hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,288 Commits 1,673 Branches 157 Tags
dd1dbdf4ec9e7682d91c3478ca883cd461cf4da7
Commit Graph

509 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
699dddcfbe Merge pull request #15725 from aschackmull/dataflow/summary-join-fix 
Dataflow: Prevent bad join in FlowSummaryImpl::Private::Steps::summaryLocalStep.
 2024-02-27 10:32:38 +01:00
Tom Hvitved
bbeee8f38d Merge pull request #15717 from hvitved/csharp/view-cfg 
Shared `View CFG` implementation
 2024-02-27 09:13:18 +01:00
Anders Schack-Mulligen
20bb631456 Dataflow: Prevent bad join. 2024-02-26 13:45:19 +01:00
Tom Hvitved
5b6e76c030 Move View CFG implementation from Ruby/Swift into shared library 2024-02-26 11:23:49 +01:00
Rasmus Wriedt Larsen
07223031e8 Merge branch 'main' into lgtm_index_filter_handling 2024-02-26 09:56:02 +01:00
Tom Hvitved
2683e40038 Merge pull request #15708 from hvitved/share-ide-contextual 
Share `getFileBySourceArchiveName` implementation
 2024-02-23 19:56:33 +01:00
Erik Krogh Kristensen
a0f91fbc15 Merge pull request #15706 from erik-krogh/pol-reg 
ReDoS: Restrict some edges related to upper/lower-case when constructing possible attack strings for polynomial-redos.
 2024-02-23 12:06:17 +01:00
Tom Hvitved
62b16c0fa3 Share getFileBySourceArchiveName implementation 2024-02-23 11:25:49 +01:00
erik-krogh
e74e5b3613 try to restrict the edges we follow (related to upper/lower-case) when contructing possible attack-strings for polynomial-redos 2024-02-22 13:15:17 +01:00
Tom Hvitved
ebee35b385 Ruby: No fieldFlowBranchLimit for SummarizedCallables 2024-02-22 10:27:25 +01:00
Anders Schack-Mulligen
71f8ccf45f Merge pull request #15654 from aschackmull/java/static-init-vec-query-perf 
Java: Switch helper flow from Global to SimpleGlobal in StaticInitializationVectorQuery.
 2024-02-21 10:51:16 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Anders Schack-Mulligen
5a348a5048 Dataflow: SimpleGlobal / Typetracker perf fix. 2024-02-20 14:40:28 +01:00
Tony Torralba
1704bfe2bf Merge pull request #15585 from atorralba/atorralba/go/promote-jwt-unsafe-verification 
Go: Promote `go/missing-jwt-signature-check` from experimental
 2024-02-19 15:35:44 +01:00
Anders Schack-Mulligen
2fa8c2f992 Merge pull request #15634 from aschackmull/dataflow/simpleglobal-fixreads 
Dataflow: Bugfix for field reads in SimpleGlobal.
 2024-02-19 14:02:38 +01:00
Anders Schack-Mulligen
53801e8efb Dataflow: Bugfix for field reads in SimpleGlobal. 2024-02-16 14:00:04 +01:00
Anders Schack-Mulligen
03f7968dbf Dataflow: Fix flow-feature bug. 2024-02-16 11:38:30 +01:00
Tony Torralba
551875cb5a Add 'jwt' as valid sink kind 2024-02-14 17:25:08 +01:00
Anders Schack-Mulligen
393251dde6 Merge pull request #15582 from hvitved/dataflow/cache-viable-callable-ext 
Data flow: Cache `viableCallableExt`
 2024-02-14 10:31:43 +01:00
Tom Hvitved
bc8761c51b Data flow: Cache viableCallableExt 2024-02-13 14:12:50 +01:00
Asger F
faefa056eb Merge pull request #15507 from asgerf/shared/outbarrier-bugfix 
Shared: fix a bug in stateful outbarriers
 2024-02-12 21:44:49 +01:00
Nick Rolfe
b2ee5808f0 Merge pull request #15496 from github/nickrolfe/loc-fresh-ids 
Tree-sitter extractors: use fresh IDs for locations
 2024-02-12 09:54:09 +00:00
Tom Hvitved
1ea7717714 Capture flow: Take overwrites in nested scopes into account 2024-02-09 14:49:23 +01:00
Anders Schack-Mulligen
4fcb90298d Dataflow: Add change note. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Nick Rolfe
514a92d5bd Tree-sitter extractors: use fresh IDs for locations 
Since locations for any given source file are never referenced in any
TRAP files besides the one for that particular source file, it's not
necessary to use global IDs. Using fresh IDs will reduce the size of the
ID pool (both on disk and in memory) and the speed of multi-threaded
TRAP import.

The one exception is the empty location, which still uses a global ID.
 2024-02-02 15:06:10 +00:00
Joe Farebrother
031bd8bd0c Merge pull request #15281 from joefarebrother/android-sensitive-ui-notif 
Java: Add query for exposure of sensitive information to android notifiactions
 2024-01-26 16:42:55 +00:00
Asger F
f15ead6130 Shared: check stateful outBarrier as part of pathStep SCC 2024-01-26 11:14:23 +01:00
Asger F
d1310c74fc Shared: remove old stateful outBarrier check 2024-01-26 11:14:23 +01:00
Mathias Vorreiter Pedersen
2db76c7fad Merge pull request #15434 from MathiasVP/fix-dataflow-join-order 
DataFlow: Fix join order
 2024-01-25 16:32:14 +00:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
erik-krogh
396da117bb remove an FP in overly-large-range for [@-Z] 2024-01-25 14:15:06 +01:00
Mathias Vorreiter Pedersen
db929ccf9b DataFlow: Fix join order. 2024-01-25 12:51:35 +00:00
github-actions[bot]
d0b74c00fe Post-release preparation for codeql-cli-2.16.1 2024-01-23 23:02:29 +00:00
github-actions[bot]
7ef611e6dc Release preparation for version 2.16.1 2024-01-23 19:45:16 +00:00
Joe Farebrother
0acb647e7d Fix tests and add notification sink kind to model verification 2024-01-23 09:51:41 +00:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Rasmus Wriedt Larsen
f20d4e22fe Handle only exclude 2024-01-18 13:54:45 +01:00
Rasmus Wriedt Larsen
54c7c5e8be Tree sitter extractor: Proper handling of LGTM_INDEX_FILTERS 
If someone had used `LGTM_INDEX_FILTERS=exclude:**/*\ninclude:*.rb`
before, we would have mistakenly excluded all files :|
(LGTM_INDEX_FILTERS is a prioritized list where later matches take
priority over earlier ones)

This change is needed to support adding `exclude:**/*` as the first
filter if `paths` include a glob, which currently causes bad behavior in
the Python extractor. However, we can first introduce that change once
this PR has been merged.

I realize this change can cause more folders and files to be traversed
(since they are not just skipped with --exclude). We plan to make a
better long term fix which should bring back the previous performance.
 2024-01-18 11:44:31 +01:00
Calum Grant
4660a25d44 Merge pull request #15354 from github/calumgrant/shared-diagnostics 
C++/Swift: Create shared library and share Diagnostics
 2024-01-17 15:40:12 +00:00
Calum Grant
d57fc3d7db C++: Remove unneeded includes 2024-01-17 14:34:28 +00:00
Calum Grant
51c5afff8b Create shared/cpp library and move Diagnostics there 2024-01-17 14:23:18 +00:00
erik-krogh
1a8a70dc1b mark the range [0-?] as good in the overly-large-range query 2024-01-17 13:11:57 +01:00
Alexander Eyers-Taylor
934474681d Merge pull request #15254 from github/post-release-prep/codeql-cli-2.16.0 
Post-release preparation for codeql-cli-2.16.0
 2024-01-16 14:50:40 +00:00
github-actions[bot]
57df8b92df Post-release preparation for codeql-cli-2.16.0 2024-01-15 15:00:50 +00:00
Tom Hvitved
295198744b Ruby: Handle captured yield calls 2024-01-10 14:25:15 +01:00