hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 22:14:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
58,113 Commits 1,740 Branches 165 Tags
dbdb433957d8d10e791f857bb2f0de37480cc928
Commit Graph

58113 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
dbdb433957 Merge pull request #14058 from alexet/delete-or-delete-array 
CPP: Add parent class for delete and delete[]
 2023-08-29 09:38:07 +01:00
Michael Nebel
5f4861f72e Merge pull request #14069 from michaelnebel/csharp/nugetexe 
C#: Download `nuget.exe` in the dependency manager (if not present).
 2023-08-29 10:04:50 +02:00
Michael Nebel
5de8d9181d C#: Address review comments. 2023-08-29 09:33:11 +02:00
Jeroen Ketema
0d1fd88729 Merge pull request #14050 from jketema/inline-6 
Consolidate all `InlineFlowTest` libraries in the dataflow qlpack
 2023-08-29 09:30:35 +02:00
Dave Bartolomeo
3343b78015 Merge pull request #14074 from github/post-release-prep/codeql-cli-2.14.3 
Post-release preparation for codeql-cli-2.14.3
 2023-08-28 13:34:10 -04:00
github-actions[bot]
3eba77421a Post-release preparation for codeql-cli-2.14.3 2023-08-28 15:53:49 +00:00
Michael Nebel
e19c7758ed C#: Cleanup NugetPackages.cs. 2023-08-28 15:19:16 +02:00
Michael Nebel
6e4865ddd9 C#: Download nuget.exe to the source directory in case it is not installed. 2023-08-28 15:14:13 +02:00
Michael Nebel
b6c2ea520b C#: Some re-factoring of NugetPackages and logic for file downloading. 2023-08-28 15:14:13 +02:00
yoff
2e981e330b Merge pull request #14059 from RasmusWL/fix-loginjection-tests 
Python: Fix stdlib sinks in LogInjection query
 2023-08-28 14:44:51 +02:00
yoff
6e05246daa Merge pull request #13935 from yoff/python/mad-on-externals 
Python: MaD on externals
 2023-08-28 14:04:54 +02:00
Rasmus Wriedt Larsen
c807ab4216 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-08-28 14:04:22 +02:00
yoff
826b8e6aa5 Merge pull request #14067 from RasmusWL/modern-dataflowquerytests 
Python: Adopt tests to new `DataflowQueryTest`
 2023-08-28 13:54:34 +02:00
Michael Nebel
e7dbe9f289 Merge pull request #14028 from michaelnebel/csharp/dependencygetfiles 
C#: Improve GetFiles in the Dependency Manager.
 2023-08-28 12:53:28 +02:00
Rasmus Wriedt Larsen
38b78128c0 Merge pull request #13990 from RasmusWL/experimental-cleanup 
Python: Port old experimental points-to based queries
 2023-08-28 12:11:17 +02:00
Rasmus Wriedt Larsen
889cb7a95b Python: Adopt tests to new DataflowQueryTest 
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com>
 2023-08-28 11:44:01 +02:00
Rasmus Wriedt Larsen
9c44235782 Python: Modernize DataflowQueryTest.qll 
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com>
 2023-08-28 11:40:41 +02:00
Rasmus Wriedt Larsen
7cba6cd1d8 Python: Update .expected files 
Due to change in path-graph, and including LHS of assignments
 2023-08-28 11:33:44 +02:00
Rasmus Wriedt Larsen
0f242475f2 Merge branch 'main' into experimental-cleanup 2023-08-28 11:01:22 +02:00
Rasmus Wriedt Larsen
0dca8a5d86 Python: Remove old points-to modeling file 
Since all of this was ported already
 2023-08-28 10:40:45 +02:00
Rasmus Wriedt Larsen
39e2b133e9 Python: Fix naming 2023-08-28 10:40:33 +02:00
Alex Ford
9957e2683b Merge pull request #13313 from maikypedia/maikypedia/ldap-improper-auth 
Ruby: Add Improper LDAP Authentication query (CWE-287)
 2023-08-25 20:52:34 +01:00
Alexander Eyers-Taylor
ea2140dc7d Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-08-25 17:15:08 +01:00
Alex Eyers-Taylor
8badf10a53 CPP: Add change notes for changes to DeleteExpr/DeleteArrayExpr 2023-08-25 17:13:34 +01:00
Alex Ford
ae635c609f Ruby: autoformat 2023-08-25 17:11:07 +01:00
Rasmus Wriedt Larsen
bf9a0dab2a Python: Fix stdlib sinks in LogInjection query 2023-08-25 17:04:48 +02:00
Rasmus Wriedt Larsen
7852429df2 Python: Accept LogInjection .expected changes 
I don't know how this had gone unnoticed for so long, but I realized when I tried to run this query locally
 2023-08-25 17:04:40 +02:00
Alex Eyers-Taylor
d699201ad0 CPP: Add a test demonstating when a deallocator call exists. 2023-08-25 15:45:50 +01:00
Alex Eyers-Taylor
027ed5e909 CPP: Docs improvements to DeleteOrDeleteArrayExpr 2023-08-25 15:45:50 +01:00
Alex Eyers-Taylor
417b9c9a32 CPP: Use DeleteOrDeleteArrayExpr in another place. 2023-08-25 15:45:50 +01:00
Alex Eyers-Taylor
a3711e1df0 CPP: Replace getAllocatorCall with getDeallocator call. 2023-08-25 15:45:50 +01:00
Shati Patel
c5612ae522 Merge pull request #14051 from github/shati-patel/mrva-results-view 
Docs: Update screenshots of variant analysis results view
 2023-08-25 15:42:49 +01:00
Mathias Vorreiter Pedersen
68bccfdb93 Merge pull request #14013 from alexet/only-taint-argv-indirections 
CPP:Only taint argv indirections
 2023-08-25 15:19:51 +01:00
Michael Nebel
02b8adf717 C#: Address review comments and some light re-factoring. 2023-08-25 15:33:54 +02:00
Maiky
ffd618d6cc Revert "Add "" and nil as sources" 
This reverts commit 664c1eba72.
 2023-08-25 15:23:55 +02:00
Alex Eyers-Taylor
04f8ed6af0 CPP: Simplify code using DeleteOrDeleteArrayExpr 2023-08-25 13:57:16 +01:00
Alex Eyers-Taylor
c43ba456e5 CPP: Remove old DeleteOrDeleteArrayExpr from a query. 2023-08-25 13:57:16 +01:00
Alex Eyers-Taylor
4ca98bd6fd CPP: Add parent class for delete and delete[] 2023-08-25 13:57:16 +01:00
AlexDenisov
0fe7740dda Merge pull request #14052 from github/sashabu/swift-logging-compiler 
Swift: Route compiler diagnostics through our log.
 2023-08-25 14:47:24 +02:00
Alex Eyers-Taylor
1afcf8c8a8 Add changenotes. 2023-08-25 13:05:10 +01:00
Alex Eyers-Taylor
9f8fbf8a1a CPP: Update tests for argv change 2023-08-25 13:05:10 +01:00
Alex Eyers-Taylor
45ddb4832c CPP: Make wordexp take an indirect argument. 2023-08-25 13:05:10 +01:00
Alex Eyers-Taylor
a2f2b6c33f CPP:Only consider **argv as tainted. 2023-08-25 13:05:10 +01:00
Michael Nebel
61a523510e C#: Only use small files during file content reference analysis. 2023-08-25 14:04:52 +02:00
Michael Nebel
a81d982c90 C#: Fetch file info fewer times and make dependencies more clear. 2023-08-25 14:04:52 +02:00
Tony Torralba
6573b1f772 Merge pull request #14056 from atorralba/atorralba/java/jenkins-stapler-regenerate 
Java: Re-generate Jenkins and Stapler models
 2023-08-25 13:15:21 +02:00
Tom Hvitved
42fd9f0c54 Merge pull request #14047 from hvitved/dataflow/join-fix 
Data flow: Fix a bad join order
 2023-08-25 12:18:24 +02:00
Ian Lynagh
a7de0f96e2 Merge pull request #14049 from igfoo/igfoo/kot1.9.10 
Kotlin: We now support 1.9.10
 2023-08-25 11:11:14 +01:00
Rasmus Lerchedahl Petersen
ad49eada48 Python: Do not alter codeql-workspaces.yml 
And remove the qlpack referred to therein.
Instead we rename and duplicate the extesion file
that this qlpack pointed to.
These two extension files are kept in sync by `identical-files.json`.
 2023-08-25 11:46:41 +02:00
Tony Torralba
5367fb99d9 Manually update a couple of models affected by the nested name change 2023-08-25 11:25:40 +02:00