hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-04 06:36:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,771 Commits 1,699 Branches 161 Tags
d21c8d789b110f0fa47c9443fe0cb080e4dc5b60
Commit Graph

75771 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jami Cogswell
d21c8d789b Java: restrict sink to first arg of two-arg constructor call 2025-02-05 21:19:59 -05:00
Jami Cogswell
bd47dcc87d Java: check first arg for taint 2025-02-05 16:56:16 -05:00
Jami Cogswell
e8724ab220 Java: sanitize constructor call instead and update test cases 2025-02-05 15:46:10 -05:00
Jami Cogswell
4a4585a526 Java: move comment 2025-02-05 11:36:58 -05:00
Jami Cogswell
60cc16cc0e Java: change note 2025-02-04 17:51:34 -05:00
Jami Cogswell
59d454771d Java: add FileConstructorSanitizer and tests 2025-02-04 17:51:23 -05:00
Paolo Tranquilli
04476282a7 Merge pull request #18677 from paldepind/rust-model-struct-match 
Rust: Accept test changes
 2025-02-04 19:09:27 +01:00
Simon Friis Vindum
d198a4a3cd Rust: Accept test changes 2025-02-04 18:26:05 +01:00
Tom Hvitved
f1140530c0 Merge pull request #18656 from hvitved/rust/record-destruct-shorthand 
Rust: Shorthand record pattern destructuring in data flow
 2025-02-04 15:25:12 +01:00
Arthur Baars
2a32e8865d Merge pull request #18668 from github/post-release-prep/codeql-cli-2.20.4 
Post-release preparation for codeql-cli-2.20.4
 2025-02-04 14:22:53 +01:00
Jeroen Ketema
89bbef935d Merge pull request #18672 from jketema/codeblock-name 
C++: Update expected test results after extractor changes
 2025-02-04 13:39:54 +01:00
Jeroen Ketema
1591a56aab C++: Update expected test results after extractor changes 2025-02-04 13:19:49 +01:00
Simon Friis Vindum
8d01bbc1e3 Merge pull request #18628 from paldepind/rust-flow-summary-generation 
Rust: Initial model generation setup
 2025-02-04 12:37:09 +01:00
Asger F
294fd0a7a7 Merge pull request #18653 from asgerf/js/source-on-same-line 
Test: Don't expect 'Source' tag when source and alert are on the same same
 2025-02-04 11:01:46 +01:00
Asger F
3d3f07ad72 Merge pull request #18658 from asgerf/js/jsx-parser-first-attempt 
JS: Use JSX syntax in first attempt when extension is .jsx
 2025-02-04 10:49:26 +01:00
Simon Friis Vindum
cf4f6575d1 Merge branch 'main' into rust-flow-summary-generation 2025-02-04 10:42:11 +01:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
Simon Friis Vindum
07413315a1 Rust: Address PR comments 2025-02-04 10:19:04 +01:00
Tom Hvitved
90944d5252 Merge pull request #18609 from hvitved/rust/dataflow-path-resolution 
Rust: Use `PathResolution` module in data flow
 2025-02-04 10:11:54 +01:00
Simon Friis Vindum
fc15c0d3b2 Merge branch 'main' into rust-flow-summary-generation 2025-02-04 10:10:33 +01:00
Asger F
7bf69d92ca Merge pull request #2 from hvitved/js/source-on-same-line 
Test: Remove location parsing
 2025-02-04 10:09:35 +01:00
Tom Hvitved
acd31dd701 Merge pull request #18657 from hvitved/rust/dataflow-node-api 
Rust: Hide internal implementation details from `DataFlow::Node`
 2025-02-04 09:41:44 +01:00
Tom Hvitved
5a24440e59 Update rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-02-04 09:38:16 +01:00
Asger F
09270f4e20 JS: Change note 2025-02-04 09:36:46 +01:00
Tom Hvitved
fc04ad1ef0 Test: Remove location parsing 2025-02-04 09:34:33 +01:00
Michael Nebel
d3b714340e Merge pull request #18666 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2025-02-04 09:06:32 +01:00
github-actions[bot]
42b5222432 Add changed framework coverage reports 2025-02-04 00:20:33 +00:00
Arthur Baars
c524a98eb9 Merge pull request #18659 from github/release-prep/2.20.4 
Release preparation for version 2.20.4
codeql-cli/v2.20.4 		2025-02-03 19:35:41 +01:00
Arthur Baars
63da935979 Apply suggestions from code review 2025-02-03 18:44:03 +01:00
Arthur Baars
dd34690c17 Merge branch 'codeql-cli-2.20.4' into release-prep/2.20.4 2025-02-03 18:37:16 +01:00
Arthur Baars
49a306719e Merge pull request #18663 from github/main 
Merge main into codeql-cli-2.20.4
 2025-02-03 18:11:55 +01:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
Jeroen Ketema
5e927634bc Merge pull request #18660 from MathiasVP/fix-union-regression 
C++: Fix regression from #18629
 2025-02-03 16:15:11 +01:00
Jonas Jensen
0584aee72a Merge pull request #18636 from jbj/diff-informed-java-location-fixups 
Java: make diff-informed queries exact
 2025-02-03 15:22:43 +01:00
Tom Hvitved
45fc1daa74 Rust: Hide internal implementation details from DataFlow::Node 2025-02-03 14:12:56 +01:00
Mathias Vorreiter Pedersen
0e6936d418 C++: Strip the type when computing the base type of a chain of qualifiers. 2025-02-03 12:42:11 +00:00
Michael Nebel
e39ad940a7 Merge pull request #18587 from michaelnebel/csharp/updatestubs 
C#: Update stubs
 2025-02-03 13:19:52 +01:00
Michael Nebel
7e18b3e016 Merge pull request #18533 from michaelnebel/csharp/partialmembers 
C# 13: Partial properties and indexers.
 2025-02-03 13:18:43 +01:00
Asger F
2d36a5d478 JS: Use JSX syntax in first attempt when extension is .jsx 2025-02-03 13:17:15 +01:00
Tom Hvitved
f1050c4988 Rust: Shorthand record pattern destructuring in data flow 2025-02-03 13:00:52 +01:00
Tom Hvitved
4923156d0d Address review comments 2025-02-03 12:52:31 +01:00
Owen Mansel-Chan
a3de138ec2 Merge pull request #18511 from owen-mc/go/docs/data-flow 
Update documentation on data flow in Go (and some small fixes for java)
 2025-02-03 11:11:04 +00:00
Calum Grant
ed3ad1a226 Merge pull request #18613 from github/calumgrant/bmn/wrong-type-format-arg-linkage 
C++: Remove FPs in cpp/wrong-type-format-argument caused by no linker awareness
 2025-02-03 10:39:32 +00:00
Asger F
fc1d36f867 Rust: update a Rust test case 2025-02-03 11:31:04 +01:00
Asger F
78a7f2670a JS: Update a JS test case 2025-02-03 11:31:03 +01:00
Asger F
28472ae12f Test: Don't expect 'Source' tag when source and alert are on same line 
Previously the Source tag was required if the source and alert did not
have the exact same location. This relaxes the restriction to being on
the same line.

Note that in order to be "on the same line" both start and end lines
have to match.

It's still possible for a given line to expect both Alert and Source
tags, in case the source pairs up with another alert on a different
line.
 2025-02-03 11:31:02 +01:00
Jeroen Ketema
25d8f0e161 Merge branch 'main' into calumgrant/bmn/wrong-type-format-arg-linkage 2025-02-03 11:23:27 +01:00
Calum Grant
6e3a169544 C++: Add change note 2025-02-03 09:48:06 +00:00
Tom Hvitved
1066b880aa Merge pull request #18644 from hvitved/rust/fix-bad-join 
Rust: Fix a bad join
 2025-02-03 10:16:09 +01:00
Simon Friis Vindum
0a9b864738 Rust: Fix model generation test 2025-02-03 09:06:07 +01:00