hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,167 Commits 1,671 Branches 157 Tags
81b28df089b682f0bc71e24026c0a1ebb69bce1d
Commit Graph

77167 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simon Friis Vindum
81b28df089 Merge branch 'main' into rust-type-inference-tweaks 2025-03-17 13:18:45 +01:00
Simon Friis Vindum
e9ca43ae94 Merge pull request #19039 from paldepind/rust-cfg-uppercase 
Rust: Assume in the CFG that lowercase identifiers are in fact identifiers
 2025-03-17 12:40:56 +01:00
Paolo Tranquilli
a2851f753c Merge pull request #18968 from hvitved/rust/cache-to-string 
Rust/Swift: Cache `Element.toString`
 2025-03-17 12:08:27 +01:00
Tom Hvitved
0e3907b2a8 Merge pull request #19035 from hvitved/rust/type-inference-path-limit 
Rust: Limit `TypePath`s to at most length 10
 2025-03-17 12:01:31 +01:00
Jeroen Ketema
43a03de195 Merge pull request #19030 from MathiasVP/atl-namespace-fix 
C++: Fix ATL models' namespace column
 2025-03-17 11:28:16 +01:00
Napalys Klicius
749a0560b4 Merge pull request #19027 from Napalys/js/escape 
JS: Add support for `escape`
 2025-03-17 10:48:44 +01:00
Napalys Klicius
478e32cbe5 Update javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-17 10:17:39 +01:00
Napalys Klicius
9134f79fd2 Merge pull request #18984 from Napalys/js/extractor_error_handler 
JS: Extractor handle error instead of exiting.
 2025-03-17 10:11:26 +01:00
Simon Friis Vindum
17d6cb626d Rust: Assume in the CFG that lowercase identifiers are in fact identifiers 2025-03-17 08:40:02 +01:00
Simon Friis Vindum
75355e9e53 Rust: Revert conjunct reorder 2025-03-17 07:46:54 +01:00
Simon Friis Vindum
1b7f4e4d4b Rust: Add type inference tests and rename modules 2025-03-17 07:41:47 +01:00
Simon Friis Vindum
72346cc392 Merge pull request #19004 from paldepind/rust-data-flow-split 
Rust: Extract data flow node and content into separate files
 2025-03-17 07:02:35 +01:00
Tom Hvitved
dfc39272b4 Rust: Limit TypePaths to at most length 10 2025-03-16 20:35:16 +01:00
Simon Friis Vindum
4c3768f771 Rust: Add comments for type inference 2025-03-15 13:51:15 +01:00
Simon Friis Vindum
422d9e1f93 Rust: Minor refactoring of type inference 2025-03-15 13:47:08 +01:00
Simon Friis Vindum
210b4db908 Rust: Encapsulate type parameter decoding/encoding 2025-03-15 13:41:46 +01:00
Aditya Sharad
996bc47ae8 Merge pull request #19032 from adityasharad/docs/remove-semmle-training-slide-template 
Docs: Remove old CodeQL training slide template
 2025-03-15 06:17:42 +05:30
Aditya Sharad
9e8a3145ac Docs: Remove old CodeQL training slide template 
The slide contents (images and RST) remain.
Remove the HTML/JS/CSS templates since we're not maintaining them,
and this creates unnecessary burden keeping the JS libraries up to date
with security patches.
 2025-03-14 15:16:59 -07:00
Owen Mansel-Chan
f0af5af015 Merge pull request #19015 from owen-mc/java/toctou-sync-methods 
Java: Fix FP in "Time-of-check time-of-use race condition" (`java/toctou-race-condition`)
 2025-03-14 21:35:51 +00:00
Mathias Vorreiter Pedersen
a035c9b4d1 C++: Also update source-sink tests. 2025-03-14 20:04:45 +00:00
Tom Hvitved
a56493cbbc Merge pull request #19028 from hvitved/rust/crate-locatable 2025-03-14 20:27:33 +01:00
Mathias Vorreiter Pedersen
b7d1c56372 C++: Add change note. 2025-03-14 18:53:09 +00:00
Mathias Vorreiter Pedersen
636150ea4f C++: Adjust tests and accept test changes. 2025-03-14 18:43:33 +00:00
Mathias Vorreiter Pedersen
78697903fc C++: Move ATL models to ATL namespace. 2025-03-14 18:43:06 +00:00
Aditya Sharad
c5b35b0976 Merge pull request #19022 from adityasharad/actions/paths-ignore-test-dir 
Code scanning config: Exclude actions test directory
 2025-03-14 23:44:16 +05:30
Napalys
c93be70053 Rename validation methods for type expressions and added recursive call for type validation. 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-14 14:58:27 +01:00
Napalys
4a691b778b Added escape as UriEncodingSanitizer 2025-03-14 14:53:21 +01:00
Napalys
37e02e4261 Added escape as StringManipulationTaintStep. 2025-03-14 14:49:45 +01:00
Aditya Sharad
28f40f1d45 Merge pull request #19023 from adityasharad/actions/env-var-query-names 
Actions: Fix typos in query names for env var injection
 2025-03-14 19:11:11 +05:30
Napalys Klicius
70232a34f3 Merge pull request #19006 from Napalys/js/vue_tanstack_model 
Js: Added support for `@tanstack/vue-query`
 2025-03-14 14:36:35 +01:00
Napalys
4c77ee2f4f Added change note. 2025-03-14 14:27:14 +01:00
Napalys
933f3c6f77 Refactor Tanstack integration: remove Tanstack framework and added model as data for it instead. 2025-03-14 13:52:05 +01:00
Napalys
d40ef0ddae Changed from taint to value steps. 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-14 13:48:15 +01:00
Napalys
1468e81c55 Ensure interface extends valid expr. 2025-03-14 13:41:37 +01:00
Anders Schack-Mulligen
474b8a5a31 Merge pull request #18942 from aschackmull/cpp/refactor-ssa 
C++: Refactor SSA usage in data flow.
 2025-03-14 13:31:32 +01:00
Simon Friis Vindum
5a3bf90b1f Rust: Add qldoc comments 2025-03-14 13:31:03 +01:00
Simon Friis Vindum
a96a5fc737 Rust: Address PR comments 2025-03-14 13:24:16 +01:00
Tom Hvitved
0dd59cbb25 Rust: Make Crate a sub class of Locatable 2025-03-14 13:18:02 +01:00
Simon Friis Vindum
60f96eee7e Merge pull request #19026 from paldepind/rust-expr-type-eq 
Rust: Handle type equality for a few more expression types
 2025-03-14 13:14:52 +01:00
Owen Mansel-Chan
7702e9da7d Address review comments 2025-03-14 11:44:01 +00:00
Owen Mansel-Chan
5c7588822d Fix test output 2025-03-14 11:44:00 +00:00
Simon Friis Vindum
c17c0458dd Rust: Handle type equality for a few more expression types 2025-03-14 11:59:34 +01:00
Tom Hvitved
dcd01befc2 Swift: Cache Element.toString 2025-03-14 11:58:42 +01:00
Tom Hvitved
d1ad65ae09 Rust: Cache Element.toString 2025-03-14 11:58:38 +01:00
Napalys
dc262236f4 Enhance taint tracking by including escape and unescape in TaintedPath customizations. 2025-03-14 11:43:22 +01:00
Napalys
c4b717b86c Added test case for escape. 2025-03-14 11:40:23 +01:00
Simon Friis Vindum
82304832e8 Rust: Add type inference examples 2025-03-14 11:13:16 +01:00
Anders Schack-Mulligen
c2309442d5 C++: Accept qltest changes. 2025-03-14 10:51:28 +01:00
Mathias Vorreiter Pedersen
90774c03be C++: Remove yet another DefinitionExt reference. 2025-03-14 10:51:27 +01:00
Anders Schack-Mulligen
35687ea698 C++: Merge two cached stages. 2025-03-14 10:51:27 +01:00