hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-11 09:49:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
80,625 Commits 1,756 Branches 167 Tags
db0fc7be5da321bb012da5ca594ea66510a4a807
Commit Graph

80625 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
db0fc7be5d Merge pull request #19881 from hvitved/rust/dataflow-traits 
Rust: Data flow through trait methods
 2025-06-27 08:55:48 +02:00
Jonas Jensen
b446fe74c2 Merge pull request #19846 from jbj/diff-informed-CleartextStorageCookie 
Java: Diff-informed CleartextStorageCookie.ql
 2025-06-27 08:45:11 +02:00
Kasper Svendsen
da1b99b921 Merge pull request #19779 from github/kaspersv/overlay-java-annotations 
Overlay: Add overlay annotations to Java & shared libraries
 2025-06-27 08:26:33 +02:00
Joe Farebrother
4cbaeb10e9 Merge pull request #19641 from joefarebrother/python-qual-file-not-closed 
Python: Improve performance of FileNotClosed query by using basic block reachability
 2025-06-26 23:35:38 +01:00
Jeroen Ketema
ec09d36667 Merge pull request #19832 from ebickle/feature/oracle-model 
C++:  Support SQL Injection sinks for Oracle Call Interface (OCI)
 2025-06-26 16:33:55 +02:00
Nicolas Will
0a97357216 Merge pull request #19814 from bdrodes/codescanning_fixes_cpp 
Crypto: Fix QL-for-QL alerts and refactor type standardization
 2025-06-26 16:33:19 +02:00
Eric Bickle
1142efbc03 Merge branch 'main' into feature/oracle-model 2025-06-26 06:48:40 -07:00
Eric Bickle
3083bdb0b4 C++: Update MaD line numbers in flow.expected 2025-06-26 06:47:24 -07:00
Tom Hvitved
9a48459951 Add change note 2025-06-26 15:14:08 +02:00
Nicolas Will
652e7ba15b Merge branch 'main' into codescanning_fixes_cpp 2025-06-26 14:54:36 +02:00
Nick Rolfe
5a176d6fbd Merge pull request #19878 from github/nickrolfe/ql-overlay 
Ruby/Rust/QL: simplify generation of overlay-related tables/predicates
 2025-06-26 08:10:10 -04:00
Kasper Svendsen
712e64e4a8 Overlay: Add overlay annotations to shared Guards library 2025-06-26 13:19:49 +02:00
Kasper Svendsen
9d2dd782d9 Merge remote-tracking branch 'github/main' into kaspersv/overlay-java-annotations 2025-06-26 13:18:25 +02:00
Jeroen Ketema
a5737dded3 Merge branch 'main' into feature/oracle-model 2025-06-26 12:48:55 +02:00
Tamás Vajk
ae36f94d5e Merge pull request #19844 from tamasvajk/tamasvajk/threadpoolexecutor 
Java: Add `java/javautilconcurrentscheduledthreadpoolexecutor` query for zero thread pool size
 2025-06-26 12:36:09 +02:00
Paolo Tranquilli
afc78ced50 Merge pull request #19874 from github/redsun82/codegen-use-one-test-file 
Codegen: use one generated test file per directory
 2025-06-26 11:59:40 +02:00
Anders Schack-Mulligen
321a4afd5c Merge pull request #19883 from aschackmull/java/fix-assert-cfg 
Java: Fix assert CFG by properly tagging the false successor.
 2025-06-26 11:43:27 +02:00
Tamas Vajk
1bd543a8a2 Improve readability of the ID 2025-06-26 11:36:32 +02:00
Tamás Vajk
1e0dd2a935 Apply suggestion from @michaelnebel 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2025-06-26 11:34:43 +02:00
Anders Schack-Mulligen
7750f1244c Merge pull request #19884 from aschackmull/guards/eqtest-refactor 
Guards: Refactor EqualityTest interface.
 2025-06-26 11:04:55 +02:00
Anders Schack-Mulligen
c091fc585b Java: Account for AssertionError possibly not being extracted. 2025-06-26 11:03:59 +02:00
Anders Schack-Mulligen
326f2b0498 Java: Accept qltest change showing FP removal. 2025-06-26 11:03:39 +02:00
Anders Schack-Mulligen
f07d9dda39 Guards: Refactor EqualityTest interface. 2025-06-26 10:26:40 +02:00
Jeroen Ketema
b16e710d3b Merge pull request #19870 from jketema/jketema/stats 
C++: Update stats file after DCA and extractor changes
 2025-06-26 10:21:35 +02:00
Anders Schack-Mulligen
1d4c8197ec Java: Fix assert CFG by properly tagging the false successor. 2025-06-26 10:18:14 +02:00
Jonas Jensen
fc2b18ae8a Java: Diff-informed CleartextStorageCookie.ql 
This query shares implementation with several other queries about
cleartext storage, but it's the only one of them that's in the
code-scanning suite. The sharing mechanism remains the same as before,
but now each query has to override `getASelectedLocation` to become
diff-informed.

Two other data-flow configurations are used in this query, but they
can't easily be made diff-informed.
 2025-06-26 09:31:11 +02:00
Anders Schack-Mulligen
4d2c67857f Merge pull request #19573 from aschackmull/guardslib 
Shared/Java: Add shared Guards library and switch Java to use it.
 2025-06-26 09:28:32 +02:00
Anders Schack-Mulligen
6f4adb8892 Shared: address review comments. 2025-06-26 07:17:37 +02:00
Anders Schack-Mulligen
5ddddaecdc Java: Add change note. 2025-06-26 07:17:36 +02:00
Anders Schack-Mulligen
4645856f09 Java: document FP 2025-06-26 07:17:36 +02:00
Anders Schack-Mulligen
73810a6d85 Java: Fix perf issue. 2025-06-26 07:17:35 +02:00
Anders Schack-Mulligen
5a34a1a51b Shared: Try caching. 2025-06-26 07:17:35 +02:00
Anders Schack-Mulligen
d4c897f8e2 Java: Fix perf issue. 2025-06-26 07:17:35 +02:00
Anders Schack-Mulligen
42b1b12aa1 Java: Fix qltests 2025-06-26 07:17:34 +02:00
Anders Schack-Mulligen
5c0dcd980d Java: Switch to the shared Guards library. 2025-06-26 07:17:34 +02:00
Anders Schack-Mulligen
cc13193cb6 Java: Replace some references to basicNullGuard. 2025-06-26 07:17:33 +02:00
Anders Schack-Mulligen
0607fefc57 Java: Refactor integerGuard. 2025-06-26 07:17:33 +02:00
Anders Schack-Mulligen
a2778eee75 Java: Refactor clearlyNotNullExpr into a base case that does not rely on SSA. 2025-06-26 07:17:32 +02:00
Anders Schack-Mulligen
22d5dc999a Shared: Bugfix for unique value implication. 2025-06-26 07:17:32 +02:00
Anders Schack-Mulligen
378209a6ad Shared: Simplify and improve joins. 2025-06-26 07:17:31 +02:00
Anders Schack-Mulligen
b19bff9a4e Shared: Switch case guards to be the case statements. 2025-06-26 07:17:31 +02:00
Anders Schack-Mulligen
f772493f4c Shared: Elaborate qldoc. 2025-06-26 07:17:31 +02:00
Anders Schack-Mulligen
73ae613b7a Shared: Many tweaks to Guards. 2025-06-26 07:17:30 +02:00
Anders Schack-Mulligen
c212d0ac8f Shared: Improve shared guards lib. 2025-06-26 07:17:30 +02:00
Anders Schack-Mulligen
16c5b57953 Shared: Extend the shared Guards library with support for exception branch points. 2025-06-26 07:17:29 +02:00
Anders Schack-Mulligen
14b87f97b9 Shared: Extend the shared Guards library with support for custom wrappers. 2025-06-26 07:17:29 +02:00
Anders Schack-Mulligen
1d75008eba Shared: Add a shared Guards library inspired by the Java and C# versions. 2025-06-26 07:17:28 +02:00
Anders Schack-Mulligen
994c1f6427 Java: Add hasInputFromBlock predicate in BaseSSA. 2025-06-26 07:17:28 +02:00
Anders Schack-Mulligen
a0c849139c Java: Add guards-logic qltest with inline expectation. 2025-06-26 07:17:28 +02:00
Jami
aa65f54b1d Merge pull request #19882 from owen-mc/go/avoid-deprecated-class 
Go: Avoid using deprecated class
 2025-06-25 21:16:08 -04:00