hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-06 19:20:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
56,649 Commits 1,675 Branches 157 Tags
79da723878ea294be7362370f5e14b2f7557e153
Commit Graph

56649 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan Brandauer
79da723878 Java: only assume that _manual_ MaD sinks have been fully modeled 2023-07-21 10:43:07 +02:00
Taus
6b425f1395 Java: Revert definition of isNeutral 
Reverts the change made in
daf2743143

With the change in the aforementioned commit, we were extracting candidates for endpoints that
had a neutral _summary_ model. These are bad candidates, as they have already been triaged.
 2023-07-14 14:45:22 +02:00
Taus
6793bc6c6b Java: Exclude qualifier argument for existing models 
Excludes candadites for `Argument[this]` where we already have a model that covers a
different argument of the containing call.
 2023-07-14 14:26:21 +02:00
Taus
9193de6898 Merge pull request #13730 from github/tausbn/limit-number-of-candidates-in-application-mode 
Java: Limit the number of samples extracted in application mode
 2023-07-14 14:09:59 +02:00
Asger F
31bed36231 Merge pull request #13612 from asgerf/rb/api-graph-explicit-proc-lambda 
Ruby: Improve support for explicit proc-creation
 2023-07-14 13:02:44 +02:00
Geoffrey White
1c8297b91b Merge pull request #13548 from geoffw0/redos 
Swift: Query for REDOS (Regular Expression Denial Of Service)
 2023-07-14 10:44:52 +01:00
Anders Schack-Mulligen
80a799df01 Merge pull request #13735 from aschackmull/dataflow/forcehighprecision-fix 
Dataflow: Fix forceHighPrecision for length-2 prefixes.
 2023-07-14 11:42:35 +02:00
Chris Smowton
3d8b4d850a Merge pull request #13742 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-07-14 09:00:17 +01:00
github-actions[bot]
b675a1e2fe Add changed framework coverage reports 2023-07-14 00:19:14 +00:00
Geoffrey White
962c16d918 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-07-13 19:20:49 +01:00
Asger F
d57276ca35 Merge pull request #13719 from asgerf/js/barrier-inout 
JS: Replace barrier edges with barrier nodes
 2023-07-13 16:36:52 +02:00
Tony Torralba
cafc67e3be Merge pull request #13714 from pwntester/java/langs3_improvements 
[Java] Add missing commons lang3 model for ToStringBuilder.reflectionToString
 2023-07-13 14:45:33 +02:00
Max Schaefer
85991266da Merge pull request #13661 from github/max-schaefer/improve-command-injection-qhelp 
JavaScript: Improve query help for js/command-line-injection
 2023-07-13 13:34:10 +01:00
Anders Schack-Mulligen
a0e96594d8 Merge pull request #13736 from aschackmull/dataflow/remove-superfluous-module-members 
C#/Java/Ruby: Remove superfluous module members.
 2023-07-13 13:59:31 +02:00
Max Schaefer
b8eb2ef8d8 Merge branch 'main' into max-schaefer/improve-command-injection-qhelp 2023-07-13 12:11:15 +01:00
Max Schaefer
ae237247f2 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-07-13 12:10:57 +01:00
Tamás Vajk
60af9b062c Merge pull request #13733 from tamasvajk/fix/test-path-combine 
C#: Fix test expectations in `RuntimeVersion` tests to handle platfor…
 2023-07-13 12:44:06 +02:00
Asger F
18762db0fb Ruby: factor out isProcCreationCall 2023-07-13 11:53:16 +02:00
Asger F
8d2dba18c0 Ruby: change note 2023-07-13 11:53:16 +02:00
Asger F
f232669ea5 Ruby: support Proc.new alongside 'proc' and 'lambda' 2023-07-13 11:53:16 +02:00
Asger F
194fe85442 Ruby: Use asCallable() to generate epsilon edges 2023-07-13 11:53:16 +02:00
Asger F
452fbe7e8f Ruby: add test showing lack of lambda handling 2023-07-13 11:53:16 +02:00
Anders Schack-Mulligen
91de43f918 C#/Java/Ruby: Remove superfluous module members. 2023-07-13 11:38:35 +02:00
Stephan Brandauer
4391799b7e Merge pull request #13403 from github/java/update-mad-decls-after-triage-2023-06-08T08-51-47 
Java: Update MaD Declarations after Triage
 2023-07-13 11:15:41 +02:00
Anders Schack-Mulligen
837df2ad37 Dataflow: Sync. 2023-07-13 10:55:39 +02:00
Anders Schack-Mulligen
58cd16565f Dataflow: Fix forceHighPrecision for length-2 prefixes. 2023-07-13 10:55:39 +02:00
Anders Schack-Mulligen
d46b2a32ae Dataflow: Improve debug printing. 2023-07-13 10:55:39 +02:00
Jeroen Ketema
e6d7a83d41 Merge pull request #13732 from jketema/dataflow-default-none 
C++/Swift: Remove `none()` dataflow configuration predicates
 2023-07-13 10:42:39 +02:00
Tamas Vajk
35cc058474 C#: Fix test expectations in RuntimeVersion tests to handle platform dependent behaviour of Path.Combine 2023-07-13 09:50:26 +02:00
Tony Torralba
7204c30025 Update 2023-07-12-apache-commons-lang3-tostringbuilder.md 2023-07-13 09:38:33 +02:00
Owen Mansel-Chan
1767ca2682 Merge pull request #13728 from owen-mc/go/minor-cleanup-Twirp-models 
Go: minor cleanup to Twirp models
 2023-07-12 22:59:13 +01:00
Jeroen Ketema
52ab215560 C++/Swift: Remove none() dataflow configuration predicates 
These now have default implementations that are also `none()`
 2023-07-12 23:49:29 +02:00
Edward Minnix III
541737d1a8 Merge pull request #13694 from egregius313/egregius313/add-default-isBarrier-2-isAdditionalFlowStep-4 
DataFlow: Add default implementations of isBarrier/2 and isAddiitonalFlowStep/4
 2023-07-12 17:10:17 -04:00
Owen Mansel-Chan
8a573cca0f Merge pull request #13625 from GeekMasher/go-micro 
[Go] GoMicro framework support
 2023-07-12 20:57:01 +01:00
Ed Minnix
63299688d5 Add change notes for default implementations of isBarrier and isAdditionalFlowStep 2023-07-12 15:21:16 -04:00
Ed Minnix
3db2644008 Python: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:25 -04:00
Ed Minnix
43f870e395 Python: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:25 -04:00
Ed Minnix
e5ce78caab Go: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:25 -04:00
Ed Minnix
0549b5da87 Go: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:25 -04:00
Ed Minnix
18b606f930 Swift: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:25 -04:00
Ed Minnix
b76b9812fd Swift: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:25 -04:00
Ed Minnix
94638c9997 Ruby: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:25 -04:00
Ed Minnix
8a7081753d Ruby: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:25 -04:00
Ed Minnix
9618c0b0a1 C#: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:25 -04:00
Ed Minnix
a3c30992b1 C#: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:25 -04:00
Ed Minnix
2c0a456855 C++: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:24 -04:00
Ed Minnix
c73cd73001 C++: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:24 -04:00
Ed Minnix
1cd8922ab5 Java: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:24 -04:00
Ed Minnix
1835b40f7b Java: Add default impl to StateConfigSig::isBarrier/2 2023-07-12 15:06:24 -04:00
Mathew Payne
8d110ca2ac remove getName 2023-07-12 17:12:08 +01:00