hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,957 Commits 1,673 Branches 157 Tags
bdad847584a669d58552eaf44933f40acb85d0fa
Commit Graph

50957 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
bdad847584 Merge pull request #12422 from github/redsun82/cpp-scanf-fp 
C++: add false positives to `MissingCheckScanf` test
 2023-03-07 13:29:22 +01:00
Michael B. Gale
7627a53c49 Merge pull request #12371 from github/mbg/csharp/increase-diagnostic-visibility 
C#: Make diagnostics visible everywhere
 2023-03-07 12:13:09 +00:00
Michael B. Gale
974fdd305e Merge pull request #12372 from github/mbg/csharp/check-integration-test-diagnostics 
C#: Add diagnostic checks to all remaining integration tests
 2023-03-07 12:11:47 +00:00
Michael B. Gale
b75f138507 Merge pull request #12385 from github/mbg/csharp/readd-tsp-support 
C#: Add support for the tool status page
 2023-03-07 12:10:52 +00:00
Paolo Tranquilli
429518bcea C++: add further FP to test 2023-03-07 12:03:34 +01:00
Paolo Tranquilli
311cf4e7fd C++: add false positives to MissingCheckScanf test 
See https://github.com/github/codeql/issues/12412 for the initial
report.
 2023-03-07 11:56:05 +01:00
Michael Nebel
40d31120d9 Merge pull request #12264 from michaelnebel/csharp/nugetnet7 
C#: Stub generator improvements.
 2023-03-07 11:30:57 +01:00
Jeroen Ketema
3a4c0a2aae Merge pull request #12389 from jketema/more-deprecated 
C++: Add `deprecated` to predicates that are deprecated according to the QLDoc
 2023-03-07 11:21:43 +01:00
Michael Nebel
676c352819 C#: Update expected test output. 2023-03-07 10:19:26 +01:00
Michael Nebel
e85b2ebd20 C#: Replace stub member comment with file level comment. 2023-03-07 10:19:26 +01:00
Michael Nebel
c8f7304d9b C#: Address review comments. 2023-03-07 10:19:25 +01:00
Michael Nebel
e797b5c226 C#: Narrow the set of declarations where we make explicit interface implementations. 2023-03-07 10:19:25 +01:00
Michael Nebel
d8acc7cd17 C#: Stub generator support for explicit interface implementations of explicit conversion operators including test cases. 2023-03-07 10:19:25 +01:00
Michael Nebel
59349ed7c7 C#: Add test cases for static and virtual operators in interfaces and overlapping interface declarations. 2023-03-07 10:19:25 +01:00
Michael Nebel
50570dc3ee C#: Only add explicit interface implementation to the generated stub if it is unique. 2023-03-07 10:19:25 +01:00
Michael Nebel
5ba59fc9a8 C#: Stub generator support for operators in interfaces and interface implementations. 2023-03-07 10:19:25 +01:00
Michael Nebel
b68e78d908 C#: Stub generator support for static virtual and static abstract interface members. 2023-03-07 10:19:25 +01:00
Michael Nebel
aa4b98bbd5 C#: The stub generator should just format whitespaces. 2023-03-07 10:19:25 +01:00
Tom Hvitved
9b02eb729f Merge pull request #12419 from hvitved/ruby/stored-xss-config-rewrite 
Ruby: Rewrite Stored XSS query to use new data flow interface
 2023-03-07 09:46:08 +01:00
Jeroen Ketema
c9bccd9b43 C++: Fix more tests that used deprecated function 2023-03-07 09:01:13 +01:00
Tom Hvitved
b6a709df50 Ruby: Rewrite Stored XSS query to use new data flow interface 2023-03-07 07:23:27 +01:00
Mathias Vorreiter Pedersen
ff53e53e8c Merge pull request #12236 from MathiasVP/language-specific-field-flow-branch-limit-term 
Dataflow: Add a language specific term to `join` and `branch`
 2023-03-06 16:59:09 +00:00
Mathias Vorreiter Pedersen
92ad099c1b DataFlow: Remove bindingsets, remove the call column, and swap parameter and argument columns. 2023-03-06 13:47:59 +00:00
Mathias Vorreiter Pedersen
3bf28cc752 DataFlow: Sync identical files. 2023-03-06 13:46:21 +00:00
Mathias Vorreiter Pedersen
9647b6a3f5 Swift: Add stub. 2023-03-06 13:45:04 +00:00
Mathias Vorreiter Pedersen
e6b6369a21 Ruby: Add stub. 2023-03-06 13:44:59 +00:00
Mathias Vorreiter Pedersen
5ebd50044f Python: Add stub. 2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen
4720e2a30a Java: Add stub. 2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen
067abacbb8 Go: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
b667e0136f C#: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
05314b48e8 C++: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
6e8a2a6375 DataFlow: Add a language-specific predicate for modifying 'branch' and 'join'. 2023-03-06 13:44:19 +00:00
Geoffrey White
56b6441ef5 Merge pull request #12391 from geoffw0/ptrout 
Swift: Permit data flow out through pointer arguments
 2023-03-06 13:37:22 +00:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
dependabot[bot]
3538cf89b9 Merge pull request #12404 from github/dependabot/cargo/ql/serde_json-1.0.94 2023-03-06 09:55:33 +00:00
Arthur Baars
d2ab40c184 Merge pull request #12208 from gregxsunday/main 
Add ZipSlip and TarSlip query to ruby
 2023-03-06 10:40:06 +01:00
dependabot[bot]
ce5e76a3a0 Bump serde_json from 1.0.93 to 1.0.94 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 09:32:26 +00:00
Anders Schack-Mulligen
557cb17f4d Dataflow: Minor perf fix for single config wrapper. 2023-03-06 10:24:33 +01:00
Calum Grant
b8e123dc08 Merge pull request #12402 from github/dependabot/cargo/ruby/serde_json-1.0.94 
Bump serde_json from 1.0.93 to 1.0.94 in /ruby
 2023-03-06 09:24:21 +00:00
Anders Schack-Mulligen
d4c5877484 Merge pull request #3 from MathiasVP/fix-exec-tainted 
C++: Use refactored dataflow library in `cpp/command-line-injection`
 2023-03-06 09:32:34 +01:00
Jeroen Ketema
72d03e4060 C++: Fix test that used deprecated function 2023-03-06 09:07:52 +01:00
dependabot[bot]
f93b304578 Bump serde_json from 1.0.93 to 1.0.94 in /ruby 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 04:15:01 +00:00
Geoffrey White
6f120a66d0 Merge pull request #12368 from geoffw0/taintarith3 
Swift: Fill some gaps in arithmetic / bitwise operations modelling
 2023-03-03 18:20:54 +00:00
Geoffrey White
9aaf30691c Merge pull request #12307 from geoffw0/stringconflationtaint 
Swift: Update swift/string-length-conflation to taint tracking
 2023-03-03 17:27:15 +00:00
Geoffrey White
c29dcefcf2 Swift: Fix .expected file. Locations had changed after the formatting fix. 2023-03-03 17:24:07 +00:00
Geoffrey White
395bf675fe Swift: Make the test work on Linux. 2023-03-03 17:14:57 +00:00
Jeroen Ketema
aa00424b75 C++: Fix experimental query that uses the deprecated freeCall predicate 2023-03-03 17:53:49 +01:00
Geoffrey White
2d889304bb Swift: Some cases in the SqlInjection test are fixed by this. 2023-03-03 16:49:13 +00:00
Geoffrey White
b2bcb2d378 Swift: Fix formatting. 2023-03-03 16:32:21 +00:00
Chris Smowton
d4e02eb846 Merge pull request #12384 from smowton/smowton/admin/java-tsp-message-cleanup 
Java TSP: test changes re: formatting improvements
 2023-03-03 16:24:35 +00:00