hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 19:32:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
43,284 Commits 1,686 Branches 158 Tags
be21b26d46195ec486707300f5abb0bcfd3034be
Commit Graph

43284 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
AlexDenisov
be21b26d46 Merge pull request #10045 from github/alexdenisov/swift-cwe-757 
Swift: CWE-757: insecure TLS configuration
 2022-09-12 15:25:15 +02:00
Erik Krogh Kristensen
818601b612 Merge pull request #10285 from erik-krogh/paramClass 
ReDoS: convert RelevantState to a class in the PrefixConstruction module
 2022-09-12 15:23:19 +02:00
AlexDenisov
568eb3a118 Update swift/ql/src/queries/Security/CWE-757/InsecureTLS.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-12 14:00:29 +02:00
Erik Krogh Kristensen
3384521fb6 Merge pull request #10357 from erik-krogh/typos 
make a shared library of the typo database
 2022-09-12 11:24:03 +02:00
Erik Krogh Kristensen
cb95e8f263 Merge pull request #10351 from erik-krogh/moreMains 
JS: find a main module in more cases
 2022-09-12 11:01:17 +02:00
Arthur Baars
7ca2e4c51f Merge pull request #9953 from aibaars/update-grammar 
Update tree-sitter-ruby
 2022-09-12 10:51:37 +02:00
Ian Lynagh
c7e3051edd Merge pull request #10239 from tamasvajk/kotlin-fix-declaration-stack 
Kotlin: Fix declaration stack
 2022-09-09 16:03:31 +01:00
Tamás Vajk
05fcbdd9e3 Merge pull request #10365 from tamasvajk/kotlin-fix-isUnspecialised-2 
Kotlin: Fix `isUnspecialised` to handle generic classes inside generic methods
 2022-09-09 16:27:19 +02:00
Rasmus Wriedt Larsen
89a331f186 Merge pull request #10359 from tausbn/python-clean-up-import-resolution 
Python: Clean up module resolution
 2022-09-09 15:09:43 +02:00
Tamas Vajk
b8b0fd8a74 Kotlin: Fix isUnspecialised to handle generic classes inside generic methods 2022-09-09 14:32:38 +02:00
Tony Torralba
569fad667a Merge pull request #10360 from atorralba/atorralba/fix-taint-implicit-reads 
Dataflow: Fix implicit reads in taint tracking when FlowStates are used
 2022-09-09 14:28:39 +02:00
erik-krogh
5010f89683 move resolveMainPath into a separate helper predicate 2022-09-09 14:26:07 +02:00
erik-krogh
6a2fa2e37d add -dev to the codeql/typos version 2022-09-09 12:33:43 +02:00
Tamas Vajk
3267d7c96e Kotlin: Add test case with various nested generics 2022-09-09 11:09:50 +02:00
Michael Nebel
15db520a58 Merge pull request #10362 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-09-09 11:06:09 +02:00
Tony Torralba
1078cf091e Add change notes for all languages 2022-09-09 10:28:36 +02:00
Erik Krogh Kristensen
9893650f7c Merge pull request #8604 from erik-krogh/httpNode 
JS: refactor most library models away from AST nodes
 2022-09-09 10:04:17 +02:00
Erik Krogh Kristensen
25b988d179 Merge pull request #10356 from erik-krogh/selRandom 
JS: add taint-step in js/insecure-randomness for selecting a random element
 2022-09-09 09:59:25 +02:00
erik-krogh
1ec77136ec depend on an explicit version of the typo database 2022-09-09 08:37:38 +02:00
github-actions[bot]
ea1cdf90a1 Add changed framework coverage reports 2022-09-09 00:21:07 +00:00
Taus
5ce60d028d Python: Remove ImportStar import. 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-09-08 22:01:58 +02:00
erik-krogh
aee72357b8 find a main module in more cases 2022-09-08 20:21:31 +02:00
Tony Torralba
7db1eb98f5 Sync files 2022-09-08 17:32:03 +02:00
Tony Torralba
1b87167d96 Add implicit reads for FlowState sinks and steps 2022-09-08 17:26:59 +02:00
Tony Torralba
d5f101d7e6 Add implicit read FlowState test 2022-09-08 17:19:39 +02:00
Robert Marsh
0feeafd0ac Merge pull request #10339 from MathiasVP/dont-use-get-unique-id-in-range-analysis 
C++: Don't use `getUniqueId` in range analysis
 2022-09-08 11:13:43 -04:00
Taus
366c574308 Python: Move import logic into its own module 2022-09-08 14:52:08 +00:00
Mathias Vorreiter Pedersen
594c40a375 Merge pull request #10355 from MathiasVP/fix-unequalIntegralSsa-standard-order 
C++: Avoid bad standard order in range analysis
 2022-09-08 14:58:44 +01:00
erik-krogh
88f295fbb1 make a shared library of the typo database 2022-09-08 15:49:43 +02:00
Tom Hvitved
b3653cc3d0 Merge pull request #10216 from hvitved/ssa/shared-lib 
SSA: Create a new `codeql/shared-ssa` library pack and move implementation there
 2022-09-08 15:39:29 +02:00
Tom Hvitved
e3948e6683 Merge pull request #10354 from hvitved/ruby/convert-flow-test 
Ruby: Convert data-flow test to use inline test expectations
 2022-09-08 15:20:58 +02:00
erik-krogh
a21a4275f3 add taint-step in js/insecure-randomness for selecting a random element 2022-09-08 15:00:00 +02:00
Mathias Vorreiter Pedersen
f119b50c2f C++: Predicate factoring to prevent a bad standard order. 2022-09-08 13:55:27 +01:00
Tom Hvitved
46127f9f59 Ruby: Convert data-flow test to use inline test expectations 2022-09-08 14:32:21 +02:00
Taus
8b8e74cc9a Merge pull request #10314 from RasmusWL/revert-alert-msgs-change 2022-09-08 13:00:47 +02:00
Asger F
df90b99b67 Merge pull request #10348 from RasmusWL/ruby-fix 
Ruby: Fix ActiveResource HTTP client request modeling
 2022-09-08 12:59:27 +02:00
Erik Krogh Kristensen
57bf92a70c Merge pull request #10347 from erik-krogh/mermaid 
JS: add a markdown step through the `mermaid` library
 2022-09-08 12:41:58 +02:00
Rasmus Wriedt Larsen
978c165cf4 Ruby: Fix ActiveResource HTTP client request modeling 
This was a conflict between the merge of
https://github.com/github/codeql/pull/9974 and
https://github.com/github/codeql/pull/10114
 2022-09-08 12:14:18 +02:00
Rasmus Wriedt Larsen
1d834799a2 Merge pull request #10114 from RasmusWL/shared-http-client-request 
Ruby/Python: Shared HTTP client request concept
 2022-09-08 11:58:06 +02:00
Jeroen Ketema
9a923d8239 Merge pull request #10311 from jketema/more-builtins 
C++: Support more builtin operations
 2022-09-08 11:55:22 +02:00
Ian Lynagh
b62193d4bf Merge pull request #10333 from igfoo/igfoo/extractStaticInitializer2 
Kotlin: Remove a cast from extractStaticInitializer
 2022-09-08 10:51:36 +01:00
Alex Denisov
a8a2c9e212 Swift: CWE-757: update severity 2022-09-08 10:40:16 +02:00
Alex Denisov
d455a557be Swift: CWE-757: update docs and user facing text 2022-09-08 10:31:23 +02:00
Tom Hvitved
ac307137ad Merge pull request #10341 from hvitved/ruby/inline-getavaluereachablefromsource 
Ruby: Inline `getAValueReachableFromSource`
 2022-09-08 10:20:43 +02:00
Jeroen Ketema
6330be3902 C++: Update DB scheme stats file 2022-09-08 10:06:57 +02:00
Jeroen Ketema
04000be050 C++: Add DB scheme upgrade and downgrade scripts 2022-09-08 10:06:57 +02:00
Jeroen Ketema
1140d27bda C++: Add tests for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
2410321acf C++: Add change note for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
23b9b07f28 C++: Support more builtin operations 2022-09-08 10:06:57 +02:00
Alex Denisov
d18ad665b6 Swift: CWE-757: Insecure TLS configuration 2022-09-08 09:34:04 +02:00