hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-06 11:10:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
59,368 Commits 1,675 Branches 157 Tags
cb749bd9730c8f174f4f51a2dff68c2ba82ca61e
Commit Graph

59368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
cb749bd973 Swift: CFG for normal autoclosure exprs 2023-10-06 20:14:49 +00:00
Robert Marsh
661da76838 Swift: add function call autoclosure tests 2023-10-06 19:49:33 +00:00
Robert Marsh
f7ca8e5b39 Merge pull request #14224 from rdmarsh2/rdmarsh2/swift/nil-coalescing-cfg 
Swift: CFG and data flow for nil coalescing operator
 2023-10-04 09:43:31 -04:00
Owen Mansel-Chan
3703c5626f Merge pull request #14364 from owen-mc/go/improve-output-of-check-formatting-in-makefile 
Go: improve output of check formatting in makefile
 2023-10-04 11:54:40 +01:00
Rasmus Wriedt Larsen
9c02b4f21c Merge pull request #14289 from microsoft/jb1/16-cryptography-models-libraries-and-queries-migration 
16 cryptography models libraries and queries migration
 2023-10-04 12:27:59 +02:00
Owen Mansel-Chan
bd2c49fcf0 Improve message 2023-10-04 11:07:19 +01:00
Owen Mansel-Chan
567052f35e Keep line breaks in list of files formatting 2023-10-04 10:23:29 +01:00
Henry Mercer
99646ba2a3 Merge pull request #14367 from github/henrymercer/rc-3.11-mergeback 
Merge `rc/3.11` into `main`
 2023-10-04 10:05:38 +01:00
Michael Nebel
ecd8561104 C#: Undo poor mans quoting fix as it conflicts with the permanent solution. 2023-10-04 09:19:55 +02:00
Josh Brown
de2e8b0b12 explicit "this" qualifiers 2023-10-03 16:13:54 -07:00
Josh Brown
ad86e576a4 autoformat 2023-10-03 13:40:17 -07:00
Josh Brown
b683a3caf8 Merge branch 'main' into jb1/16-cryptography-models-libraries-and-queries-migration 2023-10-04 07:24:29 +11:00
Robert Marsh
06da5fd05c Swift: move import to make codegen happy 2023-10-03 17:23:00 +00:00
Geoffrey White
d258f69ab0 Merge pull request #14329 from geoffw0/sinks 
Swift: Update summary queries
 2023-10-03 17:39:00 +01:00
Geoffrey White
34b33e1577 Merge pull request #14328 from geoffw0/debugdesc 
Swift: Model .description, .debugDescription more generally
 2023-10-03 17:37:22 +01:00
Geoffrey White
c518f39a0c Merge pull request #14357 from geoffw0/commandinject3 
Swift: Replace two additional taint steps with implicit reads
 2023-10-03 17:34:59 +01:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Robert Marsh
cdef0796e3 Swift: QLDoc for NilCoalescingExpr.qll 2023-10-03 15:00:03 +00:00
Robert Marsh
497f0aa8ab Swift: sync test files and update expectation 2023-10-03 14:57:04 +00:00
Michael Nebel
8224f172b2 Merge pull request #14257 from michaelnebel/java/threatmodelsources 
Java: Introduce a class of dataflow nodes for the threat modeling.
 2023-10-03 16:10:49 +02:00
Tamás Vajk
df988e46da Merge pull request #14351 from tamasvajk/csharp/standalone-compilation 
C#: Extract compilation DB entity in standalone mode
 2023-10-03 14:21:21 +02:00
Owen Mansel-Chan
5433636d49 Fix formatting errors in files included in qhelp 2023-10-03 12:48:03 +01:00
Owen Mansel-Chan
2a52455619 Improve output of check-formatting in Makefile 
The list of files that would change when reformatted is now printed.
Also, parsing errors now make the check fail.
 2023-10-03 12:48:01 +01:00
Ian Lynagh
c365f459fd Merge pull request #14355 from igfoo/igfoo/lang-vers 
Kotlin: Specify language version when compiling for old compilers
 2023-10-03 11:33:23 +01:00
Mathias Vorreiter Pedersen
dbe3bd0c50 Merge pull request #14360 from MathiasVP/promote-use-after-free-and-double-free 
C++: Promote `cpp/double-free` and `cpp/use-after-free` to Code Scanning
 2023-10-03 11:52:23 +02:00
Michael Nebel
fcbd301de8 Java: Address review comments. 2023-10-03 10:36:45 +02:00
Mathias Vorreiter Pedersen
b6ed9ccfda C++: Add change notes. 2023-10-03 09:33:40 +02:00
Mathias Vorreiter Pedersen
7084dc1a88 C++: Promote 'cpp/use-after-free' and 'cpp/double-free' to Code Scanning. 2023-10-03 09:22:47 +02:00
Mathias Vorreiter Pedersen
5632dd5e46 Merge pull request #14275 from alexet/fix-use-after-free-fp 
CPP: Fix some use after free FPs.
 2023-10-03 09:16:42 +02:00
Michael Nebel
5b949b19f7 Java: Cleanup threat model taxanomy to align with the EDR. 2023-10-03 09:16:39 +02:00
Michael Nebel
5c700afa27 Java: Add some threat model dataflow tests. 2023-10-03 09:16:39 +02:00
Michael Nebel
537965c0e8 Java: Add some testfiles. 2023-10-03 09:16:39 +02:00
Michael Nebel
2055d5492c Java: Let RemoteFlowSource and LocalUserInput extends SourceNode and fine grain the LocalUserInput threat models. 2023-10-03 09:16:38 +02:00
Michael Nebel
9a112dde66 Java: Introduce a class of dataflow nodes for the threat modeling. 2023-10-03 09:16:38 +02:00
Geoffrey White
bbd3c66d5a Swift: Update for CollectionContent. 2023-10-02 20:32:24 +01:00
Geoffrey White
81b358a711 Swift: Replace a similar additional taint step in another query. 2023-10-02 20:19:40 +01:00
Geoffrey White
27bdee8058 Swift: Replace additional taint step with implict read. 
Now that we have array content, this is a more principled approach than having a special case data step.
 2023-10-02 20:19:30 +01:00
Robert Marsh
ca722dc74c Swift: add NilCoalescingTest node to CFG 
Fixes an issue where a nil-coalescing operation used in a boolean
context would result in no control flow out of the default operand of
the nil-coalescing operator.
 2023-10-02 18:07:11 +00:00
Ian Lynagh
513a39f0b4 Kotlin: Specify language versino when compiling for old compilers 
Otherwise builds with Kotlin 2 won't work with older compilers.
 2023-10-02 18:14:01 +01:00
Ian Lynagh
f3c5c01ec5 Kotlin: Drop support for 1.4.32 
We never claimed to support anything < 1.5.0, and compiling with
-language-version 1.4 fails as it's not meant to support sealed classes.

If we build 1.4.32 with -language-version 1.5 using a 2.0 compiler,
then the resulting plugin also fails.
 2023-10-02 17:29:10 +01:00
Tom Hvitved
2684a22484 Merge pull request #14255 from hvitved/dataflow/perf-improvements 
Data flow: Performance improvements
 2023-10-02 16:37:24 +02:00
Tamas Vajk
b2514b3c69 Adjust expected test output 2023-10-02 13:35:16 +02:00
Tamas Vajk
de45a9b137 C#: Extract compilation DB entity in standalone mode 2023-10-02 12:54:49 +02:00
Rasmus Wriedt Larsen
e7384da162 Merge pull request #14341 from GeekMasher/py-django-restframework 
Python - Add support for RestFramework ModelViewSet functions
 2023-10-02 10:50:11 +02:00
Henry Mercer
0dd3837c31 Merge pull request #14345 from github/adityasharad/atm/remove-js-ml-tests 
ATM/JS: Remove test workflow
 2023-10-02 09:44:46 +01:00
Tom Hvitved
4fa93a077c Address review comments 2023-10-02 09:03:12 +02:00
Erik Krogh Kristensen
5dccc8d33e Merge pull request #14348 from github/dependabot/cargo/ql/regex-1.9.6 
Bump regex from 1.9.5 to 1.9.6 in /ql
 2023-10-02 08:34:59 +02:00
dependabot[bot]
a86b010504 Bump regex from 1.9.5 to 1.9.6 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.9.5 to 1.9.6.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.9.5...1.9.6)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 03:33:25 +00:00
Aditya Sharad
cf98b84279 ATM/JS: Remove test workflow 
These queries are deprecated, and upcoming nightly CLIs will no longer support their experimental functionality. To avoid test breakage, remove this workflow.

The code and tests can be cleaned up as future follow-up.
 2023-09-29 15:19:45 -07:00