hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,335 Commits 1,673 Branches 157 Tags
80c92dc3e65a07a75f487a9b0ddcdfe8ca3e09cf
Commit Graph

47335 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
80c92dc3e6 add support for array pushes 2022-11-25 10:32:05 +01:00
erik-krogh
3461404bbb add basic support for arrays 2022-11-25 10:31:35 +01:00
erik-krogh
0f2a48f461 fix QL-for-QL warnings 2022-11-25 10:26:24 +01:00
erik-krogh
2033dd2dcc remove parameters named "code" as source 2022-11-25 10:25:31 +01:00
erik-krogh
e7c6571f52 remove the "send(..)" and similar from unsafe-code-construction 2022-11-25 10:25:31 +01:00
erik-krogh
f1668801d3 add a rb/unsafe-code-construction query 
rebase
 2022-11-25 10:25:30 +01:00
erik-krogh
5f6cb1684b move the code-injection tests into a subfolder 2022-11-24 17:23:25 +01:00
Henry Mercer
df3dc6fadc Merge pull request #11414 from github/codeql-ci/atm/release-0.4.2 
JS: Bump version numbers of ML-powered packs after 0.4.2 release
 2022-11-24 16:07:28 +00:00
Edoardo Pirovano
9071acea01 Merge pull request #11416 from github/edoardo/mergeback-3.8 
Merge `rc/3.8` into `main`
 2022-11-24 15:05:28 +00:00
Erik Krogh Kristensen
03737543d4 Merge pull request #11403 from erik-krogh/additional 
ReDoS: add missing additional keywords
 2022-11-24 15:53:51 +01:00
Edoardo Pirovano
8eeba92a47 Merge pull request #11415 from github/edoardo/mergeback-2.11.4 
Merge `codeql-cli-2.11.4` into `rc/3.8`
 2022-11-24 14:42:36 +00:00
Henry Mercer
56e5f01ce0 Merge branch 'main' into codeql-ci/atm/release-0.4.2 2022-11-24 14:41:49 +00:00
github-actions[bot]
78d49e44b1 JS: Bump version of ML-powered library and query packs to 0.4.3 2022-11-24 14:22:14 +00:00
github-actions[bot]
8d96bfe973 JS: Bump patch version of ML-powered library and query packs 2022-11-24 14:18:13 +00:00
Tony Torralba
adf905d838 Merge pull request #11368 from ka1n4t/main 
Java: Add binding between annotation and sink-param in MyBatis SQL Injection query
 2022-11-24 14:34:57 +01:00
Tony Torralba
1d57663343 Merge pull request #11345 from atorralba/atorralba/swift/data-models 
Swift: Add taint models for the Data class
 2022-11-24 14:23:41 +01:00
Geoffrey White
32442a33de Merge pull request #11270 from geoffw0/optionals2 
Swift: Dataflow through ?? and ? :
 2022-11-24 13:20:54 +00:00
Ian Lynagh
184c903ec7 Merge pull request #11401 from igfoo/igfoo/unused 
Kotlin: Remove an unused argument
 2022-11-24 12:47:50 +00:00
Ian Lynagh
501ea31c25 Merge pull request #11404 from igfoo/igfoo/build_refactor 
Kotlin build system: Refactor jar-finder
 2022-11-24 12:47:34 +00:00
Anders Schack-Mulligen
f2897f5bfc Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority 
Java: Adjust the prioritisation between MaD and source dispatch.
 2022-11-24 13:10:48 +01:00
Tony Torralba
e4e5291511 Fix more test expectations after rebase 2022-11-24 13:03:12 +01:00
Erik Krogh Kristensen
6464135800 Merge pull request #11409 from erik-krogh/cache-more 
Ruby: cache the compiled extractor in the build tests
 2022-11-24 12:42:33 +01:00
Tony Torralba
fc7c66dab2 Remove now unnecessary additional taint step in UnsafeJsEval 2022-11-24 12:35:52 +01:00
Tony Torralba
e67b72d954 Update test expectations 2022-11-24 12:35:51 +01:00
Tony Torralba
25354d2dd8 Apply code review suggestions 2022-11-24 12:35:51 +01:00
Tony Torralba
6a8b9fde78 Add data flowsources test 2022-11-24 12:35:51 +01:00
Tony Torralba
d6b14a1395 Update test expectations 2022-11-24 12:35:50 +01:00
Tony Torralba
2284127650 Add MaD rows for the Data class 2022-11-24 12:35:50 +01:00
Tony Torralba
4bbc1dc734 Update test expectations 2022-11-24 12:34:48 +01:00
Tony Torralba
cac6e946ab Merge pull request #11411 from atorralba/atorralba/swift/fix-nsdata-test 
Swift: Fix expectation in NSData tests
 2022-11-24 12:34:28 +01:00
Ben Ahmady
7f5df4fc0e Merge pull request #11384 from github/subatoi/codeql-cli-2.11.4 
Adds Kotlin (beta) content
codeql-cli/v2.11.4 		2022-11-24 11:33:46 +00:00
Geoffrey White
c6835cd270 Swift: Update .generated.list. 2022-11-24 11:16:56 +00:00
Tony Torralba
4f8ef13cd8 Fix expectation in NSData tests 2022-11-24 12:13:46 +01:00
Tony Torralba
04450c5173 Merge pull request #11378 from atorralba/atorralba/swift/nsdata-models 
Swift: Add models for NSData and NSMutableData
 2022-11-24 11:19:14 +01:00
Tony Torralba
17218fa663 Formatting 2022-11-24 11:14:16 +01:00
Ben Ahmady
42259ef8d1 Update docs/codeql/reusables/kotlin-java-differences.rst 2022-11-24 10:10:42 +00:00
Tony Torralba
443d0f50c1 Apply suggestions from code review 2022-11-24 11:10:07 +01:00
erik-krogh
c9a600d496 Ruby: cache the compiled extractor, because that's way smaller than the cargo cache 2022-11-24 10:55:38 +01:00
Tony Torralba
2ac06b8db9 Turns out lambda flow is already supported 2022-11-24 10:52:27 +01:00
Nora Dimitrijević
8f065e9483 Merge pull request #11001 from d10c/swift/js-injection 2022-11-24 10:52:05 +01:00
Michael Nebel
cb4a7e22f0 Merge pull request #11395 from michaelnebel/csharp/externalflowcleanup 
C#: ExternalFlow.qll cleanup.
 2022-11-24 10:28:58 +01:00
Ian Lynagh
2d92cee26a Kotlin build system: Refactor jar-finder 
We were globbing with a * in the filename, but that is not necessary.
 2022-11-23 21:43:32 +00:00
Erik Krogh Kristensen
1eec067474 Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00
Erik Krogh Kristensen
3d4f64f168 Merge pull request #11397 from erik-krogh/call-instanceof 
Rb: use `instanceof` instead of `extends` on `DataFlow::CallNode` in some case
 2022-11-23 22:20:17 +01:00
Erik Krogh Kristensen
efdfc361be Merge pull request #11396 from erik-krogh/jsTypo 
JS: fix two typos
 2022-11-23 22:18:43 +01:00
erik-krogh
95f35196e4 add missing additional keywords 2022-11-23 20:45:51 +01:00
Ian Lynagh
5b8b9044a5 Kotlin: Remove an unused argument 2022-11-23 18:47:53 +00:00
Tom Hvitved
3fbe089f65 Merge pull request #11387 from hvitved/csharp/autobuild-options-split 
C#: Split `AutobuildOptions` into C#/C++ specific classes
 2022-11-23 19:30:48 +01:00
Geoffrey White
2b52a44024 Merge pull request #11210 from geoffw0/alamofire2 
Swift: Add Alamofire model to swift/cleartext-transmission
 2022-11-23 18:23:44 +00:00
Henry Mercer
146d2460b7 Merge pull request #11390 from github/henrymercer/atm/add-pack-descriptions 
ATM: Add descriptions to ML-powered packs
 2022-11-23 18:04:59 +00:00