codeql

mirror of https://github.com/github/codeql.git synced 2026-02-06 02:01:09 +01:00

Author	SHA1	Message	Date
Geoffrey White	725d784be8	Swift: Make the same result presentation change to swift/cleartext-storage-preferences.	2023-03-14 16:13:26 +00:00
Geoffrey White	bfbd3d95f9	Swift: Clean up the result message.	2023-03-14 16:03:55 +00:00
Geoffrey White	e17c059f5e	Swift: More reliable sink recognition. This is needed for the real world results, but I could not reproduce the issue in tests. I think it may have something to do with classes defined across different files / modules???	2023-03-09 17:17:42 +00:00
Geoffrey White	ffa279e87b	Swift: Add additional taint steps into fields. ed	2023-03-09 17:17:42 +00:00
Geoffrey White	da338c26ba	Swift: Add a few more test cases for sensitive data.	2023-03-09 11:39:22 +00:00
Paolo Tranquilli	bdad847584	Merge pull request #12422 from github/redsun82/cpp-scanf-fp C++: add false positives to `MissingCheckScanf` test	2023-03-07 13:29:22 +01:00
Michael B. Gale	7627a53c49	Merge pull request #12371 from github/mbg/csharp/increase-diagnostic-visibility C#: Make diagnostics visible everywhere	2023-03-07 12:13:09 +00:00
Michael B. Gale	974fdd305e	Merge pull request #12372 from github/mbg/csharp/check-integration-test-diagnostics C#: Add diagnostic checks to all remaining integration tests	2023-03-07 12:11:47 +00:00
Michael B. Gale	b75f138507	Merge pull request #12385 from github/mbg/csharp/readd-tsp-support C#: Add support for the tool status page	2023-03-07 12:10:52 +00:00
Paolo Tranquilli	429518bcea	C++: add further FP to test	2023-03-07 12:03:34 +01:00
Paolo Tranquilli	311cf4e7fd	C++: add false positives to `MissingCheckScanf` test See https://github.com/github/codeql/issues/12412 for the initial report.	2023-03-07 11:56:05 +01:00
Michael Nebel	40d31120d9	Merge pull request #12264 from michaelnebel/csharp/nugetnet7 C#: Stub generator improvements.	2023-03-07 11:30:57 +01:00
Jeroen Ketema	3a4c0a2aae	Merge pull request #12389 from jketema/more-deprecated C++: Add `deprecated` to predicates that are deprecated according to the QLDoc	2023-03-07 11:21:43 +01:00
Michael Nebel	676c352819	C#: Update expected test output.	2023-03-07 10:19:26 +01:00
Michael Nebel	e85b2ebd20	C#: Replace stub member comment with file level comment.	2023-03-07 10:19:26 +01:00
Michael Nebel	c8f7304d9b	C#: Address review comments.	2023-03-07 10:19:25 +01:00
Michael Nebel	e797b5c226	C#: Narrow the set of declarations where we make explicit interface implementations.	2023-03-07 10:19:25 +01:00
Michael Nebel	d8acc7cd17	C#: Stub generator support for explicit interface implementations of explicit conversion operators including test cases.	2023-03-07 10:19:25 +01:00
Michael Nebel	59349ed7c7	C#: Add test cases for static and virtual operators in interfaces and overlapping interface declarations.	2023-03-07 10:19:25 +01:00
Michael Nebel	50570dc3ee	C#: Only add explicit interface implementation to the generated stub if it is unique.	2023-03-07 10:19:25 +01:00
Michael Nebel	5ba59fc9a8	C#: Stub generator support for operators in interfaces and interface implementations.	2023-03-07 10:19:25 +01:00
Michael Nebel	b68e78d908	C#: Stub generator support for static virtual and static abstract interface members.	2023-03-07 10:19:25 +01:00
Michael Nebel	aa4b98bbd5	C#: The stub generator should just format whitespaces.	2023-03-07 10:19:25 +01:00
Tom Hvitved	9b02eb729f	Merge pull request #12419 from hvitved/ruby/stored-xss-config-rewrite Ruby: Rewrite Stored XSS query to use new data flow interface	2023-03-07 09:46:08 +01:00
Jeroen Ketema	c9bccd9b43	C++: Fix more tests that used deprecated function	2023-03-07 09:01:13 +01:00
Tom Hvitved	b6a709df50	Ruby: Rewrite Stored XSS query to use new data flow interface	2023-03-07 07:23:27 +01:00
Mathias Vorreiter Pedersen	ff53e53e8c	Merge pull request #12236 from MathiasVP/language-specific-field-flow-branch-limit-term Dataflow: Add a language specific term to `join` and `branch`	2023-03-06 16:59:09 +00:00
Mathias Vorreiter Pedersen	92ad099c1b	DataFlow: Remove bindingsets, remove the call column, and swap parameter and argument columns.	2023-03-06 13:47:59 +00:00
Mathias Vorreiter Pedersen	3bf28cc752	DataFlow: Sync identical files.	2023-03-06 13:46:21 +00:00
Mathias Vorreiter Pedersen	9647b6a3f5	Swift: Add stub.	2023-03-06 13:45:04 +00:00
Mathias Vorreiter Pedersen	e6b6369a21	Ruby: Add stub.	2023-03-06 13:44:59 +00:00
Mathias Vorreiter Pedersen	5ebd50044f	Python: Add stub.	2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen	4720e2a30a	Java: Add stub.	2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen	067abacbb8	Go: Add stub.	2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen	b667e0136f	C#: Add stub.	2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen	05314b48e8	C++: Add stub.	2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen	6e8a2a6375	DataFlow: Add a language-specific predicate for modifying 'branch' and 'join'.	2023-03-06 13:44:19 +00:00
Geoffrey White	56b6441ef5	Merge pull request #12391 from geoffw0/ptrout Swift: Permit data flow out through pointer arguments	2023-03-06 13:37:22 +00:00
Anders Schack-Mulligen	5c7f2ac7f7	Merge pull request #12186 from aschackmull/dataflow/refactor-configuration Data flow: Refactor configuration	2023-03-06 13:38:59 +01:00
dependabot[bot]	3538cf89b9	Merge pull request #12404 from github/dependabot/cargo/ql/serde_json-1.0.94	2023-03-06 09:55:33 +00:00
Arthur Baars	d2ab40c184	Merge pull request #12208 from gregxsunday/main Add ZipSlip and TarSlip query to ruby	2023-03-06 10:40:06 +01:00
dependabot[bot]	ce5e76a3a0	Bump serde_json from 1.0.93 to 1.0.94 in /ql Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94. - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-06 09:32:26 +00:00
Anders Schack-Mulligen	557cb17f4d	Dataflow: Minor perf fix for single config wrapper.	2023-03-06 10:24:33 +01:00
Calum Grant	b8e123dc08	Merge pull request #12402 from github/dependabot/cargo/ruby/serde_json-1.0.94 Bump serde_json from 1.0.93 to 1.0.94 in /ruby	2023-03-06 09:24:21 +00:00
Anders Schack-Mulligen	d4c5877484	Merge pull request #3 from MathiasVP/fix-exec-tainted C++: Use refactored dataflow library in `cpp/command-line-injection`	2023-03-06 09:32:34 +01:00
Jeroen Ketema	72d03e4060	C++: Fix test that used deprecated function	2023-03-06 09:07:52 +01:00
dependabot[bot]	f93b304578	Bump serde_json from 1.0.93 to 1.0.94 in /ruby Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94. - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-06 04:15:01 +00:00
Geoffrey White	6f120a66d0	Merge pull request #12368 from geoffw0/taintarith3 Swift: Fill some gaps in arithmetic / bitwise operations modelling	2023-03-03 18:20:54 +00:00
Geoffrey White	9aaf30691c	Merge pull request #12307 from geoffw0/stringconflationtaint Swift: Update swift/string-length-conflation to taint tracking	2023-03-03 17:27:15 +00:00
Geoffrey White	c29dcefcf2	Swift: Fix .expected file. Locations had changed after the formatting fix.	2023-03-03 17:24:07 +00:00

1 2 3 4 5 ...

50962 Commits