hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 11:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,614 Commits 1,691 Branches 160 Tags
f577a04eabd6f8a3f899647298534f445a4f2061
Commit Graph

49614 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicky Mouha
f577a04eab Update IfStatementAdditionOverflow.ql 2023-02-18 21:34:03 -05:00
Nicky Mouha
5a4a63f8a9 Create IfStatementAdditionOverflow.ql 2023-01-30 18:52:35 -05:00
Mathias Vorreiter Pedersen
cd596403a0 Merge pull request #12031 from MathiasVP/ir-get-call-predicate 2023-01-30 21:23:02 +00:00
Mathias Vorreiter Pedersen
a01a4734ed C++/C#: Sync identical files. 2023-01-30 17:32:53 +00:00
Mathias Vorreiter Pedersen
3a1a9a771c C++: Add a 'getCall' predicate to 'ArgumentOperand'. 2023-01-30 17:31:52 +00:00
Jami
7f6efae7dc Merge pull request #12008 from jcogs33/jcogs33/update-queryproducer-package 
Java: update package for `QueryProducer` sinks
 2023-01-30 10:27:58 -05:00
Alexander Eyers-Taylor
89d835b9ec Merge pull request #11988 from github/alexet/force-java-11 
Use Java 11 for some integration tests
 2023-01-30 15:19:00 +00:00
Nora Dimitrijević
fb88372c0f Merge pull request #11862 from d10c/swift/rename-iterabledeclcontext 2023-01-30 16:03:49 +01:00
AlexDenisov
48434f4be3 Merge pull request #12025 from github/alexdenisov/ignore-sandbox-exec 
Swift: ignore sandbox-exec
 2023-01-30 15:59:19 +01:00
Alex Denisov
b71c5e6c4b Swift: ignore sandbox-exec 2023-01-30 15:10:30 +01:00
Erik Krogh Kristensen
862948f1cc Merge pull request #12014 from erik-krogh/axios 
JS: add support for axios used as a global variable
 2023-01-30 14:55:49 +01:00
Ian Lynagh
25e703e562 Merge pull request #11579 from igfoo/igfoo/only_lockless 
Kotlin: Remove legacy trap-locking support
 2023-01-30 13:44:31 +00:00
Erik Krogh Kristensen
e46960e0cf Merge pull request #12022 from github/dependabot/cargo/ql/regex-1.7.1 
Bump regex from 1.6.0 to 1.7.1 in /ql
 2023-01-30 13:11:54 +01:00
dependabot[bot]
e3afb1640a Bump regex from 1.6.0 to 1.7.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.6.0 to 1.7.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.6.0...1.7.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 11:19:30 +00:00
Erik Krogh Kristensen
8198bbf893 Merge pull request #12019 from github/dependabot/cargo/ql/serde_json-1.0.91 
Bump serde_json from 1.0.82 to 1.0.91 in /ql
 2023-01-30 12:16:49 +01:00
Nora Dimitrijević
9346f4d760 Swift: fix failing tests 2023-01-30 11:39:06 +01:00
dependabot[bot]
f430e83fca Bump serde_json from 1.0.82 to 1.0.91 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.82 to 1.0.91.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.91)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 10:36:14 +00:00
Erik Krogh Kristensen
f647910e0c Merge pull request #12018 from erik-krogh/qlDependabot 
QL: fixup the dependabot config for QL-for-QL
 2023-01-30 11:35:05 +01:00
Erik Krogh Kristensen
78683e4e8a Merge pull request #11879 from erik-krogh/rbRegConcept 
RB: add a RegexExecution concept, and use it for better regexp tracking
 2023-01-30 11:33:09 +01:00
erik-krogh
40a576b775 fixup the dependabot config for QL-for-QL 2023-01-30 11:22:17 +01:00
erik-krogh
f04a9cb523 Merge branch 'main' into rbRegConcept 2023-01-30 11:05:40 +01:00
Erik Krogh Kristensen
3508a4b799 Merge pull request #12016 from erik-krogh/newEntity 
QL: support the NewEntity module in QL-for-QL
 2023-01-30 11:01:11 +01:00
erik-krogh
54c4c23b46 support the NewEntity module in QL-for-QL 2023-01-30 10:34:06 +01:00
Mathias Vorreiter Pedersen
6a8c570915 Merge pull request #12009 from MathiasVP/fix-fwd-flow-read-join 
DataFlow: Fix join in `fwdFlowRead`
 2023-01-30 09:23:43 +00:00
erik-krogh
e3455a9b21 add support for axios used as a global variable 2023-01-29 22:55:20 +01:00
Nora Dimitrijević
d5f11dfe60 Swift: db upgrade/downgrade script 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
1396d07662 Swift: subsume IterableDeclContext into Decl [tests] 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
9a5614e8c5 Swift: subsume IterableDeclContext into Decl [codegen'd] 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
f96c18a6db Swift: subsume IterableDeclContext into Decl [hand-written] 2023-01-28 00:44:48 +01:00
Mathias Vorreiter Pedersen
95b15825f9 DataFlow: Sync identical files. 2023-01-27 16:24:31 +00:00
Mathias Vorreiter Pedersen
a691535e77 C++: Fix join order in 'fwdFlowRead'. 2023-01-27 16:24:08 +00:00
Jami Cogswell
85c228a0cd Java: remove old sinks 2023-01-27 10:40:17 -05:00
Jami Cogswell
a3fe8c0e93 Java: add change note 2023-01-27 10:35:16 -05:00
Jami Cogswell
9bf43483db Java: update package for QueryProducer sinks 2023-01-27 10:16:42 -05:00
Geoffrey White
6c0b50c696 Merge pull request #11980 from geoffw0/modern2 
Swift: Structure modernized queries more consistently
 2023-01-27 14:33:43 +00:00
Geoffrey White
794ba428a7 Merge pull request #11942 from geoffw0/rncrypt4 
Swift: add RNCryptor sinks to swift/static-initialization-vector
 2023-01-27 14:33:06 +00:00
James Fletcher
812306cb52 Merge pull request #12006 from felickz/patch-2 
Add link to codeql metadata article for problem.severity
 2023-01-27 13:59:06 +00:00
alexet
1b0952c512 Use Java 11 for some integration tests 2023-01-27 13:51:44 +00:00
Chad Bentz
4fee536e6d table spacing 2023-01-27 08:19:43 -05:00
Chad Bentz
3ef4d3118c Add link to codeql metadata article for problem.severity 2023-01-27 08:01:07 -05:00
Ian Lynagh
75562e7fb5 Kotlin: Remove legacy trap-locking support 2023-01-26 16:58:51 +00:00
Michael B. Gale
f192191e8c Merge pull request #11997 from github/smowton/fix/deperrors-conditional 
Go: Fix DepErrors test
 2023-01-26 14:52:27 +00:00
Mathias Vorreiter Pedersen
508027e0e5 Merge pull request #11998 from MathiasVP/fix-iterator-test 2023-01-26 12:35:12 +00:00
Mathias Vorreiter Pedersen
13baa5b60b C++: Add iterator typedefs to properly instantiate 'int_iterator_by_trait' and 'insert_iterator_by_trait'. 2023-01-26 11:43:33 +00:00
Chris Smowton
7921de243a Fix DepErrors test 
This was likely harmlessly causing `go get` reruns, since most (all?) real dependency errors cause `go list` to exit with a nonzero return code in any case.
 2023-01-26 11:37:41 +00:00
dependabot[bot]
295152cd32 Merge pull request #11992 from github/dependabot/cargo/ruby/serde-1.0.152 2023-01-26 10:17:56 +00:00
dependabot[bot]
bf02340a6a Merge pull request #11982 from github/dependabot/cargo/ruby/num_cpus-1.14.0 2023-01-26 10:13:09 +00:00
dependabot[bot]
6e69acdd7e Bump serde from 1.0.131 to 1.0.152 in /ruby 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.131 to 1.0.152.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.131...v1.0.152)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-26 03:08:58 +00:00
Harry Maclean
07a7a213b3 Merge pull request #11871 from hmac/rack 2023-01-26 08:40:30 +13:00
Rasmus Wriedt Larsen
1fcfae2464 Merge pull request #11987 from RasmusWL/suite-lists 
Misc: Add `security-experimental` to `generate-code-scanning-query-list.py`
 2023-01-25 17:29:36 +01:00