codeql

mirror of https://github.com/github/codeql.git synced 2026-05-03 20:58:03 +02:00

Author	SHA1	Message	Date
Henry Mercer	d196704a2d	Merge pull request #11574 from github/henrymercer/check-query-ids Add a PR check to ensure query IDs are unique	2022-12-08 15:31:26 +00:00
Tom Hvitved	2ab05a81d1	Merge pull request #11621 from hvitved/ruby/library-callable-get-param Ruby: Add `SummarizedCallable::getParameter`	2022-12-08 16:20:44 +01:00
Jeroen Ketema	8f9a73ee09	C++: Address review comments	2022-12-08 16:14:12 +01:00
Paolo Tranquilli	d03b82c8c5	Merge branch 'main' into redsun82/swift-fix-parent-paths	2022-12-08 16:11:54 +01:00
dependabot[bot]	8600d2d12d	Bump Newtonsoft.Json in /csharp/autobuilder/Semmle.Autobuild.CSharp Bumps [Newtonsoft.Json](https://github.com/JamesNK/Newtonsoft.Json) from 13.0.1 to 13.0.2. - [Release notes](https://github.com/JamesNK/Newtonsoft.Json/releases) - [Commits](https://github.com/JamesNK/Newtonsoft.Json/compare/13.0.1...13.0.2) --- updated-dependencies: - dependency-name: Newtonsoft.Json dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-08 15:01:05 +00:00
Tom Hvitved	cbf722dad0	Ruby: Add `SummarizedCallable::getParameter`	2022-12-08 15:59:41 +01:00
Paolo Tranquilli	1ba8b6d35a	Swift: fix extraction of sources from `..`	2022-12-08 15:57:57 +01:00
Chris Smowton	d0a2c1c9b6	Accept test changes	2022-12-08 14:44:43 +00:00
Chris Smowton	a79126268c	Override modality when needed In particular when generating an implementation based on an abstract prototype, the result is final, and an interface forwarder is open / Java's default modality.	2022-12-08 14:39:57 +00:00
Asger F	6fa2fe6c86	Merge pull request #11608 from asgerf/docs/sphinx-python2 Docs: Update README to mention Python 2 requirement	2022-12-08 15:36:17 +01:00
Jeroen Ketema	33fa76f911	C++: Add change note	2022-12-08 15:22:42 +01:00
Jeroen Ketema	b216c79992	C++: Accept test changes	2022-12-08 15:22:41 +01:00
Jeroen Ketema	f35b7f8fe8	C++: Model `scanf` and `fscanf` as flow sources	2022-12-08 15:22:41 +01:00
Chris Smowton	85ee4e6ca1	Merge pull request #11578 from retanoj/MybatisSqli Java: Add MyBatis Sql Injection no @Param case	2022-12-08 13:53:44 +00:00
Chris Smowton	37b2b0a128	Use set literal instead of disjunction	2022-12-08 13:49:53 +00:00
Henry Mercer	3036b15af2	Merge branch 'main' into henrymercer/check-query-ids	2022-12-08 13:05:46 +00:00
Henry Mercer	280bb6864f	Merge pull request #11604 from github/codeql-ci/atm/release-0.4.3 JS: Bump version numbers of ML-powered packs after 0.4.3 release	2022-12-08 13:04:16 +00:00
Henry Mercer	5674251839	Python: Disable `TarSlipImprov` qhelp	2022-12-08 13:03:31 +00:00
Geoffrey White	e288b07099	Update swift/ql/src/queries/Summary/SummaryStats.ql Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2022-12-08 13:02:58 +00:00
Mathias Vorreiter Pedersen	6897b20722	Merge pull request #11601 from MathiasVP/keep-std-string-iterator	2022-12-08 12:59:33 +00:00
Michael Nebel	670ae6c84c	Merge pull request #11593 from michaelnebel/csharp/patternmatchspan C#: Pattern match Span<char> and ReadOnlySpan<char> against a constant string.	2022-12-08 13:53:00 +01:00
Michael Nebel	5883957a67	Merge pull request #11589 from michaelnebel/csharp/numericintptr C#: nint/System.IntPtr and nuint/System.UIntPtr are indistinguishable…	2022-12-08 13:52:44 +01:00
Chris Smowton	8789dfb655	Make river-crossing example comply with the CodeQL style guide	2022-12-08 12:33:42 +00:00
Chris Smowton	81110b19e7	Merge pull request #11612 from smowton/smowton/admin/merge-rc38-into-main Merge rc/3.8 into main	2022-12-08 12:25:59 +00:00
Chris Smowton	045e3a2cf3	Kotlin: extract callable modality	2022-12-08 12:22:50 +00:00
Chris Smowton	0d2474bd55	Autoformat	2022-12-08 11:30:53 +00:00
Chris Smowton	49bc524fd0	Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main	2022-12-08 11:12:30 +00:00
Rasmus Wriedt Larsen	d684dbdf5c	Merge pull request #10656 from porcupineyhairs/PyPamImprove Python: Improve the PAM authentication bypass query	2022-12-08 11:59:10 +01:00
Jeroen Ketema	a6bc9fd10f	Merge pull request #11591 from jketema/getenv C++: Model `secure_getenv` and `_wgetenv` as local flow sources	2022-12-08 10:44:28 +01:00
Asger F	f2b99c5fff	Docs: Update README to mention Python 2 requirement	2022-12-08 09:50:01 +01:00
Jeroen Ketema	fc49ede33d	C++: Add change note	2022-12-08 09:44:23 +01:00
Jeroen Ketema	a2dac3a41e	C++: Move remote flow sink test and also handle local and remote sinks	2022-12-08 09:36:19 +01:00
Mathias Vorreiter Pedersen	ba3d50a462	Merge pull request #11566 from MathiasVP/skip-lvalue-types	2022-12-08 07:53:20 +00:00
Paolo Tranquilli	0058bf4443	Swift: add timeout to inetgration tests on macOS	2022-12-08 08:44:29 +01:00
retanoj	0edfc6e01e	greedy matching	2022-12-08 09:23:24 +08:00
Aditya Sharad	c7725ec37c	Merge pull request #11605 from github/smowton/admin/merge-2.11.5-into-rc38 Merge codeql-cli-2.11.5 into rc/3.8	2022-12-07 14:09:05 -08:00
Henry Mercer	78f15755d7	Merge branch 'main' into codeql-ci/atm/release-0.4.3	2022-12-07 20:49:26 +00:00
Chris Smowton	32494859cd	Merge remote-tracking branch 'origin/codeql-cli-2.11.5' into smowton/admin/merge-2.11.5-into-rc38	2022-12-07 20:06:08 +00:00
github-actions[bot]	d577eeeea8	JS: Bump version of ML-powered library and query packs to 0.4.4	2022-12-07 20:05:30 +00:00
github-actions[bot]	9702ea02fb	JS: Bump patch version of ML-powered library and query packs	2022-12-07 20:01:33 +00:00
Mathias Vorreiter Pedersen	54c12cd715	C++: Reintroduce 'StdBasicStringIterator'.	2022-12-07 18:21:52 +00:00
Tom Hvitved	35938067fe	Merge pull request #11517 from aibaars/phi-reads-in-data-flow-graph Ruby: Include SSA "phi reads" in DataFlow::Node	2022-12-07 18:58:44 +01:00
Mathias Vorreiter Pedersen	05d89b29e2	Merge branch 'main' into skip-lvalue-types	2022-12-07 17:50:23 +00:00
Geoffrey White	a8b8b54f8d	Update cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2022-12-07 16:44:33 +00:00
Geoffrey White	80cd994e36	Swift: Add taint reach to SummaryStats.ql.	2022-12-07 16:17:24 +00:00
Geoffrey White	4b8575bfc3	C++: Simplify the query slightly.	2022-12-07 15:35:45 +00:00
Arthur Baars	898a4006b0	Merge pull request #10747 from aibaars/ruby-more-flow Ruby: also treat included/prepended modules as subclasses	2022-12-07 15:49:00 +01:00
Geoffrey White	b3d838d678	C++: Define the sources more clearly and consistently (fixes performance issue).	2022-12-07 14:45:39 +00:00
Chris Smowton	9f9a51685b	Merge pull request #11510 from smowton/smowton/fix/kotlin-populate-source-class-files Kotlin: stub trap .class files when extracting a class from Kotlin source	2022-12-07 14:33:42 +00:00
Edward Minnix III	170c9af9e8	Merge pull request #11238 from egregius313/egregius313/webview-setjavascriptenabled Java: Query for detecting enabling Javascript in Android WebSettings	2022-12-07 09:31:58 -05:00

1 2 3 4 5 ...

48129 Commits