hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,654 Commits 1,672 Branches 157 Tags
dd465e739bbb4e39c0f2bc51bc43f33f625f2ea9
Commit Graph

4461 Commits

Author SHA1 Message Date
Tom Hvitved
dd465e739b Code review suggestion 2022-08-09 07:46:27 +02:00
Tamas Vajk
36c913061c C#: Fix dataflow for default constructors 2022-08-09 07:46:27 +02:00
Tamas Vajk
1a92fc90e0 C#: Add test to demonstrate missing dataflow for default constructors 2022-08-09 07:46:27 +02:00
Anders Schack-Mulligen
aa3655678e Merge pull request #9823 from aschackmull/dataflow/stage-module 
Dataflow: Replace stage duplication with parameterised modules.
 2022-08-08 10:56:32 +02:00
Michael Nebel
cebd49af9d Merge pull request #9968 from michaelnebel/csharp/aspreviewcomment 
C#: Simplification of AspNetCoreRemoteFlowSourceMember.
 2022-08-08 09:44:02 +02:00
Tom Hvitved
400071091c C#: Also disable shared compilation in the tracer for dotnet msbuild 2022-08-05 14:17:16 +02:00
Anders Schack-Mulligen
3d47875b60 Dataflow: Generate shorter RA/DIL names. 2022-08-05 11:00:56 +02:00
Anders Schack-Mulligen
d3dcc3ce3a Dataflow: Sync. 2022-08-05 11:00:56 +02:00
Michael Nebel
64e8660904 C#: Simplification of AspNetCoreRemoteFlowSourceMember. 2022-08-04 14:18:25 +02:00
Tom Hvitved
bc6a74b4dd C#: Disable CLR tracer 
Also remove old tracer configs, as we now use the Lua tracer.
 2022-08-04 13:11:07 +02:00
Alex Ford
8e3548efb3 Merge branch 'main' into post-release-prep/codeql-cli-2.10.2 2022-08-02 20:29:26 +01:00
Michael Nebel
02165e8ee1 Merge pull request #9327 from michaelnebel/csharp/dotnetruntimerefresh 
C#: Re-create summary models and include source and sink models as well.
 2022-08-01 16:15:54 +02:00
github-actions[bot]
e8747d3176 Post-release preparation for codeql-cli-2.10.2 2022-07-28 20:00:09 +00:00
github-actions[bot]
212786ed91 Release preparation for version 2.10.2 2022-07-28 13:38:35 +00:00
Paolo Tranquilli
9b26921cb6 Control flow: add order disambuigation customization 2022-07-28 09:11:42 +02:00
Paolo Tranquilli
ebf650c0c0 Control Flow: add more ordering for edges 2022-07-27 15:01:17 +02:00
Cornelius Riemenschneider
e9e5d948b3 C#: Implement proper dotnet build handling in the Lua tracing config. 
For proper C# tracing, `dotnet build` needs the parameter
/p:UseSharedCompilation=false. However, we can't pass that to the other
subcommands of `dotnet`, therefore we need to figure out which subcommand
of `dotnet` is being invoked.
 2022-07-20 10:11:36 +00:00
Asger F
b9bdee6651 Merge branch 'main' into post-release-prep/codeql-cli-2.10.1 2022-07-19 16:24:35 +02:00
github-actions[bot]
0ee476129a Post-release preparation for codeql-cli-2.10.1 2022-07-14 14:38:49 +00:00
github-actions[bot]
d1aa0d7dd3 Release preparation for version 2.10.1 2022-07-14 08:56:03 +00:00
Raul Garcia
0dbb03f732 Adding CVE information. 2022-07-12 21:49:19 -07:00
Raul Garcia
ac05577966 Making various changes based on the feedback. Pending: 2 non-trivial fixes for Java & Python. 2022-07-11 13:25:35 -07:00
Raul Garcia
5d89a5d164 Update csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Taus <tausbn@github.com>
 2022-07-11 08:42:50 -07:00
Raul Garcia
156bc34cda Update UnsafeUsageOfClientSideEncryptionVersion.qhelp 2022-07-11 08:41:05 -07:00
Raul Garcia
f8994d04d6 Clean up 2022-07-07 11:49:05 -07:00
Raul Garcia
56060e0610 Update csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-07-05 13:57:28 -07:00
Raul Garcia
e43e5810cf New queries to detect unsafe client side encryption in Azure Storage 2022-07-01 17:08:35 -07:00
Andrew Eisenberg
fbeecd6c08 Merge pull request #9744 from github/aeisenberg/move-contextual-queries 2022-06-29 11:44:33 -07:00
Andrew Eisenberg
ddf06f8617 Add change notes and qldoc for moved files 2022-06-29 10:03:12 -07:00
Andrew Eisenberg
a3f4d1bf66 Move contextual queries from src to lib 
With this change, users are now able to run View AST command in
vscode within vscode workspaces that do not include the core libraries.
The relevant core library only needs to be installed in the package
cache.
 2022-06-29 07:51:26 -07:00
Jeroen Ketema
55e052af26 Merge pull request #9686 from aschackmull/dataflow/no-node-scan 
Dataflow performance: Avoid node scans
 2022-06-29 10:38:56 +02:00
github-actions[bot]
d506f448ef Post-release preparation for codeql-cli-2.10.0 2022-06-24 07:36:33 +00:00
Anders Schack-Mulligen
dc517a758e Autoformat 2022-06-23 14:44:40 +02:00
Anders Schack-Mulligen
4a317a25d3 Dataflow: Sync. 2022-06-23 14:34:52 +02:00
github-actions[bot]
a74051c658 Release preparation for version 2.10.0 2022-06-23 11:17:46 +00:00
Michael Nebel
8899bf7f05 C#: Update tests. 2022-06-22 13:03:23 +02:00
Michael Nebel
0ef97b41c8 C#: Update .NET Runtime models and add sources and sinks. 2022-06-22 13:03:10 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Michael Nebel
24ba5cc06e Merge pull request #9025 from michaelnebel/csharp/generatedrefactor 
C#: Provenance column in Models as Data CSV format.
 2022-06-22 10:34:31 +02:00
Michael Nebel
2b892bc000 Merge pull request #9553 from michaelnebel/csharp/narrowtelemetry 
C#/Java: Only display 1k most relevant results for ExternalApi telemetry queries.
 2022-06-22 07:35:56 +02:00
Anders Schack-Mulligen
f8f9b7d3b4 Apply suggestions from code review 2022-06-21 14:11:36 +02:00
Edoardo Pirovano
70dbd92e25 Bump minor version of all regularly released packs 2022-06-21 11:22:58 +01:00
Edoardo Pirovano
ad02b85efa Merge branch main into rc/3.6 2022-06-21 11:15:25 +01:00
Anders Schack-Mulligen
a4796e1542 Add change notes. 2022-06-21 11:17:47 +02:00
Michael Nebel
dc02a6e1a7 C#: Apply autoformatting. 2022-06-21 08:34:43 +02:00
Mathias Vorreiter Pedersen
35c8ca15f5 Merge pull request #8912 from rdmarsh2/rdmarsh2/fix-ir-globals 
C++: Fix IR variable reuse for global var inits
 2022-06-20 16:45:39 +01:00
Michael Nebel
b4457de58c C#/Java: Fix typo in the QL doc comment. 2022-06-20 16:26:07 +02:00
Michael Nebel
c9c981d03a C#: Add release note for the CSV DSL change. 2022-06-20 16:20:02 +02:00
Michael Nebel
38c6bf55b9 C#: Make CSV model validation of the provenance column. 2022-06-20 16:20:01 +02:00
Michael Nebel
5e3bb8297a C#: Make the model predicates emmit the provenance directly to enable testing. 2022-06-20 16:20:01 +02:00