hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,640 Commits 1,712 Branches 163 Tags
7ae389bb287c1029f63e7bac0088d271d73839ca
Commit Graph

49640 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
7ae389bb28 Merge pull request #12026 from erik-krogh/nodePty 
JS: add code-injection sink for node-pty
 2023-01-31 13:27:32 +01:00
Michael Nebel
86e9bf2f81 Merge pull request #11996 from michaelnebel/csharp/refstructreffield 
C# 11: Extractor support for `ref` fields in `ref struct`.
 2023-01-31 13:08:57 +01:00
Erik Krogh Kristensen
38bcb2b727 Merge pull request #12039 from github/dependabot/cargo/ql/serde-1.0.152 
Bump serde from 1.0.140 to 1.0.152 in /ql
 2023-01-31 13:03:03 +01:00
dependabot[bot]
198b97ca8d Bump serde from 1.0.140 to 1.0.152 in /ql 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.140 to 1.0.152.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.140...v1.0.152)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 11:48:44 +00:00
Erik Krogh Kristensen
f2526d1784 Merge pull request #12040 from github/dependabot/cargo/ql/tree-sitter-0.20.9 
Bump tree-sitter from 0.20.8 to 0.20.9 in /ql
 2023-01-31 12:46:43 +01:00
dependabot[bot]
807b715320 Bump tree-sitter from 0.20.8 to 0.20.9 in /ql 
Bumps [tree-sitter](https://github.com/tree-sitter/tree-sitter) from 0.20.8 to 0.20.9.
- [Release notes](https://github.com/tree-sitter/tree-sitter/releases)
- [Commits](https://github.com/tree-sitter/tree-sitter/commits)

---
updated-dependencies:
- dependency-name: tree-sitter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 11:27:40 +00:00
Erik Krogh Kristensen
34ca12e5d2 Merge pull request #12042 from erik-krogh/qlTools 
QL: update codeql-action in QL-for-QL
 2023-01-31 12:24:37 +01:00
erik-krogh
94cec17505 bump codeql-action 2023-01-31 12:09:21 +01:00
erik-krogh
4436ec070e ensure the test is run when the workflow is updated 2023-01-31 12:09:21 +01:00
Geoffrey White
ee442e4d4b Merge pull request #11979 from geoffw0/modern1 
Swift: Modernize injection queries
 2023-01-31 10:54:35 +00:00
erik-krogh
0cefa98490 add missing word to the change-note 2023-01-31 11:53:17 +01:00
erik-krogh
95c19698c7 add change-note 2023-01-31 11:09:07 +01:00
erik-krogh
e5e8496084 fix QL-for-QL warnings 2023-01-31 10:55:27 +01:00
Mathias Vorreiter Pedersen
cd596403a0 Merge pull request #12031 from MathiasVP/ir-get-call-predicate 2023-01-30 21:23:02 +00:00
Mathias Vorreiter Pedersen
a01a4734ed C++/C#: Sync identical files. 2023-01-30 17:32:53 +00:00
Mathias Vorreiter Pedersen
3a1a9a771c C++: Add a 'getCall' predicate to 'ArgumentOperand'. 2023-01-30 17:31:52 +00:00
Jami
7f6efae7dc Merge pull request #12008 from jcogs33/jcogs33/update-queryproducer-package 
Java: update package for `QueryProducer` sinks
 2023-01-30 10:27:58 -05:00
Alexander Eyers-Taylor
89d835b9ec Merge pull request #11988 from github/alexet/force-java-11 
Use Java 11 for some integration tests
 2023-01-30 15:19:00 +00:00
Nora Dimitrijević
fb88372c0f Merge pull request #11862 from d10c/swift/rename-iterabledeclcontext 2023-01-30 16:03:49 +01:00
AlexDenisov
48434f4be3 Merge pull request #12025 from github/alexdenisov/ignore-sandbox-exec 
Swift: ignore sandbox-exec
 2023-01-30 15:59:19 +01:00
erik-krogh
02da718786 add code-injection sink for node-pty 2023-01-30 15:14:25 +01:00
Alex Denisov
b71c5e6c4b Swift: ignore sandbox-exec 2023-01-30 15:10:30 +01:00
Erik Krogh Kristensen
862948f1cc Merge pull request #12014 from erik-krogh/axios 
JS: add support for axios used as a global variable
 2023-01-30 14:55:49 +01:00
Ian Lynagh
25e703e562 Merge pull request #11579 from igfoo/igfoo/only_lockless 
Kotlin: Remove legacy trap-locking support
 2023-01-30 13:44:31 +00:00
Michael Nebel
115a0a4318 C#: Add change note. 2023-01-30 14:28:35 +01:00
Michael Nebel
b25414fe93 C#: Add DB upgrade and downgrade scripts. 2023-01-30 14:28:35 +01:00
Michael Nebel
ff546c1497 C#: Add test cases for ref fields. 2023-01-30 14:28:35 +01:00
Michael Nebel
2be090bb91 C#: Add predicate isRef to the CIL Field class. 2023-01-30 14:28:35 +01:00
Michael Nebel
db047c2c4a C#: Extract CIL fields using their underlying types for a reference type field and annotate the field as a reference type. 2023-01-30 14:28:35 +01:00
Michael Nebel
812bc20812 C#: Add CIL fields as entities that can carry type annotations. 2023-01-30 14:28:35 +01:00
Michael Nebel
23acd5c255 C#: Small re-factor of the Modifier class. 2023-01-30 14:28:34 +01:00
Michael Nebel
3a4ec90ae9 C#: Extraction of ref modifier for fields. 2023-01-30 14:28:34 +01:00
Erik Krogh Kristensen
e46960e0cf Merge pull request #12022 from github/dependabot/cargo/ql/regex-1.7.1 
Bump regex from 1.6.0 to 1.7.1 in /ql
 2023-01-30 13:11:54 +01:00
dependabot[bot]
e3afb1640a Bump regex from 1.6.0 to 1.7.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.6.0 to 1.7.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.6.0...1.7.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 11:19:30 +00:00
Erik Krogh Kristensen
8198bbf893 Merge pull request #12019 from github/dependabot/cargo/ql/serde_json-1.0.91 
Bump serde_json from 1.0.82 to 1.0.91 in /ql
 2023-01-30 12:16:49 +01:00
Nora Dimitrijević
9346f4d760 Swift: fix failing tests 2023-01-30 11:39:06 +01:00
dependabot[bot]
f430e83fca Bump serde_json from 1.0.82 to 1.0.91 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.82 to 1.0.91.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.91)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 10:36:14 +00:00
Erik Krogh Kristensen
f647910e0c Merge pull request #12018 from erik-krogh/qlDependabot 
QL: fixup the dependabot config for QL-for-QL
 2023-01-30 11:35:05 +01:00
Erik Krogh Kristensen
78683e4e8a Merge pull request #11879 from erik-krogh/rbRegConcept 
RB: add a RegexExecution concept, and use it for better regexp tracking
 2023-01-30 11:33:09 +01:00
erik-krogh
40a576b775 fixup the dependabot config for QL-for-QL 2023-01-30 11:22:17 +01:00
erik-krogh
f04a9cb523 Merge branch 'main' into rbRegConcept 2023-01-30 11:05:40 +01:00
Erik Krogh Kristensen
3508a4b799 Merge pull request #12016 from erik-krogh/newEntity 
QL: support the NewEntity module in QL-for-QL
 2023-01-30 11:01:11 +01:00
erik-krogh
54c4c23b46 support the NewEntity module in QL-for-QL 2023-01-30 10:34:06 +01:00
Mathias Vorreiter Pedersen
6a8c570915 Merge pull request #12009 from MathiasVP/fix-fwd-flow-read-join 
DataFlow: Fix join in `fwdFlowRead`
 2023-01-30 09:23:43 +00:00
erik-krogh
e3455a9b21 add support for axios used as a global variable 2023-01-29 22:55:20 +01:00
Nora Dimitrijević
d5f11dfe60 Swift: db upgrade/downgrade script 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
1396d07662 Swift: subsume IterableDeclContext into Decl [tests] 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
9a5614e8c5 Swift: subsume IterableDeclContext into Decl [codegen'd] 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
f96c18a6db Swift: subsume IterableDeclContext into Decl [hand-written] 2023-01-28 00:44:48 +01:00
Mathias Vorreiter Pedersen
95b15825f9 DataFlow: Sync identical files. 2023-01-27 16:24:31 +00:00