codeql

mirror of https://github.com/github/codeql.git synced 2026-01-21 02:14:45 +01:00

Author	SHA1	Message	Date
Tamas Vajk	c870b0d4e9	Add more logging to the file filtering	2023-12-13 14:14:07 +01:00
Tamas Vajk	694be29311	Remove uneeded option from the help	2023-12-13 14:13:41 +01:00
Tamas Vajk	f2435f89f1	Simplify test setup	2023-12-13 13:03:23 +01:00
Tamas Vajk	993dd767ac	C#: Add paths/paths-ignore support in standalone	2023-12-13 12:15:56 +01:00
Tamas Vajk	21229b93bf	C#: Remove unneeded options from standalone extractor	2023-12-13 12:15:56 +01:00
Michael Nebel	16e86134f3	Merge pull request #15087 from michaelnebel/csharp/stubgenrefreadonly C#: Stub generator support for `ref readonly` parameters.	2023-12-13 11:46:45 +01:00
Owen Mansel-Chan	56507c2709	Merge pull request #15084 from github/dependabot/go_modules/go/extractor/extractor-dependencies-88d2ef26ea Bump the extractor-dependencies group in /go/extractor with 1 update	2023-12-13 10:21:32 +00:00
Michael Nebel	b023338ed7	Merge pull request #15086 from michaelnebel/csharp/testusemorestubs C#: Base more tests purely on stubs.	2023-12-13 11:19:38 +01:00
Michael Nebel	b7f4bfe719	C#: Add a unit test for stub generation of ref readonly parameters.	2023-12-13 11:09:57 +01:00
Michael Nebel	766baa9a50	C#: Add support for ref readonly parameters in the stub generator.	2023-12-13 11:09:57 +01:00
Tony Torralba	4cb53a76d6	Merge pull request #15082 from github/workflow/coverage/update Update CSV framework coverage reports	2023-12-13 10:35:49 +01:00
Michael Nebel	35a615cac3	C#: Base the remoteflowsource test on stubs and update line numbers in expected output.	2023-12-13 10:07:57 +01:00
Michael Nebel	94d81b501b	C#: Base the CWE-614 tests purely on stubs.	2023-12-13 10:07:57 +01:00
Michael Nebel	4fc8762444	C#: Base the asp/basic tests on stubs only.	2023-12-13 10:07:57 +01:00
Michael Nebel	0b39f1155e	C#: Base the remaning CWE-1004 tests purely on stubs.	2023-12-13 10:07:57 +01:00
Michael Nebel	cdf6b28e13	C#: Base the modelgenerator/dataflow tests on stubs.	2023-12-13 10:07:56 +01:00
dependabot[bot]	dae1a5c70e	Bump the extractor-dependencies group in /go/extractor with 1 update Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools). - [Release notes](https://github.com/golang/tools/releases) - [Commits](https://github.com/golang/tools/compare/v0.16.0...v0.16.1) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 04:02:50 +00:00
github-actions[bot]	9b20665d75	Add changed framework coverage reports	2023-12-13 00:16:25 +00:00
Tony Torralba	27be5ba14b	Merge pull request #15073 from atorralba/atorralba/java/remove-invalid-ognl-sinks Java: Remove invalid OGNL sinks	2023-12-12 16:52:31 +01:00
Owen Mansel-Chan	5675df842e	Merge pull request #15054 from owen-mc/go/find-more-callees-for-captured-variables Go: Also follow jump steps when looking for a callee source	2023-12-12 15:49:15 +00:00
Geoffrey White	609f92c7ac	Merge pull request #13870 from geoffw0/commoncrypto1 Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query	2023-12-12 15:26:02 +00:00
Edward Minnix III	4d6521fd7a	Merge pull request #13608 from egregius313/egregius313/weak-randomness Java: Add Weak Randomness Query (CWE-330/338)	2023-12-12 09:40:11 -05:00
Tony Torralba	fad53a25c0	Update java/ql/lib/ext/struts2.model.yml Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2023-12-12 14:58:47 +01:00
Mathias Vorreiter Pedersen	3dea467dcc	Merge pull request #15047 from MathiasVP/add-puns-for-addresses-of-arguments C++: Add `PostUpdateNode`s for addresses of outgoing arguments	2023-12-12 13:55:13 +00:00
Mathias Vorreiter Pedersen	412ea67ba0	Merge pull request #15075 from MathiasVP/print-data-flow-relevant-IR C++: Add a `PropertyProvider` for only showing dataflow-relevant IR	2023-12-12 13:51:11 +00:00
Tom Hvitved	3c2336e40b	Merge pull request #15074 from hvitved/dataflow/get-node-type-cached Data flow: Use cached `nodeDataFlowType` instead of `getNodeType`	2023-12-12 14:49:41 +01:00
Mathias Vorreiter Pedersen	97f2be9b82	C++: Fix QLDoc.	2023-12-12 13:45:18 +00:00
yoff	a39eb5efc9	Merge pull request #15051 from yoff/python/slightly-improve-tarslip Python: slightly improve tarslip logic	2023-12-12 14:43:43 +01:00
Mathias Vorreiter Pedersen	1ad0e6524e	Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintDataFlowRelevantIR.qll	2023-12-12 13:15:36 +00:00
Mathias Vorreiter Pedersen	11386494b7	C++: Factor out the property provider which hides instructions and operands out of the 'LocalFlowPropertyProvider' class and into a separate class.	2023-12-12 13:04:31 +00:00
Tom Hvitved	b3929e2375	Data flow: Use cached `nodeDataFlowType` instead of `getNodeType`	2023-12-12 13:46:39 +01:00
Tony Torralba	103110f9c2	Java: Remove invalid OGNL sinks Fixes #15053	2023-12-12 13:39:51 +01:00
Alexander Eyers-Taylor	e87b3911dc	Merge pull request #14910 from alexet/incorrect-scanf CPP: Add query for detecteing incorrect error checking for scanf	2023-12-12 11:57:17 +00:00
Mathias Vorreiter Pedersen	4d430d5df0	Merge pull request #15037 from aschackmull/range/prunebounds Rangeanalysis: Prune range calculation.	2023-12-12 11:18:26 +00:00
Mathias Vorreiter Pedersen	cec785c8cc	C++: Respond to review comments.	2023-12-12 11:16:41 +00:00
Mathias Vorreiter Pedersen	f284fde93c	C++: Update QLDoc.	2023-12-12 11:09:36 +00:00
Mathias Vorreiter Pedersen	a6104ad878	C++: Fix test annotations.	2023-12-12 11:06:18 +00:00
Rasmus Wriedt Larsen	42a6309f25	Merge pull request #15071 from github/RasmusWL/generate-code-scanning-query-list Add @RasmusWL as CODEOWNER of a misc file	2023-12-12 10:53:11 +01:00
Jeroen Ketema	611a177c3c	Merge pull request #15066 from jketema/ql-test C++: Update test for CLI changes	2023-12-12 10:36:57 +01:00
Rasmus Wriedt Larsen	aa6a455ece	Update CODEOWNERS	2023-12-12 10:31:36 +01:00
Tom Hvitved	9b043a10cc	Merge pull request #15063 from hvitved/csharp/use-scratch-dir C#: Use `CODEQL_EXTRACTOR_CSHARP_SCRATCH_DIR` instead of `Path.GetTempPath`	2023-12-12 08:16:04 +01:00
Owen Mansel-Chan	0fb58caa8c	Update go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md Co-authored-by: Chris Smowton <smowton@github.com>	2023-12-11 20:42:48 +00:00
Edward Minnix III	06eef93f89	Docs review suggestions	2023-12-11 11:18:40 -05:00
Edward Minnix III	ce20c4ae03	Docs review suggestions Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2023-12-11 11:18:40 -05:00
Ed Minnix	7362158229	Fix test case	2023-12-11 11:18:40 -05:00
Ed Minnix	1271cd3348	Remove unnecessary crypto sinks	2023-12-11 11:18:40 -05:00
Ed Minnix	3ca039bc8f	Rename to InsecureRandomness	2023-12-11 11:18:40 -05:00
Ed Minnix	6e70e6c85a	Use pre-exisiting type for SecureRandom	2023-12-11 11:18:39 -05:00
Edward Minnix III	4678302edb	Update query metadata Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-12-11 11:18:39 -05:00
Ed Minnix	bbf99375c7	Alter cookie sinks to instead focus on creation of a cookie	2023-12-11 11:18:39 -05:00

1 2 3 4 5 ...

61938 Commits