hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,187 Commits 1,671 Branches 157 Tags
c77bf2b4ebb52afecf31e3eddfc3492b91a78f6b
Commit Graph

74187 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
c77bf2b4eb Rust: Add a test for sensitive data. 2025-01-06 13:26:25 +00:00
Mathias Vorreiter Pedersen
f23e56bdca Merge pull request #18261 from MathiasVP/add-more-atl-string-models 
C++: Add more MaD models for ATL string classes
 2025-01-02 15:06:04 +00:00
Mathias Vorreiter Pedersen
cda007bae7 C++: Fix constructor model. 2025-01-02 15:39:31 +01:00
Mathias Vorreiter Pedersen
289b938b4d C++: Fix testcase. 2025-01-02 15:37:39 +01:00
Mathias Vorreiter Pedersen
d8cfa711ad C++: Fix testcase for conversion operator. 2025-01-02 15:35:21 +01:00
Mathias Vorreiter Pedersen
c1b997b2cb C++: Make the string constructors value-preserving. 2025-01-02 15:25:23 +01:00
Mathias Vorreiter Pedersen
b8e54627f4 C++: Make some of the string models taint instead of value-preserving. 2025-01-02 15:22:42 +01:00
Mathias Vorreiter Pedersen
052b6f6ec4 C++: Accept test changes. 2025-01-02 15:22:10 +01:00
Mathias Vorreiter Pedersen
71ca9412b0 Update cpp/ql/lib/ext/CSimpleStringT.model.yml 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-01-02 14:16:31 +00:00
Michael Nebel
68ca307ac9 Merge pull request #18357 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2025-01-02 10:15:04 +01:00
github-actions[bot]
829cfa9517 Add changed framework coverage reports 2025-01-02 00:20:39 +00:00
Mathias Vorreiter Pedersen
e7773770fa C++: Fix missing return value flow out of 'operator=' in lots of MaD models. 2024-12-23 12:00:41 +01:00
Paolo Tranquilli
c95f8d797c Merge pull request #18347 from github/redsun82/rust-include-test-code-again 
Rust: reinstate extraction of test code
 2024-12-21 09:00:37 +01:00
Edward Minnix III
f06ad7c728 Merge pull request #18322 from egregius313/egregius313/csharp/blazor/modeling/sources 
C#: Add common sources for Blazor components
 2024-12-20 17:11:48 -05:00
Dave Bartolomeo
2aba49f074 Merge pull request #18356 from github/dbartol/actions-suites 
Update suites for Actions queries
 2024-12-20 15:54:44 -05:00
Dave Bartolomeo
90efbf5172 Update suites for Actions queries 2024-12-20 14:37:46 -05:00
Dave Bartolomeo
e9a04b8839 Mark UnversionedImmutableAction query as internal 2024-12-20 14:37:32 -05:00
Andrew Eisenberg
553e2c5757 Merge pull request #18354 from github/aeisenberg/actions-ownership 
Update CODEOWNERS
 2024-12-20 11:10:29 -08:00
Jeroen Ketema
b60c86077d Merge pull request #18353 from jketema/template-parameters-2 
C++: Handle `sizeof...` for types and template template parameters
 2024-12-20 19:15:50 +01:00
Andrew Eisenberg
9bff89c910 Update CODEOWNERS 
Add ownership for the actions queries.

We don't yet have a `codeql-actions` team. So, using the dynamic team for this.
 2024-12-20 09:30:15 -08:00
Andrew Eisenberg
fd7bd6b07d Merge pull request #18351 from KyFaSt/clarify-immutable-actions-text 
Clarify immutable actions help text
 2024-12-20 09:28:01 -08:00
Kylie Stradley
690924f72b Update actions/ql/src/Security/CWE-829/UnversionedImmutableAction.md 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2024-12-20 12:04:42 -05:00
Jeroen Ketema
659ec66b5e Merge pull request #18350 from jketema/test-cleanup-2 
C++: Simplify more `semmle-extractor-options`
 2024-12-20 17:23:54 +01:00
Kylie Stradley
dc705ad623 indicate immutable actions are only available for internal use at this time 2024-12-20 11:19:15 -05:00
Jeroen Ketema
e9b9dc23f8 Update cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2024-12-20 17:11:38 +01:00
Jeroen Ketema
46e9d0aa0c Merge pull request #18334 from jketema/template-parameters-1 
C++: Update test after extractor changes
 2024-12-20 17:08:31 +01:00
Jeroen Ketema
46b230ae92 C++: Simplify more semmle-extractor-options 
This will allow us to drop a number of special cases from the
extractor.
 2024-12-20 16:01:19 +01:00
Kylie Stradley
2dd3adac51 clarify immutable actions help text 2024-12-20 09:51:51 -05:00
Paolo Tranquilli
f13d03b18c Rust: fix typo (thanks copilot!) 2024-12-20 14:18:36 +01:00
Florin Coada
5f812342a8 Merge pull request #18338 from github/changedocs/2.20.0 
Update CodeQL changelog for versions 2.19.4 and 2.20.0
 2024-12-20 15:12:55 +02:00
Paolo Tranquilli
485586f780 Rust: reinstate extraction of test code 
Users will still be able to opt out:
* for unit tests, by providing the `cargo_cfg_overrides=-test` extractor
  option
* for integration tests, by excluding the test files from the analysis
  using `paths-ignore` in the codescanning configuration file

We may want to revisit whether we want a single option for both. Also
further work will be needed to restrict our security queries to non-test
code on the QL side.
 2024-12-20 14:12:41 +01:00
Jeroen Ketema
6ecaf20cdd C++: Update expected test results 2024-12-20 13:53:35 +01:00
Jeroen Ketema
ecf3c53eba C++: Introduce SizeofPackOperator subclasses for expressions and types 
Note that template template parameters are considered types in this context.
 2024-12-20 13:51:45 +01:00
Jeroen Ketema
90d8fb1a05 Merge pull request #18335 from jketema/test-cleanup 
C++: Simplify some semmle-extractor-options in tests
 2024-12-20 13:43:59 +01:00
Arthur Baars
2b2a37353b Merge pull request #18328 from github/redsun82/fix-cargo-fmt-checks 
CI: fix rust formatting
 2024-12-20 13:41:28 +01:00
Calum Grant
d5571c5f68 Merge pull request #18309 from github/calumgrant/bmn/return-stack-allocated-memory 
C++: Fix FPs to cpp/return-stack-allocated-memory
 2024-12-20 10:54:24 +00:00
Florin Coada
82fdd1125c Update docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.20.0.rst 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-12-20 12:50:05 +02:00
Jeroen Ketema
dd021fdcbf Merge pull request #18339 from jketema/typo 
C++: Remove duplicate word from change note
 2024-12-20 11:50:01 +01:00
Jeroen Ketema
51f625b90c C++: Allow sizeof pack in sizeof_bind 2024-12-20 11:49:37 +01:00
Florin Coada
5c5049e5fd Fix typo in CodeQL changelog entry 2024-12-20 12:35:40 +02:00
Florin Coada
66f3b718a6 Update docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.20.0.rst 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-12-20 12:19:53 +02:00
Jeroen Ketema
757d5d6e6d C++: Remove duplicate word from change note 2024-12-20 11:18:26 +01:00
Paolo Tranquilli
8e28d99a62 QL for QL: accept test changes 2024-12-20 10:42:19 +01:00
Florin Coada
3bd8d7c0bb Update CodeQL changelog for versions 2.19.4 and 2.20.0 2024-12-20 11:37:33 +02:00
Calum Grant
3193fe856a C++: Update comments 2024-12-20 09:11:58 +00:00
Jeroen Ketema
6f9968d2c2 C++: Update test after extractor changes 2024-12-20 08:27:39 +01:00
Edward Minnix III
453913cd9f Remove Parameter from this PR 2024-12-19 23:11:07 -05:00
Dave Bartolomeo
772b972e7d Merge pull request #18321 from github/dbartol/actions-merge 
Migrate Actions queries to public repo
 2024-12-19 16:04:49 -05:00
Jeroen Ketema
6200a1d5b9 C++: Simplify some semmle-extractor-options in tests 2024-12-19 21:46:33 +01:00
Rasmus Wriedt Larsen
22b35f5fe7 Merge pull request #18318 from RasmusWL/fastapi-request 
Python: Model FastAPI requests
 2024-12-19 19:52:17 +01:00