07 08:46:56 -07:00
Mathias Vorreiter Pedersen
e37848ec6d C++: Remove 'IRConfiguration' since we no longer generate bad IR for range analysis. 2022-09-07 16:39:45 +01:00
Mathias Vorreiter Pedersen
86259ced97 Merge branch 'main' into rdmarsh2/cpp/product-flow 2022-09-07 16:38:42 +01:00
Robert Marsh
55a10d99b4 Merge pull request #10305 from MathiasVP/ql-workaround-for-missing-decl-entries 
C++: Synthesize `DeclarationEntry`s for IR construction
 2022-09-07 11:34:28 -04:00
Tamás Vajk
b129c4098d Merge pull request #10278 from tamasvajk/kotlin-reified-enum 
Kotlin: Extract error expression for `enumValues<T>` calls
 2022-09-07 17:33:08 +02:00
Andrew Eisenberg
a065974fb8 Merge branch 'aeisenberg/remove-db-upgrades-doc' into aeisenberg/codeql-workspace-docs 2022-09-07 08:10:14 -07:00