codeql

mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00

Author	SHA1	Message	Date
erik-krogh	70eced62b6	delete unused predicate that couldn't be imported from outside the folder	2022-09-20 12:40:39 +02:00
erik-krogh	8eefa4c1b0	deprecate internal predicate that was never used	2022-09-20 12:39:41 +02:00
erik-krogh	bec381a1dc	remove unused predicate from NfaUtilsSpecific.qll	2022-09-20 12:38:34 +02:00
Erik Krogh Kristensen	91f9e89e95	Merge pull request #10405 from erik-krogh/styleGuide update the style guide on alert-messages	2022-09-20 12:13:32 +02:00
Erik Krogh Kristensen	cd71546915	Merge pull request #10475 from erik-krogh/go-unqueryable Go: Fix source/sanitizer class that were never used	2022-09-20 12:12:33 +02:00
Erik Krogh Kristensen	d1e662dff4	Merge pull request #10472 from erik-krogh/rename JS: don't mention classes that don't exist in TaintTracking.qll	2022-09-20 12:08:15 +02:00
Chris Smowton	6b9d546eaf	Merge pull request #10457 from github/smowton/fix/java-really-unique-fixedHasLocation Java: really return a unique location for non-source entities	2022-09-20 10:46:45 +01:00
Mathias Vorreiter Pedersen	7c41219376	Merge pull request #10438 from MathiasVP/invalid-pointer-deref-query C++: Add a `cpp/invalid-pointer-deref` query to experimental	2022-09-20 10:41:31 +01:00
AlexDenisov	addab0964f	Merge pull request #10447 from github/alexdenisov/open-interception Swift: open(2) interception	2022-09-20 10:47:58 +02:00
Michael Nebel	eefe457c4b	Merge pull request #10238 from michaelnebel/csharp/theoremsforfree C#: Theorems for Free - Model generation	2022-09-20 09:30:10 +02:00
Alex Denisov	9401eda8da	Swift: use http_archive instead of new_git_repository since it's faster	2022-09-20 08:38:27 +02:00
Andrew Eisenberg	714e95ea57	Merge pull request #10468 from github/aeisenberg/docs-redirect	2022-09-19 12:27:04 -07:00
Michael Nebel	6e3bc38acf	C#: Fix minor issues in QL doc.	2022-09-19 16:03:50 +02:00
erik-krogh	49d1e584a8	deprecate a source class that wasn't used anywhere	2022-09-19 15:07:18 +02:00
erik-krogh	f6ada6e022	use sanitizer class in the insecure-randomness query	2022-09-19 15:07:00 +02:00
Rasmus Wriedt Larsen	556e93ae68	Merge pull request #10384 from RasmusWL/callnode-getargbyname Python: Allow `CallNode.getArgByName` for keyword args after `**kwargs`	2022-09-19 15:05:59 +02:00
erik-krogh	58851aefd6	don't mention classes that don't exist in TaintTracking.qll	2022-09-19 13:37:06 +02:00
Erik Krogh Kristensen	a4cd913aea	Merge pull request #10312 from erik-krogh/fix-caseDiff ensure consistent casing of names	2022-09-19 10:43:12 +02:00
Alex Denisov	3c12644ab1	Swift: add a guard around hashing to aboid use-after-destructor	2022-09-19 10:37:26 +02:00
CodeQL CI	b48808778f	Merge pull request #10264 from yoff/python/port-RaisesTuple Approved by tausbn	2022-09-19 00:51:29 -07:00
CodeQL CI	ed4b64b1c4	Merge pull request #10265 from yoff/python/port-UnguardedNextInGenerator Approved by tausbn	2022-09-19 00:50:52 -07:00
CodeQL CI	36f8b0554d	Merge pull request #10266 from yoff/python/port-CatchingBaseException Approved by tausbn	2022-09-19 00:50:05 -07:00
Asger F	ab296d4d62	Merge pull request #10396 from asgerf/js/regexp-always-matches-fp JS: Fix FP in js/regexp/always-matches	2022-09-19 09:32:00 +02:00
Andrew Eisenberg	e6eaf37e22	Add redirect for removed 'About QL packs' article Note that sphinx gives an error if you have a document to build that is not part of a toctree. In order to avoid this error and not show the document in any toctree that users will see, I added a hidden toctree to the redirect article.	2022-09-18 10:45:59 -07:00
Mathias Vorreiter Pedersen	02076074ff	C++: Add more comments.	2022-09-18 12:48:13 +01:00
Mathias Vorreiter Pedersen	3e6576bfaf	C++: Add example of missing result.	2022-09-18 12:18:04 +01:00
Mathias Vorreiter Pedersen	d1cf688abf	C++: Fix test function naming.	2022-09-18 12:17:46 +01:00
Mathias Vorreiter Pedersen	78535dc70b	C++: Autoformat.	2022-09-18 12:02:32 +01:00
Michael Nebel	a464e5be72	C#: Address review comments.	2022-09-17 13:51:03 +02:00
Andrew Eisenberg	13d4c4a5b9	Merge pull request #10460 from github/aeisenberg/lang-spec-packs Updates the library path section of the CodeQL spec	2022-09-16 15:01:43 -07:00
Andrew Eisenberg	867e31693d	Updates the library path section of the CodeQL spec - Remove references to `queries.xml`. It is still supported, but we don't want people using it. - Add reference to `codeql-pack.yml`. It is just an alias for `qlpack.yml` and not being used. - Remove reference to `libraryPathDependencies` and use `dependencies` instead. Note that this section does not give a complete description of library paths. That will be a part of the "Developing a codeql pack" article that is forthcoming.	2022-09-16 14:31:17 -07:00
Chris Smowton	3fa1f17b83	Java: really return a unique location for non-source entities This was always supposed to pick one of several candidate non-source locations (usually for a generic type instantiation), but since `getFile().toString()` just produces the basename of the class file actually the results would almost always tie and all of the candidate locations would be returned. Use the full class file path as a tiebreaker instead.	2022-09-16 18:23:31 +01:00
Mathias Vorreiter Pedersen	dc00643ad1	C++: More QLDoc.	2022-09-16 17:14:29 +01:00
Mathias Vorreiter Pedersen	031f20a0eb	C++: Respond to review comments.	2022-09-16 16:19:06 +01:00
Chris Smowton	3165babc88	Merge pull request #10445 from smowton/smowton/fix/annotaton-array-trap-label Java: Add test for annotations with annotation-array-typed fields	2022-09-16 15:45:36 +01:00
Mathias Vorreiter Pedersen	f14df6426e	Merge pull request #10455 from geoffw0/cleartexttest Swift: Update test for swift/cleartext-transmission	2022-09-16 14:59:30 +01:00
yoff	0703b88f92	Merge pull request #10404 from RasmusWL/update-range-pattern Docs: Use `instanceof` in `::Range` pattern description	2022-09-16 15:18:35 +02:00
Tony Torralba	e140f04881	Merge pull request #10393 from zbazztian/uri-constructor-flow Java: Model taint flow for java.net.URI constructors in tainted path queries	2022-09-16 15:10:40 +02:00
Geoffrey White	213cd94047	Swift: Update the test.	2022-09-16 13:24:37 +01:00
Anders Schack-Mulligen	e6d4e87458	Merge pull request #10416 from aschackmull/java/dispatch-confidence Java: Remove low confidence dispatch for which we have a manual summary.	2022-09-16 13:36:04 +02:00
Alex Denisov	d6d8480b2a	Swift: fix internal builds	2022-09-16 12:59:43 +02:00
Chris Smowton	80968eef47	Add test for annotations with annotation-array-typed fields	2022-09-16 11:30:16 +01:00
James Fletcher	bc93a22e7d	Merge pull request #10449 from github/jf205-patch-1 Correct link to API docs for 'Get a CodeQL database for a repository'	2022-09-16 11:13:20 +01:00
Alex Denisov	c638789f3e	Swift: open(2) interception	2022-09-16 12:02:16 +02:00
erik-krogh	abb5c38bcd	move the guides on link-texts into a new subsection	2022-09-16 11:56:52 +02:00
erik-krogh	e3990e824d	add a line about link texts	2022-09-16 11:52:27 +02:00
Erik Krogh Kristensen	9e56128498	apply suggestions from doc review Co-authored-by: hubwriter <hubwriter@github.com>	2022-09-16 11:46:06 +02:00
Anders Schack-Mulligen	9714497268	Java: Add change note.	2022-09-16 11:14:44 +02:00
Sebastian Bauersfeld	8c35803749	Add more details to change note.	2022-09-16 16:11:34 +07:00
Anders Schack-Mulligen	726772220c	Merge pull request #10191 from smowton/smowton/admin/java-implicit-this-type-tests Java: Add test regarding the type of an implicit `this` expression	2022-09-16 10:58:48 +02:00

1 2 3 4 5 ...

43603 Commits