hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 07:54:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,049 Commits 1,680 Branches 158 Tags
c640bd67e934de2efcbbb3c26abe4bc77afdcd45
Commit Graph

7190 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
a3da6c886b Merge pull request #15895 from erik-krogh/url-java-qhelp 
Java: update the url-redirection in the same style as the C# qhelp
 2024-03-18 21:10:07 +01:00
Tom Hvitved
fc55567d90 Merge pull request #15853 from hvitved/dataflow/get-location 
Data flow: Replace `hasLocationInfo` with `getLocation`
 2024-03-18 20:21:46 +01:00
Tom Hvitved
e53357d376 Update expected test output 2024-03-18 14:49:32 +01:00
Arthur Baars
dbf16827bf Merge pull request #15951 from github/aibaars/changenotes-fixes 
Fix minor formatting issues in changenotes
 2024-03-18 12:56:50 +01:00
Tamás Vajk
7429fa7b96 Merge pull request #15952 from tamasvajk/buildless/impr1 
C#: Add logging for source file parsing
 2024-03-18 12:27:27 +01:00
Tamás Vajk
f63c9fa07f Merge pull request #15953 from tamasvajk/buildless/impr2 
C#: Iterate text files only once
 2024-03-18 12:26:38 +01:00
Tamas Vajk
881c426631 C#: Iterate text files only once 2024-03-18 11:06:44 +01:00
Tamas Vajk
3a8d468983 C#: Add logging for source file parsing 2024-03-18 11:02:29 +01:00
Arthur Baars
a810165e35 Fix minor formatting issues in changenotes 2024-03-18 10:57:05 +01:00
Tom Hvitved
a13391bda1 Merge pull request #15802 from hvitved/dataflow/variable-capture-overlapping-paths 
Variable capture: Avoid overlapping and false-positive data flow paths
 2024-03-18 10:45:55 +01:00
Ed Minnix
71cf948650 Classes extending SourceNode for local and stored source models 
Queries such as `cs/sql-injection` cast their source to a `SourceNode`
in order to describe them. For example:

```ql
import semmle.code.csharp.security.dataflow.flowsources.FlowSources

string getSourceType(DataFlow::Node source) {
   result = source.(SourceNode).getSourceType()
}
```

Models as data source models are not included in `SourceNode` by
default, they must be wrapped with a class extending `SourceNode`.

This adds such classes, which wrap the
`sourceNode(DataFlow::Node,string)` predicate and assigns a
`getSourceType`.
 2024-03-14 22:23:54 -04:00
Tamás Vajk
945121de1b Merge pull request #15922 from tamasvajk/buildless/namespace-extraction 
C#: Handle namespace resolution error more gracefully
 2024-03-14 16:19:48 +01:00
Tamas Vajk
b5f349bd2c C#: Handle namespace resolution error more gracefully 2024-03-14 08:37:22 +01:00
erik-krogh
ef8368cfc4 fix typo 2024-03-13 22:37:13 +01:00
Michael Nebel
560b355e0c C#: Remove hard-coded local sources from the uncontrolled-format-string query. 2024-03-13 14:26:30 +01:00
github-actions[bot]
cff2cdb9e4 Add changed framework coverage reports 2024-03-13 00:15:53 +00:00
Edward Minnix III
c190dd21db Merge pull request #15877 from egregius313/egregius313/csharp/mad/sources/windows-registry 
C#: Add source models for values from the Windows registry
 2024-03-12 16:41:42 -04:00
Tamás Vajk
be2ce17376 Merge pull request #15881 from tamasvajk/buildless/fix-fallback 
C#: Deduplicate not yet restored package names
 2024-03-12 16:08:16 +01:00
Tamas Vajk
b07b0762f2 Adjust based on code review feedback 2024-03-12 15:07:58 +01:00
Tom Hvitved
dddba3228b Merge pull request #15867 from hvitved/dataflow/ap-limit 
Data flow: Add `ConfigSig::accessPathLimit`
 2024-03-12 14:57:51 +01:00
Michael Nebel
eb62c033aa C#: Remove the cil extractor option. 2024-03-12 11:12:56 +01:00
Michael Nebel
f59aaf1d75 C#: Add change note. 2024-03-12 11:12:55 +01:00
Michael Nebel
2e5155d1f8 C#: Remove all CIL related tests. 2024-03-12 11:12:55 +01:00
Michael Nebel
af06202241 C#: Cleanup implementation. 2024-03-12 11:12:55 +01:00
Michael Nebel
bf27f203d5 C#: Remove CIL extractor projects. 2024-03-12 11:12:55 +01:00
Tamas Vajk
1633673cc2 C#: Deduplicate not yet restored package names 2024-03-12 09:22:38 +01:00
Ed Minnix
7745c2c2b7 Change note 2024-03-11 17:00:12 -04:00
Tom Hvitved
257686eb9a C#: Implement new data flow interface 2024-03-11 20:56:38 +01:00
Ed Minnix
bc745dfd5e Windows registry sources 2024-03-11 13:55:34 -04:00
Michael Nebel
f571ebdaf4 C#: Overall change note for C# 12 / .NET 8 support. 2024-03-11 14:43:14 +01:00
Tom Hvitved
da66281fef Sync files 2024-03-11 13:02:04 +01:00
Tom Hvitved
7a39f077d9 Data flow: Add ConfigSig::accessPathLimit 2024-03-11 13:01:58 +01:00
Tamás Vajk
35a8e7cbf0 Merge pull request #15854 from tamasvajk/buildless/change-assembly-id 
C#: Change ID of buildless output assembly
 2024-03-11 10:03:40 +01:00
Michael Nebel
6485dcc0fc Merge pull request #15859 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-03-11 09:10:52 +01:00
Ed Minnix
3fdc7e95df Add local models to CodeInjection tests 2024-03-10 22:20:54 -04:00
Ed Minnix
8187b00562 Change note 2024-03-10 22:20:52 -04:00
Ed Minnix
d300736c7e Remove AddLocalSource classes 2024-03-10 22:20:51 -04:00
Edward Minnix III
58f2777532 Merge pull request #15629 from egregius313/egregius313/csharp/dataflow/threat-modeling/remove-stored-query-variants 
C#: Remove `Stored` variants of queries
 2024-03-10 22:17:03 -04:00
github-actions[bot]
589a34241c Add changed framework coverage reports 2024-03-11 00:16:32 +00:00
Edward Minnix III
e7852f520f Merge pull request #15605 from egregius313/egregius313/csharp/dataflow/sources/commandargs-and-environment 
C#: Add more `environment` and `commandargs` sources for the C# Standard Library
 2024-03-08 14:10:09 -05:00
Tamas Vajk
9b5cfc9026 Change assembly population in buildless 2024-03-08 15:02:30 +01:00
Michael Nebel
36a775502f Merge pull request #15851 from microsoft/54-csharp-add-missing-mad-for-httprequestmessage-upstream 
csharp update MaD for HttpRequestMessage
 2024-03-08 12:39:08 +01:00
Tamas Vajk
33eb69164c C#: Change ID of buildless output assembly 2024-03-08 11:20:04 +01:00
Tom Hvitved
24e35f6f3d Update expected test output 2024-03-08 10:00:43 +01:00
Ed Minnix
7f950d8e0d Fix ExpandEnvironmentVariables test case 2024-03-07 21:48:05 -05:00
Lindsay Simpkins
7dd175d938 change note 2024-03-07 17:16:17 -08:00
Lindsay Simpkins
feb1ca29cc csharp update MaD for HttpRequestMessage 2024-03-07 15:00:05 -08:00
Michael Nebel
5b48bc4a3e C#: Delete the experimental IR queries. 2024-03-07 19:22:47 +01:00
Michael Nebel
48fcec82d6 Merge pull request #15736 from michaelnebel/csharp/disconnectfromdotnet 
C#: Deprecate dotnet and CIL in QL.
 2024-03-07 19:17:05 +01:00
Ed Minnix
608a3f907c Add type signature for methods with no overloads 2024-03-07 12:32:06 -05:00