codeql

mirror of https://github.com/github/codeql.git synced 2026-01-04 10:10:20 +01:00

Author	SHA1	Message	Date
Tom Hvitved	7723dbc6d7	Merge pull request #14026 from hvitved/dataflow/stage3-call-ctx Data flow: Use call contexts in stage 3	2023-08-24 11:52:08 +02:00
Harry Maclean	b76842ad3d	Shared: Fix clippy lint	2023-08-23 16:24:57 +01:00
Harry Maclean	3680613f2d	Shared: Restrict extractor file globs to filenames	2023-08-23 16:09:56 +01:00
Harry Maclean	cc7ef5dac1	Shared: Fix clippy lint in shared extractor	2023-08-23 14:11:22 +01:00
Harry Maclean	ed40d72e4f	Shared: Bump extractor version	2023-08-23 14:11:22 +01:00
Harry Maclean	7e2abf20c6	Shared: Support glob patterns in shared extractor Replace the `file_extensions` field with `file_globs`, which supports UNIX style glob patterns powered by the `globset` crate. This allows files with no extension (e.g. Dockerfiles) to be extracted, by specifying a glob such as `*Dockerfile`. One surprising aspect of this change is that the globs match against the whole path, rather than just the file name. This is a breaking change.	2023-08-23 14:11:21 +01:00
Tom Hvitved	3810b796a0	Data flow: Use call contexts in stage 3	2023-08-23 10:05:57 +02:00
Tom Hvitved	12d1d04592	Merge pull request #13983 from hvitved/dataflow/reduced-dispatch-early-join Data flow: Earlier call-context based dispatch filtering	2023-08-21 13:20:08 +02:00
Tom Hvitved	1b4520b058	Data flow: Update QL doc	2023-08-21 12:56:37 +02:00
Jeroen Ketema	2d0f73d7c2	Merge pull request #13881 from jketema/shared-taint-tracking Introduce shared taint tracking library	2023-08-21 12:45:49 +02:00
Tom Hvitved	81ed72c96a	Data flow: Revert join order changes	2023-08-18 10:49:33 +02:00
Tom Hvitved	4d951d8df1	Address review comments	2023-08-17 21:04:58 +02:00
Ed Minnix	a36c12ff1f	Add trust-boundary-violation sink kind	2023-08-17 13:05:37 -04:00
Tom Hvitved	7cc01ea8b5	Merge pull request #13595 from hvitved/csharp/use-shared-cfg-pack C#: Adopt shared CFG construction library from shared `controlflow` pack	2023-08-17 10:37:09 +02:00
Jeroen Ketema	33e8310625	Merge branch 'main' into shared-taint-tracking	2023-08-17 00:14:25 +02:00
yoff	7f2f6f14e7	Merge pull request #13729 from yoff/python/model-aws-lambdas Python/JavaScript: Shared module for serverless functions	2023-08-16 15:14:08 +02:00
Tom Hvitved	570654d1f0	Data flow: Earlier call-context based dispatch filtering	2023-08-16 14:24:45 +02:00
yoff	99bc050366	Update shared/yaml/codeql/serverless/ServerLess.qll Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2023-08-15 15:09:30 +02:00
Erik Krogh Kristensen	6a3b9e10eb	Merge pull request #13914 from erik-krogh/escape-unicode ReDoS: escape unicode chars in the output for the ReDoS queries	2023-08-15 11:21:21 +02:00
Henry Mercer	1213eba630	Merge branch 'main' into post-release-prep/codeql-cli-2.14.2	2023-08-11 13:54:55 +01:00
Tom Hvitved	9b38028e25	Data flow: Fix `localWriteStep` consistency query	2023-08-10 15:31:04 +02:00
github-actions[bot]	432c21d4fb	Post-release preparation for codeql-cli-2.14.2	2023-08-09 18:45:18 +00:00
erik-krogh	fe542565c3	fix performance	2023-08-09 13:48:07 +02:00
erik-krogh	0bce42410a	support arbitrary codepoints in NfaUtils.qll	2023-08-08 22:14:51 +02:00
erik-krogh	859e1bfabc	add constraint that i should be between 0 and 65535	2023-08-08 21:11:59 +02:00
erik-krogh	0391e063ca	move `to4digitHex` to `Numbers.qll`	2023-08-08 21:10:58 +02:00
Anders Schack-Mulligen	0ca3f3308b	Merge pull request #13478 from aschackmull/java/varcapture Java: Add proper support for variable capture flow.	2023-08-08 16:22:56 +02:00
Anders Schack-Mulligen	1cd32722be	Java: More review fixes.	2023-08-08 14:32:48 +02:00
Anders Schack-Mulligen	9d59f50340	Java: Review fixes.	2023-08-08 13:37:40 +02:00
erik-krogh	03fbd387df	way better hex conversion	2023-08-08 09:08:39 +02:00
erik-krogh	92db7b047c	escape unicode chars in the output for the ReDoS queries	2023-08-08 00:15:54 +02:00
github-actions[bot]	79c90fa36a	Release preparation for version 2.14.2	2023-08-07 18:08:52 +00:00
Jeroen Ketema	8b6a7985db	Refactor the traint-tracking library to follow the dataflow library refactoring	2023-08-07 15:23:15 +02:00
Jeroen Ketema	5d2984b7a5	Merge branch 'main' into shared-taint-tracking	2023-08-07 15:22:29 +02:00
Rasmus Lerchedahl Petersen	ef1a5cb0fa	shared: change-note	2023-08-07 11:50:03 +02:00
Tom Hvitved	b926a7ebba	Data flow: Update QL doc	2023-08-07 11:35:21 +02:00
Tom Hvitved	4d14311653	Data flow: Rename `DataFlowParameter` to `InputSig`	2023-08-07 11:35:21 +02:00
Tom Hvitved	6208175aa9	Data flow: Move `DataFlowParameter` into `DataFlow.qll`	2023-08-07 11:35:21 +02:00
Tom Hvitved	0d33c32d8e	Data flow: Move `DataFlowImpl(Common).qll` into an `internal` folder	2023-08-07 11:35:21 +02:00
Rasmus Lerchedahl Petersen	b8717b3046	Python: remove incorrect use of "stem"	2023-08-07 11:25:31 +02:00
Jeroen Ketema	c4a65e58bb	Add change note	2023-08-04 22:53:33 +02:00
Jeroen Ketema	20b792545d	Add missing QLDoc	2023-08-04 22:52:05 +02:00
Jeroen Ketema	7ba2f7a22a	Address review comments	2023-08-04 22:52:05 +02:00
Jeroen Ketema	bdd64ce86d	Introduce shared taint tracking library	2023-08-04 22:51:55 +02:00
Mathias Vorreiter Pedersen	abe3a816ce	Merge pull request #13851 from MathiasVP/sink-without-states DataFlow: Support stateless `isSink` in `StateConfigSig`s	2023-08-04 18:01:42 +02:00
Mathias Vorreiter Pedersen	e066e87890	Update shared/dataflow/codeql/dataflow/DataFlowImpl.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2023-08-04 11:32:41 +02:00
Mathias Vorreiter Pedersen	eb19052a7d	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2023-08-04 11:10:12 +02:00
Mathias Vorreiter Pedersen	981f67531c	DataFlow: Introduce 'revSinkNode'.	2023-08-04 11:09:08 +02:00
Tom Hvitved	b69188fee9	C#: Adopt shared CFG construction library from shared `controlflow` pack	2023-08-03 14:12:24 +02:00
Mathias Vorreiter Pedersen	50f5c4d5f6	DataFlow: Don't support stateless sink nodes in partial flow exploration.	2023-08-03 13:30:05 +02:00

1 2 3 4 5 ...

263 Commits