hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 13:34:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
78,717 Commits 1,740 Branches 165 Tags
d1e769ba54bfe40596c4231eabc55e1e82b48a7f
Commit Graph

78717 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys Klicius
d1e769ba54 Merge pull request #19422 from Napalys/js/shelljs 
JS: Modeling of `ShellJS` functions
 2025-05-02 14:18:44 +02:00
Napalys Klicius
871e93d9fe Update javascript/ql/lib/semmle/javascript/frameworks/ShellJS.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-05-02 13:39:46 +02:00
Michael Nebel
74669cb0cb Merge pull request #19382 from michaelnebel/shared/modelgenrefactor 
Shared: Re-factor summary, source and sink model generators into separate modules.
 2025-05-02 09:38:24 +02:00
Tamás Vajk
cb1c3736fe Merge pull request #19413 from tamasvajk/quality/query-suite-selector 
Add code quality suite selector and use that in the code quality suites
 2025-05-02 08:18:48 +02:00
Napalys Klicius
f652686607 Merge pull request #19444 from Napalys/python/hdbcli 
Python: modeling of `hdbcli`
 2025-05-01 17:58:31 +02:00
Tom Hvitved
40f80ff4e7 Merge pull request #19442 from hvitved/rust/clone-modeling 
Rust: Strengthen modeling of the `Clone` trait
 2025-05-01 17:11:42 +02:00
Jeroen Ketema
8ad6938a82 Merge pull request #19434 from jketema/array-barrier 
C++: Limit flow through sinks and sources in `cpp/upcast-array-pointer-arithmetic`
 2025-05-01 16:42:53 +02:00
yoff
d7e6e1dd66 Merge pull request #19432 from yoff/python/model-http-server-header-write 
python: model `send_header` from `http.server`
 2025-05-01 15:34:05 +02:00
Taus
481adcea0a Merge pull request #18449 from github/tausbn/misc-add-script-for-calculating-mrva-totals 
Misc: Add script for calculating totals for a MRVA run
 2025-05-01 15:17:19 +02:00
Owen Mansel-Chan
e0549483fd Merge pull request #19429 from owen-mc/fix-cwe-tags-missing-leading-zero 
Fix cwe tags to include leading zero
 2025-05-01 14:09:54 +01:00
Napalys Klicius
da7c0931b8 Added hdbcli to be part of supported-framework as well as change note 2025-05-01 14:18:08 +02:00
Napalys Klicius
e1fc0ca051 Added implementation hdbcli as part of PEP249::PEP249ModuleApiNode 2025-05-01 14:18:02 +02:00
Napalys Klicius
0325f368fe Added test case for hdbcli 2025-05-01 13:57:14 +02:00
Nick Rolfe
817237ce54 Merge pull request #19441 from github/nickrolfe/mergeback-2.21.2 
Merge back 2.21.2 release branch
 2025-05-01 11:55:29 +01:00
Napalys Klicius
6ba0dc20a3 Merge pull request #19439 from Napalys/js/fastify-all 
JS: Modeling of `fastify`
 2025-05-01 12:11:52 +02:00
Owen Mansel-Chan
0863c87572 Add change notes 2025-05-01 10:33:24 +01:00
Napalys Klicius
68a9dd9f9e Address comments 2025-05-01 11:19:41 +02:00
Napalys Klicius
d4b5ef6a66 Refactor process.env handling in CleartextLogging and IndirectCommandInjection modules to use ThreatModelSource 2025-05-01 11:14:15 +02:00
Napalys Klicius
33d8ffa83e Added test cases for shelljs.env 2025-05-01 11:11:29 +02:00
Napalys Klicius
602500e280 Added change note 2025-05-01 11:09:56 +02:00
Napalys Klicius
40d176a770 Added model for shelljs.env 2025-05-01 11:09:47 +02:00
Tom Hvitved
423e2dac91 Rust: Strenghten the modeling of the Clone trait 2025-05-01 10:54:52 +02:00
Tom Hvitved
1770f568a2 Merge pull request #19367 from hvitved/rust/type-inference-try-expr 
Rust: Type inference for `?` expressions
 2025-05-01 10:27:49 +02:00
Nick Rolfe
20f7781d9f Merge pull request #19437 from adityasharad/docs/fix/2.21.0-escaping 
Docs: Fix escaping in 2.21.0 changelog
 2025-05-01 09:27:41 +01:00
Nick Rolfe
005a27bff9 Merge pull request #19436 from adityasharad/actions/ga-change-note 
Actions: Retroactively add GA changenote
codeql-cli/v2.21.2 		2025-05-01 09:21:15 +01:00
Simon Friis Vindum
bab84d03d1 Merge pull request #19419 from paldepind/rust-precise-implicit-deref-borrow 
Rust: Use type inference to insert implicit borrows and derefs
 2025-05-01 08:41:37 +02:00
Aditya Sharad
36199b3f06 Docs: Fix escaping in 2.21.0 changelog 
These break when the RST is processed.
Escape the backslashes and consistently add
inline code blocks.
 2025-04-30 16:40:36 -07:00
Aditya Sharad
6285c2e502 Actions: Retroactively add GA changenote 
This was manually added in the docs site at the time of 2.21.1 release and GA.
Include the change note in the relevant places so it remains
in future docs updates:
- codeql/actions-queries@0.5.4
- codeql/actions-all@0.4.7
- 2.21.1 changelog
 2025-04-30 16:24:22 -07:00
Jeroen Ketema
2ed48ae571 C++: Update expected test results after barrier introduction 2025-04-30 20:51:27 +02:00
Tom Hvitved
a3c26b4bfe Rust: Type inference for ? expressions 2025-04-30 20:35:11 +02:00
Tom Hvitved
88075c4c8c Rust: Make manual tweaks to Copilot generated code 2025-04-30 20:35:10 +02:00
Tom Hvitved
51e70d0c3b Rust: Add Copilot generated test for ? operator expressions 2025-04-30 20:35:09 +02:00
Jeroen Ketema
723778fa82 C++: Limit flow through sinks and sources in cpp/upcast-array-pointer-arithmetic 2025-04-30 20:31:12 +02:00
Jeroen Ketema
359aa02602 Merge pull request #19410 from jketema/header-variant 
C++: Turn header variant tests that use PCH files into integration tests
 2025-04-30 20:10:30 +02:00
yoff
e63b38c515 python: add change note 2025-04-30 20:05:55 +02:00
yoff
cf45e771f3 python: remove copied comment 2025-04-30 20:01:43 +02:00
yoff
531f2a15a4 python: model send_header from http.server 2025-04-30 19:58:14 +02:00
Jeroen Ketema
3423a1072a C++: Address review comments 2025-04-30 19:10:35 +02:00
Owen Mansel-Chan
a9132c43d0 Fix incorrect CWE tags 2025-04-30 16:47:35 +01:00
Owen Mansel-Chan
cf614a596d Fix cwe tags to include leading zero 2025-04-30 16:43:03 +01:00
Simon Friis Vindum
c263d3faf9 Rust: Remove predicates unused after refactor 2025-04-30 17:39:22 +02:00
Tom Hvitved
302680cfb2 Merge pull request #19425 from hvitved/rust/type-inference-debug-predicates 
Rust: Add type inference debug predicates
 2025-04-30 17:03:05 +02:00
Jeroen Ketema
edd18dc052 C++: Address review comment 2025-04-30 16:23:06 +02:00
Jonas Jensen
c8e564b2ba Merge pull request #19416 from jbj/ruby-no-diff-informed-regex 
Ruby: disable diff-informed mode on regex queries
 2025-04-30 15:17:20 +02:00
Tom Hvitved
4f5b340278 Rust: Add type inference debug predicates 2025-04-30 15:12:58 +02:00
Tom Hvitved
389f15e670 Merge pull request #19362 from hvitved/rust/crate-extraction-workarounds 
Rust: Crate graph extraction workarounds
 2025-04-30 15:11:26 +02:00
Napalys Klicius
9624a413e4 Added change note 2025-04-30 14:57:00 +02:00
Napalys Klicius
71f1b82a56 Added support for fastify.all 2025-04-30 14:54:09 +02:00
Napalys Klicius
6d61766366 Added test case for fastify.all 2025-04-30 14:50:35 +02:00
Simon Friis Vindum
f584d22b53 Rust: Use type inference to insert implicit borrows and derefs 2025-04-30 14:43:51 +02:00