codeql

mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	6cee635cb5	Merge pull request #10180 from erik-krogh/fixTags Add missing security tags	2022-09-02 08:04:57 +02:00
Nora Dimitrijević	7584434b80	Merge pull request #10163 from d10c/missing-check-scanf-squashed C++: New Query: missing return-value check for scanf-like functions	2022-09-01 23:43:21 +02:00
Mathias Vorreiter Pedersen	2223bc3d1f	Merge pull request #10261 from MathiasVP/fix-join-in-sign-analysis C++: Fix join in sign analysis	2022-09-01 16:49:05 +01:00
Ian Lynagh	ae9ba80c40	Merge pull request #10242 from igfoo/igfoo/kotlinFunctionToJavaEquivalent Kotlin: Refactor kotlinFunctionToJavaEquivalent	2022-09-01 16:23:08 +01:00
Tom Hvitved	3c3390728a	Merge pull request #10245 from hvitved/ruby/simplify-track-instance Ruby: Exclude top-level `self` accesses from `trackModule`	2022-09-01 16:50:14 +02:00
Ian Lynagh	710ba3cb14	Merge pull request #10257 from igfoo/igfoo/hasModifier Java: Correct hasModifier documentation	2022-09-01 15:49:06 +01:00
Edoardo Pirovano	8f332714f4	Merge pull request #10260 from github/edoardo/3.7-mergeback Merge `rc/3.7` into `main`	2022-09-01 15:44:17 +01:00
Mathias Vorreiter Pedersen	a65e585db1	C++: 'nomagic' on 'binaryExprOperands'.	2022-09-01 15:34:59 +01:00
Henry Mercer	e4d22a2a5a	Merge pull request #10258 from github/codeql-ci/js/ml-powered-pack-release-0.3.2 JS: Bump version numbers of ML-powered packs after 0.3.2 release	2022-09-01 13:49:16 +01:00
Henry Mercer	c65ae88c6d	Merge branch 'main' into codeql-ci/js/ml-powered-pack-release-0.3.2	2022-09-01 12:41:45 +01:00
github-actions[bot]	8d0ca9c772	JS: Bump version of ML-powered library and query packs to 0.3.3	2022-09-01 11:39:32 +00:00
github-actions[bot]	d577392dee	JS: Bump patch version of ML-powered library and query packs	2022-09-01 11:28:25 +00:00
Tamás Vajk	6576f19873	Merge pull request #10255 from tamasvajk/kotlin-array-get-fix Kotlin: Fix array indexer extraction	2022-09-01 13:28:18 +02:00
Mathias Vorreiter Pedersen	00c55092ee	Merge pull request #10256 from geoffw0/cleartextcleanup	2022-09-01 12:15:57 +01:00
Ian Lynagh	4f63317369	Kotlin: Remove a redundant ?	2022-09-01 11:55:43 +01:00
Ian Lynagh	7ed18f1b32	Java: Correct hasModifier documentation	2022-09-01 11:52:07 +01:00
Ian Lynagh	cc1a5d82b8	Merge pull request #10243 from igfoo/igfoo/extractExpression Kotlin: Removed a couple of casts from extractExpression	2022-09-01 11:11:58 +01:00
Ian Lynagh	70cabf188e	Merge pull request #10246 from igfoo/igfoo/extractConstructorCall Kotlin: Refactor extractConstructorCall	2022-09-01 11:11:48 +01:00
Ian Lynagh	c30f39df33	Merge pull request #10247 from igfoo/igfoo/useSimpleType2 Kotlin: Remove another cast	2022-09-01 11:11:37 +01:00
Nora Dimitrijević	f956999891	Merge branch 'main' into missing-check-scanf-squashed	2022-09-01 12:08:50 +02:00
Geoffrey White	aad77c2388	Swift: Use TypeDecl.getABaseTypeDecl().	2022-09-01 10:42:09 +01:00
Geoffrey White	8ff0a191be	Merge pull request #10254 from MathiasVP/swift-base-and-derived-on-decls Swift: Add `getBaseTypeDecl` to `TypeDecl`	2022-09-01 10:35:29 +01:00
Tamas Vajk	a5415c9c8a	Kotlin: Fix array indexer extraction	2022-09-01 11:12:14 +02:00
Tamas Vajk	afeea64078	Kotlin: Add test case for overloaded array `get`	2022-09-01 11:09:44 +02:00
Tom Hvitved	4d485163a6	Ruby: Exclude top-level `self` accesses from `trackModule`	2022-09-01 11:05:53 +02:00
Mathias Vorreiter Pedersen	96752f0fc4	Merge pull request #10061 from geoffw0/cleartext Swift: Queries for CWE-311 (originally CWE-200)	2022-09-01 09:39:58 +01:00
Mathias Vorreiter Pedersen	e294b8f74a	Swift: Add convenience member predicates to 'TypeDecl'.	2022-09-01 09:28:37 +01:00
Geoffrey White	d3250a7e16	Swift: Fix finding base classes.	2022-09-01 09:01:56 +01:00
Geoffrey White	92a927efa7	Swift: Remove special case (no longer required).	2022-09-01 08:53:51 +01:00
Tom Hvitved	d5200efef3	Merge pull request #10203 from hvitved/ssa/param-module SSA: Make shared library a parameterized module	2022-09-01 09:27:05 +02:00
Anders Schack-Mulligen	efcd47f114	Merge pull request #10248 from github/workflow/coverage/update Update CSV framework coverage reports	2022-09-01 09:17:46 +02:00
github-actions[bot]	c8441abaac	Add changed framework coverage reports	2022-09-01 00:18:02 +00:00
Ian Lynagh	e4ff25099b	Kotlin: Be more permissive I think we'll end up giving a warning/error later, but that's better than having a cast throw now.	2022-08-31 18:09:36 +01:00
Ian Lynagh	86034dc602	Kotlin: Add a type signature	2022-08-31 18:05:30 +01:00
Geoffrey White	129ed426a0	Swift: Use allowImplicitRead as a better solution replacing one of the special flow cases.	2022-08-31 17:58:18 +01:00
Geoffrey White	c0bc0d78cc	Swift: Accept test changes after merging main (again).	2022-08-31 17:58:10 +01:00
Ian Lynagh	7dc5bdafe3	Merge pull request #10186 from github/post-release-prep/codeql-cli-2.10.4 Post-release preparation for codeql-cli-2.10.4	2022-08-31 17:29:57 +01:00
Ian Lynagh	c8deb72ede	Kotlin: Refactor extractConstructorCall Avoids some casts.	2022-08-31 16:53:59 +01:00
Paolo Tranquilli	74cd532adc	Merge pull request #10244 from geoffw0/swiftcleanup Swift: Clean up the URL.init model.	2022-08-31 17:37:35 +02:00
Geoffrey White	60fad4d652	Merge remote-tracking branch 'upstream/main' into swiftcleanup	2022-08-31 16:04:39 +01:00
Nora Dimitrijević	f5a30c7bbe	C++: Add correctness tag As that seems to be appropriate for this query.	2022-08-31 16:59:57 +02:00
Nora Dimitrijević	38f185bee4	C++: Correct CWE tags in metadata	2022-08-31 16:58:05 +02:00
Ian Lynagh	eca28af883	Kotlin: Removed a couple of casts from extractExpression	2022-08-31 15:34:18 +01:00
Geoffrey White	be88c4f171	Swift: Clean up the URL.init model.	2022-08-31 15:25:24 +01:00
Ian Lynagh	6d00860cc1	Kotlin: Refactor kotlinFunctionToJavaEquivalent Avoids a cast.	2022-08-31 15:03:30 +01:00
Nora Dimitrijević	0729e42536	C++: Update metadata based on cwe-scores Though the codeql/cwe-scores update-queries.py script did not make any changes on its own, I looked up the score of the CWEs that @geoffw0 suggested using the explain.py script. As discussed elsewhere, this should be more of a warning than a recommendation.	2022-08-31 15:50:37 +02:00
Tamás Vajk	bf7437fd2e	Merge pull request #10224 from tamasvajk/kotlin-comment-fixes Kotlin: Fix issues in comment extraction	2022-08-31 14:22:09 +02:00
Ian Lynagh	b5f9fbe247	Merge pull request #10228 from igfoo/igfoo/useSimpleType Kotlin: Refactor useSimpleType to avoid some casts	2022-08-31 11:32:35 +01:00
Ian Lynagh	da7d2709d9	Merge pull request #10227 from igfoo/igfoo/extractStaticTypeAccessQualifier Kotlin: Refactor extractStaticTypeAccessQualifier	2022-08-31 11:32:26 +01:00
Ian Lynagh	49ba391923	Merge pull request #10229 from igfoo/igfoo/singleOrNullSubType Kotlin: Implement and use singleOrNullSubType	2022-08-31 11:32:11 +01:00

1 2 3 4 5 ...

42861 Commits