hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
35,247 Commits 1,746 Branches 166 Tags
bf0e32ae829372c377ec6f5083e210ead1e77bf3
Commit Graph

35247 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cornelius Riemenschneider
bf0e32ae82 C#: Port the existing compiler-tracing.spec files to Lua. 2022-05-09 14:45:34 +00:00
Michael Nebel
b8ec2254e8 C#: Update unit tests (looks like new NFloat operator has been introduced). 2022-05-03 16:36:32 +02:00
Michael Nebel
94b046c554 C#: Upgrade dotnet to 6.0.202. 2022-05-03 16:36:32 +02:00
Joe Farebrother
f65f833b11 Merge pull request #9020 from joefarebrother/predictable-seed 
Java: Add CWE-377 tag to java/predictable-seed
 2022-05-03 15:13:58 +01:00
Tony Torralba
02822c6284 Merge pull request #9013 from atorralba/atorralba/private-externalflow-imports 
Java: Make more ExternalFlow imports private
 2022-05-03 16:02:09 +02:00
Tony Torralba
9c92454fa7 Merge pull request #8872 from atorralba/atorralba/android-widget-flowstep 
Java: Add Editable.toString flow step
 2022-05-03 15:27:52 +02:00
Joe Farebrother
61f13817cf Add change note 2022-05-03 14:27:47 +01:00
Joe Farebrother
f7d0884db1 Java: Add cwe-377 tag to predictable-seed 2022-05-03 12:28:14 +01:00
yoff
56ed68b3eb Merge pull request #9001 from RasmusWL/files-refactoring 
Python: Flask: Improve `request.files` modeing
 2022-05-03 12:19:55 +02:00
Anders Schack-Mulligen
249f771fad Merge pull request #8952 from cklin/fix-ql-comments-syntax 
Fix syntax errors in QL comments
 2022-05-03 11:15:56 +02:00
Jeroen Ketema
904ff1a569 Merge pull request #8943 from jbj/remove-gvn-imports 
C++: Remove import order workarounds
 2022-05-03 11:01:02 +02:00
mc
58a2677cf7 Merge pull request #8860 from github/jf205-patch-1 
Fix broken link in analyzing-databases-with-the-codeql-cli.rst
 2022-05-03 09:56:49 +01:00
Mathias Vorreiter Pedersen
73886b1040 Merge pull request #8948 from geoffw0/xxe3 
C++: Add support for SAXParser to the CWE-611 XXE query.
 2022-05-03 09:42:10 +01:00
Tony Torralba
c66e583aea Make more ExternalFlow imports private 2022-05-03 10:31:29 +02:00
Erik Krogh Kristensen
806dacb0e3 Merge pull request #8989 from erik-krogh/mentionAll 
JS/RB: have `ApiGraphModelsSpecific.qll` mention all the required predicates
 2022-05-03 09:42:41 +02:00
Tony Torralba
5c574906fe Merge pull request #9010 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-05-03 09:23:53 +02:00
github-actions[bot]
433beaf637 Add changed framework coverage reports 2022-05-03 00:15:34 +00:00
Anders Schack-Mulligen
86516b157b Merge pull request #8884 from JLLeitschuh/feat/JLL/additional-file-taint-flow 
Java: Add additional `File` taint value flow models
 2022-05-02 16:30:45 +02:00
Rasmus Wriedt Larsen
7e1be3172e Python: Add change-note 2022-05-02 14:24:13 +02:00
Rasmus Wriedt Larsen
de4390cdf6 Python: Improve Flask request.files handling even more 2022-05-02 14:19:45 +02:00
Rasmus Wriedt Larsen
fb0133d276 Python: Fix Flask request.files modeling 2022-05-02 14:14:58 +02:00
Rasmus Wriedt Larsen
0c62916af5 Python: Highlight problem with Flask request.files modeling 2022-05-02 14:14:53 +02:00
yoff
1d44694280 Merge pull request #8732 from RasmusWL/dataflow-imports 
Python: Don't re-export `python` under `DataFlow::`
 2022-05-02 12:08:28 +02:00
Taus
231def026f Merge pull request #8890 from tausbn/python-add-global-attribute-writes 
Python: Add support for global attribute writes
 2022-05-02 12:03:41 +02:00
yoff
c67b06b1fd Update python/ql/test/experimental/dataflow/typetracking/attribute_tests.py 
Co-authored-by: Taus <tausbn@github.com>
 2022-05-02 11:36:58 +02:00
Tom Hvitved
29f30a19e7 Merge pull request #8955 from hvitved/csharp/useless-cast-fp 
C#: Add FP test for `cs/useless-cast-to-self`
 2022-05-02 10:32:28 +02:00
Anders Schack-Mulligen
b2e9555075 Merge pull request #8345 from jorgectf/mybatis-new-sinks 
Java: Add `MyBatis`' `Providers` sinks
 2022-05-02 09:44:28 +02:00
Erik Krogh Kristensen
f87312d4ba have ApiGraphModelsSpecific.qll mention all the required predicates/types 2022-04-30 20:29:44 +02:00
Geoffrey White
034c4faf19 Merge branch 'main' into xxe3 2022-04-29 21:06:16 +01:00
Jonathan Leitschuh
c8e0d7f847 Summary model for File should include overriden methods 2022-04-29 14:51:26 -04:00
Henry Mercer
811a2c0053 Merge pull request #8957 from github/henrymercer/upgrade-codeql-action 
Use codeql-action/upload-sarif@main in CSV coverage metrics workflow
 2022-04-29 17:06:21 +01:00
Geoffrey White
614a7650a6 Merge pull request #8775 from porcupineyhairs/cpam 
CPP: PAM Authorization Bypass
 2022-04-29 14:55:33 +01:00
Jorge
37b051a851 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-04-29 14:44:17 +02:00
AlexDenisov
5c6e5173ad Merge pull request #8959 from AlexDenisov/alexdenisov/pip-install-from-bazel 
Swift: teach bazel to install python dependencies
 2022-04-29 14:31:37 +02:00
Paolo Tranquilli
8fc78fae74 Merge pull request #8960 from redsun82/swift-cc-wrappers 
Swift: cc wrapper rules
 2022-04-29 14:30:54 +02:00
Paolo Tranquilli
2fe38c2bbb Swift: cc wrapper rules 2022-04-29 14:18:36 +02:00
Alex Denisov
7332460268 Swift: teach bazel to install python dependencies 2022-04-29 14:05:36 +02:00
yoff
7efb4ab4e4 Merge pull request #8581 from tausbn/python-fix-bad-join-in-import_star_read 
Python: Fix bad join in `import_star_read`
 2022-04-29 13:14:14 +02:00
Henry Mercer
d1cc835cad Merge pull request #8949 from github/henrymercer/fix-typo 
JS: Nit: Fix typo in QLDoc
 2022-04-29 12:04:09 +01:00
Henry Mercer
08b6b1d209 Use codeql-action/upload-sarif@main in CSV coverage metrics workflow 2022-04-29 11:26:32 +01:00
Tom Hvitved
a0e003e33c C#: Add FP test for cs/useless-cast-to-self 2022-04-29 11:59:51 +02:00
Henry Mercer
d3e92f72c4 JS: Nit: Fix typo in QLDoc 2022-04-29 10:54:07 +01:00
Erik Krogh Kristensen
080271f14f Merge pull request #8221 from erik-krogh/libProto 
JS: recognize more module exports from the factory pattern
 2022-04-29 11:23:53 +02:00
Stephan Brandauer
fa377ac763 Merge pull request #8946 from kaeluka/deepFillIn-FN 
JS: fix a FN for prototype polluting function query
 2022-04-29 10:14:41 +01:00
Erik Krogh Kristensen
b74d1fdb1a Merge pull request #8783 from erik-krogh/jsAbstractBi 
JS: don't initialize sanitizer-guards in the standard library
 2022-04-29 11:12:16 +02:00
Geoffrey White
7fb1069d69 C++: Use GVN on the values passed into set* functions. 2022-04-29 10:09:52 +01:00
Geoffrey White
215453e4db Update cpp/ql/src/Security/CWE/CWE-611/XXE.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-04-29 09:07:25 +01:00
Tony Torralba
9eb6022bbe Merge pull request #8954 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-04-29 10:06:57 +02:00
Geoffrey White
33d499c12d C++: Address review comments. 2022-04-29 09:02:11 +01:00
github-actions[bot]
1032dcd7e6 Add changed framework coverage reports 2022-04-29 00:15:05 +00:00