hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,284 Commits 1,672 Branches 157 Tags
792f302bd4dee4c7558e2ce5bbea7edb51f9896f
Commit Graph

5791 Commits

Author SHA1 Message Date
Michael Nebel
41cca4711b Merge pull request #15426 from michaelnebel/csharp/collectionexpressions 
C# 12: Support for collection expressions.
 2024-01-30 10:39:39 +01:00
Michael Nebel
cda09478c5 C# Update expected test output and remove false positive. 2024-01-29 14:37:25 +01:00
Michael Nebel
63c06b72b1 C#: Chop dataflow of spread into smaller steps and make sure to only propagate element flow for the spread operator. 2024-01-29 14:34:57 +01:00
Michael Nebel
b6f94ea44a C#: Add example test of field flow via the spread operator, which leads to a false positive. 2024-01-29 14:30:52 +01:00
Michael Nebel
cd5f678e1c C#: Add IntegerCollection class to the CollectionFlow tests and update line numbers in expected test output. 2024-01-29 14:28:05 +01:00
Tamas Vajk
4dffb3bfdd Change integration test to specify .net 6.0 as target framework 2024-01-29 12:40:51 +01:00
Tamas Vajk
7a8d83e859 C#: Add integration test with asp.net core view generation on dotnet 6 
Source generators are needed for asp.net core view generation. Dotnet 6 is the first version where we support view generation. This commit adds an integration test for this.
 2024-01-29 11:52:55 +01:00
Tamas Vajk
92fec66370 C#: Add integration test for disabled asp.net core view generation 2024-01-29 11:52:55 +01:00
Tamas Vajk
d7de5fcfcb C#: Change asp.net core view generation to be opt out 2024-01-29 10:52:26 +01:00
Michael Nebel
da4a9b620a C#: Add change note. 2024-01-26 14:24:27 +01:00
Michael Nebel
13b8d57bff C#: Add collection flow test cases for collection expressions. 2024-01-26 14:18:16 +01:00
Michael Nebel
168f5b5554 C#: Add dataflow support for collection expressions. 2024-01-26 14:18:16 +01:00
Michael Nebel
8eb89cf0bb C#: Add test and expected output. 2024-01-26 14:18:16 +01:00
Tamás Vajk
7a50d7a95f Merge pull request #15437 from tamasvajk/feature/log-verbosity 
C#: Introduce log verbosity extractor option
 2024-01-26 12:33:06 +01:00
Michael Nebel
74cb1ea584 C#: Add QL library expression support for collection expressions. 2024-01-26 11:50:20 +01:00
Michael Nebel
1252d3ee89 C#: Rename CollectionExpr to EnumerableCollectionExpr. 2024-01-25 19:53:51 +01:00
Michael Nebel
0477bba34e C#: Add database upgrade- and downgrade scripts. 2024-01-25 19:53:51 +01:00
Michael Nebel
e2614a1e4c C#: Add some dummy db stats for the new expression kinds. 2024-01-25 19:45:56 +01:00
Michael Nebel
1ef8daf7cd C#: Add some more collection and spread element expression kinds to the dbscheme. 2024-01-25 19:45:56 +01:00
Tamas Vajk
c4849f9a17 Add change note 2024-01-25 17:33:06 +01:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
Tamas Vajk
055ead20e3 C#: Filter results of division by 0 from cs/telemetry/extraction-information 2024-01-25 12:08:15 +01:00
Michael Nebel
2be1ee8b34 Merge pull request #15394 from michaelnebel/csharp/urlredirect-sanitizer 
C#: Add more santizers to the `cs/web/unvalidated-url-redirection` query.
 2024-01-24 08:42:05 +01:00
github-actions[bot]
d0b74c00fe Post-release preparation for codeql-cli-2.16.1 2024-01-23 23:02:29 +00:00
github-actions[bot]
7ef611e6dc Release preparation for version 2.16.1 2024-01-23 19:45:16 +00:00
Michael Nebel
10be0deeb5 C#: Add a couple more testcases. 2024-01-23 15:09:10 +01:00
Edward Minnix III
0e866a5447 Merge pull request #15359 from egregius313/egregius313/csharp/dataflow/threat-modeling/add-threatmodelflowsource 
C#: Threat Modeling - Introduce `ThreatModelFlowSource`
 2024-01-23 09:02:10 -05:00
Tamás Vajk
df8d453058 Merge pull request #15395 from tamasvajk/feature/standalone-nuget-restore-retry 
C#: Try fallback `dotnet restore` without nuget.config
 2024-01-23 14:45:00 +01:00
Erik Krogh Kristensen
f1d6f56621 Merge pull request #15393 from erik-krogh/deps-jan-2024 
All: delete outdated deprecations
 2024-01-23 13:52:38 +01:00
Michael Nebel
123e86e0e0 C#: Add dummy stats for inline_array_type. 2024-01-23 08:29:01 +01:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
Ed Minnix
a6c977c169 Use appropriate pack for test models 2024-01-22 12:24:21 -05:00
Ed Minnix
ff6d4c6ae6 Deprecation message 2024-01-22 11:09:53 -05:00
Ed Minnix
0ff12c07c7 Convert existing mapped-property classes to directly extend DatabaseInputSource 2024-01-22 11:09:51 -05:00
Ed Minnix
975327648c Remove commented-out code 2024-01-22 11:09:50 -05:00
Ed Minnix
51564200a1 Documentation for FlowSources library 2024-01-22 11:09:48 -05:00
Ed Minnix
83e66136ce Change note 2024-01-22 11:09:46 -05:00
Ed Minnix
c530fbd9f8 C# Threat Modeling Tests 2024-01-22 11:09:45 -05:00
Ed Minnix
3c9c07ec40 Rename SourceNode.qll to FlowSources.qll 2024-01-22 11:09:43 -05:00
Ed Minnix
392eac5f9a Refactor source node classes to use SourceNode superclass 
Refactor the existing flowsource classes to use the `SourceNode` class
to specify which threat model they support.
 2024-01-22 11:09:41 -05:00
Ed Minnix
d29df68c97 Introduce the SourceNode and ThreatModelFlowSource classes 
1. Introduces the `SourceNode` class which allows dataflow nodes
   representing sources to indicate the threat model they are associated
   with.
2. Introduces the `ThreatModelFlowSource` class which represents a
   source node which respects the threat model configuration
 2024-01-22 11:09:39 -05:00
Ed Minnix
ad093fde4f Add dependency on codeql/threat-models shared library 2024-01-22 11:09:38 -05:00
Tamas Vajk
de4e3963e7 C#: Try fallback nuget restore without nuget.config 2024-01-22 15:42:06 +01:00
Tamas Vajk
7c290ee2ba C#: Add integration test with nuget.config 2024-01-22 15:36:38 +01:00
Michael Nebel
1bb6f4962d C#: Match any {digit} in the format string. 2024-01-22 14:03:37 +01:00
Michael Nebel
b006b28e8a C#: Add change note. 2024-01-22 11:28:27 +01:00
Michael Nebel
5016113a0f C#: Add a string.Format sanitizer to url redirect and update expected test output. 2024-01-22 11:21:35 +01:00
Michael Nebel
884f3f1505 C#: Add string interpolation expression sanitizer to url redirect and update expected test output. 2024-01-22 11:21:19 +01:00
Michael Nebel
e33d5b5fb6 C#: Add some test examples for UrlRedirect using string interpolation and string.Format. 2024-01-22 09:42:23 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00