hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-07 08:06:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,613 Commits 1,703 Branches 162 Tags
8fbd720fe5e26c96889cfd892bf34814520704ed
Commit Graph

82613 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
8fbd720fe5 C#: Fix failing integration test after new version of NewtonSoft.JSon has been released. 2025-09-16 13:14:23 +02:00
Mathias Vorreiter Pedersen
fa36d9f84e Merge pull request #20438 from MathiasVP/remove-antijoin-in-shared-guards 
Shared: Remove antijoin from `Guards.qll`
 2025-09-16 10:40:45 +01:00
Anders Schack-Mulligen
0ceb2f3f72 Merge pull request #20442 from aschackmull/csharp/default-tostring-enum 
C#: Exclude enum types as they don't inherit the default toString.
 2025-09-16 11:12:21 +02:00
Anders Schack-Mulligen
57e15b9a91 Merge pull request #20367 from aschackmull/shared/controlflow 
Shared/Java: Introduce a shared control flow reachability library and replace the Java Nullness implementation.
 2025-09-16 10:44:44 +02:00
Anders Schack-Mulligen
107d142b24 C#: Exclude enum types as they don't inherit the default toString. 2025-09-16 10:33:25 +02:00
Jeroen Ketema
6264f46970 Merge pull request #20440 from MathiasVP/converted-barrier-in-unbounded-write 
C++: Fix barrier in `cpp/unbounded-write`
 2025-09-16 10:19:21 +02:00
Asger F
65102a073a Merge pull request #19770 from trailofbits/VF/async-package-improvements 
Improve data flow in the `async` package
 2025-09-16 08:55:52 +02:00
Asger F
f587273828 Merge pull request #19768 from trailofbits/VF/lodash-group-by 
Add lodash GroupBy as taint step
 2025-09-16 08:55:13 +02:00
Chris Smowton
c375f24598 Merge pull request #20423 from smowton/smowton/fix/length-comparison-off-by-one-fp 
JS: Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access
 2025-09-15 18:24:45 +01:00
Mathias Vorreiter Pedersen
18c96fd7d4 Shared: Remove antijoin. 2025-09-15 17:12:23 +01:00
Ian Lynagh
9231119b07 Merge pull request #20437 from github/igfoo/tweak-release-note 
C++: Tweak a release note
 2025-09-15 16:39:51 +01:00
Mathias Vorreiter Pedersen
a4c845c418 C++: Fix barrier in 'cpp/unbounded-write'. 2025-09-15 16:34:05 +01:00
Ian Lynagh
cc72314219 C++: Tweak a release note 2025-09-15 16:26:32 +01:00
Ian Lynagh
7860857b55 Merge pull request #20434 from github/igfoo/fix-typo 
javascript: Fix spelling error in documentation
 2025-09-15 16:21:57 +01:00
Ian Lynagh
b797df6ad5 Merge pull request #20436 from github/igfoo/fix-typo-substract 
Csharp: Fix typo in LeapYear qhelp
 2025-09-15 16:21:26 +01:00
Ian Lynagh
5cf052dec1 Csharp: Fix typo in LeapYear qhelp 
Corrects "add/substract" to "add/subtract" in the UnsafeYearConstruction.qhelp
file to improve clarity.
 2025-09-15 15:44:11 +01:00
Ian Lynagh
d0091e1b3c javascript: Fix spelling error in documentation 
Corrects the spelling of "occurrences" in the Incomplete Multi-Character
Sanitization documentation to improve clarity.
 2025-09-15 14:53:22 +01:00
Simon Friis Vindum
78389c8897 Merge pull request #20133 from paldepind/rust/type-inference-blanket-impl 
Rust: Support blanket implementations
 2025-09-15 12:46:41 +02:00
Simon Friis Vindum
af49301332 Merge pull request #20381 from paldepind/rust/request-forgery-query 
Rust: Add basic request forgery query
 2025-09-15 12:46:23 +02:00
Geoffrey White
00f644888c Merge pull request #20426 from geoffw0/cookie2 
Rust: cookie and biscotti crypto query sinks
 2025-09-15 11:07:46 +01:00
Anders Schack-Mulligen
acb4d9f681 Shared: Copy some qldoc from Guards.qll 2025-09-15 11:41:23 +02:00
Simon Friis Vindum
35438294d1 Rust: Remove condition that always holds 2025-09-15 10:58:27 +02:00
Anders Schack-Mulligen
be39c4c0cd Shared: Minor precision improvement. 2025-09-15 10:38:49 +02:00
Simon Friis Vindum
875c7da87c Rust: Improve comments in type inference 2025-09-15 10:37:38 +02:00
Anders Schack-Mulligen
b308c5438f Java: Add a change note, and a minor ql comment. 2025-09-15 10:14:26 +02:00
Simon Friis Vindum
50bdc658ba Rust: Apply documentation tweaks 2025-09-15 09:32:33 +02:00
Geoffrey White
989081ba4a Rust: Change note. 2025-09-12 18:12:59 +01:00
Geoffrey White
118ac07b71 Rust: Convert 'from' models into one generic one. 2025-09-12 18:05:30 +01:00
Geoffrey White
9f83b67a7c Rust: Model vec::from_elem. 2025-09-12 17:30:44 +01:00
Geoffrey White
e2d94127d6 Rust: Model vec::from. 2025-09-12 16:44:47 +01:00
Geoffrey White
5d3ea2f4d3 Rust: Add models for the cookie and biscotti crates. 2025-09-12 16:13:14 +01:00
Geoffrey White
2bb9e2f7be Rust: Add test cases for hardcoded cryptographic constants in cookies. 2025-09-12 15:42:56 +01:00
Simon Friis Vindum
e2e6fd0683 Rust: Address feedback from PR review 2025-09-12 16:10:58 +02:00
Anders Schack-Mulligen
e302616135 Java: Accept qltest change. 2025-09-12 15:41:18 +02:00
Anders Schack-Mulligen
f9ffee010f Java: Minor nullness cleanup. 2025-09-12 15:41:17 +02:00
Anders Schack-Mulligen
2743fc0be1 Guards: Include ConditionalExpr in exprHasValue. 2025-09-12 15:41:17 +02:00
Anders Schack-Mulligen
e8f1ec68db Java: Accept guards test results. 2025-09-12 15:41:17 +02:00
Anders Schack-Mulligen
60d07cf30d Java: Clean up IntegerGuards.qll 2025-09-12 15:41:16 +02:00
Anders Schack-Mulligen
03321ff910 Java: Replace nullness implementation. 2025-09-12 15:41:16 +02:00
Anders Schack-Mulligen
4a8ffea0f6 Shared: Add control flow reachability lib. 2025-09-12 15:41:15 +02:00
Simon Friis Vindum
12dcd751d3 Rust: Accept test changes 2025-09-12 15:34:09 +02:00
Simon Friis Vindum
29ba013580 Rust: Add support for resolving methods from blanket implementations 2025-09-12 15:34:04 +02:00
Chris Smowton
db5c58180e Change note 2025-09-12 14:32:12 +01:00
Chris Smowton
f5780ae369 Amend docstring 2025-09-12 14:32:10 +01:00
Chris Smowton
4fb133a43d Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access 2025-09-12 14:32:07 +01:00
Simon Friis Vindum
d10cdfb7f1 Rust: Move existing blanket implementation test 2025-09-12 15:31:42 +02:00
Simon Friis Vindum
69a1c7e1e8 Rust: Add tests with blanket implementation 2025-09-12 15:26:19 +02:00
Anders Schack-Mulligen
452bbf7289 Java: Add some more nullness tests. 2025-09-12 13:38:21 +02:00
Anders Schack-Mulligen
924a8eac5c Java: Improve precision of SuccessorType labels in CFG. 2025-09-12 13:38:21 +02:00
Anders Schack-Mulligen
1ebdcdfa8c Guards: Support integer ranges. 2025-09-12 13:38:20 +02:00