codeql

mirror of https://github.com/github/codeql.git synced 2026-04-10 01:24:02 +02:00

Author	SHA1	Message	Date
Andrew Eisenberg	c8994003c1	Update CHANGELOG.md Drive-by fix of a typo.	2024-08-01 16:16:17 -07:00
Owen Mansel-Chan	c23938d119	Merge pull request #17113 from owen-mc/go/xmlpath/add-more-package-paths Go: add more import paths for `xmlpath`	2024-08-01 16:26:33 +01:00
Owen Mansel-Chan	1a697fe993	Merge pull request #17115 from owen-mc/go/update-frameworks Go: add newly modeled packages to frameworks.csv	2024-08-01 15:13:12 +01:00
Owen Mansel-Chan	3ccdce291a	Update test expectations	2024-08-01 15:12:08 +01:00
Owen Mansel-Chan	62adb31ca6	Add more import paths for xmlpath	2024-08-01 14:52:19 +01:00
Owen Mansel-Chan	9d866192a6	Add paths from QL models to MaD models	2024-08-01 14:52:18 +01:00
Owen Mansel-Chan	e051815d96	Merge pull request #17119 from owen-mc/go/finish-converting-tests-to-model-pretty-printing Go: finish converting tests to model pretty printing	2024-08-01 14:04:02 +01:00
Owen Mansel-Chan	8325c4c69c	Updated .expected files	2024-08-01 13:12:21 +01:00
Owen Mansel-Chan	cbe54717f6	Revert "Revert post-processing for 6 queries pending bug fix" This reverts commit `a8236e1545`.	2024-08-01 13:10:06 +01:00
Anders Schack-Mulligen	776c01aa8d	Merge pull request #17117 from aschackmull/dataflow/qltest-provenance-workaround Dataflow: Allow printing multiple models for one MaDId.	2024-08-01 13:52:58 +02:00
Anders Schack-Mulligen	90272ddbfa	Dataflow: Allow printing multiple models for one MaDId.	2024-08-01 13:04:24 +02:00
Owen Mansel-Chan	d5dc95f1e6	Update frameworks.csv	2024-08-01 11:03:50 +01:00
Anders Schack-Mulligen	377301a55a	Merge pull request #17108 from aschackmull/dataflow/flowthrough-provenance Dataflow: Propagate provenance correctly for flow-through wrappers.	2024-08-01 09:35:56 +02:00
Owen Mansel-Chan	97c9207595	Merge pull request #17104 from owen-mc/go/add-extra-go-jose-package-path Go: Fix missing `go-jose` package path	2024-08-01 00:14:46 +01:00
yoff	251036c6b4	Merge pull request #17080 from sylwia-budzynska/streamlit Python: Add Streamlit models	2024-07-31 18:20:11 +02:00
Jami	f9f57e9122	Merge pull request #17023 from jcogs33/jcogs33/java/add-apache-ant-path-inj-sinks Java: add apache-ant `Property` path injection sinks	2024-07-31 11:04:13 -04:00
Geoffrey White	20672acb74	Merge pull request #17110 from geoffw0/memfree C++: Improve cpp/memory-may-not-be-freed	2024-07-31 15:59:42 +01:00
Mathias Vorreiter Pedersen	06a4f907ef	Merge pull request #17109 from MathiasVP/constexpr-if-unevaluated C++: Mark `constexpr if` as unevaluated	2024-07-31 15:34:29 +01:00
Owen Mansel-Chan	6280ed2a6b	Merge pull request #13555 from am0o0/amammad-java-bombs Java: Decompression Bombs	2024-07-31 14:55:28 +01:00
Geoffrey White	c172b946a1	C++: Change note.	2024-07-31 14:55:15 +01:00
Geoffrey White	4aea4c0323	C++: Simple fix.	2024-07-31 14:46:25 +01:00
Geoffrey White	c04428dedc	C++: Add test cases for the memory freed queries.	2024-07-31 14:03:56 +01:00
Anders Schack-Mulligen	9724516c84	C#/Go/Java/Python/Ruby: Accept qltest .expected changes.	2024-07-31 14:45:10 +02:00
Anders Schack-Mulligen	af06763c42	Dataflow: Propagate provenance correctly for flow-through wrappers.	2024-07-31 14:37:13 +02:00
Jami	4fb29c4473	Merge branch 'main' into jcogs33/java/add-apache-ant-path-inj-sinks	2024-07-31 08:15:07 -04:00
Mathias Vorreiter Pedersen	61eda0df9d	C++: Add change note.	2024-07-31 13:13:19 +01:00
Jami	05b0a3f41c	Merge pull request #17093 from jcogs33/jcogs33/java/provenance-postprocess-qltest-remaining-lib-tests Java: Add support for post-process provenance pretty-printing in `.ql` library-tests	2024-07-31 08:11:15 -04:00
Mathias Vorreiter Pedersen	fe575df325	C++: Mark constexpr if as unevalauted.	2024-07-31 13:09:12 +01:00
Mathias Vorreiter Pedersen	4e62dc81d2	C++: Add constexpr if testcase.	2024-07-31 13:08:49 +01:00
yoff	123dcc75d1	Merge pull request #16971 from RasmusWL/mad-dict-source Python: Add MaD support for DictionaryElement/DictionaryElementAny for sources	2024-07-31 13:40:07 +02:00
Sylwia Budzynska	9bd00c9e1e	Change Gradio rfs test to use shared rfs test module	2024-07-31 13:25:32 +02:00
Sylwia Budzynska	2a6ad00a2f	Fix typo	2024-07-31 13:22:27 +02:00
Sylwia Budzynska	72e7b6c872	Update python/ql/lib/semmle/python/frameworks/Streamlit.qll Co-authored-by: yoff <lerchedahl@gmail.com>	2024-07-31 13:20:01 +02:00
Owen Mansel-Chan	01c6dbaa27	Accept provenance numbering changes	2024-07-31 12:19:18 +01:00
Owen Mansel-Chan	8901b1fd14	Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`	2024-07-31 12:16:03 +01:00
Owen Mansel-Chan	59e22f6cd9	Merge pull request #17101 from owen-mc/java/dead-ref-types-junit-4-5 Java: Fix FPs in `java/unused-reference-type` for JUnit 4-style tests	2024-07-31 11:11:35 +01:00
Owen Mansel-Chan	e4cd29efc6	Fix missing go-jose package path	2024-07-31 11:09:53 +01:00
Cornelius Riemenschneider	d75da82528	Merge pull request #17102 from github/criemen/installer-ripunzip Bazel installer: Retry ripunzip step.	2024-07-31 12:04:20 +02:00
Owen Mansel-Chan	f953249692	Merge pull request #17103 from github/workflow/coverage/update Update CSV framework coverage reports	2024-07-31 10:47:08 +01:00
Cornelius Riemenschneider	de47838c36	Remove unused exception class.	2024-07-31 11:31:11 +02:00
Owen Mansel-Chan	f8e8b362ab	Merge branch 'main' into workflow/coverage/update	2024-07-31 10:07:35 +01:00
Owen Mansel-Chan	3ece3ec50f	Merge pull request #17092 from owen-mc/go/provenance-postprocess-qltest Go: Add support for provenance pretty-printing	2024-07-31 09:54:28 +01:00
Cornelius Riemenschneider	1ce15ae2fd	Fix exit code when ripunzip isn't called.	2024-07-31 08:09:53 +02:00
github-actions[bot]	d0c2b4a60f	Add changed framework coverage reports	2024-07-31 00:15:22 +00:00
Edward Minnix III	bae0ea5599	Merge pull request #17042 from github/workflow/coverage/update Update CSV framework coverage reports	2024-07-30 20:04:23 -04:00
Cornelius Riemenschneider	fa6d61809e	Fix hang for targets without ripunzip.	2024-07-31 00:38:50 +02:00
Jami	d04dc9afe0	Merge pull request #17087 from jcogs33/jcogs33/java/provenance-postprocess-qltest Java: Add support for provenance pretty-printing as a qltest postprocess step	2024-07-30 16:55:26 -04:00
Jeroen Ketema	f986484813	Merge pull request #17098 from jketema/deduction C++: Update tests after extractor changes	2024-07-30 21:08:40 +02:00
Cornelius Riemenschneider	674a5bb9b4	Bazel installer: Retry ripunzip step. Ripunzip is great, but occasionally bugs out due to a parallelism issue. As we don't want this to fail CI, retry the entire ripunzip/installation step up to 3 times. We need to clean up the working directory as ripunzip doesn't support overwriting files. I've not been able to test this with the original issue (it doesn't seem to reproduce locally for me), but I injected another error and got 3 retries of installation.	2024-07-30 18:20:19 +02:00
Jami Cogswell	2db07bdbf3	Java: add missing models to experimental expected files	2024-07-30 12:13:18 -04:00

1 2 3 4 5 ...

69080 Commits