codeql

mirror of https://github.com/github/codeql.git synced 2026-03-04 22:56:47 +01:00

Author	SHA1	Message	Date
Anders Schack-Mulligen	5c0dcd980d	Java: Switch to the shared Guards library.	2025-06-26 07:17:34 +02:00
Anders Schack-Mulligen	cc13193cb6	Java: Replace some references to basicNullGuard.	2025-06-26 07:17:33 +02:00
Anders Schack-Mulligen	0607fefc57	Java: Refactor integerGuard.	2025-06-26 07:17:33 +02:00
Anders Schack-Mulligen	a2778eee75	Java: Refactor clearlyNotNullExpr into a base case that does not rely on SSA.	2025-06-26 07:17:32 +02:00
Anders Schack-Mulligen	22d5dc999a	Shared: Bugfix for unique value implication.	2025-06-26 07:17:32 +02:00
Anders Schack-Mulligen	378209a6ad	Shared: Simplify and improve joins.	2025-06-26 07:17:31 +02:00
Anders Schack-Mulligen	b19bff9a4e	Shared: Switch case guards to be the case statements.	2025-06-26 07:17:31 +02:00
Anders Schack-Mulligen	f772493f4c	Shared: Elaborate qldoc.	2025-06-26 07:17:31 +02:00
Anders Schack-Mulligen	73ae613b7a	Shared: Many tweaks to Guards.	2025-06-26 07:17:30 +02:00
Anders Schack-Mulligen	c212d0ac8f	Shared: Improve shared guards lib.	2025-06-26 07:17:30 +02:00
Anders Schack-Mulligen	16c5b57953	Shared: Extend the shared Guards library with support for exception branch points.	2025-06-26 07:17:29 +02:00
Anders Schack-Mulligen	14b87f97b9	Shared: Extend the shared Guards library with support for custom wrappers.	2025-06-26 07:17:29 +02:00
Anders Schack-Mulligen	1d75008eba	Shared: Add a shared Guards library inspired by the Java and C# versions.	2025-06-26 07:17:28 +02:00
Anders Schack-Mulligen	994c1f6427	Java: Add hasInputFromBlock predicate in BaseSSA.	2025-06-26 07:17:28 +02:00
Anders Schack-Mulligen	a0c849139c	Java: Add guards-logic qltest with inline expectation.	2025-06-26 07:17:28 +02:00
Jami	aa65f54b1d	Merge pull request #19882 from owen-mc/go/avoid-deprecated-class Go: Avoid using deprecated class	2025-06-25 21:16:08 -04:00
Owen Mansel-Chan	9663ecad21	Avoid using deprecated class	2025-06-26 01:46:14 +01:00
Owen Mansel-Chan	0f07ab58cf	Merge pull request #19654 from owen-mc/go/fix-definedtype-getbasetype Go: fix `DefinedType.getBaseType`	2025-06-26 00:19:19 +01:00
Owen Mansel-Chan	d7b1d7bef4	Merge pull request #19677 from owen-mc/go/better-class-names-and-helpers Go: Improve two class names and add some helper predicates	2025-06-26 00:17:32 +01:00
Chris Smowton	2291e10ce6	Fix typo Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-06-25 21:38:22 +02:00
Paolo Tranquilli	6803bf3861	Merge pull request #19851 from github/redsun82/rust-emission-trait Rust: refactor `pre_emit!` and `post_emit!` to a trait	2025-06-25 19:22:29 +02:00
Nora Dimitrijević	942cfc3bd6	Merge pull request #19842 from d10c/d10c/convert-java-tests-to-qlref Java: convert remaining `java-code-scanning.qls` query tests to `.qlref`	2025-06-25 16:02:28 +02:00
Paolo Tranquilli	b8b57365c3	Merge pull request #19876 from github/redsun82/rust-qltest-setup-nightly-toolchain Rust: fix parallel execution of tests using the nightly toolchain	2025-06-25 14:30:22 +02:00
Paolo Tranquilli	1f66f902e5	Rust: fix parallel execution of tests using the nightly toolchain Since we dropped checked in toolchain files for tests requiring nightly, the `setup.sh` script was not doing its job of setting up the toolchains and the `rust-src` component, occasionally leading to test failures.	2025-06-25 14:13:43 +02:00
Nick Rolfe	1e68a7e2de	Merge pull request #19719 from github/nickrolfe/ruby-discard-predicates Ruby: generate overlay discard predicates	2025-06-25 07:18:29 -04:00
Nick Rolfe	a9ddf0026b	Ruby: generate overlay discard predicates	2025-06-25 11:47:27 +01:00
Nick Rolfe	1bbba2f664	Merge pull request #19684 from github/nickrolfe/ruby-overlay-extraction Ruby: add support for extracting overlay databases	2025-06-25 06:39:30 -04:00
Nick Rolfe	c6ff07ad5a	Merge branch 'main' into nickrolfe/ruby-overlay-extraction	2025-06-25 05:46:26 -04:00
Napalys Klicius	3d9e2f5438	Merge pull request #19858 from Napalys/js/execa JS: moved `execa` out of experimental	2025-06-25 10:34:52 +02:00
Kasper Svendsen	7186ea5975	Merge pull request #19871 from github/kaspersv/overlay-script-re Use regex to match overlay annotations	2025-06-25 09:39:50 +02:00
Kasper Svendsen	869ba0d246	Use regex to match overlay annotations	2025-06-25 09:30:49 +02:00
Napalys Klicius	73126fef9e	JS: update change note.	2025-06-25 09:26:26 +02:00
Asger F	d39b68cd41	Merge pull request #19849 from asgerf/js/remove-legacy-actions-queries JS: Remove legacy actions queries	2025-06-25 09:18:33 +02:00
Asger F	853fc1a7cf	Merge pull request #19852 from asgerf/js/react-use-server JS: Model React 'use' and 'use server'	2025-06-25 09:13:56 +02:00
Jeroen Ketema	ddae47118b	Merge pull request #16075 from jketema/explicit C++: Handle explicitly instantiated templates	2025-06-25 08:53:50 +02:00
Jeroen Ketema	fff23040b3	C++: Update test results	2025-06-25 08:14:22 +02:00
Chuan-kai Lin	9a064de86e	Merge pull request #19865 from github/cklin/pick-kotlin-version pick-kotlin-version.py: tolerate warnings	2025-06-24 10:21:13 -07:00
Aditya Sharad	1c567b9b71	Merge pull request #19867 from adityasharad/qldoc/opcode-script-regex QLDoc scripts: Fix overly permissive regex ranges	2025-06-24 10:11:08 -07:00
Aditya Sharad	a79e3cf604	QLDoc scripts: Fix overly permissive regex ranges The range `A-aa-z` was too permissive and includes special characters between `Z` and `a`. Low impact, but fix to address an internally reported code scanning alert.	2025-06-24 10:00:29 -07:00
Nora Dimitrijević	690446149a	Java: add CleartextStorageCookie test Given that it's a non-path-problem dataflow query, the InlineExpectationsTest is not as useful.	2025-06-24 18:12:19 +02:00
Jeroen Ketema	9a83005730	Merge pull request #19862 from jketema/complex C++: Support more complex 16-bit float types	2025-06-24 17:26:07 +02:00
Chuan-kai Lin	565627847f	pick-kotlin-version.py: tolerate warnings This commit changes pick-kotlin-version.py to use re.search() instead of re.match(), so that it can better cope with warning messages.	2025-06-24 08:13:43 -07:00
Jeroen Ketema	8f249c77bc	C++: Support more complex 16-bit float types	2025-06-24 16:56:34 +02:00
Nora Dimitrijević	a49999dd5d	PolynomialReDoS: disable diff-informed support This is because it was failing the diff-informed consistency check, and like other ReDoS queries (Python?) the query tries to be helpful by showing a substring of a regex, which has a `hasLocation(...)` (intensional) but no corresponding `getLocation()` (extensional). Until the location overrides get updated to support `hasLocation`-based locations, it's probably best to turn off diff-informed support.	2025-06-24 16:42:41 +02:00
Nora Dimitrijević	b2cb585bf2	UnsafeDeserialization: add missing `getASelectedSinkLocation` override This fixes the failing diff-informed consistency check.	2025-06-24 16:42:39 +02:00
Nora Dimitrijević	e213e3fc37	Java: convert ImplicitPendingIntents test to .qlref	2025-06-24 16:42:37 +02:00
Nora Dimitrijević	e0311e26c6	Java: convert ImproperIntentVerification test to .qlref It's a non-path query, so the InlineExpectationsTest postprocessor doesn't do anything.	2025-06-24 16:42:35 +02:00
Nora Dimitrijević	aac4f63e9a	Java: convert RequestForgery test to .qlref	2025-06-24 16:42:32 +02:00
Nora Dimitrijević	7f05b72e10	Java: convert OgnlInjection test to .qlref	2025-06-24 16:42:30 +02:00
Nora Dimitrijević	cadfd0dcaa	Java: convert RsaWithoutOaep test to .qlref	2025-06-24 16:42:28 +02:00

1 2 3 4 5 ...

80562 Commits