hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-19 11:51:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
88,023 Commits 1,782 Branches 169 Tags
b15a1afa244e8a8b1bbd901bbdd60bf22c351cd2
Commit Graph

2726 Commits

Author SHA1 Message Date
Michael Nebel
e94d279234 Merge pull request #21984 from forks-felickz/felickz/razor-page-handler-sources 
C#: Add Razor Page handler method parameters as remote flow sources
 2026-06-16 13:15:51 +02:00
Michael Nebel
01454d76c2 Merge pull request #21881 from michaelnebel/csharp/propertycalls 
C#: Property- and Indexer call targets for partial overrides.
 2026-06-16 08:46:33 +02:00
Michael Nebel
859ad1d8d0 Merge pull request #21877 from michaelnebel/csharp/spanaccessrange 
C#: Extract `.Slice` method call when using a span in conjunction with a range.
 2026-06-16 08:42:57 +02:00
Chad Bentz
c08c0e9ae5 Merge branch 'main' into felickz/razor-page-handler-sources 2026-06-15 11:35:54 -04:00
Michael Nebel
c31b594bbc C#: Address review comments. 2026-06-15 16:17:46 +02:00
Michael Nebel
ab4f170780 Merge pull request #21909 from michaelnebel/csharp/refactoroperations 
C#: Refactor- and rename operation expressions.
 2026-06-15 12:35:39 +02:00
Michael Nebel
d0841d2283 C#: Address review comments. 2026-06-15 11:04:59 +02:00
Chad Bentz
23567eba3d C#: Add change note for Razor Page handler flow sources 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-06-12 19:53:00 -04:00
Chad Bentz
ce9e61dbfd C#: Add Razor Page handler method parameters as remote flow sources 
ASP.NET Core Razor Page handler method parameters (OnGet, OnPost, etc.)
were not modeled as remote flow sources, causing security queries like
SQL injection to miss vulnerabilities in PageModel subclasses.

This adds AspNetCorePageHandlerMethodParameter, analogous to the existing
AspNetCoreActionMethodParameter for MVC controllers, using the existing
PageModelClass.getAHandlerMethod() from Razor.qll.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-06-12 19:50:12 -04:00
Michael Nebel
346d140c87 C#: Add change-note. 2026-06-12 15:33:49 +02:00
Michael Nebel
9f0feb467a C#: Add upgrade/downgrade scripts. 2026-06-12 15:26:16 +02:00
Anders Schack-Mulligen
ff61344afa Cfg: Add support for until-statements. 2026-06-12 13:55:05 +02:00
Michael Nebel
8d46bfcbd4 C#: Update some of the QL docs. 2026-06-12 12:41:27 +02:00
Michael Nebel
f0640d78d2 C#: Deprecate the operation module. 2026-06-12 12:41:24 +02:00
Michael Nebel
fb9e4a8c40 C#: Move logical operation class from Operation.qll to LogicalOperation.qll. 2026-06-12 12:41:22 +02:00
Michael Nebel
3c407f77a9 C#: Update the QL library implementation for logical operations. 2026-06-12 12:41:19 +02:00
Michael Nebel
9465a1d063 C#: Update DB scheme for logical assignments and expressions (and some other minor changes). 2026-06-12 12:41:16 +02:00
Michael Nebel
072c4837d2 C#: Move bitwise operation classes from Operation.qll to BitwiseOperation.qll. 2026-06-12 12:41:14 +02:00
Michael Nebel
524330c188 C#: Update the QL library implementation for Bitwise operations. 2026-06-12 12:41:09 +02:00
Michael Nebel
7d54669696 C#: Update DB scheme for bitwise assignments and expressions (and some other minor changes). 2026-06-12 12:41:06 +02:00
Michael Nebel
951a26a01a C#: Move arithmetic like classes from Operation.qll to ArithmeticOperation.qll. 2026-06-12 12:41:03 +02:00
Michael Nebel
2bbcc1e88c C#: Update the QL library implementation for Arithmetic operations. 2026-06-12 12:41:01 +02:00
Michael Nebel
d101e45efc C#: Update DB scheme for arithmetic assignments and expressions (and some other minor changes). 2026-06-12 12:40:58 +02:00
Anders Schack-Mulligen
f3ec7087e3 Cfg: Fix type. 2026-06-12 10:02:48 +02:00
Michael Nebel
0a0867a34f C#: Add change-note. 2026-06-12 10:01:13 +02:00
Michael Nebel
b280dd51f2 C#: Use the first getter/setter when calling a property (override can apply to only a getter or a setter). 2026-06-12 10:01:08 +02:00
Michael Nebel
330b4e7ebc C#: Address other CoPilot review comments. 2026-06-12 09:41:02 +02:00
Michael Nebel
edc1c150a0 C#: Update change note. 2026-06-12 09:40:47 +02:00
Michael Nebel
b8edde6d44 C#: Add change-note. 2026-06-12 09:40:35 +02:00
Anders Schack-Mulligen
01173bf383 Cfg: Fold getTryInit into indexed getBody. 2026-06-08 14:03:12 +02:00
BazookaMusic
d2972cb53f Add back alias for module 2026-06-04 11:08:49 +02:00
BazookaMusic
f34275636c No duplicate Ssa and remove release changenot 2026-06-03 11:54:24 +02:00
BazookaMusic
0a801440b9 review comments 2026-06-03 10:48:50 +02:00
BazookaMusic
c610af88d3 fix comment and add overlay[local?] 2026-06-01 18:18:37 +02:00
Sotiris Dragonas
019a5c01ad Merge branch 'main' into bazookamusic/range-analysis-bound-move-to-shared 2026-06-01 18:10:02 +02:00
BazookaMusic
71a363545a formatting 2026-06-01 15:24:06 +02:00
Henry Mercer
a16f1c555c Merge pull request #21912 from github/post-release-prep/codeql-cli-2.25.6 
Post-release preparation for codeql-cli-2.25.6
 2026-05-29 14:43:56 +01:00
github-actions[bot]
cfb18c2477 Post-release preparation for codeql-cli-2.25.6 2026-05-29 12:04:35 +00:00
github-actions[bot]
8b6f969cdb Release preparation for version 2.25.6 2026-05-29 11:27:54 +00:00
Henry Mercer
9bc0c1b1ab Revert "Release preparation for version 2.25.6" 2026-05-29 12:13:50 +01:00
Michael Nebel
ed8b9c29cc Merge pull request #21866 from michaelnebel/csharp/refreturnindexerproperty 
C#: Property- and Indexer calls for ref return properties and indexers.
 2026-05-28 12:31:17 +02:00
BazookaMusic
acb5c0e70f missed changes 2026-05-27 17:23:45 +02:00
github-actions[bot]
44a914e40f Release preparation for version 2.25.6 2026-05-25 10:23:26 +00:00
Óscar San José
996e79131e Merge branch 'main' into post-release-prep/codeql-cli-2.25.5 2026-05-22 16:32:30 +02:00
Michael Nebel
871f307fa4 Merge pull request #21871 from michaelnebel/csharp14/updatedocumentation 
C# 14: Update documentation and claim C# 14 / .NET 10 support.
 2026-05-22 10:54:36 +02:00
Owen Mansel-Chan
039b5927f0 C#: update ForStmt wrapper class 2026-05-21 13:45:30 +01:00
Michael Nebel
e408540d36 Potential fix for pull request finding 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-05-20 11:08:41 +02:00
Michael Nebel
462a7bc423 C#: Add change-note. 2026-05-20 10:59:52 +02:00
Michael Nebel
6825ccc74f C#: Add change-note. 2026-05-19 14:24:08 +02:00
Michael Nebel
c3bb5e8eff C#: Use ref return getters for properties/indexers in write contexts. 2026-05-19 14:24:00 +02:00