hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 23:35:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
76,752 Commits 1,738 Branches 165 Tags
76433a31f73236c994a0251da3e4388a02c46d3e
Commit Graph

76752 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jami Cogswell
76433a31f7 Java: generalize sanitizer and add tests 2025-03-10 18:56:01 -04:00
Jami Cogswell
ab3690f666 Java: initial sanitizer 2025-03-10 18:55:56 -04:00
Jami Cogswell
94080a6e47 Java: initial tests 2025-03-10 18:55:54 -04:00
Erik Krogh Kristensen
e6884cf705 Merge pull request #18959 from erik-krogh/faster-routing 
JS: ensure the result from getPathFromFork is unique (to avoid a blowup)
 2025-03-10 21:45:14 +01:00
Asger F
73c0a93fc4 Merge pull request #18963 from asgerf/js/disable-tainted-nodes 
JS: Remove TaintedNodes.ql from default meta query suite
 2025-03-10 20:49:46 +01:00
Paolo Tranquilli
d1876251ee Merge pull request #18918 from github/redsun82/rust-tweak-qltest-logs 
Rust: tweak qltest logs
 2025-03-10 17:47:30 +01:00
Erik Krogh Kristensen
b945466b9f Merge pull request #18892 from asgerf/js/membership-regexp-test 
JS: Sharpen up EnumerationRegExp
 2025-03-10 16:21:54 +01:00
Asger F
4d02993efa JS: Remove TaintedNodes.ql from default meta query suite 2025-03-10 16:15:13 +01:00
Paolo Tranquilli
79e06153ed Merge pull request #18813 from github/redsun82/rust-turn-off-ra-resolution 
Rust: add flag to turn off extractor path resolution
 2025-03-10 14:52:07 +01:00
Asger F
08c9f6fa1e Merge pull request #18798 from erik-krogh/ts58 
JS: upgrade TypeScript to 5.8
 2025-03-10 14:48:03 +01:00
Michael Nebel
ca553bf1a2 Merge pull request #18932 from michaelnebel/csharp/ismatchingconstantunknowtype 
C#: Special handling of unknown types in `isMatchingConstant`.
 2025-03-10 14:37:27 +01:00
Asger F
d84368eb54 Merge pull request #18858 from Napalys/js/react-relay 
JS: React-relay support
 2025-03-10 14:33:23 +01:00
Michael Nebel
21aa62c18c C#: Address review comments. 2025-03-10 13:28:20 +01:00
Michael Nebel
a16c2c80f7 C#: Add change-note. 2025-03-10 13:03:01 +01:00
erik-krogh
b70643b1a1 ensure the result from getPathFromFork is unique (to avoid a blowup) 2025-03-10 12:53:51 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Mathias Vorreiter Pedersen
1aa1829804 Merge pull request #18955 from MathiasVP/share-more-indirect-operands-and-instructions 
C++: Share indirect dataflow nodes across `CopyValue` instructions
 2025-03-10 04:14:33 -07:00
Erik Krogh Kristensen
8eb69079b7 fix typo from copy-pasted change-note 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-03-10 09:41:48 +01:00
Michael Nebel
0676c21a4b Merge pull request #18866 from michaelnebel/csharp/ccr-call-to-object-tostring 
C#: Add cs/call-to-object-tostring to the CCR query suite.
 2025-03-10 09:41:11 +01:00
erik-krogh
752fc64f42 bump to stable 5.8 release 2025-03-10 09:21:25 +01:00
erik-krogh
b641caa508 update TypeScript version to 5.8.1-RC 2025-03-10 09:20:29 +01:00
Mathias Vorreiter Pedersen
f9a7ac4e89 C++: Accept test changes. 2025-03-07 19:59:06 +00:00
Mathias Vorreiter Pedersen
b06902a3b1 C++: Share more indirect operands and instructions. 2025-03-07 19:59:05 +00:00
Andrew Eisenberg
e73745d3ca Merge pull request #18945 from github/aeisenberg/move-to-experimental 
Move UnversionedImmutableAction.ql to experimental
 2025-03-07 09:26:11 -08:00
Anders Schack-Mulligen
d075466958 Merge pull request #18941 from aschackmull/ssa/refactor4 
Ssa: Extend consistency checks and reduce phi read nodes
 2025-03-07 15:18:02 +01:00
Taus
cef8f7b123 Merge pull request #18739 from paldepind/change-note-script-editor 
Change note creation script uses EDITOR environment variable
 2025-03-07 14:53:14 +01:00
Michael Nebel
3903a90a11 C#: Update expected test output. 2025-03-07 13:22:37 +01:00
Michael Nebel
b5ea34fcf3 C#: We can't do any reasoning based on unknown types on whether they match in a pattern. 2025-03-07 13:22:35 +01:00
Michael Nebel
5c0fc1f75b C#: Add BMN tests for cs/constant-condition. 2025-03-07 13:22:34 +01:00
Michael Nebel
431586bb70 C#: Make the same folder structure for BMN tests as used for traced extractor tests. 2025-03-07 13:22:32 +01:00
Anders Schack-Mulligen
3508ca89e6 Java: Restrict SSA reads to the reachable CFG. 2025-03-07 11:13:53 +01:00
Anders Schack-Mulligen
b1e53f5816 Rust: Accept consistency failure. 2025-03-07 11:11:49 +01:00
Jeroen Ketema
87ee191409 Merge pull request #18928 from jketema/desc 
C++: Improve query description and fix alignment of the text
 2025-03-07 10:47:31 +01:00
Michael Nebel
c9796ee297 C#: Add cs/call-to-object-tostring to the CCR query suite. 2025-03-07 09:52:08 +01:00
Michael Nebel
82b7a19df1 Merge pull request #18894 from michaelnebel/csharp/garbagetypes 
C#: Handle some BMN garbage types.
 2025-03-07 09:19:48 +01:00
Simon Friis Vindum
fc186eb136 Include -r flag to code when creating change note 
Co-authored-by: Taus <tausbn@github.com>
 2025-03-07 08:47:21 +01:00
Andrew Eisenberg
2a0e133768 Move UnversionedImmutableAction.ql to experimental 
This query will give too many false positives for users until
immutable actions is released.
 2025-03-06 15:08:02 -08:00
Tom Hvitved
5c3f21b20c Merge pull request #18937 from hvitved/rust/fix-bad-joins 
Rust: Fix bad joins
 2025-03-06 19:11:31 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
89040d0d06 Added missing response and request MaD source kinds. 2025-03-06 18:10:25 +01:00
Napalys
0166e76cca Add change note 2025-03-06 18:10:24 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00
Anders Schack-Mulligen
da579c27fc Merge pull request #18934 from aschackmull/ssa/refactor5 
SSA: Replace the Guards interface in the SSA data flow integration.
 2025-03-06 15:11:52 +01:00
Anders Schack-Mulligen
97a3411c0c Ruby: Accept test output. 2025-03-06 13:58:14 +01:00
Michael Nebel
61c043fd4a Merge pull request #18935 from michaelnebel/csharp/useless-if-statement 
C#: Fewer alerts in `cs/useless-if-statement`.
 2025-03-06 13:53:20 +01:00
Taus
a9ab39da1b Merge pull request #18448 from github/tausbn/python-add-type-annotation-metrics-query 
Python: Add metrics query for type annotations
 2025-03-06 13:52:26 +01:00
Anders Schack-Mulligen
5e722eecf7 Ruby: Push in casts to Definition to delete the then unused DefinitionExt. 2025-03-06 13:31:31 +01:00
Anders Schack-Mulligen
9e6bdbbcbb SSA: Don't add phi-reads for frontiers of uncertain reads. 2025-03-06 12:47:38 +01:00