hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,537 Commits 1,693 Branches 160 Tags
cedbfbe7ea4841583f2c7ed1ca9c5ef235109151
Commit Graph

64537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
cedbfbe7ea C++: Use a more generous definition of compatible types. 2024-03-07 10:50:20 -08:00
Mathias Vorreiter Pedersen
9e77b89885 Update TypeConfusion.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2024-03-07 08:33:49 -08:00
Mathias Vorreiter Pedersen
b876117ecc C++: Add more QLDoc. 2024-03-06 22:25:04 -08:00
Mathias Vorreiter Pedersen
01fc7432cb C++: Add more tests. 2024-03-06 22:17:33 -08:00
Mathias Vorreiter Pedersen
bf84f3a936 C++: Add FN. 2024-03-06 21:19:17 -08:00
Mathias Vorreiter Pedersen
3295d5cb9f C++: Add more QLDoc. 2024-03-06 21:17:57 -08:00
Mathias Vorreiter Pedersen
fc9919a5b6 C++: Add a test that exercise the 'last field' check. 2024-03-06 21:17:55 -08:00
Mathias Vorreiter Pedersen
c2db5f490e C++: Add more FNs and FPs to show examples of where the 'successor typing' strategy fails. 2024-03-06 21:16:51 -08:00
Mathias Vorreiter Pedersen
cd57cd0d8a C++: Add qhelp reference. 2024-03-06 21:15:27 -08:00
Mathias Vorreiter Pedersen
cf4c8eb517 C++: Add more tests. 2024-03-06 21:15:25 -08:00
Mathias Vorreiter Pedersen
6dc0fa515d C++: Add change note. 2024-03-06 21:11:36 -08:00
Mathias Vorreiter Pedersen
8ae6fa5366 C++: Add a new query 'cpp/type-confusion' for detecting type confusion vulnerabilities. 2024-03-06 21:11:32 -08:00
Joe Farebrother
dcc6f83d3b Merge pull request #15782 from joefarebrother/ruby-typhoeus 
Ruby: Model `Typhoeus::Request.new`
 2024-03-05 16:55:38 +00:00
Joe Farebrother
7027b7fe82 Apply review suggestions: Use getInstance and clarify predicate name/qldoc. Also fix changenote formatting. 2024-03-05 16:34:48 +00:00
Tamás Vajk
b4fdd4e222 Merge pull request #15808 from tamasvajk/buildless/package-source-telemetry 
C#: Add package source error count to DB
 2024-03-05 17:20:38 +01:00
Ian Lynagh
edd383afc1 Merge pull request #15803 from igfoo/igfoo/del1 
Kotlin 2: Accept more location changes
 2024-03-05 14:41:05 +00:00
Tamas Vajk
2b99b83857 C#: Add package source error count to DB 2024-03-05 15:32:08 +01:00
Owen Mansel-Chan
8e43c5c683 Merge pull request #15811 from owen-mc/go/limit-password-heuristics 
Go: Only check strings of length <= 100 for dummy password with <= 2 unique characters
 2024-03-05 13:42:26 +00:00
Owen Mansel-Chan
4dde1fb117 Only check strings of length <= 100 for dummy password with <= 2 unique characters 2024-03-05 11:45:17 +00:00
Tom Hvitved
5be75e91fc Merge pull request #15796 from hvitved/csharp/variable-capture-follow-up 
C#: Variable capture follow-up
 2024-03-05 09:58:23 +01:00
Tony Torralba
a78e04eb34 Merge pull request #15795 from atorralba/atorralba/go/macaron-sources 
Go: Add Macaron sources
 2024-03-05 09:08:58 +01:00
Tony Torralba
05aaf2bb67 Merge pull request #15805 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-03-05 08:53:41 +01:00
github-actions[bot]
84f3771cdd Add changed framework coverage reports 2024-03-05 00:15:54 +00:00
Ian Lynagh
6e09dcc16a Kotlin 2: Accept more loc changes in exprs 2024-03-04 19:06:32 +00:00
Ian Lynagh
22e6c676c3 Kotlin 2: Accept loc change for a string literal in expr test 2024-03-04 19:02:40 +00:00
Ian Lynagh
b7d2e54bbd Kotlin 2: exprs test: Accept loc change for ClassWithDelegate 2024-03-04 19:00:40 +00:00
Ian Lynagh
00ab1a3129 Kotlin 2: exprs test: Accept loc change for MyClass 2024-03-04 19:00:38 +00:00
Tom Hvitved
a92e394a7c C#: Variable capture follow-up 2024-03-04 19:36:30 +01:00
Tony Torralba
7286f56718 Change tests to inline expectations 2024-03-04 17:29:12 +01:00
Owen Mansel-Chan
331f308997 Merge pull request #13692 from Marcono1234/patch-1 
Mention needed imports at top of "Analyzing data flow in Java"
 2024-03-04 15:32:18 +00:00
Owen Mansel-Chan
e124b07611 Merge branch 'main' into patch-1 2024-03-04 14:44:23 +00:00
Owen Mansel-Chan
dcc2b2c50d Merge pull request #15057 from aydinnyunus/main 
Web Cache Deception Vulnerability on Go Frameworks
 2024-03-04 14:36:39 +00:00
yoff
00e77a3ddb Merge pull request #15720 from RasmusWL/nosql-precision 
Python: Add precision to NoSQL query
 2024-03-04 14:44:46 +01:00
yoff
569bb991d4 Merge pull request #15775 from RasmusWL/scope-consistency 
Python: Add consistency check for `PhaseDependentFlow`
 2024-03-04 14:43:13 +01:00
Tom Hvitved
357638baa8 C#: Update variable capture test 2024-03-04 14:39:48 +01:00
yoff
a9ce2e10ad Merge pull request #15781 from RasmusWL/dict-update 
Python: Fix missing DictionaryElementContents
 2024-03-04 14:37:34 +01:00
Tony Torralba
fc12537699 Go: Add Macaron sources 2024-03-04 14:29:56 +01:00
Ian Lynagh
ab288d0d4c Merge pull request #15712 from igfoo/igfoo/k2ref 
Kotlin 2: Accept changes in library-tests/reflection
 2024-03-04 13:19:56 +00:00
Michael B. Gale
e5de4f2d67 Merge pull request #15789 from github/mbg/go/autobuilder-review-comments 2024-03-04 13:19:29 +00:00
Ian Lynagh
73fe20f33b Merge pull request #15713 from igfoo/igfoo/past 
Kotlin 2: Accept some PrintAst changes in library-tests/exprs
 2024-03-04 13:12:49 +00:00
Max Schaefer
1f3a3492ae Merge pull request #15792 from github/max-schaefer-patch-1 
Java: Fix sink type in hudson.model.yml
 2024-03-04 13:08:47 +00:00
Ian Lynagh
9bad1e60db Merge pull request #15765 from igfoo/igfoo/deleg 
Kotlin 2: Accept loc changes in library-tests/exprs/delegatedProperties
 2024-03-04 13:02:34 +00:00
Michael B. Gale
9b5bf519a1 Update go/extractor/project/project.go 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-03-04 12:25:40 +00:00
Owen Mansel-Chan
279605b486 Merge pull request #15786 from owen-mc/java/sensitive-logging-query-exclude-null-in-variable-name 
Java: sensitive logging query exclude null in variable name
 2024-03-04 12:14:42 +00:00
Michael B. Gale
acf2f761a6 Go: Improve log message for InitGoModForLegacyProject 2024-03-04 12:14:24 +00:00
Michael B. Gale
1a13a0e4c9 Go: Log discovered Go modules in case workspace files can't be read/parsed 2024-03-04 12:14:24 +00:00
Michael B. Gale
52b273ae23 Go: Include workspace count in success message 2024-03-04 12:14:24 +00:00
Michael B. Gale
8055c5d9e3 Go: Avoid extra loop to track unsuccessfulProjects 2024-03-04 12:14:23 +00:00
Michael B. Gale
020eb4aed7 Go: Use slices.Concat for bazelPaths 2024-03-04 12:14:23 +00:00
Michael B. Gale
040a288bb3 Go: Update comment to replace Go.mod with go.mod 2024-03-04 12:14:23 +00:00