hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-09 07:31:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,717 Commits 1,754 Branches 167 Tags
83fdff54c44061120319b8bd4cd6a5363fc9a2ea
Commit Graph

34717 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
83fdff54c4 Work around missing size for typedef 
See #8805 for the underlying issue. The symptom was bad IR generation on a large number of functions because we never generated an `IRVariable` for a parameter with the affected type.
 2022-04-21 16:16:09 -04:00
Erik Krogh Kristensen
ff5b873557 Merge pull request #8773 from erik-krogh/exhaustion 
JS: promote `js/resource-exhaustion` out of experimental
 2022-04-20 19:33:42 +02:00
Erik Krogh Kristensen
8bd975a6ec Merge pull request #8785 from hvitved/ruby/api-graph-labels 
Ruby: Mention `newtype` constructors in API graph label classes
 2022-04-20 18:32:09 +02:00
Arthur Baars
040dd09c5a Merge pull request #8718 from github/sj/codeowners-pms 
Update CODEOWNERS for documentation and license changes
 2022-04-20 18:08:43 +02:00
Arthur Baars
98df392b4f Merge pull request #8719 from github/sj/update-readme-license-explanation 
Update README to clarify license explanation
 2022-04-20 18:07:00 +02:00
AlexDenisov
a187939424 Merge pull request #8784 from AlexDenisov/alexdenisov/swift-package-test-sdk 
Swift: package test SDK
 2022-04-20 16:07:40 +02:00
Bas van Schaik
732a2c32a8 Update README.md 2022-04-20 15:03:49 +01:00
Anders Schack-Mulligen
677c436e99 Merge pull request #8703 from aschackmull/dataflow/revert-state-in-out-barriers 
Dataflow: Revert support for flow-state based in-/out-barriers
 2022-04-20 14:54:02 +02:00
Tom Hvitved
501b03149f Ruby: Mention newtype constructors in API graph label classes 2022-04-20 13:37:55 +02:00
Nick Rolfe
3d109a4051 Merge pull request #8777 from github/nickrolfe/post_update_node 
Ruby: make PostUpdateNode public
 2022-04-20 12:04:37 +01:00
Alex Denisov
682c910d49 Swift: package test SDK 2022-04-20 12:35:19 +02:00
Asger F
e60475618d Merge pull request #8728 from asgerf/ql/library-coverage 
QL: Add facilities for data flow
 2022-04-20 11:40:18 +02:00
Nick Rolfe
f1b8af1db9 Ruby: rename PostUpdateNode::Range to PostUpdateNodeImpl 2022-04-20 10:35:40 +01:00
Anders Schack-Mulligen
cb898ae03f Merge pull request #8701 from aschackmull/doc/any-none 
Doc: Add any() and none() to the language reference.
 2022-04-20 10:49:42 +02:00
yoff
0c7130602a Merge pull request #8731 from RasmusWL/delete-old-readme 
Python: Delete old dataflow readme
 2022-04-20 10:36:12 +02:00
yoff
a66153d73e Merge pull request #8733 from RasmusWL/split-dataflow-private 
Python: Split `DataFlowPrivate`
 2022-04-20 10:21:05 +02:00
Erik Krogh Kristensen
10130eef6d Merge pull request #8678 from erik-krogh/fileSource 
JS: Add files as a source for `js/xss-through-dom`
 2022-04-20 09:18:38 +02:00
Felicity Chapman
b10e7300ae Update docs/codeql/ql-language-reference/formulas.rst 2022-04-19 17:29:31 +01:00
Nick Rolfe
c02670aca2 Ruby: make PostUpdateNode public 2022-04-19 17:12:51 +01:00
Felicity Chapman
d663102ffb Update docs/codeql/ql-language-reference/formulas.rst 2022-04-19 16:57:05 +01:00
Felicity Chapman
6fbe227cbc Try to fix Sphinx warning in formulas.rst 2022-04-19 16:36:42 +01:00
Stephan Brandauer
2fb3147b7b Merge pull request #8430 from kaeluka/js/CVE-2022-24718 
JS: Add taint step for handlebars model
 2022-04-19 15:57:58 +01:00
Michael Nebel
91324d40b5 Merge pull request #8659 from michaelnebel/csharp/capturemodelsmetadata 
C#: Add kind tag to Capture model queries.
 2022-04-19 16:39:03 +02:00
Anders Schack-Mulligen
48fbbf2531 Dataflow: Add change notes. 2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
b521d64156 Dataflow: Sync. 2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
4ae59b530b Dataflow: Revert flow-state versions of in-/out-barriers. 2022-04-19 15:29:34 +02:00
Erik Krogh Kristensen
8669bbd948 update expected output of rate-limit query after test reorg 2022-04-19 14:27:24 +02:00
Anders Schack-Mulligen
82463c9290 Merge pull request #8774 from MathiasVP/nomagic-revPartialPathStep 
Add `nomagic` to `revPartialPathStep`
 2022-04-19 14:02:04 +02:00
Mathias Vorreiter Pedersen
a7c0113bc7 Merge pull request #8741 from geoffw0/autogen 
C++: Fix issue with extremely long comments in AutogeneratedFile.qll
 2022-04-19 10:45:16 +01:00
Erik Krogh Kristensen
6799232009 fix typo in qldoc 2022-04-19 11:09:27 +02:00
Geoffrey White
0aa1945f30 C++: Comments. 2022-04-19 10:04:15 +01:00
Mathias Vorreiter Pedersen
91b413d59f Dataflow: Sync identical files. 2022-04-19 09:57:21 +01:00
Erik Krogh Kristensen
4b6d8e6865 add missing qldoc 2022-04-19 10:56:58 +02:00
Mathias Vorreiter Pedersen
d5722ffa61 C++: Add 'nomagic' to 'revPartialPathStep'. 2022-04-19 09:56:41 +01:00
Erik Krogh Kristensen
8e5a7bcd76 add change-note 2022-04-19 10:53:48 +02:00
Chuan-kai Lin
b433f08cef Merge pull request #8770 from cklin/csharp-downgrades-remove-version 
C#: remove version from downgrades pack
 2022-04-18 09:41:21 -07:00
Chuan-kai Lin
8e850ee564 C#: remove version from downgrades pack 2022-04-18 08:46:05 -07:00
Erik Krogh Kristensen
2e5d435bea add CWE-400, and add a reference to DoS attacks 2022-04-14 18:37:50 +02:00
Geoffrey White
8a32c17c56 C++: Fix the issue. 2022-04-14 17:03:28 +01:00
Jean Helie
d094bbc06d Merge pull request #8546 from github/jhelie/enforce-unknown-incompatibiliy-with-notasink 
ML: add defensive check to ensure Unknown endpoints cannot also be NotASink
 2022-04-14 11:21:18 +02:00
Harry Maclean
c3f1fba985 Merge pull request #8598 from hmac/hmac/insecure-dep-resolution 
Ruby: Add rb/insecure-dependency query
 2022-04-14 02:09:44 +02:00
Erik Krogh Kristensen
4c97f68a3d remove postmessage events as source for js/resource-exhaustion 2022-04-13 23:14:42 +02:00
Erik Krogh Kristensen
51a0b6d501 remove client-side remote-flow from js/resource-exhaustion 2022-04-13 23:05:59 +02:00
Jean Helie
1e39a9caae ML: update regression test output following fix to getAnUnknown predicate 2022-04-13 18:14:16 +02:00
Jean Helie
f87cd164ce ML: add defensive check to ensure Unknown endpoints cannot also be NotASink 2022-04-13 18:14:16 +02:00
Jean Helie
f2b813a6e7 ML: add regression test for effective sink that is also NotASink 2022-04-13 18:14:16 +02:00
Henry Mercer
6603f8ab94 Merge pull request #8734 from github/henrymercer/non-extending-subtypes-minor-fixes 
Docs: Fix typo and formatting in "Non-extending subtypes"
 2022-04-13 17:11:33 +01:00
Henry Mercer
54b3d4d0d7 Docs: Fix typo and formatting in "Non-extending subtypes" 
- Fix typo `select any(Foo f) would yield bar` -> `select any(Foo f).foo() would yield bar`
- Fix inline code formatting
- Change `foo_method` to `fooMethod` to follow QL style guide
 2022-04-13 16:12:42 +01:00
AlexDenisov
df2cc181a0 Merge pull request #8726 from redsun82/swift-prebuilt-fetching 
Swift: fetch prebuilt swift and link against it
 2022-04-13 16:58:36 +02:00
Paolo Tranquilli
aaf9e7da2f turn off universal_binaries for now 2022-04-13 16:45:23 +02:00