hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
47,262 Commits 1,741 Branches 165 Tags
e6446e501c603e5a6c8abdcd6f596db809b517df
Commit Graph

47262 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
e6446e501c Ruby: fix docs failure 2022-11-24 15:37:03 +00:00
Alex Ford
893c8763bb Ruby: model ActiveSupport json_escape flow 2022-11-24 15:33:08 +00:00
Ian Lynagh
184c903ec7 Merge pull request #11401 from igfoo/igfoo/unused 
Kotlin: Remove an unused argument
 2022-11-24 12:47:50 +00:00
Ian Lynagh
501ea31c25 Merge pull request #11404 from igfoo/igfoo/build_refactor 
Kotlin build system: Refactor jar-finder
 2022-11-24 12:47:34 +00:00
Anders Schack-Mulligen
f2897f5bfc Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority 
Java: Adjust the prioritisation between MaD and source dispatch.
 2022-11-24 13:10:48 +01:00
Erik Krogh Kristensen
6464135800 Merge pull request #11409 from erik-krogh/cache-more 
Ruby: cache the compiled extractor in the build tests
 2022-11-24 12:42:33 +01:00
Tony Torralba
cac6e946ab Merge pull request #11411 from atorralba/atorralba/swift/fix-nsdata-test 
Swift: Fix expectation in NSData tests
 2022-11-24 12:34:28 +01:00
Tony Torralba
4f8ef13cd8 Fix expectation in NSData tests 2022-11-24 12:13:46 +01:00
Tony Torralba
04450c5173 Merge pull request #11378 from atorralba/atorralba/swift/nsdata-models 
Swift: Add models for NSData and NSMutableData
 2022-11-24 11:19:14 +01:00
erik-krogh
c9a600d496 Ruby: cache the compiled extractor, because that's way smaller than the cargo cache 2022-11-24 10:55:38 +01:00
Tony Torralba
2ac06b8db9 Turns out lambda flow is already supported 2022-11-24 10:52:27 +01:00
Nora Dimitrijević
8f065e9483 Merge pull request #11001 from d10c/swift/js-injection 2022-11-24 10:52:05 +01:00
Michael Nebel
cb4a7e22f0 Merge pull request #11395 from michaelnebel/csharp/externalflowcleanup 
C#: ExternalFlow.qll cleanup.
 2022-11-24 10:28:58 +01:00
Ian Lynagh
2d92cee26a Kotlin build system: Refactor jar-finder 
We were globbing with a * in the filename, but that is not necessary.
 2022-11-23 21:43:32 +00:00
Erik Krogh Kristensen
1eec067474 Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00
Erik Krogh Kristensen
3d4f64f168 Merge pull request #11397 from erik-krogh/call-instanceof 
Rb: use `instanceof` instead of `extends` on `DataFlow::CallNode` in some case
 2022-11-23 22:20:17 +01:00
Erik Krogh Kristensen
efdfc361be Merge pull request #11396 from erik-krogh/jsTypo 
JS: fix two typos
 2022-11-23 22:18:43 +01:00
Ian Lynagh
5b8b9044a5 Kotlin: Remove an unused argument 2022-11-23 18:47:53 +00:00
Tom Hvitved
3fbe089f65 Merge pull request #11387 from hvitved/csharp/autobuild-options-split 
C#: Split `AutobuildOptions` into C#/C++ specific classes
 2022-11-23 19:30:48 +01:00
Geoffrey White
2b52a44024 Merge pull request #11210 from geoffw0/alamofire2 
Swift: Add Alamofire model to swift/cleartext-transmission
 2022-11-23 18:23:44 +00:00
Henry Mercer
146d2460b7 Merge pull request #11390 from github/henrymercer/atm/add-pack-descriptions 
ATM: Add descriptions to ML-powered packs
 2022-11-23 18:04:59 +00:00
Andrew Eisenberg
b9694eb09a Merge pull request #11388 from hvitved/codeql-workspace-yml-fix 
Fix typo in `codeql-workspace.yml`
 2022-11-23 08:42:54 -08:00
Michael Nebel
2684b3f396 C#: Make bi-directional import of Servicestack remote flow source definitions. 2022-11-23 16:59:40 +01:00
Michael Nebel
582cfb9330 C#: Remove the frameworks module in ExternalFlow as MaD models are no longer inlined in the code. 2022-11-23 16:20:36 +01:00
Geoffrey White
ef837f72e4 Swift: Test .expected changes resulting from merge. 2022-11-23 14:57:08 +00:00
Ian Lynagh
8042edb6a9 Merge pull request #11393 from igfoo/igfoo/typo 
Java: Fix typo: ceritificate
 2022-11-23 14:26:14 +00:00
erik-krogh
33216f3867 cleanup imports 2022-11-23 15:22:19 +01:00
Michael Nebel
311614c5e6 C#: Remove imports of ExternalFlow.qll. 2022-11-23 15:03:03 +01:00
erik-krogh
19b5f64a11 use instanceof instead of extends on DataFlow::CallNode in some case 2022-11-23 14:58:17 +01:00
erik-krogh
2eb6b1adb3 JS: fix two typos 2022-11-23 14:38:12 +01:00
AlexDenisov
ac7063ba09 Merge pull request #11394 from github/redsun82/swift-error-on-uppercase-acronyms 
Swift: reject uppercase acronyms in schema
 2022-11-23 14:21:07 +01:00
Paolo Tranquilli
876add5214 Swift: reject uppercase acronyms in schema 
This was causing hardly debuggable errors because names are transformed
to underscored lowercase names in the dbscheme and back to camelcase
for trap emission classes, which is not a noop in case uppercase
acronyms (like SIL or ABI) are in the name.

This makes the error be surfaced early with a helpful message.
 2022-11-23 13:56:03 +01:00
Tom Hvitved
bc6a41c1e6 Merge pull request #10927 from hvitved/csharp/phi-reads-in-data-flow-graph 
C#: Include "phi reads" in `DataFlow::Node`
 2022-11-23 13:34:18 +01:00
Ian Lynagh
d401be1845 Java: Fix typo: ceritificate 2022-11-23 12:12:32 +00:00
Nick Rolfe
686a1cbafe Merge pull request #11386 from github/nickrolfe/dbscheme_case_split 
Ruby/QL: only create dbscheme case-splits for columns on defining tables
 2022-11-23 12:06:57 +00:00
Tom Hvitved
8f3731fd42 C#: Split AutobuildOptions into C#/C++ specific classes 2022-11-23 12:57:16 +01:00
Anders Schack-Mulligen
807f87e01f Java: Adjust the prioritisation between MaD and source dispatch. 2022-11-23 12:56:32 +01:00
AlexDenisov
1c17d854d8 Merge pull request #11391 from github/redsun82/swift-package-downgrades 
Swift: add downgrades script to extractor pack
 2022-11-23 12:46:28 +01:00
Tony Torralba
6cfa89e1db Merge pull request #11165 from atorralba/atorralba/swift/xxe-query-libxml2-sinks 
Swift: Add libxml2 sinks to the XXE query
 2022-11-23 12:39:44 +01:00
Paolo Tranquilli
a1bffff0b0 Swift: add downgrades script to extractor pack 2022-11-23 12:15:29 +01:00
Tom Hvitved
28c32fc78e Merge pull request #11383 from hvitved/csharp/ci-extractor-unit-tests 
C#: Also include extractor unit tests in `csharp-qltest.yml`
 2022-11-23 11:58:07 +01:00
Henry Mercer
3b69821630 ATM: Add descriptions to ML-powered packs 2022-11-23 10:46:23 +00:00
Tom Hvitved
a55c56feed Fix typo in codeql-workspace.yml 2022-11-23 11:33:52 +01:00
Nick Rolfe
e16bdc4d07 Ruby/QL: only create dbscheme case-splits for columns on defining tables 2022-11-23 10:00:08 +00:00
Geoffrey White
556d68aeed Update swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-11-23 09:17:18 +00:00
Tom Hvitved
4ad7d2d822 C#: Also include extractor unit tests in csharp-qltest.yml 2022-11-22 19:55:38 +01:00
Tony Torralba
92ee0aa7ae Merge pull request #11367 from atorralba/atorralba/java/add-bitwise-implicit-intents 
Java: Consider taint through bitwise operations on PendingIntent flags
 2022-11-22 17:08:52 +01:00
Tony Torralba
2e1a78e1bf Add models for NSData and NSMutableData 2022-11-22 15:48:58 +01:00
Rasmus Wriedt Larsen
5866af413f Merge pull request #11347 from tausbn/python-clean-up-import-resolution 
Python: Add change note for module resolution
 2022-11-22 15:28:38 +01:00
Rasmus Wriedt Larsen
04a68f8d52 Merge pull request #11372 from RasmusWL/getpass 
Python: Model `getpass.getpass` as source of passwords
 2022-11-22 14:49:04 +01:00