hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
53,712 Commits 1,741 Branches 165 Tags
a446c5452d3d10102f4775944402435bb93f7efa
Commit Graph

53712 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
a446c5452d JS: Update test output 2023-04-26 11:44:56 +02:00
Asger F
799d92b218 TS: Fix self-reference check for alias types 2023-04-26 11:44:56 +02:00
Asger F
c3c3faa4b5 JS: Alias references are not always safe to expand 2023-04-25 11:27:40 +02:00
Asger F
3694ed5ed6 JS: Deduplicate union/intersection members 2023-04-25 11:27:40 +02:00
Asger F
cab76507e7 JS: Recognize type vars on anonymous function types 2023-04-25 11:27:40 +02:00
Asger F
ff67118097 JS: Add hanging test case 2023-04-25 11:27:40 +02:00
Kasper Svendsen
bfe5db20a3 Merge pull request #12891 from kaspersv/kaspersv/prevent-ruby-join-regression2 
Prevent Ruby join order regression
 2023-04-24 13:27:33 +02:00
Edward Minnix III
ba4d326768 Merge pull request #12902 from egregius313/egregius313/java/dataflow/refactor-integration-tests 
Java: Refactor Kotlin Integration tests to new DataFlow API
 2023-04-24 06:51:40 -04:00
Michael Nebel
8ade7247a1 Merge pull request #12885 from michaelnebel/mergepathgraph3 
Dataflow: Introduce param module for merging three path graphs.
 2023-04-24 12:49:28 +02:00
Rasmus Wriedt Larsen
bfbbb5277d Merge pull request #12888 from lcartey/mcafee-trojan-fp 
Update `SimpleXmlRpcServer.ql` to avoid incorrect detection as a trojan by Mcafee
 2023-04-24 11:17:52 +02:00
Erik Krogh Kristensen
b0efff0110 Merge pull request #12904 from github/dependabot/cargo/ql/tracing-subscriber-0.3.17 
Bump tracing-subscriber from 0.3.16 to 0.3.17 in /ql
 2023-04-24 11:05:36 +02:00
Erik Krogh Kristensen
b16444dd22 Merge pull request #12903 from github/dependabot/cargo/ql/regex-1.8.1 
Bump regex from 1.8.0 to 1.8.1 in /ql
 2023-04-24 11:05:13 +02:00
dependabot[bot]
5e274c9664 Bump tracing-subscriber from 0.3.16 to 0.3.17 in /ql 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.16 to 0.3.17.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.16...tracing-subscriber-0.3.17)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-24 04:12:25 +00:00
dependabot[bot]
a5e919b6cb Bump regex from 1.8.0 to 1.8.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits/1.8.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-24 04:12:06 +00:00
Ed Minnix
19e6a9a1d3 Fix version of PathGraph used 2023-04-21 19:08:56 -04:00
Ed Minnix
40aed29858 Refactor Java Integration tests to new API 2023-04-21 18:22:28 -04:00
Erik Krogh Kristensen
4bf03e7962 Merge pull request #12897 from github/dependabot/cargo/ql/regex-1.8.0 
Bump regex from 1.7.3 to 1.8.0 in /ql
 2023-04-21 12:57:33 +02:00
Asger F
f3b14e13b2 Merge pull request #12841 from asgerf/rb/api-graph-class-nodes 
Ruby: add API node representing a module/class object
 2023-04-21 10:59:51 +02:00
Michael Nebel
239a763ef9 Merge pull request #12845 from michaelnebel/csharp/xssrefactor 
C#: Re-factor Xss to use the new data flow API.
 2023-04-21 08:55:07 +02:00
dependabot[bot]
149753c052 Bump regex from 1.7.3 to 1.8.0 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.7.3 to 1.8.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-21 04:03:04 +00:00
Nora Dimitrijević
1f861fda25 Merge pull request #12736 from d10c/swift/capture-flow 
Swift: Closure Capture Helper APIs
 2023-04-20 18:45:56 +02:00
Michael Nebel
0fdeeba46f C#: Re-refactor Xss to use the new API. 2023-04-20 18:38:15 +02:00
Edward Minnix III
76f8d460e7 Merge pull request #12851 from egregius313/egregius313/mad/add-groovy-stubs-to-isInTestFile 
Java: Add `*/test/*` to model generator's list of ignored paths
 2023-04-20 11:06:38 -04:00
Paolo Tranquilli
00436828a9 Merge pull request #12883 from github/redsun82/swift-default-output-dir 
Swift: aggregate default output directories
 2023-04-20 16:58:31 +02:00
Kasper Svendsen
b707c8162e Prevent Ruby join order regression 2023-04-20 15:52:32 +02:00
Paolo Tranquilli
c7378a1e5b Merge branch 'main' into redsun82/swift-default-output-dir 2023-04-20 15:12:07 +02:00
Arthur Baars
94e0828ab9 Merge pull request #12793 from aibaars/js-yaml-extractor 
JavaScript: switch to shared YamlPopulator
 2023-04-20 14:46:06 +02:00
Michael Nebel
aa8291e13f Merge pull request #12870 from michaelnebel/csharp/refactordataflow6 
C#: Re-factor data flow and taint tracking configurations to use the new API.
 2023-04-20 14:31:20 +02:00
Kasper Svendsen
51b6da4183 Merge pull request #12875 from kaspersv/kaspersv/prevent-ruby-join-order-regression 
Prevent Ruby join order regression
 2023-04-20 13:50:40 +02:00
Luke Cartey
9dc1ea1216 Merge branch 'main' into mcafee-trojan-fp 2023-04-20 12:34:38 +01:00
Erik Krogh Kristensen
377aa68bb3 Merge pull request #12854 from natejohnson05/js-insecure-http-parser 
JS - NodeJS CWE-444 InsecureHTTPParser
 2023-04-20 13:09:45 +02:00
Luke Cartey
a47778c22e Update SimpleXmlRpcServer.ql to avoid av detection 
This file was being flagged by McAfee as an `Exploit-Generic.src`
trojan. We have attempted to report this to Mcafee without success so
far. This commit therefore adjusts the file to avoid detection.
 2023-04-20 11:59:18 +01:00
Michael Nebel
656d8d2451 Sync files. 2023-04-20 11:29:51 +02:00
Michael Nebel
c71278ceb7 C#: Introduce parameterized module for merging three path graphs. 2023-04-20 11:29:34 +02:00
Paolo Tranquilli
60c723e7cc Swift: aggregate default output directories 
In case the extractor is run in isolation for debugging/testing, this
will avoid littering the current working directory with artifacts, and
instead having a single `extractor-out` directory to inspect or clean
up.

Also extractor logs have been nested into a `swift` directory, as the
log directory provided by the `codeql` cli is actually shared between
languages.
 2023-04-20 09:20:11 +02:00
Jeroen Ketema
b6a7661c7e Merge pull request #12880 from MathiasVP/use-after-free-fps 
C++: Add some use-after-free FP tests
 2023-04-19 20:07:10 +02:00
Nate Johnson
88411ce439 Merge branch 'main' into js-insecure-http-parser 2023-04-19 13:36:24 -04:00
Mathias Vorreiter Pedersen
533e1d818b C++: Add some use-after-free FPs. 2023-04-19 17:01:55 +01:00
Geoffrey White
7285704807 Merge pull request #12876 from geoffw0/extensiondecl 
Swift: Improve ExtensionDecl.toString
 2023-04-19 16:41:48 +01:00
Geoffrey White
e895cac569 Merge pull request #12877 from geoffw0/deprecated 
Swift: Delete deprecated classes
 2023-04-19 16:41:25 +01:00
Geoffrey White
3779d8423f Swift: Autoformat. 2023-04-19 14:57:17 +01:00
Jeroen Ketema
aa3e8d6b87 Merge pull request #12815 from jketema/anon 
C++: Update test expectations after extractor changes
 2023-04-19 15:51:56 +02:00
Geoffrey White
4484574301 Swift: Rename clashing CleartextStorage modules. 2023-04-19 14:29:25 +01:00
Geoffrey White
10c222e7e2 Swift: Remove deprecated classes from queries. 2023-04-19 14:26:03 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
49dccaa89d Swift: Fix other tests. 2023-04-19 14:16:24 +01:00
Owen Mansel-Chan
23934292f0 Merge pull request #12834 from owen-mc/go/refactor-autobuilder 
Go: Refactor autobuilder
 2023-04-19 14:10:23 +01:00
Owen Mansel-Chan
65c1f4a151 Merge pull request #12873 from owen-mc/go/fix-platform-specific-tests 
Go: Fix platform specific tests
 2023-04-19 13:52:14 +01:00
Kasper Svendsen
ba6bb79dd3 Prevent Ruby join order regression 2023-04-19 14:42:27 +02:00
Geoffrey White
e9ffefaa96 Swift: Improve ExtensionDecl.toString. 2023-04-19 13:38:04 +01:00