hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,780 Commits 1,689 Branches 160 Tags
e357b44943cec17be169c206bb5fab772c371b2a
Commit Graph

49780 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
e357b44943 Swift: Add a partial model of Sequence. 2023-02-03 18:42:42 +00:00
Geoffrey White
4bb0bbf488 Swift: Remove redundant copies. 2023-02-03 18:42:41 +00:00
Geoffrey White
e230951a14 Swift: Model StringProtocol methods. 2023-02-03 18:42:41 +00:00
Geoffrey White
38eeb9c747 Swift: Model String methods. 2023-02-03 12:26:55 +00:00
Geoffrey White
1077dcd2e3 Swift: Model String initializers. 2023-02-03 11:36:35 +00:00
Geoffrey White
142ca0c9fb Swift: Model StringProtocol initializers. 2023-02-03 10:53:44 +00:00
Geoffrey White
d888510688 Swift: Fix incorrect taint to String fields. 2023-02-03 10:21:52 +00:00
Geoffrey White
d25de8c764 Swift: Taint fields of StringProtocol. 2023-02-03 10:16:33 +00:00
Geoffrey White
21abe54d8d Swift: Greatly extend tests of taint through strings. 2023-02-03 10:11:12 +00:00
Mathias Vorreiter Pedersen
4e7ca1a175 Merge pull request #12082 from github/post-release-prep/codeql-cli-2.12.2 
Post-release preparation for codeql-cli-2.12.2
 2023-02-03 09:40:57 +00:00
Philip Ginsbach
808d3e3a1f Merge pull request #12084 from github/ginsbach/IncorrectEnvironmentNumbering 
we actually only distinguish four environments
 2023-02-03 09:37:39 +00:00
Philip Ginsbach
56e0b19df8 we actually only distinguish four environments 2023-02-03 09:04:43 +00:00
Arthur Baars
9a4cec7691 Merge pull request #11956 from aibaars/json-log 
Ruby: structured logging
 2023-02-03 09:54:49 +01:00
github-actions[bot]
faf21f3edb Post-release preparation for codeql-cli-2.12.2 2023-02-02 23:01:04 +00:00
Erik Krogh Kristensen
c8cfb6a0cc Merge pull request #12065 from knewbury01/knewbury01/fix-js-cleartext-logging-doc 
Update JS CleartextLogging qhelp
 2023-02-02 18:23:59 +01:00
Philip Ginsbach
55cd436b06 Merge pull request #12074 from github/ginsbach/DocumentShadowing2 
shadowing in the QL language specification
 2023-02-02 17:13:47 +00:00
Nora Dimitrijević
a3a01ddc11 Merge pull request #11855 from d10c/swift/extract-captures 2023-02-02 17:50:41 +01:00
Mathias Vorreiter Pedersen
cd660e1067 Merge pull request #12071 from github/release-prep/2.12.2 
Release preparation for version 2.12.2
 2023-02-02 16:49:44 +00:00
Philip Ginsbach
ab184ebd78 shadowing in the QL language specification 2023-02-02 16:19:18 +00:00
Kristen Newbury
21b4931fbb Merge branch 'main' into knewbury01/fix-js-cleartext-logging-doc 2023-02-02 11:12:57 -05:00
Kristen Newbury
231110ddca Update javascript/ql/src/Security/CWE-312/CleartextLogging.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-02-02 11:12:44 -05:00
Henry Mercer
65863f1fc7 Merge pull request #10826 from github/dependabot/github_actions/actions/setup-dotnet-3.0.2 
build(deps): bump actions/setup-dotnet from 2 to 3
 2023-02-02 15:54:55 +00:00
Philip Ginsbach
1472d4b782 Merge pull request #12062 from github/ginsbach/DocumentShadowing 
shadowing in the handbook
 2023-02-02 15:52:54 +00:00
Jeroen Ketema
3cf5107b45 Apply suggestions from code review 2023-02-02 15:48:29 +01:00
github-actions[bot]
a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
Michael Nebel
77283be6c0 Merge pull request #12068 from michaelnebel/csharp/dotnetpublishtest 
C#: Avoid that the dotnet publish test refers to a specific .NET vers…
 2023-02-02 15:34:06 +01:00
Michael Nebel
960f776e29 C#: Avoid that the dotnet publish test refers to a specific .NET version. 2023-02-02 14:18:50 +01:00
Philip Ginsbach
4282e1a18e explicitly mention aliases 2023-02-02 13:04:43 +00:00
Philip Ginsbach
2b719d503d visible namespaces also include private imports 2023-02-02 13:03:30 +00:00
Michael Nebel
3cd2024a66 Merge pull request #12060 from michaelnebel/csharp11/nameof 
C# 11: Nameof on attribute declarations.
 2023-02-02 12:46:28 +01:00
Nora Dimitrijević
ad5dbe18a4 Swift: db upgrade/downgrade script 2023-02-02 12:00:47 +01:00
Nora Dimitrijević
50e5b29eb7 Swift: all Callables can have captures [codegen'd] 2023-02-02 11:56:51 +01:00
Nora Dimitrijević
ce2e7f1d12 Swift: all Callables can have captures [hand-written] 2023-02-02 11:35:50 +01:00
Nora Dimitrijević
d230431006 Swift: extract closure captures (codegen'd part) 2023-02-02 11:35:49 +01:00
Nora Dimitrijević
6895c113cf Swift: extract closure captures (hand-written part) 2023-02-02 11:30:33 +01:00
Nora Dimitrijević
87f7bc3a63 Swift: introduce closure capture AST test 2023-02-02 11:30:33 +01:00
Tony Torralba
62158c5e49 Merge pull request #12044 from atorralba/atorralba/webview-models 
Swift: Add new source and flow step related to WkWebView
 2023-02-02 09:27:21 +01:00
Michael Nebel
4089845ea4 C#: Test that nameof can used on method parameters and type parameters in attribute declarations. 2023-02-02 09:25:24 +01:00
dependabot[bot]
787fe38d90 build(deps): bump actions/setup-dotnet from 2 to 3.0.2 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v2...v3.0.2)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-02 08:09:43 +00:00
Michael Nebel
7271d9987e Merge pull request #11940 from michaelnebel/csharp/dotnet7 
C#: Update project targets, workflows and other scripts to use .NET 7.
 2023-02-02 08:14:55 +01:00
Nora Dimitrijević
e137993acd Merge pull request #12061 from d10c/cpp/missing-check-scanf-join-order-fix 2023-02-02 07:57:21 +01:00
Kristen Newbury
dc5eb40d5f Update JS CleartextLogging qhelp 2023-02-01 16:29:13 -05:00
Harry Maclean
d671cc6e43 Merge pull request #12052 from hmac/barrier-guard-fix 2023-02-02 08:16:07 +13:00
Chuan-kai Lin
255f989ede Merge pull request #12034 from cklin/document-assume-small-delta 
Document pragma[assume_small_delta]
 2023-02-01 10:36:40 -08:00
Philip Ginsbach
c5deb8544b rework documentation of namespaces to take account of shadowing 2023-02-01 16:56:35 +00:00
Tony Torralba
24527bfc4e Minor change in WKNavigationDelegateSource to work around a bug 2023-02-01 17:44:08 +01:00
Tony Torralba
644bc56568 Add new source and flow step related to WkWebView 2023-02-01 17:44:06 +01:00
Tony Torralba
407e7cbbde Merge pull request #12045 from atorralba/atorralba/more-custom-url-schemes 
Swift: Add more sources for custom URL schemes
 2023-02-01 17:40:20 +01:00
Joe Farebrother
97b2e852c9 Merge pull request #11713 from joefarebrother/sensitive-result-receiver 
Java: Add query for leaking sensitive data through a ResultReceiver
 2023-02-01 16:34:17 +00:00
Nora Dimitrijević
1df0be3ca2 C++: Fix join order in cpp/missing-check-scanf 
The issues were:
* `revFlow`: `revFlow` joins `fwdFlow` on `vn`.
* `Node.getASuccessor()`: `MkNode` self-join on `vn`.
* `hasFlow/5`: `MkNode` self-join on `vn`.
 2023-02-01 16:29:43 +01:00