codeql

mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00

Author	SHA1	Message	Date
Tom Hvitved	ea703bc49a	Ruby: Add test that illustrates false negative lambda flow	2022-05-19 15:19:34 +02:00
Tom Hvitved	5e57e82997	Merge pull request #9191 from hvitved/ruby/taint-tracking-stage Ruby: Force cached taint tracking predicates to be evaluated in data flow stage	2022-05-18 09:54:38 +02:00
Anders Schack-Mulligen	1d3b3204df	Merge pull request #9190 from hvitved/dataflow/summary-arg-param-no-materialize Data flow: Do not materialize `summaryArgParam`	2022-05-18 09:17:57 +02:00
Erik Krogh Kristensen	7245591468	Merge pull request #7763 from erik-krogh/unused-field QL: add unused-field query	2022-05-18 09:15:16 +02:00
Cornelius Riemenschneider	d352253b02	Merge pull request #9187 from github/criemen/lua-tracing-configs Update Lua tracing configs.	2022-05-18 01:03:15 +02:00
Mathias Vorreiter Pedersen	5d625d6156	Merge pull request #9188 from MathiasVP/fix-GetAPrimaryQlClassConsistency-for-swift	2022-05-17 20:47:24 +01:00
Erik Krogh Kristensen	6c7c9b6a4b	Merge pull request #9082 from erik-krogh/countZero QL: add query warning about `count(...) = 0`.	2022-05-17 21:46:58 +02:00
Mathias Vorreiter Pedersen	a6ac14f4de	QL: Allow class + 'Base' in 'ql/primary-ql-class-consistency'.	2022-05-17 16:54:12 +01:00
Tony Torralba	53f32f5a97	Merge pull request #9186 from atorralba/atorralba/kotlin-inline-expectations-tests Kotlin: Add support for InlineExpectationsTest	2022-05-17 15:28:03 +02:00
Cornelius Riemenschneider	3836d1550a	Update Lua tracing configs.	2022-05-17 13:18:28 +00:00
Geoffrey White	629e90f14b	Merge pull request #9176 from geoffw0/xxe9 C++: Clean up the XXE query QL.	2022-05-17 12:40:39 +01:00
Tony Torralba	dbf249b199	Accept only EOL comments as Kotlin expectation comments	2022-05-17 13:05:51 +02:00
Tom Hvitved	f1f96b7e5c	Ruby: Force cached taint tracking predicates to be evaluated in data flow stage	2022-05-17 12:54:26 +02:00
Tom Hvitved	284357d2a0	Data flow: Do not materialize `summaryArgParam`	2022-05-17 12:50:01 +02:00
Geoffrey White	246093d375	C++: Move the two implementation imports.	2022-05-17 11:03:21 +01:00
Arthur Baars	fcb3b82bde	Merge pull request #9178 from aibaars/update-tree-sitter-ruby Ruby: update tree-sitter-ruby	2022-05-17 11:47:41 +02:00
Mathias Vorreiter Pedersen	1280d43e36	Merge pull request #9141 from github/post-release-prep/codeql-cli-2.9.2 Post-release preparation for codeql-cli-2.9.2	2022-05-17 10:01:37 +01:00
Tony Torralba	2b6d7bb3d8	Add support for InlineExpectationsTest to Kotlin	2022-05-17 10:55:00 +02:00
Tamás Vajk	3b07fe70a1	Merge pull request #9174 from tamasvajk/kotlin-fix-isUnspecialised Kotlin: Fix parent class lookup from field initializers in `isUnspecialised`	2022-05-17 10:48:52 +02:00
Erik Krogh Kristensen	7abb7552a7	Merge pull request #9184 from erik-krogh/actionInjection JS: change @id from js/actions/injection to js/actions/command-injection	2022-05-17 10:24:51 +02:00
Anders Schack-Mulligen	4f5ccfd76c	Merge pull request #9181 from Marcono1234/marcono1234/FloatingPointLiteral-rename Java: Rename `FloatingPointLiteral` to `FloatLiteral`	2022-05-17 10:08:49 +02:00
Tom Hvitved	f2e28c311a	Merge pull request #9180 from hvitved/csharp/entity-framework-sql-sinks C#: Add missing EntityFramework SQL sinks	2022-05-17 09:50:49 +02:00
Erik Krogh Kristensen	2550988006	change @id from js/actions/injection to js/actions/command-injection	2022-05-17 09:25:05 +02:00
Tamás Vajk	350d137b2e	Merge pull request #9145 from tamasvajk/kotlin-useless-param Kotlin: Respect `override` modifier in useless parameter query	2022-05-17 08:43:59 +02:00
Tamás Vajk	fcb3d78eae	Merge pull request #9146 from tamasvajk/kotlin-inner-class-static Kotlin: exclude Kotlin source from 'inner class could be static' check	2022-05-17 08:43:39 +02:00
Tamás Vajk	26553cefc5	Merge pull request #9149 from tamasvajk/kotlin-maybe-null Kotlin: Exclude operands of `NotNullExpr` from NullMaybe query	2022-05-17 08:43:24 +02:00
Tamás Vajk	d8c22901c9	Merge pull request #9150 from tamasvajk/kotlin-MissingInstanceofInEquals Kotlin: Add more type check casts to MissingInstanceofInEquals query	2022-05-17 08:43:06 +02:00
Marcono1234	4e1a73f4d9	Java: Rename `FloatingPointLiteral` to `FloatLiteral` "Floating point" refers to both `double` and `float`, and is also used by the JLS in this way. Therefore the old CodeQL class name for `float` literals was misleading.	2022-05-16 22:06:04 +02:00
Tom Hvitved	15449b701f	C#: Add missing EntityFramework SQL sinks	2022-05-16 20:57:40 +02:00
Arthur Baars	05dce09037	Ruby: update tree-sitter-ruby	2022-05-16 19:08:46 +02:00
Geoffrey White	cf932eb21c	C++: Repair typo fix from main.	2022-05-16 16:46:14 +01:00
Geoffrey White	7b1cd70300	Merge branch 'main' into xxe9	2022-05-16 16:45:24 +01:00
Nick Rolfe	c518150b49	Merge pull request #9132 from github/nickrolfe/misspelling QL for QL: generalise non-US spelling query	2022-05-16 16:03:36 +01:00
Paolo Tranquilli	9abb3f0066	Merge pull request #9172 from github/redsun82/swift-variant-in-label-store Swift: replace `getCanonicalPointer` with `std::variant`	2022-05-16 16:21:47 +02:00
Paolo Tranquilli	16e3b5bfc4	Swift: make `monostate` explicit	2022-05-16 15:51:43 +02:00
Erik Krogh Kristensen	23981cb323	Merge pull request #7626 from erik-krogh/CWE-377 JS: add query for detecting insecure temporary files	2022-05-16 15:25:17 +02:00
Tamas Vajk	d4cf877259	Rework parent lookup in `isUnspecialised`	2022-05-16 14:59:28 +02:00
Geoffrey White	9f3fa1c45d	C++: Consistent QLDoc.	2022-05-16 13:48:57 +01:00
Geoffrey White	b4a840e3ef	C++: Make the checks happy.	2022-05-16 13:36:41 +01:00
Geoffrey White	9976825234	C++: Slightly more logical layout.	2022-05-16 12:51:04 +01:00
Geoffrey White	19d1578733	C++: Clean up.	2022-05-16 12:49:01 +01:00
Geoffrey White	b332659fcb	C++: Split the XXE query into library files.	2022-05-16 12:41:41 +01:00
Geoffrey White	0ffd0b23ca	C++: Create an XmlLibrary class to clean up the code in XXE.ql.	2022-05-16 12:17:20 +01:00
Tamas Vajk	8ebdaf1fc2	Kotlin: Fix parent class lookup from field initializers	2022-05-16 12:14:28 +02:00
Tamas Vajk	de133e80a9	Kotlin: add diagnostic test for 'Unexpected specialised instance of generic anonymous class'	2022-05-16 12:13:33 +02:00
Tom Hvitved	a9f6d203cd	Merge pull request #8971 from aibaars/safe-nagivation Ruby: add safe navigation operator	2022-05-16 10:53:56 +02:00
Tamas Vajk	47ec38c35a	Kotlin: Exclude Kotlin files altogether from NullMaybe query	2022-05-16 10:52:20 +02:00
Mathias Vorreiter Pedersen	cee7aed81f	Merge pull request #9142 from geoffw0/xxe8 C++: Fixes some typos and increases the XXE query precision.	2022-05-16 09:45:33 +01:00
Anders Schack-Mulligen	83f817ca45	Merge pull request #9134 from aschackmull/dataflow/perf-std-order Dataflow: Improve standard order through easier type check elimination.	2022-05-16 10:05:17 +02:00
Paolo Tranquilli	1b9dcac2dd	Swift: replace `getCanonicalPointer` with `std::variant` This turned out easier than expected previously. `llvm::PointerUnion` was also considered, which would have less memory footprint, but it would require more effort as it is lacking the same implicit conversions and operators that `std::variant` provides. Also renamed `ToTag<E>` to `TrapTagOf<E>` and introduced a derived convenience functor `TrapLabelOf<E>`.	2022-05-16 09:59:36 +02:00

1 2 3 4 5 ...

36855 Commits