Arthur Baars
e85e61b6d7
Ruby: add diagnostics module
2023-01-18 16:28:16 +01:00
Arthur Baars
664fdc3b2a
Merge pull request #11815 from aibaars/too-many-fields
...
Ruby: use record_parse_error_for_node to report extractor error
2023-01-09 15:40:19 +01:00
Erik Krogh Kristensen
5157d4df7b
Merge pull request #11581 from erik-krogh/stdin
...
Rb: add stdin as source for unsafe-deserialization
2023-01-09 13:57:47 +01:00
Chris Smowton
e9bbb5d7fa
Merge pull request #11730 from smowton/smowton/admin/improve-sql-unescaped-docs
...
Java: improve naming and description of SqlUnescaped.ql
2023-01-09 12:50:27 +00:00
yoff
c01ce955ba
Merge pull request #11778 from yoff/shared/inline-tests
...
Shared: Inline test expectations
2023-01-09 13:21:18 +01:00
Chris Smowton
2e26fb1171
Merge pull request #11819 from smowton/smowton/admin/port-java-autobuilder-tests
...
Add Java autobuilder integration tests
2023-01-09 12:17:39 +00:00
Chris Smowton
efe23c1da7
Note that alerts should not be re-raised
2023-01-09 10:56:13 +00:00
Chris Smowton
994a46289f
Add change note
2023-01-09 10:56:13 +00:00
Chris Smowton
ef27f9fe96
Replace one more mention of escaping
2023-01-09 10:56:13 +00:00
Chris Smowton
45c732a6f9
Java: improve naming and description of SqlUnescaped.ql
...
Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.
2023-01-09 10:56:13 +00:00
Taus
06ea249997
Merge pull request #11820 from yoff/python/fix-downgrades
...
Python: fix downgrade script
2023-01-09 11:24:41 +01:00
Mathias Vorreiter Pedersen
9be9636816
Merge pull request #11670 from atorralba/atorralba/swift/predicate-injection
...
Swift: Add predicate injection query
2023-01-09 08:54:13 +00:00
Harry Maclean
5b117084db
Merge pull request #11534 from hmac/array-inclusion-barrier-guard-constant
...
Ruby: Make array inclusion barrier more sensitive
2023-01-09 20:57:09 +13:00
Jeroen Ketema
a743fbcc95
Merge pull request #11799 from jketema/case-uncomment
...
C++: Uncomment cases in dbscheme
2023-01-06 19:26:53 +01:00
Chris Smowton
831255e9c0
Merge pull request #11832 from github/mbg/fix/go-version-warnings
...
Go: Handle output from `go version` more gracefully
2023-01-06 14:05:39 +00:00
Jeroen Ketema
c1bc097355
C++: Add upgrade/downgrade scripts for dbscheme update
2023-01-06 14:26:24 +01:00
Jeroen Ketema
cdb34bb1f9
C++: Update database stats file
2023-01-06 14:26:23 +01:00
Jeroen Ketema
b9b0c8091f
C++: Uncomment cases in dbscheme
...
Note that the builtin types `__int{8,16,32,64}` are not uncommented,
as these are never and could have never been generated by the
extractor.
2023-01-06 14:26:23 +01:00
Geoffrey White
f3914ffe25
Merge pull request #11823 from geoffw0/heuristicalloc
...
C++: Use HeuristicAllocationExpr in more queries
2023-01-06 13:13:14 +00:00
Jami
f5e5f6dfd1
Merge pull request #11821 from jcogs33/jcogs33/fix-mad-typos
...
Java: fix typos in MaD row `name` columns for `MappingSqlQuery` and `MappingSqlQueryWithParameters`
2023-01-06 07:59:30 -05:00
Nick Rolfe
4c5f149afd
Merge pull request #11831 from github/post-release-prep/codeql-cli-2.12.0
...
Post-release preparation for codeql-cli-2.12.0
2023-01-06 12:15:17 +00:00
Michael B. Gale
1ef1d63c11
Add test for parseGoVersion
2023-01-06 11:20:51 +00:00
Michael B. Gale
9af9b32722
Find the last line of output from go version
2023-01-06 11:20:39 +00:00
Geoffrey White
bb451f3911
C++: Fix result duplication.
2023-01-06 11:05:47 +00:00
github-actions[bot]
cdb8f67601
Post-release preparation for codeql-cli-2.12.0
2023-01-06 10:36:34 +00:00
Rasmus Lerchedahl Petersen
8d9e94a00f
swift: fix typo
2023-01-06 11:22:49 +01:00
erik-krogh
0a1769657d
add change-note
2023-01-06 09:09:09 +01:00
erik-krogh
19d2b49562
drive-by: make Base64.decode64(..) into a flowsummary that is shared with all queries
2023-01-06 09:04:37 +01:00
erik-krogh
1a27441cfb
drive-by: delete code-execution sinks from unsafe-deserialization, we risked duplicate alerts
2023-01-06 09:04:36 +01:00
erik-krogh
0e6028a7f3
add stdin as source for unsafe-deserialization
2023-01-06 09:04:36 +01:00
Rasmus Lerchedahl Petersen
ad95225272
python: improve code
...
according to alert and reviewer's suggestion
2023-01-05 20:42:29 +01:00
Nick Rolfe
5317fb5b53
Merge pull request #11828 from github/release-prep/2.12.0
...
Release preparation for version 2.12.0
2023-01-05 18:58:30 +00:00
Nick Rolfe
a3cc93b80b
correct spelling and capitalization of TCP/UDP
2023-01-05 17:43:25 +00:00
Jeroen Ketema
de37f3b7d5
Properly indent code block in change log
2023-01-05 18:38:33 +01:00
Jeroen Ketema
ed87c3a90a
Update go/ql/lib/CHANGELOG.md
2023-01-05 18:03:19 +01:00
Jeroen Ketema
af2c321380
Update python/ql/src/change-notes/released/0.6.0.md
2023-01-05 18:01:28 +01:00
Jeroen Ketema
3e634c92c1
Update python/ql/src/CHANGELOG.md
2023-01-05 18:01:21 +01:00
Jeroen Ketema
170242f79c
Apply suggestions from code review
2023-01-05 17:57:19 +01:00
Nick Rolfe
44213f0144
Merge pull request #11826 from github/nickrolfe/check-change-note
...
CI: fail if a changenote filename doesn't have the right format
2023-01-05 16:55:30 +00:00
Nick Rolfe
6e07076151
tweak wording in 2.12 release notes
2023-01-05 16:46:44 +00:00
github-actions[bot]
b6a8193785
Release preparation for version 2.12.0
2023-01-05 16:32:14 +00:00
Nick Rolfe
4e6baf83c8
Update .github/workflows/check-change-note.yml
...
Co-authored-by: Taus <tausbn@github.com >
2023-01-05 16:26:43 +00:00
Nick Rolfe
0beca9d96c
CI: fail if a changenote filename doesn't have the right format
2023-01-05 16:01:07 +00:00
Jeroen Ketema
f370cd840c
Merge pull request #11818 from jketema/downgrade-fix
...
C++: Fix the expression kind in two of the downgrade scripts
2023-01-05 16:33:16 +01:00
Nick Rolfe
f58ec799dd
Merge pull request #11822 from github/nickrolfe/codeql-cli-2.12.0-changenote-fix
...
Go: fix date format in changenote
2023-01-05 15:16:51 +00:00
Geoffrey White
b3e82498fa
C++: Change note.
2023-01-05 15:06:40 +00:00
Nick Rolfe
b7846da65d
Go: fix date format in changenote
2023-01-05 15:05:39 +00:00
Jami Cogswell
f03f687d61
Java: add change note
2023-01-05 09:08:04 -05:00
Rasmus Lerchedahl Petersen
bb26c31f84
Python: fix downgrade script
...
When new kinds are inserted, new indices exists that do not
correspond to any old indices.
These were previously mapped, now they are not.
2023-01-05 14:56:52 +01:00
Jami Cogswell
0640bd9d8b
Java: fix typos in the MaD row name columns for MappingSqlQuery and MappingSqlQueryWithParameters
2023-01-05 08:32:22 -05:00
