hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 15:49:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,018 Commits 1,703 Branches 162 Tags
5bc602a208f78ab2bb591df978556bfd879c5a74
Commit Graph

63018 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
5bc602a208 C++: Ensure that we don't create a result for 'asExpr' on an instruction node if a result also exists for an operand node (and vice versa). 2024-01-23 12:06:35 +00:00
Max Schaefer
5c43a0b1e4 Merge pull request #15356 from github/max-schaefer/automodel-void-source-candidates 
Automodel: Switch tests to inline expectations
 2024-01-22 17:05:10 +00:00
Geoffrey White
0a8869c636 Merge pull request #15385 from geoffw0/swiftfiles 
Swift: Report any extracted file as successfully extracted
 2024-01-22 14:24:05 +00:00
Max Schaefer
99c99145a2 Rename {source,sink}Model to {source,sink}ModelCandidate. 2024-01-22 13:10:51 +00:00
Max Schaefer
a3816d75b3 Remove redundant imports. 2024-01-22 10:54:01 +00:00
Max Schaefer
78e5a1a546 Autoformat. 2024-01-22 10:45:33 +00:00
Erik Krogh Kristensen
6533269387 Merge pull request #15392 from github/dependabot/cargo/ql/regex-1.10.3 
Bump regex from 1.10.2 to 1.10.3 in /ql
 2024-01-22 08:29:35 +01:00
dependabot[bot]
eb1a0fece8 Bump regex from 1.10.2 to 1.10.3 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.2...1.10.3)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-22 03:54:51 +00:00
Geoffrey White
a39bb8c037 Swift: Rename the query file. 2024-01-19 17:58:58 +00:00
Geoffrey White
c515ea3f8a Swift: Change note. 2024-01-19 17:58:58 +00:00
Geoffrey White
ed602642b6 Swift: Basic test for getRelativePath. 2024-01-19 17:58:58 +00:00
Geoffrey White
8cf691a477 Swift: Add File.getRelativePath and update swift/diagnostics/successfully-extracted-files. 2024-01-19 17:58:58 +00:00
Chris Smowton
7e1dd38623 Merge pull request #15378 from github/smowton/admin/document-aws-lambda 
Note AWS Lambda support
 2024-01-19 12:11:28 +00:00
Chris Smowton
79928b9f76 Be consistent 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-01-19 10:44:36 +00:00
Chris Smowton
e999e38b43 Note AWS Lambda support 
JS/TS support is old; noting for symmetry with advertised support in Python. Golang support is new as of https://github.com/github/codeql/pull/15373
 2024-01-19 10:33:40 +00:00
Tony Torralba
7e7175f49d Merge pull request #15373 from atorralba/atorralba/go/aws-lambda-sources 
Go: Add flow sources for AWS Lambda function handlers
 2024-01-19 11:21:20 +01:00
Joe Farebrother
4de19b3ec9 Merge pull request #15039 from joefarebrother/csharp-razor-flow-page-models 
C#: Add flow steps from a PageModel to cshtml page.
 2024-01-19 10:07:25 +00:00
Tony Torralba
8d6aa281b9 Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 10:48:34 +01:00
Tony Torralba
9a0fb39382 Model StartWithContext 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:25:35 +01:00
Tony Torralba
d3a9a5ec3f Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:22:46 +01:00
Michael Nebel
24855ddc64 Merge pull request #15328 from michaelnebel/csharp/inlinearrays 
C# 12: Inline array support.
 2024-01-19 09:11:26 +01:00
Michael Nebel
cb53ca4e1f Merge pull request #15367 from michaelnebel/csharp/nullablesimpletypesanitizer 
C#: Consider nullable simple types as sanitizers.
 2024-01-19 09:09:36 +01:00
Aditya Sharad
a3c0425eb3 Merge pull request #15349 from github/remove-codeql-cli-docs 
Remove outdated CodeQL CLI docs
 2024-01-18 09:45:05 -08:00
Alex Ford
9536fb5cae Merge pull request #15372 from github/rb/docs-ruby-3-3 
Ruby: update supported version to 3.3
 2024-01-18 14:47:15 +00:00
Tony Torralba
1d7dbec719 Go: Add flow sources for AWS Lambda function handlers 2024-01-18 15:17:21 +01:00
Michael B. Gale
d8eef2716b Merge pull request #15360 from github/mbg/csharp/redefine-successfully-extracted-files 2024-01-18 14:09:20 +00:00
Michael Nebel
43350b0664 C#: Add change note. 2024-01-18 13:55:18 +01:00
Michael Nebel
9e9b5292f2 C#: Add change note. 2024-01-18 13:50:52 +01:00
Michael B. Gale
d0003ce7be C#: Rename query to ExtractedFiles 2024-01-18 12:47:11 +00:00
Michael Nebel
337ab611c9 C#: Update expected test output. 2024-01-18 12:53:48 +01:00
Michael Nebel
9460c91c8c C#: Also consider nullable simple types (and datetime) as simple type sanitizers. 2024-01-18 12:53:29 +01:00
Michael Nebel
559842071a C#: Add example of log forging alert for simple nullable types and updated expected test output. 2024-01-18 12:50:40 +01:00
Michael Nebel
f8f95e6a19 C#: Add models as data test for inline arrays. 2024-01-18 12:23:26 +01:00
Michael Nebel
1d88ca2388 C#: Add more InlineArray test cases. 2024-01-18 12:23:26 +01:00
Michael Nebel
70e7c92774 C#: Also check the namespace of the InlineArrayAttribute. 2024-01-18 11:09:01 +01:00
Michael Nebel
674838e698 C#: Add flow test for inline arrays. 2024-01-18 11:09:01 +01:00
Michael Nebel
f14b3265ab C#: Move static methods in CollectionFlow as these impact result line numbers. 2024-01-18 11:09:00 +01:00
Michael Nebel
47505b3bfa C#: Add array access test for an inline array. 2024-01-18 11:09:00 +01:00
Michael Nebel
0453bb86e0 C#: Update test output of existing expressions tests. 2024-01-18 11:09:00 +01:00
Michael Nebel
ae52779cf6 C#: Add inline array test to expressions. 2024-01-18 11:09:00 +01:00
Michael Nebel
de831d188f C#: Add inline type array test. 2024-01-18 11:09:00 +01:00
Michael Nebel
8a97c8c28e C#: Add QL support for InlineArrayType. 2024-01-18 11:09:00 +01:00
Erik Krogh Kristensen
cda2ef4db5 Merge pull request #15364 from github/dependabot/cargo/ql/rayon-1.8.1 
Bump rayon from 1.8.0 to 1.8.1 in /ql
 2024-01-18 09:24:30 +01:00
dependabot[bot]
7b574bb07a Bump rayon from 1.8.0 to 1.8.1 in /ql 
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.8.0 to 1.8.1.
- [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.8.0...rayon-core-v1.8.1)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-18 03:16:14 +00:00
Michael B. Gale
a30791833d C#: Report any extracted file as successfully extracted 2024-01-17 20:57:39 +00:00
Michael B. Gale
4a71ddd8b6 Merge pull request #15355 from github/mbg/go/increase-test-robustness 
Go: Improve robustness of integration tests
 2024-01-17 16:45:30 +00:00
Michael B. Gale
783f006d62 Go: Update go clean -modcache comment 2024-01-17 16:04:13 +00:00
Sid Shankar
2d71294f61 Merge pull request #15256 from sidshank/change/adjust-extracted-files-diagnostics 
Js/Py/Rb: Report any extracted file as successfully extracted
 2024-01-17 11:04:06 -05:00
Max Schaefer
7bc03040ec Make tags for positive and negative examples more precise. 2024-01-17 15:57:27 +00:00
Max Schaefer
3ae484868a Merge pull request #15326 from github/max-schaefer/automodel-negative-sink-models 
Automodel: Apply negative characteristics only to endpoints of the right kind.
 2024-01-17 15:54:28 +00:00