hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 22:44:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,489 Commits 1,679 Branches 158 Tags
d9c7401ea2e4dc008ea014de7828a29237252099
Commit Graph

66489 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
d9c7401ea2 Java: Deprecate the local content of UrlRedirectLocalQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
ed7538d0b9 Java: Deprecate the local content of TaintedPathQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
5b89bd23c7 Java: Deprecate the content of SqlTaintedLocalQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
b68abab12a Java: Deprecate the content of ResponseSplittingLocalQuery and remove local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
d05c5e3d94 Java: Deprecate the content of NumericCastTaintedLocalQuery, remove the local query variant and update the non-local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
301a6cc191 Java: Deprecate the content of ImproperValidationOrArray and remove local query variants. 2024-05-01 13:07:21 +02:00
Michael Nebel
acd0fa4b7b Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
85a4dd0325 Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant. 2024-05-01 13:07:20 +02:00
Michael Nebel
072f19008a Java: Deprecate the content of ArithmeticTaintedLocalQuery and remove the arithmetic tainted local query variant. 2024-05-01 08:59:51 +02:00
Michael Nebel
93988e5834 Java: Deprecate the content of XxeLocalQuery and remove the Xxe local query variant. 2024-05-01 08:59:50 +02:00
Michael Nebel
e0c2a43780 Java: Deprecate the content of XssLocalQuery and remove the Xss local query variant. 2024-05-01 08:59:50 +02:00
Mathias Vorreiter Pedersen
3a2b0a2feb Merge pull request #16366 from MathiasVP/fix-ir-for-destructors-in-switch 
C++: Fix IR destructor calls on `JumpStmt`s
 2024-04-30 18:26:54 +01:00
Mathias Vorreiter Pedersen
07dd6d5c8d C++: Align 'break' statements. 2024-04-30 16:40:23 +01:00
Mathias Vorreiter Pedersen
b86aeb68ae Merge pull request #16364 from MathiasVP/ir-guards-with-boolean 
C++: Support `IRGuard`s with no implicit boolean conversion
 2024-04-30 16:07:32 +01:00
Mathias Vorreiter Pedersen
cf025e1924 C++: Accept test changes. 2024-04-30 15:47:53 +01:00
Mathias Vorreiter Pedersen
a200ced2d6 C++: Fix IR generation for jump statements. 2024-04-30 15:46:46 +01:00
Mathias Vorreiter Pedersen
c04e59611b Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental 
C++: Promote `cpp/iterator-to-expired-container` out of experimental
 2024-04-30 15:45:56 +01:00
Mathias Vorreiter Pedersen
c5a87c95d8 C++: Add tests that incorrectly call destructors twice. 2024-04-30 15:39:00 +01:00
Henry Mercer
797f675285 Merge pull request #16365 from github/post-release-prep/codeql-cli-2.17.2 
Post-release preparation for codeql-cli-2.17.2
 2024-04-30 14:51:01 +01:00
Mathias Vorreiter Pedersen
c32c810ae7 C++: Add a test with a 'short' type. 2024-04-30 14:48:21 +01:00
Mathias Vorreiter Pedersen
32fe084630 Update cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-04-30 14:42:30 +01:00
Ian Lynagh
0715c4ac5a Merge pull request #16341 from igfoo/igfoo/ODASA_BUILD_ERROR_DIR 
Java: Remove support for deprecated ODASA_BUILD_ERROR_DIR env var
 2024-04-30 13:18:51 +01:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
Rasmus Wriedt Larsen
377c6b4cc8 Merge pull request #12557 from felickz/patch-1 
add  security-severity score to code scanning query list
 2024-04-30 13:48:22 +02:00
Mathias Vorreiter Pedersen
2939c89f7a C++: Accept test changes. 2024-04-30 12:04:42 +01:00
Mathias Vorreiter Pedersen
bb6cc92728 C++: Support guards without implicit boolean conversions. 2024-04-30 12:04:35 +01:00
Mathias Vorreiter Pedersen
d736426529 C++: Support guards without implicit boolean conversions. 2024-04-30 11:45:58 +01:00
Mathias Vorreiter Pedersen
806d42852c C++: Add test in C file with pointer type guard. 2024-04-30 11:33:22 +01:00
Henry Mercer
8e251ee54f Merge pull request #16363 from github/release-prep/2.17.2 
Release preparation for version 2.17.2
codeql-cli/v2.17.2 		2024-04-30 11:29:06 +01:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Geoffrey White
7d9f78b2de Merge pull request #16328 from geoffw0/pathinj 
C++: Reduce duplication from cpp/path-injection
 2024-04-30 10:06:40 +01:00
Erik Krogh Kristensen
7e839792da Merge pull request #16330 from erik-krogh/del-deps-apr-2024 
All: delete outdated deprecations
 2024-04-30 10:43:39 +02:00
Paolo Tranquilli
98106f31c1 Merge pull request #16358 from github/redsun82/registry-override 
Bazel: add empty registry override
 2024-04-30 09:09:46 +02:00
Ian Lynagh
676bcf39a5 Java: Remove support for deprecated ODASA_BUILD_ERROR_DIR env var 2024-04-29 18:02:28 +01:00
Paolo Tranquilli
a28f87fff0 Bazel: add empty registry override 
This will unblock work in parallel on two separate PRs that require
patching different modules.
 2024-04-29 18:01:09 +02:00
Mathias Vorreiter Pedersen
94364f724e C++: Remove CP between all sinks and all states in 'cpp/iterator-to-expired-container'. 2024-04-29 16:46:00 +01:00
Harry Maclean
607ed2efb4 Merge pull request #16354 from hmac/hmac-incomplete-hostname-fp 
Ruby: Reduce FPs for rb/incomplete-hostname-regexp
 2024-04-29 14:40:44 +01:00
Michael Nebel
a304e2d8d6 Merge pull request #16248 from michaelnebel/csharp/groupsprojectbeforerestore 
C#: Restore projects and collect dependencies for projects in the same folder sequentially.
 2024-04-29 14:05:40 +02:00
yoff
1c611fecde Merge pull request #16155 from yoff/python/MaD-method-arg-tests 2024-04-29 12:59:57 +02:00
Harry Maclean
51bc8e917e Ruby: Reduce FPs for rb/incomplete-hostname-regexp 
Arguments in calls to `match[?]` should only be considered regular
expression interpretations if the `match` refers to the standard library
method, not a method in source code.
 2024-04-29 11:19:34 +01:00
Mathias Vorreiter Pedersen
0fa5a1f274 C++: Add change note. 2024-04-29 11:17:53 +01:00
Mathias Vorreiter Pedersen
5c454bdd8c C++: Compute and add severity. 2024-04-29 11:09:42 +01:00
Mathias Vorreiter Pedersen
f194c70e8a C++: Set precision to medium. 2024-04-29 11:08:08 +01:00
Mathias Vorreiter Pedersen
179270ffc1 C++: Move 'cpp/iterator-to-expired-container' out of experimental. 2024-04-29 11:07:55 +01:00
Harry Maclean
8ccedd658a Merge pull request #16349 from hmac/hmac-uri-open 
Ruby: Add URI.open example to rb/kernel-open qhelp
 2024-04-29 09:42:39 +01:00
Michael Nebel
d62e888b86 C#: Code quality improvements. 2024-04-29 09:27:12 +02:00
Harry Maclean
8b23f6db10 Ruby: Add URI.open example to rb/kernel-open qhelp 2024-04-27 09:53:54 +01:00
Mathias Vorreiter Pedersen
3c2206728d Merge pull request #16333 from MathiasVP/fix-guards-on-pointers 2024-04-26 21:33:08 +01:00
Jeroen Ketema
8c87cb83bb Merge pull request #16342 from jketema/destructors-cleanup 
C++: Don't emit destructor calls as part of 'TranslatedResultCopy' as this has already been done in some other 'TranslatedExpr'.
 2024-04-26 22:05:00 +02:00
Mathias Vorreiter Pedersen
c9ce642e7a Merge pull request #16339 from MathiasVP/one-less-stage 
C++: Remove a stage by properly caching `getResultIRType`
 2024-04-26 16:52:16 +01:00