hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 00:43:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,796 Commits 1,693 Branches 160 Tags
7d6abb4e0a87ff25bb9265dc9e18bf7319f1af48
Commit Graph

75796 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
7d6abb4e0a JS: Disable diff-informedness for full SSRF 
Partial SSRF uses its result in a way that prevents diff-informedness
 2025-02-06 11:30:18 +01:00
Asger F
d3ee658399 Python: resolve remaining TODOs 2025-02-06 10:27:56 +01:00
Asger F
975ce064fc Python: implement for polynomial redos 2025-02-06 10:27:45 +01:00
Asger F
15c2ccb880 Python: ignore experimental for now 2025-02-06 10:27:43 +01:00
Asger F
9dfd1cc608 Python: Fixup broken patch 2025-02-06 10:27:21 +01:00
Asger F
e4a1847dad Python: mass enable diff-informed data flow 2025-02-06 10:27:19 +01:00
Tom Hvitved
9319b1848d Merge pull request #18682 from hvitved/dataflow/aliases 
Data flow: Add aliases for removing `DataFlow` prefixes
 2025-02-05 15:04:13 +01:00
Owen Mansel-Chan
d7117ef3e5 Merge pull request #18681 from github/dependabot/go_modules/go/extractor/extractor-dependencies-bab70e25a9 
Bump golang.org/x/mod from 0.22.0 to 0.23.0 in /go/extractor in the extractor-dependencies group
 2025-02-05 10:50:22 +00:00
Paolo Tranquilli
749fcb07be Merge pull request #18683 from github/redsun82/swift-docs 
Swift: update supported version in docs
 2025-02-05 11:05:33 +01:00
Tom Hvitved
0f52fe92cf Data flow: Add aliases for removing DataFlow prefixes 2025-02-05 10:57:16 +01:00
Paolo Tranquilli
48427b6700 Swift: update supported version in docs 2025-02-05 10:39:39 +01:00
Anders Schack-Mulligen
bcec7ee234 Merge pull request #18633 from aschackmull/dataflow/refactor-flowstate 
Dataflow: Refactor FlowState to be paired with Node
 2025-02-05 09:43:25 +01:00
Simon Friis Vindum
670ecb3298 Merge pull request #18673 from paldepind/rust-higher-order-function-model-generation 
Rust: Higher order function model generation
 2025-02-05 09:15:46 +01:00
dependabot[bot]
aa14f4ee58 Bump golang.org/x/mod 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.22.0 to 0.23.0
- [Commits](https://github.com/golang/mod/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-05 03:28:52 +00:00
Paolo Tranquilli
04476282a7 Merge pull request #18677 from paldepind/rust-model-struct-match 
Rust: Accept test changes
 2025-02-04 19:09:27 +01:00
Simon Friis Vindum
d198a4a3cd Rust: Accept test changes 2025-02-04 18:26:05 +01:00
Tom Hvitved
f1140530c0 Merge pull request #18656 from hvitved/rust/record-destruct-shorthand 
Rust: Shorthand record pattern destructuring in data flow
 2025-02-04 15:25:12 +01:00
Simon Friis Vindum
ece5557f3d Apply suggestions from code review 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-02-04 15:10:32 +01:00
Arthur Baars
2a32e8865d Merge pull request #18668 from github/post-release-prep/codeql-cli-2.20.4 
Post-release preparation for codeql-cli-2.20.4
 2025-02-04 14:22:53 +01:00
Simon Friis Vindum
b0a3cdc68c Rust: Generate flow summaries for higher-order functions 2025-02-04 14:03:19 +01:00
Simon Friis Vindum
c9e702d107 Rest: Add tests for higher-order functions 2025-02-04 13:44:29 +01:00
Jeroen Ketema
89bbef935d Merge pull request #18672 from jketema/codeblock-name 
C++: Update expected test results after extractor changes
 2025-02-04 13:39:54 +01:00
Jeroen Ketema
1591a56aab C++: Update expected test results after extractor changes 2025-02-04 13:19:49 +01:00
Simon Friis Vindum
8d01bbc1e3 Merge pull request #18628 from paldepind/rust-flow-summary-generation 
Rust: Initial model generation setup
 2025-02-04 12:37:09 +01:00
Asger F
294fd0a7a7 Merge pull request #18653 from asgerf/js/source-on-same-line 
Test: Don't expect 'Source' tag when source and alert are on the same same
 2025-02-04 11:01:46 +01:00
Asger F
3d3f07ad72 Merge pull request #18658 from asgerf/js/jsx-parser-first-attempt 
JS: Use JSX syntax in first attempt when extension is .jsx
 2025-02-04 10:49:26 +01:00
Anders Schack-Mulligen
73d7250688 Dataflow: Fix join-order issue. 2025-02-04 10:47:02 +01:00
Anders Schack-Mulligen
da34c0b3ac Dataflow: Fixup some qldoc. 2025-02-04 10:47:01 +01:00
Anders Schack-Mulligen
db1ed67e52 JS: Simplify config in PrototypePollutingFunction.ql. 2025-02-04 10:47:01 +01:00
Anders Schack-Mulligen
e55130ebce Dataflow: Remove unused predicate. 2025-02-04 10:47:00 +01:00
Anders Schack-Mulligen
2597ef651b Dataflow: Avoid duplication in fwdFlow1 disjunction. 2025-02-04 10:47:00 +01:00
Anders Schack-Mulligen
b2d42ee49a Dataflow: Rename two predicates to remove need for alias defs. 2025-02-04 10:46:59 +01:00
Anders Schack-Mulligen
e0cb70a492 Dataflow: Minor cleanup. 2025-02-04 10:46:59 +01:00
Anders Schack-Mulligen
b4197b08aa Dataflow: Use (node,state) pair as node type in stage 2+. 2025-02-04 10:46:58 +01:00
Anders Schack-Mulligen
1166aa6a43 Dataflow: Prepare a (node,state) pair type. 2025-02-04 10:46:58 +01:00
Anders Schack-Mulligen
1799bf9d14 Dataflow: Parameterise stages 2-6 over the node type. 2025-02-04 10:46:58 +01:00
Anders Schack-Mulligen
d5759a7f33 Dataflow: Move definition of toNormalSinkNode. 2025-02-04 10:46:57 +01:00
Anders Schack-Mulligen
3cbf8e517f Dataflow: Remove superfluous constraint. 2025-02-04 10:46:57 +01:00
Anders Schack-Mulligen
04db61a0fe Dataflow: Move Stage1 to its own file. Stick flow exploration in there as well. 2025-02-04 10:46:56 +01:00
Anders Schack-Mulligen
02a81a0897 Dataflow: Rename signature to preempt name clash. 2025-02-04 10:46:56 +01:00
Simon Friis Vindum
cf4f6575d1 Merge branch 'main' into rust-flow-summary-generation 2025-02-04 10:42:11 +01:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
Simon Friis Vindum
07413315a1 Rust: Address PR comments 2025-02-04 10:19:04 +01:00
Tom Hvitved
90944d5252 Merge pull request #18609 from hvitved/rust/dataflow-path-resolution 
Rust: Use `PathResolution` module in data flow
 2025-02-04 10:11:54 +01:00
Simon Friis Vindum
fc15c0d3b2 Merge branch 'main' into rust-flow-summary-generation 2025-02-04 10:10:33 +01:00
Asger F
7bf69d92ca Merge pull request #2 from hvitved/js/source-on-same-line 
Test: Remove location parsing
 2025-02-04 10:09:35 +01:00
Tom Hvitved
acd31dd701 Merge pull request #18657 from hvitved/rust/dataflow-node-api 
Rust: Hide internal implementation details from `DataFlow::Node`
 2025-02-04 09:41:44 +01:00
Tom Hvitved
5a24440e59 Update rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-02-04 09:38:16 +01:00
Asger F
09270f4e20 JS: Change note 2025-02-04 09:36:46 +01:00
Tom Hvitved
fc04ad1ef0 Test: Remove location parsing 2025-02-04 09:34:33 +01:00