hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-17 15:33:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,716 Commits 1,692 Branches 160 Tags
596102d3fb0a158ba7d9d5de96b4d8559bed34ba
Commit Graph

4203 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
5d51b5b97b Ruby: Add support for pretty-printed provenace in tests. Convert one test. 2024-06-07 11:47:48 +02:00
Asger F
6e0f3df573 Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused 
Dynamic: add TypeModel.isTypeUsed
 2024-06-06 15:31:16 +02:00
Tom Hvitved
e42de3de6f Ruby: Fix extraction errors 2024-06-04 14:54:02 +02:00
Tom Hvitved
ad99158838 Ruby: Fix/accept extraction errors 2024-06-04 12:55:44 +02:00
Tom Hvitved
858c7cead2 Ruby: Add consistency query for extraction errors 2024-06-04 12:55:42 +02:00
Paolo Tranquilli
096a31dbef Mark all integration tests as legacy 
This is in preparation for the new integration test framework. Tests
marked thus will be run by the current framework and ignored by the new
one.
 2024-05-31 16:04:50 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Tom Hvitved
69fb2bb97c Merge pull request #16597 from hvitved/tree-sitter/empty-location 
Tree-sitter: Emit `empty_location` relation to avoid scan
 2024-05-27 15:19:15 +02:00
Anders Schack-Mulligen
1432519cc2 Dataflow: Add totalorder predicates to all languages. 2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen
bc8ca1af86 Dataflow: Introduce NodeRegions for use in isUnreachableInCall. 2024-05-27 11:01:51 +02:00
Tom Hvitved
686879a2a3 Ruby: Add up/downgrade scripts 2024-05-27 10:39:22 +02:00
Tom Hvitved
94d2e9591d Tree-sitter: Emit empty_location relation to avoid scan 2024-05-27 10:39:21 +02:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Anders Schack-Mulligen
bbebdfea8d Merge pull request #16511 from aschackmull/dataflow/configuration-provenance 
Dataflow: Add provenance for configuration-specific steps.
 2024-05-22 14:07:10 +02:00
Alex Ford
8119a27540 Merge pull request #16185 from alexrford/rb/conditions-arr0 
Ruby: ActiveRecord - refine `conditions` argument as an SQLi sink
 2024-05-22 12:19:10 +01:00
Tom Hvitved
a006c29a00 Merge pull request #16481 from hvitved/treesitter/bump2 
Tree-sitter: Bump to 0.22.6
 2024-05-22 12:53:14 +02:00
Anders Schack-Mulligen
012b861ffb Ruby: Accept qltest .expected file changes. 2024-05-22 10:08:59 +02:00
Anders Schack-Mulligen
c4ae18649e Ruby: Accept qltest .expected file changes (interesting). 2024-05-22 10:08:59 +02:00
Tom Hvitved
a87ceed361 Merge pull request #16394 from hvitved/dataflow/synth-param-ret-node 
Data flow: Synthesize parameter return nodes
 2024-05-21 20:55:14 +02:00
Chuan-kai Lin
8a22e2283c Merge pull request #16424 from github/cklin/ruby-entities-reorder 
Ruby: Use entities in reorder directives
 2024-05-21 07:32:28 -07:00
Rasmus Wriedt Larsen
2451a6d3f6 Accept .expected changes 2024-05-21 14:47:42 +02:00
Asger F
13d01f1ec4 Ruby/Python: add recursion guard 2024-05-21 14:40:15 +02:00
Asger F
14c71a351e Sync shared files 2024-05-21 14:38:55 +02:00
Tom Hvitved
bf2ae9890f Tree-sitter: Bump to 0.22.6 2024-05-21 11:14:06 +02:00
Joe Farebrother
01a6c5e82f Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics 
Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics
 2024-05-21 09:07:13 +01:00
am0o0
dcadda23cd update expected file 2024-05-16 15:15:27 +02:00
am0o0
f06c3fddd9 fix qhelp, fix duplicate query id 2024-05-16 15:12:31 +02:00
Alex Ford
78dc6502f5 Merge branch 'main' into amammad-ruby-bombs 2024-05-16 13:53:31 +01:00
github-actions[bot]
32e8b5c667 Post-release preparation for codeql-cli-2.17.3 2024-05-14 21:14:08 +00:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00
Joe Farebrother
da93a08639 Add change notes 
No change note is needed for Swift, as the new heuristics are unused and thus should not affect any queries.
 2024-05-09 10:03:20 +01:00
Joe Farebrother
9aff22c664 Fix typos in sensitive data regex 2024-05-09 09:39:03 +01:00
Joe Farebrother
5f4bc4197b Add private category to sensitive data heuristics 2024-05-08 10:02:00 +01:00
Chuan-kai Lin
cbc0261567 Ruby: Use entities in reorder directives 2024-05-03 11:18:15 -07:00
Harry Maclean
ef88f3ed09 Merge pull request #16377 from hmac/hmac-sanitization-fp 
Ruby: Fix StringSubstitutionCall charpred
 2024-05-02 13:31:01 +01:00
Owen Mansel-Chan
9bfb189fa7 Merge pull request #16392 from owen-mc/external-flow/standardize-empty-model-yml 
External flow: standardize `empty.model.yml`
 2024-05-02 11:01:47 +01:00
Owen Mansel-Chan
83249cd9c2 Fix grammar in comment 2024-05-02 09:59:48 +01:00
Owen Mansel-Chan
16dcc0969b Standardise comment explaining why extensible predicates must be defined 2024-05-01 22:00:01 +01:00
Owen Mansel-Chan
09e59ccf44 Name files with empty definitions of MaD extensible predicates to erowdmpty.model.yml 2024-05-01 21:39:38 +01:00
Harry Maclean
c00d0d302d Ruby: fix wording in rb/request-without-cert-validation 2024-05-01 17:25:58 +01:00
Harry Maclean
f7fc2e0b00 Ruby: Fix StringSubstitutionCall charpred 
Some missing parens meant this class targeted way more things than
intended.
 2024-05-01 16:14:58 +01:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Erik Krogh Kristensen
7e839792da Merge pull request #16330 from erik-krogh/del-deps-apr-2024 
All: delete outdated deprecations
 2024-04-30 10:43:39 +02:00
Harry Maclean
51bc8e917e Ruby: Reduce FPs for rb/incomplete-hostname-regexp 
Arguments in calls to `match[?]` should only be considered regular
expression interpretations if the `match` refers to the standard library
method, not a method in source code.
 2024-04-29 11:19:34 +01:00
Harry Maclean
8b23f6db10 Ruby: Add URI.open example to rb/kernel-open qhelp 2024-04-27 09:53:54 +01:00
erik-krogh
800d7546fa change all the change-notes to breaking 2024-04-26 17:17:23 +02:00
erik-krogh
14d88eb3ce add change-notes 2024-04-26 12:56:28 +02:00