hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-10 13:10:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
70,580 Commits 1,679 Branches 158 Tags
dcb75f490fd3683c898d3ad05802cf8003aa689d
Commit Graph

70580 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Calum Grant
dcb75f490f Update cpp/ql/src/change-notes/2024-09-26-wrong-number-format-arguments 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-09-26 13:05:06 +01:00
Calum Grant
8045440d00 Update cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-09-26 13:04:52 +01:00
Calum Grant
9b5c9af489 C++: Add change note 2024-09-26 09:31:45 +01:00
Calum Grant
7f2d485ae9 C++: Update comment 2024-09-26 09:31:43 +01:00
Calum Grant
c2871f4def Update cpp/ql/lib/semmle/code/cpp/Function.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-09-26 09:31:42 +01:00
Calum Grant
4a14a3cacb Update cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-09-26 09:31:40 +01:00
Calum Grant
0ad2e193e5 C++: Update test case 2024-09-26 09:31:18 +01:00
Calum Grant
31684d2548 C++: Remove FPs in cpp/wrong-number-format-arguments due to BMN 2024-09-26 09:27:59 +01:00
Calum Grant
6a0212ea44 C++: Add regression test 2024-09-26 09:27:51 +01:00
Michael Nebel
297d32180c Merge pull request #17582 from michaelnebel/csharp/attributecollectionsinks 
C#: `AttributeCollection` is no longer considered a HTML sink.
 2024-09-26 09:17:31 +02:00
Ian Lynagh
a9ecb26885 Merge pull request #17555 from igfoo/igfoo/kotlin2.1 
Add support for Kotlin 2.1.0-Beta1
 2024-09-25 16:25:55 +01:00
Erik Krogh Kristensen
6a184e0c2e Merge pull request #17587 from 5idg5/users/js-dom-xss-tst-file-id-conflict-fix 
Resolve id conflict with XssWithAdditionalSources.ql
 2024-09-25 17:06:20 +02:00
Michael Nebel
1dcc6ac2b1 C#: Address review comments. 2024-09-25 17:06:19 +02:00
Jeroen Ketema
0520fc2d9f Merge pull request #17583 from jketema/rm-inline 
C++: Remove `inline` pragma from sink
 2024-09-25 16:30:30 +02:00
Ian Lynagh
a6fce19b0c Kotlin: Fix build with 2.1.0-Beta1 2024-09-25 15:23:35 +01:00
Ian Lynagh
5a03c35e9c Kotlin: Add 2.1.0-Beta1 2024-09-25 15:23:34 +01:00
Ian Lynagh
f193084f9f Kotlin: Add 2.1.0-Beta1 jars 2024-09-25 15:23:33 +01:00
Ian Lynagh
a8cad4963e Kotlin: 2.1.0 is supported 2024-09-25 15:23:31 +01:00
Sid Gawri
e8c68fff7f resolve id conflict with dom based xss test ql 2024-09-25 10:01:59 -04:00
Felicity Chapman
85cc596041 Merge pull request #17586 from github/felicitymay-patch-1 
Fix link to change logs on landing page
 2024-09-25 14:40:56 +01:00
Jeroen Ketema
7289476c80 Merge pull request #17576 from jketema/formatting 
C++: Do not wrap quoted text to the next line
 2024-09-25 15:32:16 +02:00
Felicity Chapman
53e33d3ef3 Fix link to change logs on landing page 2024-09-25 14:28:09 +01:00
Felicity Chapman
0baa9e9ac1 Merge pull request #17580 from github/felicitymay-fix-dropdown-links 
Revert changes that made the links in the drop-down on CodeQL docs site relative
 2024-09-25 14:16:14 +01:00
Tom Hvitved
90869ec96a Merge pull request #17558 from hvitved/rust/cfg-consistency-queries 
Rust: Enable CFG consistency checks
 2024-09-25 15:14:44 +02:00
Tom Hvitved
79620c1a89 Address review comment 2024-09-25 14:18:44 +02:00
Michael Nebel
af80797eda C#: Add change note. 2024-09-25 14:13:06 +02:00
Michael Nebel
e89a47f2f5 C#: Update XSS expected test output. 2024-09-25 14:13:03 +02:00
Michael Nebel
d00e27916d C#: No longer consider attribute collections as HTML sinks. 2024-09-25 14:12:59 +02:00
Michael Nebel
28c48fb471 C#: Add Xss attribute collection test example and update expected output. 2024-09-25 14:12:55 +02:00
Jeroen Ketema
0ee1383732 C++: Remove inline pragma from sink 2024-09-25 14:04:31 +02:00
Anders Schack-Mulligen
cc63abf0af Merge pull request #17578 from aschackmull/cpp/fix-inline-sink2 
Cpp: Replace sink inlining with a forward scan from source.
 2024-09-25 13:54:48 +02:00
Arthur Baars
f57dd0a596 Merge pull request #17552 from github/aibaars/diagnostics 
Rust: extract parse errors as diagnostics
 2024-09-25 13:15:24 +02:00
Felicity Chapman
329c3c7c56 Make links in drop-down absolute 2024-09-25 10:59:22 +01:00
Owen Mansel-Chan
0ae10ece39 Merge pull request #17571 from jsoref/issue-17570 
Downgrade IncorrectIntegerConversionQuery precision to high
 2024-09-25 09:58:43 +01:00
Tom Hvitved
cbc2389493 Rust: Accept CFG inconsistencies 2024-09-25 10:56:46 +02:00
Tom Hvitved
d299380a5a Rust: Enable CFG consistency checks 2024-09-25 10:56:44 +02:00
Tom Hvitved
f428fdc57c Rust: Run codegen 2024-09-25 10:55:18 +02:00
Tom Hvitved
8c956e8276 Rust: Add LogicalOperation.qll 2024-09-25 10:55:16 +02:00
Tom Hvitved
3bd5c6e445 Rust: Implement {BinaryExpr,PrefixExpr}.toString() 2024-09-25 10:55:15 +02:00
Tom Hvitved
1fb9835f23 Merge pull request #17557 from hvitved/rust/cfg-improvements 
Rust: CFG improvements
 2024-09-25 10:54:49 +02:00
Anders Schack-Mulligen
3a1b618a74 Cpp: Replace sink inlining with a forward scan from source. 2024-09-25 10:28:23 +02:00
Jeroen Ketema
29061a08ad C++: Do not wrap quoted text to the next line 
Wrapping breaks the highlighting in VSCode, making the QLDoc
difficult to read.
 2024-09-25 09:43:05 +02:00
Tom Hvitved
6e493f2baa Address review comments 2024-09-25 09:09:29 +02:00
Josh Soref
a9e07a88af Downgrade IncorrectIntegerConversionQuery precision to high 
`very-high` implies near 0 false positives and we have run into a number and an entire class

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2024-09-24 22:08:00 -04:00
Chris Smowton
590e93d8ed Merge pull request #17360 from smowton/smowton/admin/go-function-pretty-printer 
Go: Expose whether functions are variadic in their pp() output
 2024-09-24 21:47:50 +01:00
Arthur Baars
5714811071 Rust: fix panic when the last character in a range is multi-byte 2024-09-24 19:26:02 +02:00
Chris Smowton
d673d24ca6 Revise notation to more closely resemble real Go 2024-09-24 17:22:26 +01:00
Chris Smowton
11755482e4 Update test expectation (now signature types pretty-print indicating if they are variadic) 2024-09-24 17:18:10 +01:00
Chris Smowton
40035a0b62 Improve pretty-printer 2024-09-24 17:18:09 +01:00
Chris Smowton
4d3a140dd7 Expose whether functions are variadic in their pp() output 2024-09-24 17:18:08 +01:00