hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,235 Commits 1,671 Branches 157 Tags
75b13da4e422c6f00519b51a3d29017cebf40aab
Commit Graph

63235 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
75b13da4e4 Ruby: Block flow from LHS of && expressions 
The only values that can flow from the LHS of an && expression are
`false` and `nil`, neither of which seem relevant for any of our
queries.
 2024-01-30 08:53:32 +00:00
Mathias Vorreiter Pedersen
aeae208dc3 Merge pull request #15456 from MathiasVP/fix-scanf-fp 
C++: Fix FP in `cpp/incorrectly-checked-scanf`
 2024-01-29 14:30:20 +00:00
Mathias Vorreiter Pedersen
044d94c580 C++: Add change note 2024-01-29 13:47:17 +00:00
yoff
391ca5d8a6 Merge pull request #15390 from Marcono1234/marcono1234/python-ascii-regex-flag 2024-01-29 14:27:50 +01:00
Tamás Vajk
39b32a9068 Merge pull request #15454 from tamasvajk/standalone/cshtml-default 
C#: Change asp.net core view generation to be opt out
 2024-01-29 13:22:44 +01:00
Tamas Vajk
4dffb3bfdd Change integration test to specify .net 6.0 as target framework 2024-01-29 12:40:51 +01:00
Mathias Vorreiter Pedersen
a5794509ec C++: Accept test changes. 2024-01-29 11:33:14 +00:00
Mathias Vorreiter Pedersen
41f44f598a C++: Explicitly check that a check for EOF isn't present. 2024-01-29 11:33:14 +00:00
Tamas Vajk
f16aa034a2 Code quality improvement 2024-01-29 12:29:01 +01:00
Ian Lynagh
79d9109850 Merge pull request #15428 from igfoo/igfoo/catch_illegal_arg 
Kotlin: Catch/ignore a IllegalArgumentException exception
 2024-01-29 11:27:38 +00:00
Ian Lynagh
76e417c23e Merge pull request #14940 from igfoo/igfoo/comments 
Kotlin 2: Comment improvements
 2024-01-29 11:27:19 +00:00
Mathias Vorreiter Pedersen
3a66fd7175 C++: Add FP test. 2024-01-29 10:59:38 +00:00
Tamas Vajk
7a8d83e859 C#: Add integration test with asp.net core view generation on dotnet 6 
Source generators are needed for asp.net core view generation. Dotnet 6 is the first version where we support view generation. This commit adds an integration test for this.
 2024-01-29 11:52:55 +01:00
Tamas Vajk
92fec66370 C#: Add integration test for disabled asp.net core view generation 2024-01-29 11:52:55 +01:00
Tamas Vajk
d7de5fcfcb C#: Change asp.net core view generation to be opt out 2024-01-29 10:52:26 +01:00
Tony Torralba
49d6d3fa0c Merge pull request #15449 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-01-29 10:27:32 +01:00
github-actions[bot]
6d06c9cb7d Add changed framework coverage reports 2024-01-29 00:16:27 +00:00
Marcono1234
1ad08efe08 Python: Support a (ASCII) inline regex flag 2024-01-26 22:18:49 +01:00
Geoffrey White
d19ad49313 Merge pull request #15381 from geoffw0/cppfiles 
C++: Report any extracted file as successfully extracted
 2024-01-26 18:18:27 +00:00
Edward Minnix III
4602f8933d Merge pull request #15292 from egregius313/egregius313/java/dataflow/common-sanitizers/uuid-and-date 
Java: Add `java.util.UUID` and `java.util.Date` to the `SimpleTypeSanitizer` class
 2024-01-26 13:16:18 -05:00
Geoffrey White
b125d2c9ab Merge branch 'main' into cppfiles 2024-01-26 16:47:48 +00:00
Joe Farebrother
031bd8bd0c Merge pull request #15281 from joefarebrother/android-sensitive-ui-notif 
Java: Add query for exposure of sensitive information to android notifiactions
 2024-01-26 16:42:55 +00:00
Max Schaefer
73130ec665 Merge pull request #15436 from github/max-schaefer-patch-1 
Java: Add models for overloads of DatagramPacket constructor
 2024-01-26 16:13:11 +00:00
Henry Mercer
452359f20e Merge pull request #15446 from github/codeql-cli-2.16.1 
Merge `codeql-cli-2.16.1` back to `main`
 2024-01-26 15:52:56 +00:00
Henry Mercer
720d87391d Merge pull request #15447 from github/henrymercer/2.16.0-mergeback 
Merge `codeql-cli-2.16.0` back into `codeql-cli-2.16.1`
 2024-01-26 15:42:05 +00:00
Henry Mercer
6bef1404fd Merge remote-tracking branch 'origin/codeql-cli-2.16.1' into henrymercer/2.16.0-mergeback 2024-01-26 13:53:13 +00:00
Florin Coada
b24dad6ac3 Merge pull request #15438 from github/changedocs/2.16.1 
Generate changelog for 2.16.1
 2024-01-26 13:46:14 +00:00
Tamás Vajk
7a50d7a95f Merge pull request #15437 from tamasvajk/feature/log-verbosity 
C#: Introduce log verbosity extractor option
 2024-01-26 12:33:06 +01:00
Tony Torralba
52d7bd93a5 Merge pull request #15420 from github/java/update-mad-decls-after-triage-2024-01-24T10-05-04 
Java: Update MaD Declarations after Triage
 2024-01-26 08:42:49 +01:00
Erik Krogh Kristensen
8e11c75745 Merge pull request #15441 from github/dependabot/cargo/ql/chrono-0.4.33 
Bump chrono from 0.4.32 to 0.4.33 in /ql
 2024-01-26 08:10:37 +01:00
dependabot[bot]
5fac945b33 Bump chrono from 0.4.32 to 0.4.33 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.32 to 0.4.33.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.32...v0.4.33)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-26 03:25:31 +00:00
Mathias Vorreiter Pedersen
863e6c8009 Merge pull request #15427 from MathiasVP/asexpr-and-asindirectexpr-tests 
C++: Add `asExpr` and `asIndirectExpr` library tests (and fix more duplication)
 2024-01-25 16:58:18 +00:00
Tony Torralba
d299971086 Fix code review mistake 2024-01-25 17:42:11 +01:00
Tamas Vajk
c4849f9a17 Add change note 2024-01-25 17:33:06 +01:00
Mathias Vorreiter Pedersen
2db76c7fad Merge pull request #15434 from MathiasVP/fix-dataflow-join-order 
DataFlow: Fix join order
 2024-01-25 16:32:14 +00:00
Tamas Vajk
b8c8f52efc C#: Introduce extractor option for logging verbosity 2024-01-25 17:20:47 +01:00
Tony Torralba
661c5cf6aa Merge pull request #15409 from erik-krogh/path-java 
Java: Improve the QHelp for `java/path-injection`.
 2024-01-25 17:14:59 +01:00
Ian Lynagh
c0a9c11101 Kotlin: Catch/ignore a IllegalArgumentException exception 
This works around
    https://youtrack.jetbrains.com/issue/KT-63847/K2-IllegalStateException-IrFieldPublicSymbolImpl-for-java.time-Clock.OffsetClock.offset0-is-already-bound
 2024-01-25 16:04:08 +00:00
Florin Coada
d884941b8a restored settings file 2024-01-25 15:57:48 +00:00
Florin Coada
c3238743b1 Changedocs for 2.16.1 2024-01-25 15:55:32 +00:00
Tamas Vajk
bb4327294d Rename verbosity property to legacy 2024-01-25 16:03:23 +01:00
Tamas Vajk
0e5e57dc56 Adjust 'silent' flag parsing 2024-01-25 16:00:44 +01:00
Max Schaefer
13f0df3588 Add two more models. 2024-01-25 15:00:22 +00:00
Paolo Tranquilli
b2489f7109 Merge pull request #15433 from github/redsun82/clang-format 
Swift: update formatting to `clang-format` 17.0.6
 2024-01-25 15:58:28 +01:00
Max Schaefer
5235291919 Add models for overloads of DatagramPacket constructor 2024-01-25 14:49:05 +00:00
Tamas Vajk
9b4cdd0d4f Separate logging classes into separate files 2024-01-25 15:38:16 +01:00
Tamas Vajk
2c72d7ea1e C#: Improve code quality 2024-01-25 15:18:55 +01:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
Tony Torralba
282632c33b Add new snippets as tests 2024-01-25 15:11:11 +01:00
Erik Krogh Kristensen
fb11e4e14f Merge pull request #15435 from erik-krogh/remove-at-to-z 
remove an FP in overly-large-range for [@-Z]
 2024-01-25 14:43:12 +01:00