hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
61,115 Commits 1,741 Branches 165 Tags
dd1e71ace99bcaf7d2316bbb6d2e7d0853a068a5
Commit Graph

61115 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
dd1e71ace9 update the JS change notes to mention security severity instead of just severity 2023-11-23 10:28:22 +01:00
Jeroen Ketema
257fe1ad6b Merge pull request #14801 from jketema/rewrite-tainted-format-string 
C++: Rewrite `cpp/tainted-format-string` away from `DefaultTaintTracking`
 2023-11-22 17:55:36 +01:00
Pierre
98ddbe0d83 Merge pull request #14880 from github/geoffw0-patch-2 2023-11-22 17:31:44 +01:00
Geoffrey White
bcf76b1ac0 Update change note 0.3.3.md 
Update original change note in line with the change here: https://github.com/github/codeql/pull/14876#discussion_r1402142306
 2023-11-22 16:20:05 +00:00
Jeroen Ketema
1fbe23228e C++: Update test to reflect updated test results 2023-11-22 16:49:13 +01:00
Jeroen Ketema
bb1945f899 C++: Rewrite cpp/tainted-format-string away from DefaultTaintTracking 2023-11-22 16:49:13 +01:00
Arthur Baars
29c950035d Merge pull request #14877 from github/post-release-prep/codeql-cli-2.15.3 
Post-release preparation for codeql-cli-2.15.3
 2023-11-22 16:39:09 +01:00
Ian Lynagh
1f2d9dc95c Merge pull request #14862 from igfoo/igfoo/test-kotlin1 
Kotlin: Move tests from test/kotlin to test-kotlin1
 2023-11-22 14:45:13 +00:00
github-actions[bot]
0783758bd1 Post-release preparation for codeql-cli-2.15.3 2023-11-22 14:20:26 +00:00
Tom Hvitved
979bcf4ef3 Merge pull request #14868 from hvitved/ssa/locations 
SSA: Add locations to ease debugging
 2023-11-22 13:26:41 +01:00
Ian Lynagh
3dee16c50c Merge pull request #14860 from igfoo/igfoo/isFake 
Kotlin 2: isFake is currently broken, so assume not fake for now
 2023-11-22 11:07:04 +00:00
Rasmus Wriedt Larsen
30891ca4aa Merge pull request #14861 from yoff/python/demonstrate-def-use-explosion 
Python: test demonstrating the need for phi nodes
 2023-11-22 09:57:10 +01:00
Tamás Vajk
ace633cb1d Merge pull request #14855 from tamasvajk/standalone/logMessageSink 
C#: Tolerate missing call targets in LogMessageSink
 2023-11-22 08:37:53 +01:00
Tom Hvitved
1a6886cf99 SSA: Add locations to ease debugging 2023-11-22 08:37:02 +01:00
Ian Lynagh
45bbcccd1a Kotlin: Copy TestUtilities into the kotlin testsuites 2023-11-21 17:16:54 +00:00
Ian Lynagh
7ba199a8c3 Kotlin: Update CODEOWNERS 2023-11-21 16:19:09 +00:00
Rasmus Lerchedahl Petersen
d288c4a709 Python: rename folder 2023-11-21 16:48:41 +01:00
yoff
4f7fde7b87 Merge pull request #14858 from yoff/python/demonstrate-use-use-explosion 
Python: Test demonstrating the need for phi-read-nodes
 2023-11-21 16:44:11 +01:00
Ian Lynagh
1fb19191ba Kotlin: Add a qlpack.yml to the test-kotlin1 tests 2023-11-21 15:31:18 +00:00
Ian Lynagh
f48cc1a526 Kotlin: Move tests from test/kotlin to test-kotlin1 
Matches test-kotlin2
 2023-11-21 15:28:12 +00:00
Rasmus Lerchedahl Petersen
c552bc5eb1 Python: fix test output 2023-11-21 15:48:22 +01:00
Rasmus Lerchedahl Petersen
077e51c6c6 Python: fix test output 2023-11-21 15:47:18 +01:00
Rasmus Lerchedahl Petersen
4857960f72 Python: test demonstrating the need for phi nodes 
or a dataflow node playing that role, at least.
 2023-11-21 15:40:05 +01:00
Ian Lynagh
1998e29639 Kotlin 2: isFake is currently broken, so assume not fake for now 
We'll want to find a Kotlin-2-compatible replacement for this.
 2023-11-21 14:37:53 +00:00
Ian Lynagh
6bd269502f Kotlin: Pull out a tryIsHiddenToOvercomeSignatureClash method 2023-11-21 14:36:10 +00:00
Max Schaefer
2c5ce3216e Merge pull request #14846 from github/max-schaefer/js/path-injection 
Update qhelp for js/path-injection.
 2023-11-21 13:50:41 +00:00
Rasmus Lerchedahl Petersen
f138fc0d2d Python: Test demonstrating need for phi-read-nodes 
Or for a data flow node filling that role, at least.
 2023-11-21 13:54:02 +01:00
Ian Lynagh
08383eaea5 Merge pull request #14837 from igfoo/igfoo/owners 
Kotlin: Add more CODEOWNERS entries
 2023-11-21 12:25:17 +00:00
Ian Lynagh
2c2dccabe9 Merge pull request #14833 from igfoo/igfoo/kot2tests 
Kotlin: Add a kotlin2 copy of the testsuite
 2023-11-21 12:24:49 +00:00
Owen Mansel-Chan
d26dc68baa Merge pull request #14798 from owen-mc/go/improve-value-flow-through-slice-exprs 
Go: model value flow with array content through slice expressions
 2023-11-21 11:50:08 +00:00
Ian Lynagh
0668b71538 Merge pull request #14831 from igfoo/igfoo/kot2 
Kotlin: Add 2.0.0-Beta1
 2023-11-21 10:35:12 +00:00
Max Schaefer
dfffa1e237 Apply suggestions from code review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-11-21 10:07:11 +00:00
Michael Nebel
d8e7c9c986 Merge pull request #14767 from michaelnebel/csharp/projectframeworkassets 
C#: Framework dependency detection.
 2023-11-21 10:55:30 +01:00
Tamas Vajk
253c658ad2 C#: Tolerate missing call targets in LogMessageSink 2023-11-21 10:13:18 +01:00
Tamas Vajk
f0e20fa69e C#: Add test case for missing log message sinks with ambiguous types 2023-11-21 10:09:05 +01:00
Erik Krogh Kristensen
7263d4d650 Merge pull request #14510 from aibaars/ts53-ts 
JS: update typescript extractor to use 5.3 .
 2023-11-21 09:10:43 +01:00
erik-krogh
5611a3e417 use exact version 2023-11-20 20:48:51 +01:00
erik-krogh
10b3efa667 update to the stable version of TypeScript 5.3 2023-11-20 20:32:24 +01:00
erik-krogh
dde9a7cd7e Merge branch 'main' into ts53-ts 2023-11-20 20:31:00 +01:00
Mathias Vorreiter Pedersen
75f860595a Merge pull request #14838 from MathiasVP/no-dtt-in-arithmetic-with-extreme-values 
C++: Convert `cpp/arithmetic-with-extreme-values` away from `DefaultTaintTracking`
 2023-11-20 16:39:58 +00:00
Rasmus Wriedt Larsen
c8301fc5f0 Merge pull request #14851 from RasmusWL/variable-caputre-list-comprehension 
Python: Add test for variable reference in list comprehension
 2023-11-20 17:10:34 +01:00
Ian Lynagh
95de7495d1 Kotlin: Fix build with 2.0.0-Beta1 2023-11-20 16:08:02 +00:00
Ian Lynagh
72bafd86df Kotlin: Tweak the regex we use to find the installed Kotlin version 2023-11-20 16:08:02 +00:00
Ian Lynagh
452b68c0ca Kotlin: Add 2.0.0-Beta1 to versions 2023-11-20 16:08:02 +00:00
Rasmus Wriedt Larsen
db1499d5b0 Python: Add test for variable reference in list comprehension 2023-11-20 16:41:34 +01:00
Max Schaefer
b5c92408f4 Merge pull request #14845 from github/max-schaefer/minor 
Automodel: Fix a few nits.
 2023-11-20 15:24:45 +00:00
Tom Hvitved
620e8dcb37 Merge pull request #14787 from hvitved/ruby/prune-dataflow-nodes 
Ruby: Prune irrelevant data flow nodes and edges
 2023-11-20 16:03:00 +01:00
Taus
5b4a8884b4 Merge pull request #14636 from github/tausbn/python-add-support-for-python-3.12-type-syntax 
Python: Add support for Python 3.12 type syntax
 2023-11-20 15:52:48 +01:00
Mathias Vorreiter Pedersen
ab6260600e Merge pull request #14822 from MathiasVP/fix-global-variable-flow-for-arrays 
C++: Fix global-variable flow for array types
 2023-11-20 13:46:05 +00:00
Taus
10b72a0c39 Python: Fix scope of type parameters 
This takes care of scoping for type parameters on functions, but not
type aliases or classes.

For classes, the _type parameters_ now have the correct `Class` as scope,
but all their child nodes do not (e.g. the `Name` inside a `TypeParameter`).
This has to do with how the `py_scopes` relation is emitted by the extractor,
since `Name`s are expressions.
 2023-11-20 13:31:21 +00:00