hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-02 20:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
35,161 Commits 1,773 Branches 168 Tags
cf1de7c5aca7601fb20726e65bc530fc32c7ffff
Commit Graph

35161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
cf1de7c5ac Remove pseudo-properties 2022-04-29 21:21:57 +00:00
Esben Sparre Andreasen
c4fd1f3cf2 Remove 2020 sinks from SqlInjection.ql 2022-04-29 21:21:57 +00:00
Esben Sparre Andreasen
8722563f8e Remove 2020 sinks from Xss.ql 2022-04-29 21:21:57 +00:00
Esben Sparre Andreasen
e189fb30d3 Remove 2020 sinks from TaintedPath.ql 2022-04-29 21:21:57 +00:00
Jean Helie
d15f09e8aa ML: include Unknown endpoints in extraction query for training data 2022-04-29 23:20:38 +02:00
Erik Krogh Kristensen
b74d1fdb1a Merge pull request #8783 from erik-krogh/jsAbstractBi 
JS: don't initialize sanitizer-guards in the standard library
 2022-04-29 11:12:16 +02:00
Tony Torralba
9eb6022bbe Merge pull request #8954 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-04-29 10:06:57 +02:00
github-actions[bot]
1032dcd7e6 Add changed framework coverage reports 2022-04-29 00:15:05 +00:00
AlexDenisov
f6769735e5 Merge pull request #8939 from AlexDenisov/alexdenisov/swift-tracer-integration 
Swift: tracer integration
 2022-04-28 19:20:55 +02:00
Tom Hvitved
3fd93b460f Merge pull request #8935 from hvitved/ruby/typetracker-kw-test 2022-04-28 18:22:51 +02:00
Paolo Tranquilli
75265f7c42 Merge pull request #8947 from redsun82/swift-pragma-once 
Swift: use `#pragma once`
 2022-04-28 16:59:50 +02:00
AlexDenisov
a59d7f6a85 Update swift/extractor/main.cpp 2022-04-28 16:52:34 +02:00
Paolo Tranquilli
c4fae0806f Swift: use #pragma once 2022-04-28 16:39:27 +02:00
AlexDenisov
84bcc2e64a Merge branch 'main' into alexdenisov/swift-tracer-integration 2022-04-28 16:28:48 +02:00
Paolo Tranquilli
2374e6b401 Merge pull request #8934 from redsun82/swift-trapgen 
Swift: added trapgen
 2022-04-28 16:00:46 +02:00
Anders Schack-Mulligen
9d2f386032 Merge pull request #8878 from aschackmull/java/validationmethod-joinorder 
Java: Fix join-order.
 2022-04-28 14:35:20 +02:00
Tom Hvitved
8d2bf2228b Merge pull request #7914 from hvitved/ruby/generalize-element-content 
Ruby: Generalize `ArrayElementContent` to `ElementContent`
 2022-04-28 14:23:08 +02:00
Michael Nebel
ec316750d3 Merge pull request #8905 from michaelnebel/csharp/generatedcomment 
C#: Add auto generated comment to generated models as data files.
 2022-04-28 13:57:38 +02:00
Tom Hvitved
f7669815ce Address review comments 2022-04-28 13:50:26 +02:00
Alex Denisov
85918173a6 Swift: ensure the folder for trap files exists 2022-04-28 13:19:25 +02:00
Alex Denisov
9c73ae5a97 Swift: teach extractor to not produce artifacts 2022-04-28 13:18:20 +02:00
Michael Nebel
9d767b8ad8 Merge pull request #8869 from michaelnebel/csharp/frameworkcoverage 
C#: Port the java FrameworkCoverage query.
 2022-04-28 13:17:50 +02:00
Alex Denisov
5b75b4db79 Swift: add tracer config 2022-04-28 13:17:35 +02:00
Alex Denisov
4a03976a15 Swift: set compiler flags explicitly 2022-04-28 13:17:05 +02:00
Erik Krogh Kristensen
3c07ab59a1 Merge pull request #8936 from jketema/camel-case 
QL: Improve camel case query
 2022-04-28 12:32:46 +02:00
yoff
4553a0913f Merge pull request #8897 from tausbn/python-fix-bad-methodcallsite-join 
Python: Fix bad join in `MethodCallsiteRefinement`
 2022-04-28 12:17:33 +02:00
Jeroen Ketema
b6cf536f01 QL: Fix formatting 2022-04-28 12:05:47 +02:00
Paolo Tranquilli
773ef62406 Swift: added trapgen 
This checks in the trapgen script generating trap entries in C++.

The codegen suite has been slightly reorganized, moving the templates
directory up one level and chopping everything into smaller bazel
packages. Running tests is now done via
```
bazel run //swift/codegen/test
```

With respect to the PoC, the nested `codeql::trap` namespace has been
dropped in favour of a `Trap` prefix (or suffix in case of entries)
within the `codeql` namespace. Also, generated C++ code is not checked
in in git any more, and generated during build. Finally, labels get
printed in hex in the trap file.

`TrapLabel` is for the moment only default-constructible, so only one
single label is possible. `TrapArena`, that is responsible for creating
disjoint labels will come in a later commit.
 2022-04-28 12:01:59 +02:00
Tony Torralba
604a5fc71f Merge pull request #8639 from atorralba/atorralba/spring-beans-improvements 
Java: Improve Spring models
 2022-04-28 11:59:51 +02:00
Michael Nebel
150d9ba52c Update .github/workflows/csv-coverage-metrics.yml 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-04-28 11:57:53 +02:00
Henry Mercer
52a417b02d Merge pull request #8921 from github/dependabot/github_actions/actions/setup-python-3 
Bump actions/setup-python from 2 to 3
 2022-04-28 10:57:02 +01:00
Jeroen Ketema
62831e93fe QL: Add filter for NewType to camel case query 2022-04-28 11:54:42 +02:00
Henry Mercer
03c311181a Merge pull request #8922 from github/dependabot/github_actions/actions/download-artifact-3 
Bump actions/download-artifact from 2 to 3
 2022-04-28 10:45:49 +01:00
Jeroen Ketema
3db9d56259 QL: Improve message for camel cazse query 2022-04-28 11:41:17 +02:00
Jeroen Ketema
52fc2dac47 QL: Add camel case tests 2022-04-28 11:38:14 +02:00
Mathias Vorreiter Pedersen
2517371a37 Merge pull request #8933 from MathiasVP/revert-globals 
C++: Revert #8515
 2022-04-28 10:38:08 +01:00
Tom Hvitved
29f1c533a9 Ruby: Add type tracker tests for flow through keyword/positional parameters 2022-04-28 11:34:12 +02:00
Michael Nebel
c606121ae7 C#: Move autogenerated comment to file level instead of having it on each class. 2022-04-28 11:27:49 +02:00
Michael Nebel
57fc4d987f C#: Fix indentation. 2022-04-28 11:19:54 +02:00
Michael Nebel
583b9b61de C#: Add job for running the framework coverage query for C#. 2022-04-28 11:19:49 +02:00
Michael Nebel
98b2bc06ce C#: Port the java FrameworkCoverage query. 2022-04-28 11:18:12 +02:00
Tom Hvitved
db856798b9 Merge pull request #8920 from github/dependabot/github_actions/actions/setup-dotnet-2 
Bump actions/setup-dotnet from 1 to 2
 2022-04-28 10:47:28 +02:00
Stephan Brandauer
f4104e2b72 Merge pull request #8886 from kaeluka/add-rest-parameter-flowstep 
JS: Add flow step to `...rest` parameters
 2022-04-28 08:39:50 +01:00
Tony Torralba
1f1581cc97 Merge pull request #8913 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-04-28 09:34:52 +02:00
dependabot[bot]
8c4e92d065 Bump actions/download-artifact from 2 to 3 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:59 +00:00
dependabot[bot]
c8fd94a830 Bump actions/setup-python from 2 to 3 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:57 +00:00
dependabot[bot]
6526ee797d Bump actions/setup-dotnet from 1 to 2 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 1 to 2.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:55 +00:00
github-actions[bot]
018558b823 Add changed framework coverage reports 2022-04-28 00:18:25 +00:00
Harry Maclean
ba1d43dd42 Merge pull request #8658 from hmac/hmac/insecure-download 
Ruby: Add InsecureDownload query
 2022-04-28 11:07:35 +12:00
Harry Maclean
f4453f4da2 Merge pull request #8573 from hmac/hmac/missing-regexp-anchor 
Ruby: Add MissingRegExpAnchor query
 2022-04-28 11:06:33 +12:00