hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,666 Commits 1,671 Branches 157 Tags
afec9b05e9d52e2c7efcd4004cad80db92e2e2c1
Commit Graph

810 Commits

Author SHA1 Message Date
Michael Nebel
afec9b05e9 Merge pull request #13147 from michaelnebel/csharp/entityframeworkrefactor 
C#: Use synthetic global in the EntityFramework code instead of jump steps.
 2023-06-14 13:47:56 +02:00
Anders Schack-Mulligen
1a4fca334f Merge pull request #13273 from aschackmull/dataflow/summarynode-refactor 
Dataflow: Refactor FlowSummaryImpl to synthesize nodes independently from DataFlow::Node.
 2023-06-14 09:38:36 +02:00
Anders Schack-Mulligen
2d616d494e C#/Ruby: Add fields as per review comments. 2023-06-13 11:26:30 +02:00
Jeroen Ketema
d035491c6f Go: Remove commented out code from test 2023-06-13 10:13:42 +02:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
Anders Schack-Mulligen
5062442982 Go/Python/Ruby/Swift: Add stub. 2023-06-09 15:39:28 +02:00
Anders Schack-Mulligen
98f51d7f29 Dataflow: Sync. 2023-06-09 15:39:28 +02:00
Anders Schack-Mulligen
5eb278095c Go: Fix tests. 2023-06-09 15:39:28 +02:00
Anders Schack-Mulligen
6020e4d0e3 C#/Go/Python/Ruby/Swift: Fix some more references. 2023-06-09 15:30:38 +02:00
Anders Schack-Mulligen
e6e4cef35e Go: Adjust to FlowSummaryImpl changes. 2023-06-09 15:27:17 +02:00
Anders Schack-Mulligen
2cc5bde925 Dataflow: Sync. 2023-06-09 15:27:17 +02:00
Jeroen Ketema
97c4f497bc Go: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:41:21 +02:00
Anders Schack-Mulligen
d230509905 Dataflow: Address review comments. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
4399138c82 Dataflow: Fix QL4QL alert. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
53f2b8aab0 Dataflow: Sync. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
fd832416d8 Dataflow: Add empty type strengthening predicate for languages without type pruning. 2023-06-09 08:37:35 +02:00
Anders Schack-Mulligen
e8cea79f1d Dataflow: Sync. 2023-06-09 08:37:35 +02:00
Owen Mansel-Chan
55fe318f5a Merge pull request #13397 from owen-mc/go/document-build-environment-recommendations 
Add Go version table for --identify-environment
 2023-06-07 17:06:13 +01:00
Owen Mansel-Chan
69854638b6 Add Go version table for --identify-environment 2023-06-07 15:51:21 +01:00
Michael B. Gale
06d48dca67 Merge pull request #13211 from github/mbg/identify-environment-stubs 
Shared: Add stubs for `identify-environment` scripts
 2023-06-05 10:29:06 +01:00
Jeroen Ketema
7b17b92aca Fix typo in spelling of expectation 2023-06-02 10:36:11 +02:00
Michael Nebel
06b02eb3ce Sync files. 2023-06-01 09:30:31 +02:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Michael Nebel
915042a881 Minor cleanup and sync files. 2023-05-26 12:25:00 +02:00
Michael Nebel
b794627335 Go: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Michael B. Gale
631ba6584d Go: Update identify-environment JSON format 
The spec changed after this was implemented and merged
 2023-05-26 10:13:40 +01:00
Michael B. Gale
af803c8886 Go: include new scripts in Makefile 2023-05-26 10:13:40 +01:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Chris Smowton
99c211955b Hotfix: Go: exclude method receivers from dead-store-of-field query 2023-05-23 14:31:25 +01:00
Chris Smowton
8b28848c82 Merge pull request #13250 from smowton/smowton/hotfix/golang-field-store-varargs-function 
Hotfix: Go: count passing to a vararg function as escaping
 2023-05-23 12:03:48 +01:00
Chris Smowton
d5d56cde5a Dead store of field: count passing to a vararg function as escaping 2023-05-23 10:51:21 +01:00
github-actions[bot]
7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
Owen Mansel-Chan
1a9bd9ccde Merge pull request #13135 from owen-mc/go/fix-unit-test 
Go: fix unit test
 2023-05-16 07:50:50 +01:00
Kasper Svendsen
7c5625a4dc Go: Make implicit this receivers explicit 2023-05-12 12:14:13 +02:00
Chris Smowton
ee64ea59e1 Merge pull request #12901 from porcupineyhairs/goDsn 
Go: Add query to detect DSN Injection.
 2023-05-11 22:45:43 +01:00
Chris Smowton
820673470e Merge pull request #13119 from porcupineyhairs/goTiming 
Go : Add query to detect potential timing attacks
 2023-05-11 22:38:13 +01:00
Chris Smowton
99f4eef9c5 Fix spelling 2023-05-11 22:12:35 +01:00
Chris Smowton
a10b11e09e Fix spelling and remove dead code 2023-05-11 22:12:17 +01:00
Chris Smowton
b6c2db6baf Fix duplicate query ID 2023-05-11 22:10:09 +01:00
Porcupiney Hairs
2c518c1fa6 Include changes from review 2023-05-12 01:59:42 +05:30
Porcupiney Hairs
ae6fda03b7 Include changes from review 2023-05-11 23:56:50 +05:30
Owen Mansel-Chan
77c8357705 Do not obscure exit code with call to grep 
The output is a bit more verbose, but this is hard to avoid
 2023-05-11 18:15:41 +01:00
Owen Mansel-Chan
3981bb1f58 Indent comment in Makefile better 2023-05-11 17:12:27 +01:00
Owen Mansel-Chan
760ba82c7a Fix unit tests 2023-05-11 16:40:59 +01:00
Owen Mansel-Chan
1beb348d95 Fix outdated message 2023-05-11 14:29:14 +01:00
Owen Mansel-Chan
02a224c28f --identify-environment should write json to stdout 2023-05-11 14:29:14 +01:00
Owen Mansel-Chan
874a426779 Add identify-environment scripts 2023-05-11 11:51:42 +01:00
Owen Mansel-Chan
b306807046 Merge pull request #13040 from owen-mc/go/identify-environment-change-logic 
Go: change logic in `go-autobuilder --identify-environment`
 2023-05-11 08:22:01 +01:00
Porcupiney Hairs
d536157c1a Go : Add query to detect potential timing attacks 2023-05-11 09:57:50 +05:30
Owen Mansel-Chan
5ef74c96de Merge pull request #13105 from owen-mc/go/change-diagnostic-message 
Go: Update "go/autobuilder/package-not-found" diagnostic message
 2023-05-11 05:27:09 +01:00