hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 15:16:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,708 Commits 1,700 Branches 161 Tags
7df09f369fd8ea10739df3fddf23506eff04a602
Commit Graph

81708 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nora Dimitrijević
7df09f369f [DIFF-INFORMED] C++: SqlTainted 2025-08-15 12:01:01 +02:00
Nora Dimitrijević
36d43a4830 [DIFF-INFORMED] C++: CgiXss 2025-08-15 12:00:59 +02:00
Nora Dimitrijević
80da00b599 [DIFF-INFORMED] C++: ExecTainted 2025-08-15 12:00:57 +02:00
Nora Dimitrijević
a77cab6981 [DIFF-INFORMED] C++: TaintedPath 2025-08-15 12:00:54 +02:00
Nora Dimitrijević
91b9c3e647 [DIFF-INFORMED] C++: LeapYear 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/cpp/ql/src/Likely%20Bugs/Leap%20Year/UncheckedLeapYearAfterYearModification.ql#L57
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/cpp/ql/src/Likely%20Bugs/Leap%20Year/Adding365DaysPerYear.ql#L21
 2025-08-15 12:00:52 +02:00
Nora Dimitrijević
2f56baace2 [DIFF-INFORMED] C++: NonConstantFormat 2025-08-15 12:00:50 +02:00
Nora Dimitrijević
e382cb5696 [DIFF-INFORMED] C++: DecompressionBombs 2025-08-15 12:00:48 +02:00
Nora Dimitrijević
fabdf9923c [DIFF-INFORMED] C++: ConstantSizeArrayOffByOne 2025-08-15 12:00:46 +02:00
Nora Dimitrijević
448a1ea87a [DIFF-INFORMED] C++: OverflowDestination 2025-08-15 12:00:39 +02:00
Nora Dimitrijević
43e99d0872 [TEST] C++: CleartextSqliteDatabase: add new test 2025-08-15 12:00:26 +02:00
Michael B. Gale
ec605b2c95 Merge pull request #20229 from github/mbg/ci/fix/csharp-create-extractor-pack 
C#: Replace input interpolation with environment variable
 2025-08-15 09:19:41 +01:00
Michael B. Gale
e1ffb323a0 C#: Replace input interpolation with environment variable 2025-08-15 09:00:28 +01:00
Tom Hvitved
f1bff93bc5 Merge pull request #20203 from hvitved/rust/if-let-chain-test 
Rust: Handle chained `let` expressions
 2025-08-14 19:51:43 +02:00
Anders Schack-Mulligen
b67394a450 Merge pull request #20183 from aschackmull/java/barrierguard-wrappers 
Java: Enable BarrierGuard wrappers
 2025-08-14 16:06:21 +02:00
Tom Hvitved
5c0300cbdf Merge pull request #20224 from hvitved/rust/remove-extractor-resolution-references 
Rust: Remove references to `getResolvedPath` and `getExtendedCanonicalPath`
 2025-08-14 14:45:33 +02:00
Tom Hvitved
d09645bc96 Add change note 2025-08-14 14:38:44 +02:00
Geoffrey White
6951f585c8 Merge pull request #20226 from geoffw0/stdlib 
Rust: Update StartswithCall to use getCanonicalPath
 2025-08-14 13:04:30 +01:00
Geoffrey White
02b9229be7 Rust: Update StartswithCall. 2025-08-14 12:09:49 +01:00
Geoffrey White
6941e7fef1 Rust: Add tags to intermediate steps in the test. 2025-08-14 11:37:22 +01:00
Geoffrey White
ecf0e08f55 Rust: Add some more path injection test case variants. 2025-08-14 11:05:48 +01:00
Tom Hvitved
51fb2157ef Rust: Remove references to getResolvedPath and getExtendedCanonicalPath 2025-08-14 11:31:42 +02:00
Tom Hvitved
f63e55c1fd Rust: Handle chained let expressions 2025-08-14 10:36:43 +02:00
Tom Hvitved
fd1d9401c0 Rust: Add tests for chained let expressions 2025-08-14 10:36:41 +02:00
Jeroen Ketema
72c89ec076 Merge pull request #20218 from MathiasVP/fix-guard-conditions-for-likely 
C++: Improvements to `IRGuard`s
 2025-08-14 10:24:48 +02:00
Jon Janego
603f0f2d55 Merge pull request #20219 from github/changedocs-2.22.3 
Sitedocs for 2.22.3
 2025-08-13 11:54:05 -05:00
Jon Janego
cc302c0d1d Sitedocs for 2.22.3 2025-08-13 11:32:31 -05:00
Mathias Vorreiter Pedersen
39f5e33dea C++: Accept more test changes. 2025-08-13 17:46:06 +02:00
Mathias Vorreiter Pedersen
9c3bb87b89 C++: Add change note. 2025-08-13 16:42:39 +02:00
Mathias Vorreiter Pedersen
9ee313ff0a C++: Remove code that is now subsumed. 2025-08-13 16:29:49 +02:00
Mathias Vorreiter Pedersen
bf4a84ba8f C++: Drive-by: Add forgotten disjuncts involving '__builtin_expect'. 2025-08-13 16:29:42 +02:00
Mathias Vorreiter Pedersen
e6cd27a992 C++: Skip non-Boolean instructions in the new inference step. 2025-08-13 16:20:21 +02:00
Mathias Vorreiter Pedersen
e67b6d6c9a C++: Add another inference step. 2025-08-13 16:20:19 +02:00
Jeroen Ketema
ff288d799e Merge pull request #20210 from github/jketema/go-1.25 
Go: Update Go version to 1.25.0
 2025-08-13 16:07:36 +02:00
Chuan-kai Lin
4c263c0535 Merge pull request #20047 from github/cklin/alert-filtering-qldoc 
Shared: Overhaul the AlertFiltering QLDoc
 2025-08-13 06:58:38 -07:00
Jeroen Ketema
4b215d50e2 Go: Update maxGoVersion in the autobuilder 2025-08-13 14:09:53 +02:00
Jeroen Ketema
5e2a5600a7 Update go_rules to the latest version 
This version includes https://github.com/bazel-contrib/rules_go/pull/4397 which
addresses the build fialure we were seeing.
 2025-08-13 13:40:14 +02:00
Jeroen Ketema
976ef99d60 Go: Request go1.25.0 toolchain 2025-08-13 13:39:35 +02:00
Jeroen Ketema
4baf115c3a Go: Use Go 1.25.0 to build the Go extractor 2025-08-13 13:39:34 +02:00
Jeroen Ketema
d5f8289bcd Go: Update Go version in tests to 1.25.0 2025-08-13 13:39:32 +02:00
Jeroen Ketema
653a99779e Merge pull request #20216 from github/redsun82/rust-fix-bazel 
Bazel: regenerate cargo vendored files
 2025-08-13 13:36:20 +02:00
Tom Hvitved
dc6e76a0d7 Merge pull request #20182 from hvitved/rust/type-inference-tuple-types-follow-up 
Rust: Unify type inference for tuple indexing expressions
 2025-08-13 13:32:53 +02:00
Paolo Tranquilli
ea320c2a7b Bazel: regenerate cargo vendored files 2025-08-13 13:30:01 +02:00
Mathias Vorreiter Pedersen
a27135495c C++: Add tests. 2025-08-13 12:54:23 +02:00
Jeroen Ketema
fcbd333144 Merge pull request #20215 from github/redsun82/rust-fix-bazel 
Rust: regenerate bazel files
 2025-08-13 12:40:03 +02:00
Paolo Tranquilli
c997b29c1e Rust: regenerate bazel files 2025-08-13 11:51:11 +02:00
Geoffrey White
17b468239b Merge pull request #20208 from geoffw0/sqlmodels 
Rust: Fill some gaps in our database models.
 2025-08-13 08:54:23 +01:00
Mathias Vorreiter Pedersen
caa935d011 C++: Update the tests for guard conditions so that the tests print more detailed location information. 2025-08-13 09:41:28 +02:00
Chuan-kai Lin
34d546ce82 Merge branch 'main' into cklin/alert-filtering-qldoc 2025-08-12 11:11:27 -07:00
Chuan-kai Lin
b20521b648 Shared: Overhaul the AlertFiltering QLDoc 
This commit strengthens the contract for the restrictAlertsTo and the
restrictAlertsToExactLocation extensible predicates.

- restrictAlertsTo is now documented to match any alert location that
  intersects with a specified line range. (Previously an alert location
  matches only when its first line is in a specified line range.)

- restrictAlertsToExactLocation is now documented to match any alert
  location that wholly contains a specific character range. (Previously
  an alert location matchis only when it is exactly the same as a
  specified character range.)

It also contains misc wording changes for clarity.
 2025-08-12 07:43:46 -07:00
Tom Hvitved
0a67902f5d Merge pull request #20101 from mschwager/main 
Fix #19294, Ruby NetHttpRequest improvements
 2025-08-12 14:42:32 +02:00