hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 17:04:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,570 Commits 1,679 Branches 158 Tags
d8985f9f5bc489f2c15049249e00a7d4ea34a945
Commit Graph

63570 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
d8985f9f5b Move tests for local auth to a folder 2024-02-12 13:49:45 +00:00
Joe Farebrother
c79a3eb6ae Add query for insecure key generation 2024-02-12 13:49:44 +00:00
Joe Farebrother
75a2b9415c Merge pull request #15481 from joefarebrother/android-local-auth 
Java: Add query for insecure local authentication
 2024-02-12 13:48:53 +00:00
Tony Torralba
db2eb202ee Merge pull request #15565 from atorralba/atorralba/java/open-redirect-sanitizer 
Java: Add extension point and default sanitizer to Open Redirect query
 2024-02-12 14:42:52 +01:00
Ian Lynagh
931b27f76c Merge pull request #15573 from igfoo/igfoo/k2-more 
Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected
 2024-02-12 13:29:19 +00:00
Ian Lynagh
a7eac1100b Merge pull request #15569 from igfoo/igfoo/kt2-accept 
Kotlin 2: Accept more location changes
 2024-02-12 13:29:10 +00:00
Erik Krogh Kristensen
1520305ae1 Merge pull request #15523 from erik-krogh/exclude-tagged 
JS: exclude tagged template literals from `js/superfluous-trailing-arguments`
 2024-02-12 11:31:18 +01:00
Joe Farebrother
d3fea4044e Apply suggestions from documentation review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-02-12 10:27:56 +00:00
Nick Rolfe
b2ee5808f0 Merge pull request #15496 from github/nickrolfe/loc-fresh-ids 
Tree-sitter extractors: use fresh IDs for locations
 2024-02-12 09:54:09 +00:00
Tony Torralba
cf7091ae5f Merge branch 'main' into atorralba/java/open-redirect-sanitizer 2024-02-12 10:31:52 +01:00
Tony Torralba
5f729d57fa Merge pull request #15578 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-02-12 09:24:05 +01:00
Tom Hvitved
b27b89bff7 Merge pull request #15567 from hvitved/csharp/cache-module 
C#: Actually cache module `Cached`
 2024-02-12 09:15:49 +01:00
Tom Hvitved
9634511ac5 Merge pull request #15489 from hvitved/csharp/lambda-field-flow 
C#: Additional tracking of lambdas through fields and properties
 2024-02-12 09:14:21 +01:00
Erik Krogh Kristensen
4d65e4e985 Merge pull request #15579 from github/dependabot/cargo/ql/chrono-0.4.34 
Bump chrono from 0.4.33 to 0.4.34 in /ql
 2024-02-12 08:47:22 +01:00
dependabot[bot]
3212f80bea Bump chrono from 0.4.33 to 0.4.34 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.33 to 0.4.34.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.33...v0.4.34)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-12 03:38:19 +00:00
github-actions[bot]
3cba1764e2 Add changed framework coverage reports 2024-02-12 00:16:45 +00:00
Tom Hvitved
e75f7dd7f9 Merge pull request #15540 from hvitved/variable-capture-overwrite 2024-02-10 10:25:29 +01:00
Joe Farebrother
16aed18821 Address reviews - Elaborate on docs and update severity 2024-02-09 13:53:36 +00:00
Ian Lynagh
ab758d5f1e Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected 2024-02-09 13:53:05 +00:00
Tom Hvitved
37d774176b Ruby: Fix SSA inconsistency 2024-02-09 14:49:26 +01:00
Tom Hvitved
1ea7717714 Capture flow: Take overwrites in nested scopes into account 2024-02-09 14:49:23 +01:00
Tom Hvitved
0c43ad45b4 Ruby: Add another captured variable data flow test 2024-02-09 14:48:36 +01:00
Ian Lynagh
0547c877c2 Kotlin 2: Accept some location changes in library-tests/methods/exprs.expected 2024-02-09 13:34:56 +00:00
Ian Lynagh
be4413ffc8 Kotlin 2: Accept changes in library-tests/methods/parameters.expected 
These mostly make things consistent with Kotlin 1.
 2024-02-09 13:19:26 +00:00
Ian Lynagh
b836260b9a Kotlin 2: Accept some test changes 
I'm not sure these are an improvement, but they bring Kotlin 2 back in
line with Kotlin 1.
 2024-02-09 13:15:02 +00:00
Anders Schack-Mulligen
566351a49a Merge pull request #15549 from aschackmull/dataflow/empty-provenance 
Dataflow: Add empty provenance column to PathGraph.
 2024-02-09 12:58:09 +01:00
Ian Lynagh
1b91695934 Kotlin 2: Accept some location changes in library-tests/methods 2024-02-09 11:57:23 +00:00
Tom Hvitved
9785ce4936 C#: Actually cache module Cached 2024-02-09 12:29:56 +01:00
Max Schaefer
93990ec9df Merge pull request #15486 from github/java/update-mad-decls-after-triage-2024-01-31T11-16-45 
Java: Update MaD Declarations after Triage
 2024-02-09 11:18:17 +00:00
Mathias Vorreiter Pedersen
a42c845b32 Merge pull request #15559 from MathiasVP/fix-constness-type 
C++: Don't strip specifiers in `Node.getType`
 2024-02-09 11:00:13 +00:00
Anders Schack-Mulligen
4fcb90298d Dataflow: Add change note. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
088a0a54ba Python: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
817aa7655f Python: Remove redundant IncludePostUpdateFlow and PhaseDependentFlow application. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
0eaf117f37 Kotlin: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
7eb5e1833d C++: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
35a3aa0a09 Ruby: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
228a61ead3 Swift: Add empty provenance column to expected files. 2024-02-09 11:32:07 +01:00
Anders Schack-Mulligen
3b8af1e52a Go: Add empty provenance column to expected files. 2024-02-09 11:32:07 +01:00
Anders Schack-Mulligen
21a6520cd3 C#: Add empty provenance column to expected files. 2024-02-09 11:32:07 +01:00
Anders Schack-Mulligen
e9e445b2ba Java: Add empty provenance column to expected files. 2024-02-09 11:32:00 +01:00
Mathias Vorreiter Pedersen
dd3d70134c C++: Undo a change that wasn't actually necessary. 2024-02-09 10:28:24 +00:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
Joe Farebrother
f4b6a85a48 Fix typo in qldoc 2024-02-09 10:09:24 +00:00
Tony Torralba
4c0d535cc2 Merge pull request #12886 from atorralba/atorralba/java/path-injection-mad-sinks 
Java: Refactor path injection sinks
 2024-02-09 10:48:49 +01:00
Tamás Vajk
d46028f552 Merge pull request #15542 from tamasvajk/feature/relative-line-pragma 
C#: Try resolve relative paths in line mappings
 2024-02-09 10:36:53 +01:00
Max Schaefer
fb109672b3 Address more review feedback. 2024-02-09 09:21:30 +00:00
Tony Torralba
34f74869c8 Java: Add extension point and default sanitizer to Open Redirect query 2024-02-09 09:11:07 +01:00
Dave Bartolomeo
31cb308d4c Merge pull request #15560 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 09:42:26 -08:00
Dave Bartolomeo
331355d23f Fix accidental blank line 2024-02-08 12:26:46 -05:00
Dave Bartolomeo
ea004c44f2 Update CHANGELOG.md 
Fix accidental blank line
 2024-02-08 12:26:21 -05:00