hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-15 03:54:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
84,309 Commits 1,736 Branches 164 Tags
ec381e4ec579728b9b2ce9cbe99f92b4cc45b414
Commit Graph

84309 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
ec381e4ec5 Use range analysis and improve tests 2025-11-21 10:31:50 +00:00
aegilops
ce136684e6 Fixed formatting 2025-11-20 17:39:32 +00:00
aegilops
e904520779 Fixed formatting 2025-11-20 17:34:42 +00:00
aegilops
29a5b27b13 Removed bounds checking and only using literals - bounded() predicate did not work 2025-11-20 17:31:56 +00:00
Paul Hodgkinson
801cd72965 Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers 2025-11-20 12:24:22 +00:00
aegilops
1e67907516 Merge commit 2025-11-20 12:22:39 +00:00
aegilops
62ee6d3a33 Made changes requested by reviewers - bounded() for range checking, style and better comments 2025-11-20 11:46:42 +00:00
Paolo Tranquilli
240c637e7a Merge pull request #20868 from github/redsun82/java-doc 
Java: add missing QLDoc
 2025-11-20 12:08:16 +01:00
Owen Mansel-Chan
05085a8e82 Merge pull request #20666 from owen-mc/go/promote-weak-crypto-algorithm 
Go: promote `go/weak-crypto-algorithm`
 2025-11-20 11:03:05 +00:00
Tom Hvitved
0f40b3ccb8 Merge pull request #20842 from hvitved/rust/path-resolution-extern-crate-visibility 
Rust: Handle `pub extern crate` in path resolution
 2025-11-20 11:59:05 +01:00
Tom Hvitved
4d4a677da0 Merge pull request #20869 from hvitved/rust/dataflow-ast 
Rust: Base `DataFlow::Node` on AST instead of CFG
 2025-11-20 11:34:40 +01:00
Asger F
613895e0c0 Merge pull request #20424 from asgerf/js/overlay-manual-v4 
JS: Add overlay annotations
 2025-11-20 11:10:46 +01:00
Tom Hvitved
d4fdf956a0 Address review comments 2025-11-20 11:03:53 +01:00
Tom Hvitved
e4853ab060 Add change note 2025-11-19 19:37:41 +01:00
Tom Hvitved
d2bb53a81e Rust: Run codegen 2025-11-19 19:37:40 +01:00
Tom Hvitved
489fff9572 Rust: Base DataFlow::Node on AST instead of CFG 2025-11-19 19:37:39 +01:00
Jeroen Ketema
0c43f2c4f0 Merge pull request #20870 from jketema/exp-arg-fix 
C++: `getExpandedArgument` fixes
 2025-11-19 17:10:56 +01:00
Owen Mansel-Chan
a70d74220f Add test for good password hashing 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f562b3d26e Make line differences in test comments relative 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
349e8ca589 Remove unnecessary import 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
adbc1efe59 Fix diff-informed predicates 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
7d7af193dc Fix small mistake in Ruby query help 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
8d7b2757bf Add query help examples 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
69ecdcb4cd Fix capitalization of class names 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
970b5d7496 Fix query suite integration tests 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
2cfafe53ca Fix failing ruby crypto test that lists all algorithms 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
d2033ca1d5 Add change note 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
52d7e2dd18 Add query for hashing sensitive data with weak hashing algorithm 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
713e19f6f1 Make non-path query for encryption only 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f34a625ac2 Model cryptographic operations 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
fac5296efc Avoid duplicate results using in-barriers 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
34b2e3e2bf Copy the structure of the Javascript query 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
5c403d374e Move crypto qll files from query pack to library pack 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
92a3bccfd6 Align metadata with related queries 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
188b25f11f Remove experimental tag from query metadata 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
a71bb4ba9a Convert test to inline expectations 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
2c20d3ffeb Move weak crypto algorithm query out of experimental 2025-11-19 14:36:26 +00:00
Simon Friis Vindum
4d9ab7b573 Merge pull request #20871 from paldepind/rust/string-literal 
Rust: Handle string literals with line breaks
 2025-11-19 14:05:43 +01:00
Asger F
efa438a352 JS: Move identityFunctionStep back into CachedSteps module 2025-11-19 13:47:30 +01:00
Asger F
8fef60464e JS: Remove out-commented code 2025-11-19 13:46:10 +01:00
Simon Friis Vindum
0e539dbca5 Rust: Handle string literals with line breaks 2025-11-19 13:39:48 +01:00
Simon Friis Vindum
481f627ae0 Rust: Add string literal test 2025-11-19 13:37:23 +01:00
Jeroen Ketema
fe3f90e041 C++: Make getExpandedArgument more robust 
This make the predicate give back sensible results on (upgraded) databases
where we do not have expanded arguments, and avoid having to write case
distinctions in places where we would want to use `getExpandedArgument`.
 2025-11-19 12:49:54 +01:00
Jeroen Ketema
e235e0473a C++: Fix getAnExpandedArgument 
The fix was accidentially lost when rebasing the branch that introduced this
predicate.
 2025-11-19 12:49:02 +01:00
Paolo Tranquilli
b3c09389c8 Java: add missing QLDoc 
The check for QLDoc comments was unfortunately broken for some time, so
we missed this.
 2025-11-19 11:59:25 +01:00
Paolo Tranquilli
e850a8a46c Merge pull request #20861 from github/redsun82/ripunzip 
Ripunzip: use releases from github
 2025-11-19 11:03:35 +01:00
Paolo Tranquilli
87b9afce97 Merge branch 'main' into redsun82/ripunzip 2025-11-19 10:33:39 +01:00
Tom Hvitved
3d49eff4a5 Rust: Add integration test for pub extern crate resolution 2025-11-19 09:38:49 +01:00
Tom Hvitved
8acfc7f752 Rust: Handle pub extern crate in path resolution 2025-11-19 09:38:48 +01:00
Paolo Tranquilli
3be8591370 Ripunzip: fix windows os check, add comments 2025-11-19 08:56:06 +01:00