hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 12:15:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
67,126 Commits 1,741 Branches 166 Tags
b2deea4606b97ccff75a550313fea66686cf8a69
Commit Graph

67126 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cornelius Riemenschneider
b639f60fa6 Merge pull request #16517 from github/criemen/paket-rewrite 
C#: Reformat project files with `paket`.
 2024-05-17 16:20:25 +02:00
Chuan-kai Lin
1a4c07a1ac Merge pull request #16425 from github/cklin/swift-entities-reorder 
Swift: Use entities in reorder directives
 2024-05-17 06:43:18 -07:00
Chuan-kai Lin
f1047606ad Merge pull request #16418 from github/cklin/cpp-entities-reorder 
C++: Use entities in reorder directives
 2024-05-17 06:43:07 -07:00
yoff
a7a12f17b5 Merge pull request #16512 from yoff/python/allow-provenance-in-additional-taint-steps 
Python: Allow provenance in additional taint steps
 2024-05-17 15:07:12 +02:00
Felicity Chapman
daf19a2468 Merge pull request #16496 from github/felicitymay/sphinx-config 
Stop building the CodeQL for VS Code docs now they've been migrated
 2024-05-17 13:37:36 +01:00
Paolo Tranquilli
ad1188be1f Merge pull request #16518 from github/redsun82/bazel-update 
Bazel: update bazel to version 7.1.2
 2024-05-17 12:14:48 +01:00
Cornelius Riemenschneider
a6ce24dc39 C#: Reformat project files with paket. 
When running `dotnet paket update` or `dotnet paket install`, `paket`
forcefully reformats the project files. This is unfortunate.
One option is to accept these changes, as they're not harmful.
They do mean that each project includes the Paket restore targets individually,
instead of doing so via `Directory.Build.targets`.
Another option would be to not merge this PR, and then I'll document that
the changes to the csproj files should be ignored when running `paket` instead.
I don't really mind either way.
 2024-05-17 12:19:53 +02:00
Paolo Tranquilli
cc4f8e038d Bazel: update bazel to version 7.1.2 2024-05-17 10:52:29 +01:00
Erik Krogh Kristensen
03cf9b702c Merge pull request #14291 from am0o0/amammad-js-CodeInjection_Shelljs 
JS: Shelljs improvement
 2024-05-17 11:14:11 +02:00
Rasmus Lerchedahl Petersen
a568873a8e Python: update test expectations 2024-05-17 10:59:49 +02:00
Rasmus Lerchedahl Petersen
92a5b6f6d6 python: add change note 2024-05-17 10:02:38 +02:00
Rasmus Lerchedahl Petersen
e66cce7fe1 python: add qldoc and refactor 
The logic of which steps an `AdditionalTaintStep` has defined
is now pushed into the defitnion of `AdditionalTaintStep`.
 2024-05-17 09:49:31 +02:00
Michael Nebel
e198d0105f C#: Re-factor the model generator tests. 2024-05-17 09:44:58 +02:00
Michael Nebel
adeff8c602 C#: Convert neutral capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
e3b6ee1aaf C#: Convert type based summary capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
a5fd433c20 C#: Convert sink capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
26f9297d62 C#: Convert source capture test to inline expectation. 2024-05-17 09:44:58 +02:00
Michael Nebel
404b39b6e6 C#: Convert summary capture test to inline expectation. 2024-05-17 09:44:57 +02:00
Michael Nebel
2cda1a207e C#: Add language specific part of the models as data inline expectation. 2024-05-17 09:44:57 +02:00
Michael Nebel
78b8a9259a Share the Models as Data inline expect predicates. 2024-05-17 09:44:57 +02:00
Michael Nebel
e483948c19 Merge pull request #16513 from michaelnebel/csharp/flowsummariestest 
C#: Change the printed information in the Flow summaries tests.
 2024-05-17 09:43:28 +02:00
erik-krogh
384649b336 changes based on review, and improve the new command-injection test 2024-05-17 08:38:54 +02:00
Rasmus Lerchedahl Petersen
d4d6b48f98 python: add test for subclass instance method 2024-05-17 00:03:01 +02:00
Rasmus Lerchedahl Petersen
3d0c42f44d python: rewrite text models to use rich paths 2024-05-17 00:03:01 +02:00
Rasmus Lerchedahl Petersen
a88c007c05 python: Allow dotted paths in type column 2024-05-17 00:03:00 +02:00
Tamas Vajk
a79105e2ae C#: Use nuget.exe from the executing machine instead of always downloading it 2024-05-16 23:15:04 +02:00
erik-krogh
2848ccf0e2 fix frontend errors that Go complained about 2024-05-16 20:06:26 +02:00
erik-krogh
08c0d8ec60 autoformat go files 2024-05-16 19:59:40 +02:00
erik-krogh
9aeebc6f39 update the QHelp to add a "--" example 2024-05-16 19:49:22 +02:00
Owen Mansel-Chan
a8201a19ae Merge pull request #16506 from github/smowton/admin/gradle-version-detection-change-note 
Java: Add change note for Gradle JDK version detection
 2024-05-16 17:11:03 +01:00
Cornelius Riemenschneider
3a224871ee Merge pull request #16476 from github/criemen/update-deps 
C#: Update non-Roslyn thirdparty dependencies
 2024-05-16 17:58:10 +02:00
Alex Ford
19e2af8a1d Merge pull request #13556 from am0o0/amammad-ruby-bombs 
Ruby: Decompression Bombs
 2024-05-16 16:23:02 +01:00
Paolo Tranquilli
92699d18ac Merge pull request #16508 from github/redsun82/updated-prebuilt 
Swift: update prebuilt package
 2024-05-16 14:58:17 +01:00
am0o0
dcadda23cd update expected file 2024-05-16 15:15:27 +02:00
am0o0
f06c3fddd9 fix qhelp, fix duplicate query id 2024-05-16 15:12:31 +02:00
Michael Nebel
18fc92247b C#: Update flowsummaries expected output. 2024-05-16 15:09:04 +02:00
Michael Nebel
763d53afed C#: Remove the override and ext column from the summaries printing test. 2024-05-16 15:08:45 +02:00
Alex Ford
78dc6502f5 Merge branch 'main' into amammad-ruby-bombs 2024-05-16 13:53:31 +01:00
Michael Nebel
b1329fd806 Merge pull request #16362 from michaelnebel/java/removelocalqueries 
Java: Remove local query variants.
 2024-05-16 14:34:04 +02:00
am0o0
42a9962519 make shellJSMember predicate private, improve predicate document 2024-05-16 14:05:06 +02:00
Rasmus Lerchedahl Petersen
4378924785 Python: Example use of provenance for additional taint steps 2024-05-16 14:04:35 +02:00
Rasmus Lerchedahl Petersen
20ea9255a1 Python: Allow provenance in additional taint steps 2024-05-16 14:04:10 +02:00
yoff
ea3cc51286 Merge pull request #16194 from yoff/python/test-constructor-MaD-path 
Python: test the MaD path for constructor calls
 2024-05-16 13:52:30 +02:00
Cornelius Riemenschneider
47f679dc34 C#: Remove version constraints on most dependencies. 
This means that `dotnet paket update` will pull in the
latest matching versions of all dependencies, except
the pinned roslyn versions.
GitInfo also remains pinned, as we're removing that
dependency when converting the build to bazel anyways.

This removes a whole bunch of transitive dependencies
we no longer need, resulting in a smaller distribution,
and hopefully a smaller build.
 2024-05-16 13:51:36 +02:00
Cornelius Riemenschneider
8dc9c95be4 Merge pull request #16376 from github/criemen/dotnet-paket 
C#/C++: Convert C# code to use `paket` package manager
 2024-05-16 13:45:25 +02:00
Owen Mansel-Chan
2dd42f7aa5 Merge pull request #16509 from owen-mc/go/fix-missing-underlying-types 
Go: make two barriers recognise named types whose underlying types are integer types
 2024-05-16 12:41:42 +01:00
Owen Mansel-Chan
2b7394cd42 Merge pull request #16305 from github/go/value-flow-instead-of-taint-flow 
Go: Use value flow instead of taint flow for `go/incorrect-integer-conversion`
 2024-05-16 12:40:53 +01:00
Asger F
499c4df79b Merge pull request #13554 from am0o0/amammad-js-bombs 
JS: Decompression Bombs
 2024-05-16 13:25:41 +02:00
Erik Krogh Kristensen
a2994c073a Merge pull request #16507 from erik-krogh/up-insecure-randomness 
JS: Update the insecure-randomness QHelp
 2024-05-16 12:52:09 +02:00
Owen Mansel-Chan
8cc118f781 Add change note 2024-05-16 11:16:54 +01:00