hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-06 05:57:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,563 Commits 1,777 Branches 169 Tags
dede5bc49bcaab2f9bef0b8a0025bf62cbabb85d
Commit Graph

87563 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
dede5bc49b Track flow through tuple() with list with tainted elements 2026-06-02 16:14:59 +01:00
Owen Mansel-Chan
ad97b6dd64 Use access path for str.join model 2026-06-02 16:14:56 +01:00
Owen Mansel-Chan
b38440490a Address review comment 2026-05-31 21:47:44 +01:00
Owen Mansel-Chan
aee33a0cc9 Add missing code for TAnyTupleOrDictionaryElement 2026-05-29 10:26:24 +01:00
Owen Mansel-Chan
df15a719cb Add a ContentSet for any tuple or dictionary element 2026-05-28 16:48:23 +01:00
Owen Mansel-Chan
812e8e6b34 Add change note 2026-05-28 11:37:54 +01:00
Owen Mansel-Chan
80c6f082d1 Fix TODO in containerStep 2026-05-28 11:34:02 +01:00
Owen Mansel-Chan
ec13e1bcd3 Add wildcard ContentSets to avoid performance problems 2026-05-27 15:28:07 +01:00
Owen Mansel-Chan
e8779295ee Update test results 2026-05-22 11:43:18 +01:00
Rasmus Lerchedahl Petersen
fa758d6bf5 python: fix test 2026-05-21 16:59:19 +01:00
Rasmus Lerchedahl Petersen
fa9426c749 Python: extra tests for comprehension 2026-05-21 16:59:18 +01:00
Rasmus Lerchedahl Petersen
0ecca91dea Python: typo 2026-05-21 16:59:16 +01:00
Rasmus Lerchedahl Petersen
f669a4f3bf Python: Make sure all imprecise taint bubbles up 2026-05-21 16:59:14 +01:00
Rasmus Lerchedahl Petersen
3275c814bd Python: reset test expectations 2026-05-21 16:59:11 +01:00
Rasmus Lerchedahl Petersen
9a180036a5 Python: conversion step for format_map 
and adjust collection test
 2026-05-21 16:59:08 +01:00
Rasmus Lerchedahl Petersen
93e7ab52b7 Python: adjust test expectations 
We now find an alert on this line as we hope to
It is not an alert for _full_ SSRF, though, since that configuration cannot handle multiple substitutions.
 2026-05-21 16:58:51 +01:00
Rasmus Lerchedahl Petersen
facb3b681d Python: recover taint for % format strings 2026-05-21 16:57:50 +01:00
Rasmus Lerchedahl Petersen
b67694b2ab Python: Remove imprecise container steps 
- remove `tupleStoreStep` and `dictStoreStep` from `containerStep`
   These are imprecise compared to the content being precise.
- add implicit reads to recover taint at sinks
- add implicit read steps for decoders
  to supplement the `AdditionalTaintStep`
  that now only covers when the full container is tainted.
 2026-05-21 16:57:44 +01:00
Owen Mansel-Chan
7e6b10e8cf Merge pull request #21879 from owen-mc/shared/cfg/simpleleafnode 
Shared CFG: update `simpleLeafNode` to exclude those with additional leaf nodes
 2026-05-21 14:58:04 +01:00
Owen Mansel-Chan
149bfd19d3 Merge pull request #21880 from owen-mc/shared/cfg/for-loop-stmt-init-update 
Shared CFG: Make the init and update parts of a for loop statements
 2026-05-21 14:57:44 +01:00
Paolo Tranquilli
153fbb0378 Merge pull request #21878 from github/redsun82/windows-diagnostic-path-tests 
Add Windows file path tests for `relativize_for_diagnostic`
 2026-05-21 15:30:25 +02:00
Owen Mansel-Chan
039b5927f0 C#: update ForStmt wrapper class 2026-05-21 13:45:30 +01:00
Owen Mansel-Chan
2070dafeb2 Java: add ForStmt wrapper class 2026-05-21 13:41:29 +01:00
Owen Mansel-Chan
c3bafc75ab Shared CFG: allow statements for init and update of for loop 2026-05-21 13:40:26 +01:00
Owen Mansel-Chan
19f93cd18b Shared CFG: update simpleLeafNode to exclude those with additional nodes 2026-05-21 13:31:56 +01:00
Paolo Tranquilli
39becfd7e5 Add Windows file path tests for relativize_for_diagnostic 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-21 14:08:50 +02:00
Paolo Tranquilli
a84043b627 Merge pull request #21844 from github/redsun82/issue-21802-ruby-absolute-paths-in-sarif-diagnostics-a02887 
Use relative paths in tree-sitter extractor diagnostics
 2026-05-21 14:00:32 +02:00
Owen Mansel-Chan
2280955136 Merge pull request #21800 from knewbury01/knewbury01/adjust-actions-queries-untrusted-checkout-critical-alert 
Actions: Adjust alert location UntrustedCheckoutCritical
 2026-05-21 12:40:29 +01:00
Owen Mansel-Chan
4897757b96 Merge pull request #21875 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2026-05-21 11:09:26 +01:00
github-actions[bot]
fb04cd2212 Add changed framework coverage reports 2026-05-21 00:54:55 +00:00
Mathias Vorreiter Pedersen
157424cca3 Merge pull request #21836 from MathiasVP/uncertain-def-more-complete 
C++: Support reasoning about whether a phi node overwrites the entire buffer
 2026-05-20 13:04:37 +01:00
Jack Nørskov Jørgensen
4b095f3129 Merge pull request #21754 from github/jacknojo/add_llm_generated_mads_for_avro 
Add MaDs for Apache Avro
 2026-05-20 08:24:06 +02:00
Geoffrey White
3aa660663e Merge pull request #21806 from geoffw0/extsensitive 
Shared: Improvements to SensitiveDataHeuristics.qll
 2026-05-19 16:22:03 +01:00
Paolo Tranquilli
c1e26f9ea5 Merge pull request #21847 from github/redsun82/redsun82-python-absolute-paths-in-diagno 
Python extractor: use relative paths in diagnostic locations
 2026-05-19 17:03:35 +02:00
Mathias Vorreiter Pedersen
f5113b1932 C++: Fix internal SCC edges and accept test changes. 2026-05-19 15:39:32 +01:00
Mathias Vorreiter Pedersen
f77d426706 C++: Add test demonstrating broken phi cycle certain'ness. 2026-05-19 15:35:20 +01:00
Mathias Vorreiter Pedersen
c6ce13a012 C++: Simplify recursion in 'PhiCycle::isCertain' and do not restrict the definition to be a 'PhiNode'. 2026-05-19 15:27:23 +01:00
Jack Nørskov Jørgensen
aa136a3282 Add change note entry 2026-05-19 16:09:05 +02:00
Michael Nebel
49a435c402 Merge pull request #21827 from michaelnebel/csharp14/userincrementdecrement 
C# 14: User increment/decrement support.
 2026-05-19 14:18:08 +02:00
Jeroen Ketema
96ef59a22a Merge pull request #21861 from jketema/jketema/swift-6.3.2 
Swift: Update to Swift 6.3.2
 2026-05-19 14:01:25 +02:00
Michael Nebel
7a1a90b5a4 C#: Address review comment. 2026-05-19 13:23:22 +02:00
Paolo Tranquilli
06c908756f Merge branch 'main' into redsun82/issue-21802-ruby-absolute-paths-in-sarif-diagnostics-a02887 2026-05-19 13:17:23 +02:00
Mathias Vorreiter Pedersen
d93de54397 C++: Consistent use of 'this.getIndirection()' in 'toString'. 2026-05-19 12:16:37 +01:00
Paolo Tranquilli
adf59f3ee5 Merge branch 'main' into redsun82/redsun82-python-absolute-paths-in-diagno 2026-05-19 13:09:04 +02:00
Jeroen Ketema
22a8123ee1 Merge pull request #21860 from jketema/jketema/alias-template 
C++: Support alias templates
 2026-05-19 10:46:56 +02:00
Jack Nørskov Jørgensen
3119ef6c1a Add MaDs for Apache Avro 2026-05-19 09:27:32 +02:00
Jeroen Ketema
01ff9aa91f Swift: Update to Swift 6.3.2 2026-05-19 06:50:59 +02:00
Mathias Vorreiter Pedersen
0633bc7b91 Merge pull request #21862 from MathiasVP/more-fopen-models 
C++: Add two more `fopen`-like models.
 2026-05-18 22:43:48 +01:00
Owen Mansel-Chan
ad69cfb721 Merge pull request #21838 from github/copilot/widen-regex-for-pinned-actions 
Align `alphaNumericRegex()` with the documented grouped SHA pattern
 2026-05-18 17:35:27 +01:00
Mathias Vorreiter Pedersen
2c156994de C++: Add two more 'fopen'-like models. 2026-05-18 14:47:11 +01:00