codeql

mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00

Author	SHA1	Message	Date
Mauro Baluda	ee02265ac2	Add property `params` to `RequestInputAccess`	2022-11-10 12:24:39 +01:00
Jeroen Ketema	e7576fdd1a	Merge pull request #11197 from jketema/simplify-taint-test C++: Simplify dataflow taint test query	2022-11-10 11:58:50 +01:00
Paolo Tranquilli	28c9d6b6b5	Swift: extract `PropertyWrapperValuePlaceholderExpr`	2022-11-10 11:28:05 +01:00
Tom Hvitved	06f619875b	Merge pull request #11194 from github/post-release-prep/codeql-cli-2.11.3 Post-release preparation for codeql-cli-2.11.3	2022-11-10 11:27:51 +01:00
Nick Rolfe	2f9f1f73b7	Merge pull request #11166 from github/nickrolfe/active_support_flow_summaries Ruby: generalise summaries for ActiveSupport Hash extensions	2022-11-10 10:11:48 +00:00
Anders Schack-Mulligen	a8ed6bad34	Merge pull request #11188 from aschackmull/java/mad-gen-sinks-precision Java: Improve sink model generation precision by excluding variable capture.	2022-11-10 10:49:56 +01:00
Jeroen Ketema	4d7aeced3f	C++: Simplify dataflow taint test query The complexity seems a left-over from before these tests were turned into inline expectation tests, where the aim seems to have been to have exactly one sink node for each `sink` call. Multiple sink nodes for the same `sink` call are not made visible in the inline expecation tests, and I am not conviced this was very useful before, so remove the complexity.	2022-11-10 10:38:22 +01:00
AlexDenisov	24ba51d11e	Merge pull request #11193 from github/redsun82/swift-avoid-doc-instead-of-desc Swift: avoid wrongly using `doc` instead of `desc` for properties	2022-11-10 09:53:44 +01:00
Paolo Tranquilli	d7bbf74e49	Swift: fix `ObjectLiteralExpr` tests	2022-11-10 09:45:59 +01:00
Paolo Tranquilli	3b9ec2b9eb	Swift: fix `ObjectLiteralExpr` docs	2022-11-10 09:44:07 +01:00
github-actions[bot]	f795025f13	Post-release preparation for codeql-cli-2.11.3	2022-11-10 08:31:58 +00:00
Paolo Tranquilli	a8e6dc7a54	Swift: avoid wrongly using `doc` instead of `desc` for properties	2022-11-10 09:29:02 +01:00
tiferet	dbcdc2209e	Use names constants for confidence levels	2022-11-09 14:25:08 -08:00
tiferet	b6532fa9a0	Fix QLDoc style warning	2022-11-09 13:10:54 -08:00
tiferet	243980ef73	Documentation improvements	2022-11-09 13:04:16 -08:00
Tiferet Gazit	6cb01a210f	Apply suggestions from code review Co-authored-by: Stephan Brandauer <kaeluka@github.com>	2022-11-09 12:53:52 -08:00
erik-krogh	88de299e12	add join(" ") calls as a sink for rb/shell-command-constructed-from-input	2022-11-09 21:46:25 +01:00
Nick Rolfe	eb2a487433	Ruby: update expected test output	2022-11-09 17:38:33 +00:00
Nick Rolfe	0d9aa0cdac	Ruby: fix clashing method names from merge conflict	2022-11-09 17:06:43 +00:00
Nick Rolfe	c8c53cb424	Merge remote-tracking branch 'origin/main' into nickrolfe/active_support_flow_summaries	2022-11-09 17:02:05 +00:00
Nick Rolfe	cfde7e9edc	Ruby: more accurate modeling of which ActionCable channel methods become endpoints	2022-11-09 16:14:11 +00:00
Ian Lynagh	fd6ae3a216	Kotlin: Accept test output	2022-11-09 15:59:15 +00:00
Paolo Tranquilli	0ccf81e67c	Swift: extract `UnresolvedSpecializeExpr`	2022-11-09 16:42:22 +01:00
Paolo Tranquilli	1a062823ee	Swift: extract `DynamicLookupExpr`	2022-11-09 16:31:59 +01:00
Paolo Tranquilli	e2bdef2fba	Swift: extract `DynamicMemberRefExpr`	2022-11-09 16:22:22 +01:00
Nick Rolfe	611ed93e39	Ruby: add is{Public,Protected,Private} to DataFlow::MethodNode	2022-11-09 15:18:16 +00:00
Erik Krogh Kristensen	d35e5ac752	Merge pull request #11180 from erik-krogh/yetMoreCi CI: compile-queries: use cache when running on main, and support more base-branches	2022-11-09 16:16:30 +01:00
Paolo Tranquilli	4770ad3177	Swift: extract `OverloadedDeclRefExpr`	2022-11-09 16:06:23 +01:00
Asger F	83291f378b	Merge pull request #11157 from asgerf/js/yaml-locations JS: fix issue with zero-column yaml locations	2022-11-09 15:57:54 +01:00
Andrew Eisenberg	df2e259944	Merge pull request #11073 from github/aeisenberg/vscode-ttl-docs	2022-11-09 06:53:50 -08:00
Paolo Tranquilli	5f8e7e67b4	Swift: extract `ObjectLiteralExpr`	2022-11-09 15:51:08 +01:00
Anders Schack-Mulligen	151f12ef5e	Java: Improve sink model generation precision by excluding variable capture.	2022-11-09 15:32:30 +01:00
Nick Rolfe	199b3f4d71	Ruby: add change note for ActionCable channel remote flow sources	2022-11-09 14:18:44 +00:00
Nick Rolfe	db20e7d143	Ruby: add ActionCable channel RPC params as remote-flow sources	2022-11-09 14:16:04 +00:00
Anders Schack-Mulligen	07f50e275d	Merge pull request #11182 from aschackmull/mad/split-configs Java/C#: Split active configurations for model generator	2022-11-09 15:06:43 +01:00
Asger F	859dc7beb7	Merge pull request #11024 from asgerf/rb/data-flow-layer-capture2 Ruby: expand DataFlow API	2022-11-09 15:06:03 +01:00
erik-krogh	5ba694e909	remember to run on PRs	2022-11-09 14:55:08 +01:00
Paolo Tranquilli	a05706d89d	Merge pull request #11177 from github/redsun82/swift-decls Swift: extract `PoundDiagnosticDecl` and `MissingMemberDecl`	2022-11-09 14:54:57 +01:00
Michael Nebel	57e31c11da	C#: Add change note.	2022-11-09 14:54:37 +01:00
erik-krogh	57ad491356	adjust the triggers, run on all PRs, and more branches	2022-11-09 14:50:53 +01:00
erik-krogh	8d51aaa403	add another fallback to main	2022-11-09 14:44:10 +01:00
erik-krogh	7e522770f6	simplify the cache keys	2022-11-09 14:43:30 +01:00
erik-krogh	1b9653827f	do a quicker merge-base calculation	2022-11-09 14:38:55 +01:00
Anders Schack-Mulligen	b3b7711149	Dataflow: Sync.	2022-11-09 14:23:15 +01:00
Anders Schack-Mulligen	ade83b3cfe	Dataflow: Introduce support for src/sink grouping in path results.	2022-11-09 14:22:24 +01:00
Anders Schack-Mulligen	fc4f93c87a	Java/C#: Undo configuration footgun firing.	2022-11-09 13:20:39 +01:00
Nora Dimitrijević	5940f17b83	Swift: Docs + doctests	2022-11-09 13:10:08 +01:00
erik-krogh	53917e506e	add refs/heads/ to make the ref fully-formed	2022-11-09 12:58:31 +01:00
Nick Rolfe	97e939ae2b	Ruby: refine summaries for Hash#reverse_merge etc. - revert the changes to the taint summaries specific to ActionController params - make the general flow summaries value-preserving and use WithElement[any]	2022-11-09 11:56:07 +00:00
erik-krogh	f0b09ee16c	fallback to main	2022-11-09 12:55:21 +01:00

... 12 13 14 15 16 ...

47342 Commits