codeql

mirror of https://github.com/github/codeql.git synced 2026-03-31 20:58:16 +02:00

Author	SHA1	Message	Date
Gregro	a59c865328	let interprocedural analysis handle source-available extension methods for LogForgingLogMessageSink's	2026-03-21 20:05:08 +00:00
Gregro	d0c48893f5	update test helper to use more robust .ReplaceLineEndings() sanitizer	2026-03-21 20:05:08 +00:00
Gregro	d99247cf13	Clarify static extension method class name	2026-03-21 20:05:08 +00:00
Gregro	a9eb801fea	C#: Fix false positives in cs/log-forging for extension methods	2026-03-21 20:05:08 +00:00
Óscar San José	2139b97628	Merge branch 'main' into post-release-prep/codeql-cli-2.25.0	2026-03-19 13:07:00 +01:00
Owen Mansel-Chan	5b17d8cf76	Merge pull request #21472 from owen-mc/adjust-severity/xss-log-injection Adjust `@security-severity` metadata for XSS and log injection queries	2026-03-18 16:51:14 +00:00
Anders Schack-Mulligen	af63e63686	C#: Accept test changes.	2026-03-17 14:12:18 +01:00
Anders Schack-Mulligen	19faf8f30b	C#: Add ObjectInitMethod as enclosing callable for the instance initializers.	2026-03-17 13:38:41 +01:00
github-actions[bot]	e3dbf5b022	Post-release preparation for codeql-cli-2.25.0	2026-03-16 16:03:22 +00:00
github-actions[bot]	d6055754b6	Release preparation for version 2.25.0	2026-03-16 12:15:34 +00:00
Anders Schack-Mulligen	a929c0bf24	C#: Remove splitting-awareness from Range Analysis.	2026-03-16 09:58:14 +01:00
Anders Schack-Mulligen	db0a3e38e2	C#: Accept a few irrelevant taint steps.	2026-03-16 09:09:54 +01:00
Anders Schack-Mulligen	e7edf15031	C#: Clean up.	2026-03-16 08:51:51 +01:00
Anders Schack-Mulligen	4c77e0f315	C#: Remove splitting-awareness for local expression steps.	2026-03-16 08:51:51 +01:00
Anders Schack-Mulligen	7124cd4e6e	C#: Remove splitting-awareness for source-to-def steps.	2026-03-16 08:51:50 +01:00
Anders Schack-Mulligen	c076992b83	C#: Remove splitting-awareness in ObjectInitializerNode.	2026-03-16 08:51:49 +01:00
Anders Schack-Mulligen	659d8e7c90	C#: Remove splitting-awareness in argumentOf.	2026-03-16 08:51:49 +01:00
Anders Schack-Mulligen	1e8de0511b	C#: Remove splitting-awareness in lambda flow.	2026-03-16 08:51:48 +01:00
Anders Schack-Mulligen	bce0a4d2a7	C#: Remove splitting-awareness for store steps.	2026-03-16 08:51:48 +01:00
Anders Schack-Mulligen	2160910d56	C#: Remove splitting-awareness for read steps.	2026-03-16 08:51:47 +01:00
Anders Schack-Mulligen	a5c8a5b5f8	C#: Remove splitting-awareness for taint steps.	2026-03-16 08:51:47 +01:00
Owen Mansel-Chan	52809133f5	Add change notes	2026-03-13 11:10:43 +00:00
Owen Mansel-Chan	056aa342fe	Change @security-severity for log injection queries from 7.8 to 6.1	2026-03-13 10:02:01 +00:00
Owen Mansel-Chan	f58a6e5d3a	Change @security-severity for XSS queries from 6.1 to 7.8	2026-03-13 10:01:02 +00:00
Anders Schack-Mulligen	8c1c039edf	C#: Delete PreBasicBlocks.	2026-03-13 08:00:08 +01:00
Owen Mansel-Chan	0215ea3ee3	Merge pull request #21426 from owen-mc/cpp/validate-constructor-summary-models C++: Add model validation for constructor summary models	2026-03-10 09:42:24 +00:00
Anders Schack-Mulligen	4013f00b19	C#: Disentangle SwitchStmt AST and CFG.	2026-03-09 15:07:59 +01:00
Owen Mansel-Chan	e0e5319b11	C#: Make corresponding predicate private	2026-03-09 13:44:52 +00:00
Óscar San José	3b9eba2afc	Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.21	2026-03-06 16:20:36 +01:00
Owen Mansel-Chan	a3e9aed00a	Merge pull request #21416 from owen-mc/csharp/validate-constructor-summary-models C#: Add model validation for constructor summary models	2026-03-06 09:09:39 +00:00
Anders Schack-Mulligen	76346eccd8	Merge pull request #21417 from aschackmull/csharp/binary-assignment C#: Make Assignment extend BinaryOperation.	2026-03-06 09:14:20 +01:00
Tom Hvitved	feb45e5731	Merge pull request #21348 from hvitved/csharp/remove-tcs C#: Remove some unbounded TC computations	2026-03-06 09:00:38 +01:00
Owen Mansel-Chan	3c36a9e308	Correctly deal with generic types	2026-03-05 15:47:53 +00:00
Anders Schack-Mulligen	d9ef9f82e1	C#: Make Assignment extend BinaryOperation.	2026-03-05 14:41:38 +01:00
Anders Schack-Mulligen	ffa5110522	C#: Update dbscheme to make assignments part of binary expressions.	2026-03-05 13:59:14 +01:00
Owen Mansel-Chan	e6996ea29a	Add model validation for constructor summary models	2026-03-05 12:11:25 +00:00
Owen Mansel-Chan	926725a87f	Merge pull request #21405 from owen-mc/java/consistent-inline-expectation-tests Inline expectation tests should always have space before and after `$`	2026-03-05 11:27:37 +00:00
Owen Mansel-Chan	c82f75604a	Add change notes	2026-03-05 10:34:30 +00:00
Tom Hvitved	acd6f4156b	C#: Avoid computing full TC in `DangerousNonShortCircuitLogic.ql`	2026-03-05 09:11:17 +01:00
Tom Hvitved	e22d3a1074	Sync files	2026-03-05 09:11:16 +01:00
Tom Hvitved	212374b94b	C#: Replace a recursive predicate with `doublyBoundedFastTc`	2026-03-05 09:11:15 +01:00
Tom Hvitved	aa7a730041	C#: Remove some unnecessary TCs	2026-03-05 09:11:13 +01:00
github-actions[bot]	1c5afb2306	Add changed framework coverage reports	2026-03-05 00:32:15 +00:00
Mathias Vorreiter Pedersen	f8f8991d36	C#: Accept more test changes.	2026-03-04 13:06:59 +00:00
Owen Mansel-Chan	45eb14975a	C#: Inline expectation should have space after $ This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.	2026-03-04 12:45:02 +00:00
Mathias Vorreiter Pedersen	2357ef07cc	C#: Add change note.	2026-03-04 12:35:15 +00:00
Mathias Vorreiter Pedersen	088913d925	C#: Accept test changes.	2026-03-04 12:26:07 +00:00
Mathias Vorreiter Pedersen	83155df1f7	C#: Add 'System.Net.WebSockets.ReceiveAsync' flow source.	2026-03-04 12:26:05 +00:00
Mathias Vorreiter Pedersen	b7992ed8cd	C#: Add test.	2026-03-04 12:25:08 +00:00
Michael Nebel	fbf40ef02a	Update csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingPrivate.qll Co-authored-by: Tom Hvitved <hvitved@github.com>	2026-03-04 12:28:07 +01:00

1 2 3 4 5 ...

9350 Commits