hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
32,220 Commits 1,741 Branches 165 Tags
ab7fd896539608a8dabc727d2ae64e956b71bb53
Commit Graph

32220 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
ab7fd89653 Merge pull request #7663 from github/hmac/api-graph-subclass 
Ruby: Add basic subclassing support to API Graphs
 2022-02-04 10:19:07 +13:00
Harry Maclean
e328c6222a Merge pull request #7797 from github/hmac/pin-rust 
Ruby: Pin Rust to 1.54
 2022-02-04 10:18:46 +13:00
Robert Marsh
8544cff1c4 Merge pull request #7836 from geoffw0/clrtxt9 
C++: Fix more FPs in cpp/cleartext-transmission
 2022-02-03 15:18:55 -05:00
Chuan-kai Lin
c8bc5cfa75 Merge pull request #7825 from github/cklin/python-downgrade-scripts 
Python: adjust downgrade script location and format
 2022-02-03 11:40:07 -08:00
Harry Maclean
912842623d Simplify cache key 2022-02-04 07:41:29 +13:00
Geoffrey White
8031c3f699 Merge branch 'main' into clrtxt9 2022-02-03 17:01:59 +00:00
Geoffrey White
02b1774d7f C++: Switch from GVN to localFlow. 2022-02-03 16:00:26 +00:00
Tom Hvitved
ef227a4721 Merge pull request #7784 from hvitved/csharp/dotnet6 
C#: Use .NET 6
 2022-02-03 16:42:26 +01:00
Geoffrey White
3cfd1b5052 C++: More test cases. 2022-02-03 15:11:59 +00:00
Geoffrey White
3b844f701e C++:Change note. 2022-02-03 13:58:38 +00:00
Erik Krogh Kristensen
e93c46ad31 Merge pull request #7811 from erik-krogh/pyApiIpa 
Python: refactor API-graph labels to an IPA type
 2022-02-03 12:31:39 +01:00
Erik Krogh Kristensen
5284bbb6b3 Merge pull request #7821 from erik-krogh/upload-sarif 
QL: upload sarif as part of the QL-for-QL workflow
 2022-02-03 12:05:51 +01:00
Henry Mercer
224d7a7ce0 Merge pull request #7801 from github/henrymercer/js-atm-migrate-tests 
JS: Migrate CodeQL tests for ML-powered queries
 2022-02-03 10:17:19 +00:00
Tony Torralba
3c9b332ce0 Merge pull request #7826 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-02-03 09:38:53 +01:00
Tom Hvitved
6bb71f051b Merge pull request #7791 from hvitved/dataflow/inline-local-flow-star 
Data flow: Inline `local(Expr|Instruction)?(Flow|Taint)`
 2022-02-03 09:02:43 +01:00
github-actions[bot]
2a9f98cce0 Add changed framework coverage reports 2022-02-03 00:10:33 +00:00
Harry Maclean
704b58519f Ruby: Include subclasses in more API calls 
Change the behaviour of `API::getInstance()` and `API::getReturn()` to
include results on subclasses of the current API node.
 2022-02-03 11:35:59 +13:00
Chuan-kai Lin
df91ee6616 Python: adjust downgrade script location and format 2022-02-02 14:23:21 -08:00
Erik Krogh Kristensen
7ef051456a upload sarif as part of the QL-for-QL workflow 2022-02-02 20:32:22 +01:00
Tom Hvitved
7b5699d058 C#: Update CIL attributes test 2022-02-02 19:25:30 +01:00
Tom Hvitved
2fe65128a0 C#: Update CIL type annotations test 2022-02-02 19:25:30 +01:00
Tom Hvitved
c4ad237a5c C#: Update expected test output 2022-02-02 19:25:30 +01:00
Tom Hvitved
516bd9f77f C#: Fix deprecation warnings 2022-02-02 19:25:30 +01:00
Tom Hvitved
09c5212ccc C#: Account for explicit interface implementations in OperatorSymbol 2022-02-02 19:25:30 +01:00
Tom Hvitved
d7eeb1fec8 C#: Use .NET 6 2022-02-02 19:25:30 +01:00
Henry Mercer
2c17437092 JS: Run ML-powered queries tests on all PRs modifying relevant files 2022-02-02 18:11:25 +00:00
Henry Mercer
a586be956e JS: Remove versions from packs we don't intend to publish 2022-02-02 18:10:57 +00:00
Geoffrey White
708da8cd62 C++: Increase the query precision to 'high'. 2022-02-02 18:03:25 +00:00
Geoffrey White
4048ba0a1c C++: Fix false positives around terminal output. 2022-02-02 17:59:28 +00:00
Geoffrey White
39a2ffd438 C++: Fix false positives around 'stdin'. 2022-02-02 17:39:14 +00:00
Arthur Baars
6acf49d4da Merge pull request #7814 from aibaars/fix-ql-alerts 
Ruby: fix all QL-QL alerts
 2022-02-02 18:25:38 +01:00
Geoffrey White
cc20969bdd C++: Add test cases based on some remaining real world FPs. 2022-02-02 16:15:59 +00:00
Tony Torralba
4f13bf8941 Merge pull request #6492 from atorralba/atorralba/android-cleartext-storage-database 
Java: Create new query Cleartext storage of sensitive information in Android databases
 2022-02-02 16:23:05 +01:00
Tony Torralba
54e8ea56e8 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-02-02 15:44:26 +01:00
Mathias Vorreiter Pedersen
1aa32b09be Merge pull request #7802 from geoffw0/clrtxt8 
C++: Recognize password struct fields.
 2022-02-02 14:10:40 +00:00
Henry Mercer
7018f6ad40 JS: Add missing @id for endpoint types query 2022-02-02 13:15:15 +00:00
Henry Mercer
e6745dc63a JS: Add Action to run tests for ML-powered queries 2022-02-02 13:15:12 +00:00
Henry Mercer
422919b9d0 JS: Add generated files to .gitattributes 2022-02-02 13:15:04 +00:00
Henry Mercer
fbcb8d6857 JS: Migrate CodeQL tests for ML-powered queries 2022-02-02 13:15:04 +00:00
Arthur Baars
3b05cb621c Address comment 2022-02-02 14:11:45 +01:00
Arthur Baars
33b97f3e0c Update synchronized files 2022-02-02 13:30:45 +01:00
Arthur Baars
fdcef6225b Ruby: fix QL warnings 2022-02-02 13:29:09 +01:00
CodeQL CI
7bb11b837c Merge pull request #7788 from yoff/python/remove-library-annotation 
Approved by tausbn
 2022-02-02 03:51:00 -08:00
Tom Hvitved
712418e5f8 Merge pull request #7781 from hvitved/dataflow/summary-stack-bottom-less-nonlinear 
Data flow: Reduce non-linear recursion in `SummaryComponentStack::bottom`
 2022-02-02 10:35:53 +01:00
Benjamin Muskalla
d4c4e75bac Merge pull request #7268 from bmuskalla/modelDiffAction 
Java: Produce diffs for model generator changes
 2022-02-02 10:30:45 +01:00
Henry Mercer
e622e517d9 Merge pull request #7800 from github/henrymercer/js-atm-add-model-building-pack 
JS: Add model building pack for ML-powered queries
 2022-02-01 20:51:19 +00:00
Harry Maclean
ce0354acb3 Include rust-toolchain.toml in Ruby cache keys 
This ensures that if we change our Rust version, the caches will be
invalidated.
 2022-02-02 08:08:11 +13:00
Harry Maclean
9c32ab7122 rust-toolchain -> rust-toolchain.toml 2022-02-02 08:05:46 +13:00
Harry Maclean
613ecbb418 Ruby: Pin Rust to 1.54 
Add a rust-toolchain file to the Ruby directory, which instructs Rustup
to install a specific version of Rust (1.54). This will be used in CI,
so any use of language features or dependencies that don't support 1.54
will result in a CI failure.

This should ensure we have a documented minimum supported rust version
and an easy to way to update it in the future (update the rust-toolchain
file).
 2022-02-02 08:05:46 +13:00
Geoffrey White
d864af3622 C++: Change note. 2022-02-01 19:00:40 +00:00