hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 02:44:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
61,591 Commits 1,685 Branches 158 Tags
a5dd4a4e2aed59ea0d9ef5197ca752ad1c652cc6
Commit Graph

61591 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
a5dd4a4e2a Swift: More tests of keys as sensitive data. 2023-12-04 19:05:15 +00:00
Mathias Vorreiter Pedersen
6dd941ee20 Merge pull request #14996 from jketema/toctou-test 
C++: Fix `chmod` prototype in toctou test and additional test
 2023-12-04 17:42:52 +00:00
Owen Mansel-Chan
570538b4ec Merge pull request #14938 from owen-mc/go/improve-test-unhandled-close-writable-handle 
Go: improve test unhandled close writable handle
 2023-12-04 16:56:09 +00:00
Jeroen Ketema
7f1bd499ce C++: Add test annotation 2023-12-04 17:53:08 +01:00
Jami
651653998c Merge pull request #14913 from jcogs33/jcogs33/unsafe-url-forward_path-inj-related_cve-2019-3799 
Java: add Spring models
 2023-12-04 10:18:50 -05:00
Jeroen Ketema
3e2397a3d1 C++: Fix chmod prototype in toctou test and additional test 2023-12-04 16:15:44 +01:00
Sarita Iyer
5a4ea7781e Merge pull request #14976 from github/saritai/docs-update-12431 
Document threat models
 2023-12-04 10:10:00 -05:00
Sarita Iyer
c4b6f44dff fix punctuation 2023-12-04 09:47:09 -05:00
Sarita Iyer
52a0a8333f Update customizing-library-models-for-java-and-kotlin.rst 2023-12-04 09:21:22 -05:00
Sarita Iyer
5bf93d096b Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-12-04 09:13:33 -05:00
Tony Torralba
649dc9d1d4 Merge pull request #14993 from github/shati-patel/fix-cwe-tags 
Update inconsistent CWE tags
 2023-12-04 14:30:32 +01:00
Harry Maclean
d630773575 Merge pull request #14627 from alexrford/rb/update_all_sink 
Ruby: refine `ActiveRecord` `update_all` as an SQL sink
 2023-12-04 13:02:14 +00:00
Chris Smowton
78e0f69d1e Merge pull request #14988 from github/smowton/admin/report-more-files-extracted 
Java: report any extracted file as successfully extracted
 2023-12-04 12:48:12 +00:00
Chris Smowton
97266c252e Remove mention of TSP 2023-12-04 12:36:04 +00:00
Shati Patel
6284781a9b Update inconsistent CWE tags 
Most tags use the "external/cwe/cwe-xxx" format, except for these few queries. Updating them for consistency.
 2023-12-04 11:52:31 +00:00
Rasmus Wriedt Larsen
2fed0adde7 Merge pull request #8457 from RasmusWL/add-dataflow-consistency-query 
Python: Add dataflow consistency query
 2023-12-04 12:50:46 +01:00
Chris Smowton
6d5a493e2d Add change note 2023-12-04 11:48:51 +00:00
Tom Hvitved
4c8861a60f Merge pull request #14832 from hvitved/csharp/callback-heuristics 
C#: Strengthen call-back heuristics by considering body-less methods
 2023-12-04 12:27:37 +01:00
Michael Nebel
e028c59a07 Merge pull request #14982 from michaelnebel/csharp/fixmissingpackageprinting 
C#: Fix problem with logging unused packages.
 2023-12-04 12:10:21 +01:00
Tamás Vajk
44be7dfdd5 Merge pull request #14957 from tamasvajk/standalone/prefer-framework-assemblies 
C#: Prefer framework assemblies over arbitrary nuget equivalents
 2023-12-04 11:03:03 +01:00
Tom Hvitved
23d09ed7c6 Address review comment 2023-12-04 10:47:52 +01:00
Paolo Tranquilli
d9ca9123e4 Merge pull request #14979 from github/criemen/prepare-bazel-upgrade 
Prepare for the bazel 7 upgrade.
 2023-12-04 10:24:51 +01:00
Tamas Vajk
31c1caf518 Code quality improvements 2023-12-04 10:20:55 +01:00
Mathias Vorreiter Pedersen
6c7e809187 Merge pull request #14961 from MathiasVP/unique-in-operand 
C++: Replace a `strictcount(...)` with `unique(...)`
 2023-12-04 09:13:58 +00:00
Jeroen Ketema
71347e4cf1 Merge pull request #14987 from jketema/unneeded-imports 
C++: Remove unneeded dataflow imports
 2023-12-04 09:15:23 +01:00
Chris Smowton
ad713a7a93 Java: report any extracted file as successfully extracted 2023-12-01 22:35:00 +00:00
Jeroen Ketema
b185efa9e4 C++: Remove unneeded dataflow imports 2023-12-01 21:11:22 +01:00
Sarita Iyer
05c67756ef fix beta note problem 2023-12-01 15:00:44 -05:00
Sarita Iyer
54daf8cacc Apply suggestions from code review 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2023-12-01 12:06:43 -05:00
Sarita Iyer
b5084ccf7f move beta ntoe 2023-12-01 11:59:57 -05:00
Sarita Iyer
6f87b1d622 test 2023-12-01 11:44:06 -05:00
Sarita Iyer
9e69e02d04 fix error 2023-12-01 11:32:13 -05:00
Sarita Iyer
2ab960428a Update customizing-library-models-for-java-and-kotlin.rst 2023-12-01 10:26:42 -05:00
Sarita Iyer
d96d71384d Update customizing-library-models-for-java-and-kotlin.rst 2023-12-01 09:57:11 -05:00
Sarita Iyer
848293470a Update customizing-library-models-for-java-and-kotlin.rst 2023-12-01 09:41:03 -05:00
Michael Nebel
aec070f918 C#: Fix problem with logging unused packages. The dependencies only contains the paths relative to the package directory. 2023-12-01 15:24:33 +01:00
Cornelius Riemenschneider
13acec135d Prepare for the bazel 7 upgrade. 2023-12-01 12:19:53 +01:00
james
7f3ff7f9a5 update threat models section 2023-12-01 11:19:00 +00:00
james
fe126c450b threat model suggestions 2023-12-01 10:54:11 +00:00
Sarita Iyer
e1b5530602 Merge branch 'main' into saritai/docs-update-12431 2023-11-30 17:40:25 -05:00
Sarita Iyer
2bea328a5b Update customizing-library-models-for-java-and-kotlin.rst 2023-11-30 17:39:55 -05:00
Sarita Iyer
849ec72728 Update customizing-library-models-for-java-and-kotlin.rst 2023-11-30 17:21:59 -05:00
Sarita Iyer
48e23e68c1 add info 2023-11-30 17:17:18 -05:00
Taus
4ef1fe49e3 Merge pull request #14918 from github/tausbn/python-support-tarslip-extraction-filters 
Python: Add support for extraction filters
 2023-11-30 22:55:09 +01:00
Felicity Chapman
30e62d3d28 Merge pull request #14969 from github/felicitymay-patch-1 
Remove unwanted period from query name
 2023-11-30 17:05:35 +00:00
Felicity Chapman
e9c4ddb399 Merge pull request #14898 from github/fc-codeql-vs-code-12574 
Update CodeQL model editor info for revised UI
 2023-11-30 16:21:51 +00:00
Mathias Vorreiter Pedersen
175a8a6fb5 Merge pull request #14865 from rdmarsh2/rdmarsh2/swift/correct-keypath-node-steps 
Swift: move keypath dataflow writes to fix types
 2023-11-30 15:09:55 +00:00
Felicity Chapman
4cb2f53223 Remove unwanted period from query name 
Our style guide states that names should not end in a period. I'm updating this now to allow us to automate a process for GitHub docs, see: https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#query-name-name
 2023-11-30 14:31:17 +00:00
Chris Smowton
971ced09ad Merge pull request #14671 from smowton/smowton/feature/jdk21-switch-pattern-matching 
Java: Add support for Java 21 language features
 2023-11-30 14:11:28 +00:00
Jeroen Ketema
eccc373a2b Merge pull request #14958 from jketema/dialects 
Add documentation note on not supporting Objective-C(++), C++/CLI, and C++/CX
 2023-11-30 13:03:59 +01:00