hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,732 Commits 1,684 Branches 159 Tags
e669ffa22e95dd8fac4c1477e9906a6770a58f4c
Commit Graph

33732 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
e669ffa22e Merge pull request #8320 from jketema/structured-binding-array 
C++: Handle initialization of structured bindings via bitwise copy in extractor
 2022-03-16 09:41:31 -04:00
Nick Rolfe
f6681f30c6 Merge pull request #8399 from github/nickrolfe/simple_symbol_constant_value 
Ruby: implement getComponent(n) for simple and hash-key symbols
 2022-03-16 12:10:39 +00:00
Nick Rolfe
94ce578ea4 Ruby: implement getComponent(n) for simple and hash-key symbols 2022-03-16 11:43:46 +00:00
Nick Rolfe
76918238f0 Ruby: test ExprCfgNode::getConstantValue() 2022-03-16 11:21:57 +00:00
Erik Krogh Kristensen
f53df255b9 Merge pull request #8459 from erik-krogh/addSeverities 
JS: add missing @security-severity to JS queries
 2022-03-16 12:03:19 +01:00
Nick Rolfe
82ef2a12f6 Merge pull request #8164 from github/nickrolfe/escape_sequences 
Ruby: interpret string escape sequences in getConstantValue()
 2022-03-16 10:45:39 +00:00
Nick Rolfe
1a850028e7 Ruby: update date in changenote filename 2022-03-16 10:32:43 +00:00
Erik Krogh Kristensen
cd9d61c1fc Merge pull request #8450 from erik-krogh/importAs 
disallow lowercase import-as aliases
 2022-03-16 11:32:37 +01:00
Jeroen Ketema
37293141ee Merge pull request #8428 from jketema/noreturn 
C++: Handle C11 _Noreturn in DefaultOptions
 2022-03-16 11:23:23 +01:00
Erik Krogh Kristensen
d47b0a68e7 exclude tests from ql/missing-security-metadata 2022-03-16 10:40:45 +01:00
Erik Krogh Kristensen
2442beaf9a add missing severities to JS queries 2022-03-16 10:40:34 +01:00
Jeroen Ketema
d51cbe2525 C++: Update IR tests for handling of bitwise copy with explicit source 2022-03-15 23:22:37 +01:00
Jeroen Ketema
8be02b164c C++: Add IR tests exposing incorrect translation due to unhandled bitwise copy 
These tests are in addition to exisiting tests involving default copy
constructors, which suffer from the same problem, i.e., the extractor not
handling bitwise copies.
 2022-03-15 23:22:37 +01:00
Jeroen Ketema
2894bb0933 C++: Use correct change note file name format 2022-03-15 23:21:14 +01:00
Jeroen Ketema
638b2cac04 C++: Add change note on _Noreturn/noreturn in C11 2022-03-15 23:21:14 +01:00
Jeroen Ketema
1a1c34e1be C++: Handle C11 _Noreturn in DefaultOptions 2022-03-15 23:21:14 +01:00
Erik Krogh Kristensen
b45f56ac08 Merge pull request #8431 from erik-krogh/deadCode 
Delete dead code
 2022-03-15 20:09:06 +01:00
Mathias Vorreiter Pedersen
57922f56ee Merge pull request #8424 from ihsinme/ihsinme-patch-fix077 
Detection reduction on request
 2022-03-15 16:17:47 +00:00
Mathias Vorreiter Pedersen
05758181bb Merge pull request #7884 from rdmarsh2/rdmarsh2/template-implicit-copy-constructor 
C++: fix hasImplicitCopyConstructor for templates
 2022-03-15 15:32:05 +00:00
Anna Railton
a08246a2a7 Merge pull request #8448 from github/annarailton-patch-1 
Add docstring to `ExtractEndpointMapping.ql`
 2022-03-15 14:54:45 +00:00
Erik Krogh Kristensen
b0fc958b32 simplify imports 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-03-15 15:10:04 +01:00
Erik Krogh Kristensen
57db7633c8 C#: make csharp import private 2022-03-15 14:59:06 +01:00
Erik Krogh Kristensen
89af50f6d5 rename all lower-case import-as statements 2022-03-15 14:40:38 +01:00
Erik Krogh Kristensen
54582438a1 QL: recognize the names defined by import as statements 2022-03-15 14:29:33 +01:00
Anna Railton
739d94e8f9 Add docstring to ExtractEndpointMapping.ql 2022-03-15 12:50:51 +00:00
Erik Krogh Kristensen
3067231b1a Merge pull request #8253 from erik-krogh/domWrite 
JS: merge hasDominatingWrite and hasDominatingAssignment
 2022-03-15 13:37:00 +01:00
Erik Krogh Kristensen
154d0171d3 Merge pull request #8438 from erik-krogh/apiDisable 
JS: add some API-nodes to js/disabling-certificate-validation
 2022-03-15 12:56:59 +01:00
Mathias Vorreiter Pedersen
9f014be7c7 Merge pull request #8447 from MathiasVP/add-missing-security-severity 
C++: Add missing `security-severity` tags
 2022-03-15 11:29:28 +00:00
Joe Farebrother
8acd8ea01f Merge pull request #8446 from joefarebrother/sensitive-logging 
Java: Add security severity to sensitive logging query
 2022-03-15 11:17:46 +00:00
Mathias Vorreiter Pedersen
7337ebd569 C++: Add missing 'security-severity' tags. 2022-03-15 10:54:36 +00:00
Mathias Vorreiter Pedersen
9642e59349 Merge pull request #8382 from MathiasVP/use-taint-configuration-in-three-more-queries 
C++: Use a `TaintTracking::Configuration` in three more queries
 2022-03-15 10:43:05 +00:00
Joe Farebrother
e4a16cc700 Add security severity 2022-03-15 10:42:41 +00:00
Tony Torralba
6d5414281e Merge pull request #8437 from atorralba/atorralba/missing-security-severity-query 
Added MissingSecurityMetadata query
 2022-03-15 11:42:41 +01:00
Henry Mercer
f38b498eed Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore 
JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries
 2022-03-15 10:04:30 +00:00
Tony Torralba
6f484d3d64 Merge pull request #8440 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-03-15 10:58:27 +01:00
Tony Torralba
fd4c9fd543 Cover a missing @tag security when @security-severity is used 2022-03-15 10:39:42 +01:00
Tony Torralba
82b2fd2d23 Exclude queries without precision 2022-03-15 10:22:10 +01:00
Mathias Vorreiter Pedersen
7e0e7d5004 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-15 09:06:55 +00:00
Erik Krogh Kristensen
c7509c4dd3 Merge branch 'main' into deadCode 2022-03-15 09:19:14 +01:00
Tony Torralba
18165cbb46 Exclude examples folder 2022-03-15 09:14:11 +01:00
Jonas Jensen
d89c52f4b0 Merge pull request #8403 from erik-krogh/noUpper 
Rename all upper-case variables, and all lower-case modules
 2022-03-15 09:00:37 +01:00
github-actions[bot]
b10adfc8da Add changed framework coverage reports 2022-03-15 00:13:15 +00:00
Arthur Baars
3311fedda7 Merge pull request #8365 from aibaars/qldoc-test 
CI: add QLdoc test
 2022-03-14 23:36:01 +01:00
Erik Krogh Kristensen
195ce9c58a add some API-nodes to js/disabling-certificate-validation 2022-03-14 21:33:13 +01:00
Arthur Baars
6a74e761c8 Merge pull request #8398 from github/post-release-prep/codeql-cli-2.8.3 
Post-release preparation for codeql-cli-2.8.3
 2022-03-14 21:05:09 +01:00
Tom Hvitved
d3d20c69dd Merge pull request #8425 from hvitved/csharp/structural-comparision-fix 
C#: Avoid combinatorial explosion in structural comparison library
 2022-03-14 20:10:40 +01:00
Henry Mercer
5102cadf8e Merge pull request #8404 from github/codeql-ci/js-atm-new-release 
JS: Bump version numbers of ML-powered packs after 0.1.0 release
 2022-03-14 17:32:37 +00:00
Tony Torralba
03f3535188 Added MissingSecuritySeverity query 2022-03-14 17:53:08 +01:00
Nick Rolfe
488c8ef609 Ruby: accept test changes after adding more literals 2022-03-14 15:49:22 +00:00
Nick Rolfe
2a892c39ac Ruby: add change note for getConstantValue improvements 2022-03-14 15:45:58 +00:00