hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 15:16:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,188 Commits 1,700 Branches 161 Tags
be245dd4b296ccfae51155cbfec791b1bca00a60
Commit Graph

65188 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael B. Gale
781486172e Merge pull request #15534 from github/dependabot/go_modules/go/extractor/extractor-dependencies-cd731e5d14 2024-02-07 08:35:11 +00:00
Michael Nebel
167a8f0e4a Merge pull request #15459 from michaelnebel/csharp/spansummaries 
C#: Add summaries for Span<T> and ReadOnlySpan<T>.
 2024-02-07 08:54:19 +01:00
Tamás Vajk
54c9135936 Merge pull request #15518 from tamasvajk/feature/telemetry-dependency-manager 
C#: Extract dependency restore telemetry data
 2024-02-07 08:14:01 +01:00
dependabot[bot]
565426940c Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.14.0 to 0.15.0
- [Commits](https://github.com/golang/mod/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-07 03:32:07 +00:00
Robert Marsh
5653c3f972 C++: Update IR test expectations for named destructors 2024-02-06 21:04:52 +00:00
Jonathan Leitschuh
1484a169d7 Reduce severity of java/relative-path-command 
Significantly reduces the severity of `java/relative-path-command` from 9.8 to 5.4

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
 2024-02-06 15:43:19 -05:00
Mathias Vorreiter Pedersen
3b43f848c9 Merge pull request #15529 from MathiasVP/delete-get-interval-updated-by-chi 2024-02-06 19:55:24 +00:00
Henry Mercer
e71f0fc1ba Add supported build modes to extractor metadata 2024-02-06 19:51:13 +00:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
Benjamin Rodes
80bf38d8cc Initial working draft of non-const source refactor. 2024-02-06 14:20:01 -05:00
Benjamin Rodes
5e5fea8ef3 Merge branch '50-model-gettext-family-of-string-operations' into 51-2cppnon-constant-format-alter-not-const-source 2024-02-06 12:47:08 -05:00
Mathias Vorreiter Pedersen
b68824a337 C#: Sync identical files. 2024-02-06 17:41:11 +00:00
Mathias Vorreiter Pedersen
7948911415 C++: Delete dead code. 2024-02-06 17:38:22 +00:00
Erik Krogh Kristensen
43f1189615 Merge pull request #15526 from github/erik-krogh/fix-jndi-typo 
Java: fix typo in JndiInjection.qhelp
 2024-02-06 17:39:25 +01:00
Mathias Vorreiter Pedersen
f7fe84adb4 C++: Add change note. 2024-02-06 16:23:59 +00:00
Mathias Vorreiter Pedersen
21b9b3b87f C++: Accept test changes. 2024-02-06 16:15:22 +00:00
Mathias Vorreiter Pedersen
359b6e14c6 C++: Block flow out of 'swap'. 2024-02-06 16:15:21 +00:00
Mathias Vorreiter Pedersen
e539aca337 C++: Add an interface for blocking flow out of functions that reach a certain argument. 2024-02-06 16:15:21 +00:00
Robert Marsh
40e06b7877 C++: suppress destructor calls on delete in IR generation 
This avoids an issue with duplicated qualifiers that was causing broken control flow
 2024-02-06 14:55:00 +00:00
Dave Bartolomeo
c4c8cd6b34 Merge pull request #15522 from github/release-prep/2.16.2 
Release preparation for version 2.16.2
 2024-02-06 06:21:14 -08:00
Erik Krogh Kristensen
879d882fa4 Java: fix typo in JndiInjection.qhelp 2024-02-06 15:17:30 +01:00
Benjamin Rodes
fc509c2cbe Added additional gettext variant test. 2024-02-06 09:17:10 -05:00
Ben Rodes
0023291903 Update cpp/ql/src/change-notes/2024-02-05-gettext-dataflows.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2024-02-06 09:12:25 -05:00
Michael Nebel
2e4786c2ab C#: Update flow summaries expected output test. 2024-02-06 14:06:07 +01:00
Michael Nebel
31b0da7639 C#: Update models for Except and DefaultIfEmpty. 2024-02-06 14:00:59 +01:00
Max Schaefer
705a377060 Address review comments. 2024-02-06 12:54:29 +00:00
Tamás Vajk
681c37d5fc Code quality improvement 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-02-06 13:49:08 +01:00
Mathias Vorreiter Pedersen
33cefabe27 Update cpp/ql/src/CHANGELOG.md 2024-02-06 11:05:22 +00:00
Mathias Vorreiter Pedersen
6c1e3b1ba6 Update cpp/ql/src/change-notes/released/0.9.4.md 2024-02-06 11:02:15 +00:00
Michael Nebel
b41758fb39 C#: Update summaries for Enumerable.DefaultIfEmpty to target elements in the return value. 2024-02-06 11:24:02 +01:00
Koen Vlaswinkel
8361efca4d Merge pull request #15503 from github/koesie10/ruby-access-paths 
Ruby: Add query for access paths in model editor
 2024-02-06 10:12:26 +01:00
Erik Krogh Kristensen
cec124c0be Merge pull request #15480 from ockers/ockers/certification_not_certificate 
False positive in SensitiveDataHeuristics - exclude certification from maybeCertificate() regex
 2024-02-06 09:40:25 +01:00
erik-krogh
94b7bda3dc exclude tagged template literals from js/superfluous-trailing-arguments 2024-02-06 09:36:30 +01:00
erik-krogh
4e176236e7 add a definition of user 2024-02-06 09:21:35 +01:00
erik-krogh
44fe34a37d use the correct string type in the tainted-path examples 2024-02-06 09:20:27 +01:00
Tamas Vajk
e4a4e3af39 Update DB stats 2024-02-06 08:18:27 +01:00
Jim Ockers
01e8109b71 Merge branch 'main' into ockers/certification_not_certificate 2024-02-05 13:42:00 -08:00
Robert Marsh
8013c2a074 C++: QLDoc and naming updates for implicit destructors in IR 2024-02-05 19:14:56 +00:00
Robert Marsh
bbabf1dfcc C++: add test for constructors in C++17 decl-in-if 2024-02-05 18:41:18 +00:00
Benjamin Rodes
256554df06 Added change log 2024-02-05 13:04:16 -05:00
Benjamin Rodes
5b2d15265f gettext variant dataflow tests 2024-02-05 13:01:51 -05:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Harry Maclean
f792b58421 Ruby: Recognise more ActiveRecord connections 2024-02-05 16:45:59 +00:00
Joe Farebrother
525f27173d Merge pull request #15396 from joefarebrother/android-sensitive-ui-text 
Java: Add query for sensitive data exposed in text fields
 2024-02-05 15:47:03 +00:00
Koen Vlaswinkel
6a098120e3 Rename details to node 2024-02-05 16:33:29 +01:00
Koen Vlaswinkel
49dbad96f9 Switch from details string to DataFlow::Node 2024-02-05 16:33:01 +01:00
Ben Rodes
e47df5c7bc Update NonConstantFormat.ql 
Removed dead comment
 2024-02-05 09:39:05 -05:00
Ben Rodes
88a06ffc66 Update GetText.qll 
Fixing issue based on review.
 2024-02-05 09:18:30 -05:00
Tamas Vajk
809da54229 Revert unneeded changes and simplify code 2024-02-05 14:21:13 +01:00
erik-krogh
a6b094cf53 delete the rendered markdown again 2024-02-05 13:54:13 +01:00