hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
46,154 Commits 1,690 Branches 160 Tags
99ca28ea9b9219fc7f529356873ad5e4ccc9166f
Commit Graph

46154 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
99ca28ea9b Merge pull request #10886 from aschackmull/dataflow/joinorders 
Dataflow: Fix a couple of join-orders.
 2022-11-07 11:05:29 +01:00
Chris Smowton
587aa93f6d Merge pull request #11105 from smowton/smowton/fix/use-defaults-method-to-implement-jvmoverloads 
Kotlin: use `$default` functions to implement `@JvmOverloads`
 2022-11-07 09:54:16 +00:00
Dave Bartolomeo
b8e1aa67d8 Merge pull request #11134 from github/post-release-prep/codeql-cli-2.11.3 
Post-release preparation for codeql-cli-2.11.3
 2022-11-05 13:54:49 -04:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
Dave Bartolomeo
8344d5a376 Merge pull request #11133 from github/release-prep/2.11.3 
Release preparation for version 2.11.3
codeql-cli/v2.11.3 		2022-11-04 22:50:41 -04:00
Mathias Vorreiter Pedersen
60ac031db4 Merge pull request #11036 from geoffw0/simplify3 2022-11-05 00:31:05 +00:00
Dave Bartolomeo
013b7eff1c Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-11-04 18:46:32 -04:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Tiferet Gazit
5198ad7612 Merge pull request #11055 from github/tiferet/sink-classification-reasons 
Sink endpoint characteristics
 2022-11-04 11:24:08 -07:00
Henry Mercer
b32f4b844a Merge pull request #11118 from github/henrymercer/atm-check-queries-improvements 
ATM: Miscellaneous improvements for the check queries workflow
 2022-11-04 18:04:32 +00:00
tiferet
833041c62e Fix QLDoc style errors 2022-11-04 09:30:31 -07:00
tiferet
2aa4651534 Remove predicates not yet used from the current PR 2022-11-04 09:30:31 -07:00
tiferet
74c8bfff4f Minor changes from code review 2022-11-04 09:30:31 -07:00
tiferet
e60c016fc6 Format fixes 2022-11-04 09:30:31 -07:00
tiferet
cbf81b8839 Improve the import structure 2022-11-04 09:30:31 -07:00
tiferet
300456cd3e Enforce the abstraction over characteristics: 
Make the implementations of specific `EndpointCharacteristic`s private.
 2022-11-04 09:30:31 -07:00
tiferet
c0cc754fb5 Rename ClassificationReasons 
Change the name to EndpointCharacteristics.
 2022-11-04 09:30:30 -07:00
tiferet
a4939b91e7 Generalize the definition of a known sink: 
If the list of reasons includes positive indicators with maximal confidence for this class, it's a known sink for the class.

This negates the need for each query config to define the isKnownSink predicate individually.
 2022-11-04 09:30:29 -07:00
tiferet
08bbe596a2 Create the sink ClassificationReasons 
Write the reasons that indicate that an endpoint is a sink for each sink type.

Also fix import error.
 2022-11-04 09:30:29 -07:00
Dave Bartolomeo
649c3af98a Merge pull request #11127 from github/henrymercer/fix-atm-pr-checks 
ATM: Fix CodeQL pack workspace references
 2022-11-04 12:19:42 -04:00
Arthur Baars
58c0e65542 Merge pull request #11129 from aibaars/improve-weak-crypto 
Ruby: Improve weak crypto query
 2022-11-04 16:31:55 +01:00
Arthur Baars
98f4c29913 Ruby: weak crypto: do not report weak hash algorithms 
Weak hash algorithms such as MD5 and SHA1 are often
used in non security sensitive contexts and reporting
all uses is far too noisy.
 2022-11-04 15:58:50 +01:00
Erik Krogh Kristensen
418d632738 Merge pull request #11123 from erik-krogh/stableCI-followup-2 
fix typo in compile-queries workflow
 2022-11-04 15:48:27 +01:00
AlexDenisov
c7da814bca Merge pull request #11122 from github/alexdenisov/make-macos-sed-happy 
Swift: make sed on macos happy
 2022-11-04 15:45:06 +01:00
Paolo Tranquilli
0370d1a1ba Merge pull request #11008 from github/redsun82/swift-macos-integration-tests 
Swift: rework workflows
 2022-11-04 15:44:42 +01:00
Tom Hvitved
05bf86acb6 Merge pull request #11126 from hvitved/cpp/position-overrides 
C++: Let `(Indirect|Direct)Position` be sub classes of `Position`
 2022-11-04 15:35:27 +01:00
AlexDenisov
0260ecfbdb Merge branch 'main' into alexdenisov/make-macos-sed-happy 2022-11-04 15:17:08 +01:00
Henry Mercer
0b9588bf9e ATM: Add test pack to workspace 2022-11-04 14:07:14 +00:00
Henry Mercer
3e863a539a ATM: Fix CodeQL pack workspace references 
This fixes the
[ATM PR checks](https://github.com/github/codeql/actions/runs/3392995797/jobs/5639827326)
breaking on main as a result of
https://github.com/github/codeql/pull/11004.
 2022-11-04 14:03:34 +00:00
Tom Hvitved
95835b8297 C++: Let (Indirect|Direct)Position be sub classes of Position 2022-11-04 14:31:18 +01:00
erik-krogh
def9b5e2ce fix typo in compile-queries workflow 2022-11-04 13:58:29 +01:00
Erik Krogh Kristensen
265838aa2c Merge pull request #11117 from erik-krogh/stableCI-followup 
fix merge-base compilation when running directly on main
 2022-11-04 13:56:41 +01:00
AlexDenisov
476bbfbdb7 Update qltest.sh 2022-11-04 13:04:24 +01:00
Henry Mercer
cbbff0c401 ATM: Rename workflow 
Rename to take into account us now checking the results of the query
suite too.
 2022-11-04 11:51:35 +00:00
Henry Mercer
87f7b65052 ATM: Check the results of the queries too 2022-11-04 11:51:35 +00:00
Erik Krogh Kristensen
91b33f72b5 update name and comment to reflect that it also runs on rc branches 2022-11-04 12:50:18 +01:00
Anders Schack-Mulligen
a1dba82360 Dataflow: Sync. 2022-11-04 12:41:55 +01:00
Anders Schack-Mulligen
828d187198 Dataflow: Fix a couple of join-orders. 2022-11-04 12:41:55 +01:00
Tamás Vajk
545dd8b8d8 Merge pull request #11106 from tamasvajk/kotlin-binop-ext 
Kotlin: Extract extension binary operators
 2022-11-04 12:41:06 +01:00
Henry Mercer
fe27e09a07 ATM: Add codeowners entry for new workflow 2022-11-04 10:57:00 +00:00
Henry Mercer
05dd161d76 ATM: Use database analyze to check results interpretation too 2022-11-04 10:54:08 +00:00
Henry Mercer
7976d746b6 ATM: Simplify DB path definition and improve quoting 2022-11-04 10:49:25 +00:00
Henry Mercer
35a4d31519 ATM: Fix naming of query pack 2022-11-04 10:46:06 +00:00
Henry Mercer
f558e858e7 ATM: Install codeql using new input to fetch-codeql Action 2022-11-04 10:44:14 +00:00
Paolo Tranquilli
2bec4479e7 Merge pull request #11029 from github/redsun82/swift-filtered-debugging 
Swift: add possibility to run the extractor under an env-specified tool
 2022-11-04 11:44:11 +01:00
erik-krogh
47289a4d33 fix merge-base compilation when running directly on main 2022-11-04 11:28:56 +01:00
Erik Krogh Kristensen
ec87a932b8 Merge pull request #11078 from erik-krogh/stableCI 
add workflow that checks compilation of all queries with the latest stable release
 2022-11-04 11:21:23 +01:00
Erik Krogh Kristensen
c82d8cbacc Merge pull request #11013 from erik-krogh/sndCmd 
JS: second-order-command-injection
 2022-11-04 10:58:50 +01:00
Paolo Tranquilli
daa4e99a2f Swift: fix executable permissions 
These were broken by a merge done in the github UI.
 2022-11-04 10:47:47 +01:00
Paolo Tranquilli
fdde84ac35 Merge branch 'main' into redsun82/swift-filtered-debugging 2022-11-04 10:42:48 +01:00