hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,288 Commits 1,703 Branches 162 Tags
b45d079a01e4130ee3a9c18ff61b8ce07e665bd1
Commit Graph

48288 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
b45d079a01 Java: Move and rename externalflow related extensible predicates. 2022-12-14 13:43:34 +01:00
Michael Nebel
9fc1b3ac82 C#: Rename predicates in tests. 2022-12-14 13:43:34 +01:00
Michael Nebel
b5e7ba6135 C#: Rename extensible predicate in data extension definitions. 2022-12-14 13:43:34 +01:00
Michael Nebel
596c2c0345 C#/Java: Rename the modelgenerator and converter predicate names. 2022-12-14 13:43:34 +01:00
Michael Nebel
6d7401de7d C#: Rename the extensible predicates related to external flow. 2022-12-14 13:43:34 +01:00
Henry Mercer
6023a1225c Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4 
JS: Bump version numbers of ML-powered packs after 0.4.4 release
 2022-12-14 10:27:00 +00:00
Tamás Vajk
a6d227d52e Merge pull request #11599 from igfoo/igfoo/diags 
Java/Kotlin: Update the diagnostic severity documentation
 2022-12-14 10:13:30 +01:00
Michael Nebel
54701f539e Merge pull request #11683 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-12-14 09:41:23 +01:00
Paolo Tranquilli
a80e9206c8 Merge pull request #11639 from github/alexdenisov/switch-to-bootstrapped-swift 
Swift: switch to bootstrapped Swift compiler
 2022-12-14 09:04:19 +01:00
github-actions[bot]
d905bed92f Add changed framework coverage reports 2022-12-14 00:17:01 +00:00
Erik Krogh Kristensen
8a89849476 Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Tamás Vajk
8e500ec0f3 Merge pull request #11675 from tamasvajk/kotlin-error-expr-consistency 
Kotlin: Report CFG dead end consistency issues on `ErrorExpr`
 2022-12-13 20:22:47 +01:00
Edward Minnix III
a85de2b5f4 Merge pull request #10865 from egregius313/egregius313/android-activity-alias 
Java: Add library support for activity-alias elements in AndroidManifest.qll
 2022-12-13 11:52:01 -05:00
Jami
9b0163ce22 Merge pull request #11624 from jcogs33/jcogs33/exclude-paramless-constructors-from-dataflowtargetapi 
Java/C#: exclude parameterless constructors from `DataFlowTargetApi`
 2022-12-13 10:05:57 -05:00
Tamas Vajk
5cc2868857 Kotlin: Report CFG dead end consistency issues on ErrorExpr 2022-12-13 15:51:33 +01:00
Asger F
bfe9ee3ead Merge pull request #11672 from asgerf/js/extensions 
JS: Add data extension sinks
 2022-12-13 15:34:11 +01:00
Henry Mercer
423374a7b8 Merge branch 'main' into codeql-ci/atm/release-0.4.4 2022-12-13 14:26:21 +00:00
github-actions[bot]
745823ca60 JS: Bump version of ML-powered library and query packs to 0.4.5 2022-12-13 13:32:52 +00:00
github-actions[bot]
ea13925a92 JS: Bump patch version of ML-powered library and query packs 2022-12-13 13:28:09 +00:00
Alex Denisov
ee94849528 Swift: switch to bootstrapped Swift compiler 2022-12-13 13:59:13 +01:00
Asger F
6b15839221 JS: Add tests for the examples used in the docs 2022-12-13 11:33:12 +01:00
Asger F
ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
Michael Nebel
b8ef961498 Merge pull request #9415 from JarLob/sockets 
Add TCP and UDP socket client taint sources
 2022-12-13 10:39:33 +01:00
AlexDenisov
73196fd732 Merge pull request #11669 from github/redsun82/swift-wrapper 
Swift: wrap extractor with shell script
 2022-12-13 09:46:42 +01:00
Paolo Tranquilli
0dc717fd9c Swift: remove no more needed library path setting in qltest.sh 2022-12-13 09:13:43 +01:00
Paolo Tranquilli
03d7adb303 Swift: wrap extractor with shell script 
This is in preparation for the extractor to use shared libraries
packaged alongside it.

We could probably also move the `CODEQL_EXTRACTOR_SWIFT_RUN_UNDER` logic
in it, where it would be simpler and more robust.
 2022-12-13 09:07:37 +01:00
yoff
557a5b469f Merge pull request #11555 from pwntester/new_python_cmdi_sinks 
Added two new CMDi sinks for python's stdlib
 2022-12-13 09:00:34 +01:00
Jami Cogswell
22f8d97f31 C#: add test case 2022-12-12 13:28:01 -05:00
Jami Cogswell
446ac75c87 Java: update unit test 2022-12-12 13:28:01 -05:00
Jami Cogswell
39154b1455 C#: add isParameterless predicate to Constructor class 2022-12-12 13:28:00 -05:00
Jami Cogswell
5113041623 Java: add isParameterless predicate to Constructor class 2022-12-12 13:28:00 -05:00
Jami Cogswell
a8a8b03d2f C#: exclude parameterless constructors from DataFlowTargetApi 2022-12-12 13:28:00 -05:00
Jami Cogswell
16d8e8e931 Java: exclude parameterless constructors from DataFlowTargetApi 2022-12-12 13:28:00 -05:00
Erik Krogh Kristensen
636d5e341c Merge pull request #11652 from erik-krogh/static-useInstanceOf 
Java/C#/GO: Use instanceof in more places
 2022-12-12 17:52:04 +01:00
Edward Minnix III
0ebfee8b11 Merge pull request #11241 from egregius313/egregius313/webview-file-access 
Java: Query to detect Android Webview file access
 2022-12-12 11:12:26 -05:00
erik-krogh
b3a9c1ca06 Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
Erik Krogh Kristensen
4ff823c36b Merge pull request #11366 from p-/p--ruby-kernel-open-addition 
Ruby: Add additional sinks to the `rb/kernel-open` query
 2022-12-12 15:56:01 +01:00
erik-krogh
873d3553cd Merge branch 'main' into static-useInstanceOf 2022-12-12 15:36:54 +01:00
Tom Hvitved
912aa461c7 Merge pull request #11654 from hvitved/ruby/stage-collapse 
Ruby: Ensure `Node::{toString,getLocation}` are computed in data flow stage
 2022-12-12 13:57:47 +01:00
Michael Nebel
0fdf9a42f2 C#: Cleanup and make the last StreamReader model explicit on its input. 2022-12-12 13:21:26 +01:00
JarLob
1d303e0470 C#: Add remote type source kind in model validation. 2022-12-12 12:56:14 +01:00
Jaroslav Lobačevski
340fd8ae4e C#: Add change note. 2022-12-12 12:56:14 +01:00
Jaroslav Lobačevski
204a1d3d06 C#: Add source TCP/UDP source models and StreamReader summary models. 2022-12-12 12:56:14 +01:00
Chris Smowton
2bdc9e80de Merge pull request #11625 from smowton/smowton/admin/autoformat-docs-ql-files 
Autoformat docs ql files
 2022-12-12 10:37:35 +00:00
Mathias Vorreiter Pedersen
b2fcf87e6a Merge pull request #11638 from jketema/rewrite-tainted-path-v2 
C++: Use `FlowSource` in `cpp/path-injection`
 2022-12-12 10:08:15 +00:00
Chris Smowton
77004f3e15 Merge pull request #11258 from smowton/smowton/feature/kotlin-annotation-extraction 
Kotlin: extract annotations
 2022-12-12 09:52:49 +00:00
Michael Nebel
e0f1b38439 Merge pull request #11580 from michaelnebel/renamenegativemodels 
C#/Java: Rename Negative Summary Model to Neutral Model
 2022-12-12 07:59:06 +01:00
Harry Maclean
6c8896d83f Merge pull request #11337 from hmac/actionmailbox 
Ruby: Model ActionMailbox
 2022-12-12 10:29:23 +13:00
Tom Hvitved
58549087e0 Ruby: Ensure Node::{toString,getLocation} are computed in data flow stage 2022-12-11 20:37:24 +01:00
Tom Hvitved
367aa35d8c Ruby: Avoid SummarizedCallable::propagatesFlowExt being recursive 2022-12-11 20:37:23 +01:00