hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 07:15:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
51,245 Commits 1,738 Branches 165 Tags
5f438e433d2bc2a129d8d326bd9fbbda280b28ac
Commit Graph

51245 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
5f438e433d python: exclude nonlocals from query 2023-03-20 13:34:39 +01:00
Rasmus Lerchedahl Petersen
9b7a20f4ad python: add example showing FP 2023-03-20 13:03:26 +01:00
Asger F
d953ad63fe Merge pull request #12445 from asgerf/js/react-forward-ref 
JS: Handle forwardRef in React
 2023-03-14 13:21:16 +01:00
Asger F
8ab3f39b5e Merge pull request #12423 from asgerf/js/trusted-types-global-flow 
JS: Track trusted types policy callbacks
 2023-03-14 13:09:50 +01:00
Paolo Tranquilli
5ff7a898a6 Merge pull request #12516 from github/redsun82/swift-specialize-generic-decl 
Swift: make `AnyGenericType::getDecl`'s type more specific
 2023-03-14 12:23:02 +01:00
AlexDenisov
decd5c1ae7 Merge pull request #12508 from github/redsun82/swift-deduplication-test 
Swift: add an initial draft for a deduplication test
 2023-03-14 11:56:23 +01:00
Paolo Tranquilli
54b6c6f8f7 Swift: make AnyGenericType::getDecl's type more specific 
As shown by the extractor's code not needing any change, the DB values
already had that more specific type, which is why the upgrade/downgrade
scripts are actually no-ops.
 2023-03-14 11:49:07 +01:00
Paolo Tranquilli
91ce88e2d9 Swift: make deduplication test cross-platform 2023-03-14 11:24:03 +01:00
Edward Minnix III
de1ecf943e Merge pull request #11915 from egregius313/egregius313/arbitrary-apk-installation 
Java: Arbitrary APK installation
 2023-03-14 06:23:51 -04:00
Paolo Tranquilli
cc608f764d Swift: add missing include 2023-03-14 11:23:33 +01:00
Tony Torralba
dd0723c36b Merge pull request #12511 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-03-14 10:05:32 +01:00
Tom Hvitved
08557974ae Merge pull request #12499 from hvitved/ruby/more-constructor-flow 
Ruby: Add missing flow through `self.new` constructor calls
 2023-03-14 09:14:42 +01:00
Erik Krogh Kristensen
04f422ea5d Merge pull request #12047 from erik-krogh/py-shell 
Py: add unsafe-shell-command-construction
 2023-03-14 07:48:38 +01:00
github-actions[bot]
2c93ab99d8 Add changed framework coverage reports 2023-03-14 00:15:57 +00:00
Anders Schack-Mulligen
5792b4d363 Merge pull request #12503 from aschackmull/java/qltest-callback-instance-sideeffect 
Java: Add a qltest demonstrating side-effect on a callback instance.
 2023-03-13 17:26:12 +01:00
Paolo Tranquilli
fcd14a78ab Swift: add an initial draft for a deduplication test 2023-03-13 15:55:45 +01:00
Ian Lynagh
70b85a3e00 Merge pull request #12431 from igfoo/igfoo/double_interception 
Kotlin: Test double interceptions
 2023-03-13 14:30:49 +00:00
erik-krogh
6a5d6eb5c2 lower precision of py/shell-command-constructed-from-input to medium 2023-03-13 14:56:42 +01:00
erik-krogh
d001cc40d3 Merge branch 'main' into py-shell 2023-03-13 14:56:04 +01:00
Tony Torralba
705691b096 Merge pull request #12446 from github/java/update-mad-decls-after-triage-2023-03-08T14-51-59 
Java: Update MaD Declarations after Triage
 2023-03-13 14:07:59 +01:00
Robert Marsh
64f23ebb4d Merge pull request #12436 from MathiasVP/ir-range-analysis-for-unary-minus 
C++: IR-based range analysis for unary minus
 2023-03-13 09:02:38 -04:00
Anders Schack-Mulligen
f54b02edb3 Java: Add a qltest demonstrating side-effect on a callback instance. 2023-03-13 13:22:18 +01:00
Anders Schack-Mulligen
0c95ab2cdc Merge pull request #12474 from hvitved/dataflow/call-back-post-update 
Data flow: Synthesize post-update nodes for callback arguments inside summarized callables
 2023-03-13 13:21:52 +01:00
Ian Lynagh
4fbc747f93 Kotlin: Move kotlin_double_interception test to posix_only 
It's failing on Windows
 2023-03-13 11:57:57 +00:00
Ian Lynagh
fd8f7e071b Kotlin: Tweak double_interception test 2023-03-13 11:57:57 +00:00
Ian Lynagh
fae4a8f37b Kotlin: double interception test: Fix for old python versions 2023-03-13 11:57:57 +00:00
Ian Lynagh
8b6047dfd1 Kotlin: Handle double-interceptions without failing 2023-03-13 11:57:57 +00:00
Ian Lynagh
81e71c4669 Kotlin: Add a test for double niterception 2023-03-13 11:57:57 +00:00
dependabot[bot]
6e75df4088 Merge pull request #12494 from github/dependabot/cargo/ruby/serde-1.0.155 2023-03-13 11:49:00 +00:00
Erik Krogh Kristensen
060c37b6a2 Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Tom Hvitved
163bb2b94d Add change note 2023-03-13 12:45:46 +01:00
Tom Hvitved
714b61b63e Ruby: Add missing flow through self.new constructor calls 2023-03-13 12:45:46 +01:00
dependabot[bot]
219bac74bf Bump serde from 1.0.154 to 1.0.155 in /ruby 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.154 to 1.0.155.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.154...v1.0.155)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 11:36:09 +00:00
dependabot[bot]
de84dddfc1 Merge pull request #12495 from github/dependabot/cargo/ql/serde-1.0.155 2023-03-13 11:32:03 +00:00
Arthur Baars
e0a49e2999 Merge pull request #12486 from aibaars/windows-long-paths 
Ruby: support long paths on Windows
 2023-03-13 12:18:50 +01:00
Arthur Baars
41a53ec109 Address comments 2023-03-13 11:50:03 +01:00
Geoffrey White
e4837f7da9 Merge pull request #12489 from geoffw0/typealiastests 
Swift: Skeleton + tests for type alias support
 2023-03-13 10:38:43 +00:00
Asger F
5461f94c6c Merge pull request #12424 from asgerf/js/html-sanitizer-for-sql 
JS: Add html sanitizers as a taint step in a few queries
 2023-03-13 11:36:19 +01:00
Asger F
41dd63adc7 Handle forwardRef in React 2023-03-13 11:30:18 +01:00
Anders Schack-Mulligen
f53a05bf13 Merge pull request #12475 from aschackmull/dataflow/mergepathgraph 
Dataflow: Add MergePathGraph module.
 2023-03-13 11:26:24 +01:00
Jeroen Ketema
a0fca20f0d Merge pull request #12498 from jketema/frontend-tests 
C++: Update `.expected` after frontend changes
 2023-03-13 11:25:58 +01:00
Anders Schack-Mulligen
c380ecbbbc Data flow: Add change notes. 2023-03-13 11:09:13 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Erik Krogh Kristensen
25e6b976c8 Merge pull request #12405 from github/dependabot/cargo/ql/rayon-1.7.0 
Bump rayon from 1.6.1 to 1.7.0 in /ql
 2023-03-13 10:57:11 +01:00
Geoffrey White
7512d81331 Merge pull request #12484 from geoffw0/summarydetail 
Swift: Update swift/summary/summary-statistics to DataFlow::ConfigSig
 2023-03-13 09:54:54 +00:00
Tom Hvitved
6ee231fac5 Ruby: Add more tests for flow through constructors 2023-03-13 10:52:01 +01:00
Geoffrey White
0d1be2294c Merge branch 'main' into typealiastests 2023-03-13 09:38:54 +00:00
Geoffrey White
8d666d00c2 Swift: Update codegen. 2023-03-13 09:21:44 +00:00
Geoffrey White
9a5dbd078e Merge pull request #12485 from geoffw0/qldocraw 
Swift: Add generated QLDoc to the Raw.qll file.
 2023-03-13 09:10:55 +00:00
Jeroen Ketema
bd47c4f9ec C++: Update .expected after frontend changes 2023-03-13 09:40:10 +01:00