dilanbhalla
ff154b11d0
Merge tag 'codeql-cli/latest' into auto/sync-main-pr
...
Compatible with the latest released version of the CodeQL CLI
2025-04-22 14:59:21 +00:00
dilanbhalla
7462e4003f
Merge pull request #204 from microsoft/dilan/sync-main-tags
...
Sync Upstream Tags
2025-04-21 14:55:28 -07:00
dilanbhalla
7e32709574
Merge branch 'main' into dilan/sync-main-tags
2025-04-21 14:54:14 -07:00
dilanbhalla
2007479e56
Merge pull request #205 from microsoft/LWSimpkins/rust-module-import-fix
...
Update DataFlowImpl.qll
2025-04-21 14:07:10 -07:00
Lindsay Simpkins
57f060beed
Update DataFlowImpl.qll
2025-04-21 16:41:36 -04:00
Dilan Bhalla
7553e14873
sync upstream tags to main
2025-04-21 12:21:23 -07:00
Chanel
03bce1c59f
Merge pull request #202 from microsoft/fix-to-string-on-unknown-static-read
...
PS: Fix `toString` on unknown static field access
2025-04-18 09:23:02 -07:00
Chanel
37a6b0460e
Merge branch 'main' into fix-to-string-on-unknown-static-read
2025-04-18 09:21:15 -07:00
Mathias Vorreiter Pedersen
21210c6cb3
Merge pull request #203 from microsoft/add-missing-downgrade-and-upgrade-scripts
...
PS: Add missing downgrade and upgrade scripts
2025-04-18 13:34:18 +01:00
Mathias Vorreiter Pedersen
4518f18b9f
PS: Delete a cycle in the upgrade script.
2025-04-18 12:41:13 +01:00
Mathias Vorreiter Pedersen
e7e88d3946
PS: Add upgrade script from some unknown dbscheme to the dbscheme that existed when Mathias joined Microsoft
2025-04-18 12:40:58 +01:00
Chanel
fe7d8ff61f
Merge pull request #201 from microsoft/powershell-injectionhunter-port
...
Powershell Command Injection query updates
2025-04-17 11:03:19 -07:00
Chanel Young
12b918e900
pr feedback: removed toString, updated .expected
2025-04-17 10:39:42 -07:00
Mathias Vorreiter Pedersen
b70f7e219c
PS: Fix missing toString and accept test changes.
2025-04-17 17:01:33 +01:00
Mathias Vorreiter Pedersen
7d7268349d
PS: Add an example with a missing toString.
2025-04-17 16:53:26 +01:00
Mathias Vorreiter Pedersen
b09d9f6772
PS: Autoformat.
2025-04-17 16:49:47 +01:00
Chanel Young
ed553d393b
merged work into CommandInjection query
2025-04-16 14:32:30 -07:00
Chanel Young
2266cd2eb8
moved folder, added tests/docs
2025-04-16 12:13:07 -07:00
Chanel Young
50a771edee
Merge branch 'main' into powershell-injectionhunter-port
2025-04-16 11:19:26 -07:00
Chanel Young
5f643509f0
added script block, expandstring sinks, moved sanitizers to separate file
2025-04-16 11:18:02 -07:00
Chanel
c9b1356853
Merge pull request #200 from microsoft/files-reads-as-flow-sources
...
PS: Handle more flow sources
2025-04-16 10:03:44 -07:00
Mathias Vorreiter Pedersen
396a283da9
PS: Add tests for flow sources.
2025-04-15 22:43:21 +01:00
Mathias Vorreiter Pedersen
826e6a9ee8
PS: Add an inline expectations test library for flow sources.
2025-04-15 22:43:19 +01:00
Mathias Vorreiter Pedersen
dcc127832e
PS: Make remote flow sources flow sources.
2025-04-15 22:43:18 +01:00
Mathias Vorreiter Pedersen
fa3fc4a0c3
PS: Fix more problems in MaD rows for sources.
2025-04-15 22:43:16 +01:00
Mathias Vorreiter Pedersen
a146630a09
PS: Delete redundant files.
2025-04-15 22:43:14 +01:00
Mathias Vorreiter Pedersen
43d9c701f8
PS: Rename Field and Property to Member.
2025-04-15 22:43:03 +01:00
Mathias Vorreiter Pedersen
f38948764c
PS: Make type names lower case.
2025-04-15 22:36:31 +01:00
Mathias Vorreiter Pedersen
993511735a
PS: Make method names lower case.
2025-04-15 22:02:46 +01:00
Ian Lynagh
2409bcc0d6
Merge pull request #19301 from github/release-prep/2.21.1
...
Release preparation for version 2.21.1
2025-04-15 16:52:54 +01:00
Ian Lynagh
8ee353c12c
Merge pull request #19312 from igfoo/igfoo/fix-typo-unmasked-secret-exposure
...
actions: Fix spelling error in UnmaskedSecretExposure.md
2025-04-15 15:41:07 +01:00
Ian Lynagh
b75e0ed02e
actions: Fix spelling error in UnmaskedSecretExposure.md
...
Corrects "know" to "known" in the description of the UnmaskedSecretExposure document.
2025-04-15 14:25:39 +01:00
Chanel Young
b4d8673a38
Merge branch 'main' of https://github.com/microsoft/codeql into powershell-injectionhunter-port
2025-04-14 15:18:37 -07:00
github-actions[bot]
b961c5961d
Release preparation for version 2.21.1
2025-04-14 09:53:06 +00:00
Geoffrey White
884c4a6e7b
Merge pull request #19171 from geoffw0/badalloc
...
Rust: Query for uncontrolled allocation size
2025-04-14 10:10:53 +01:00
Geoffrey White
c821f27309
Merge branch 'main' into badalloc
2025-04-14 09:36:59 +01:00
Napalys Klicius
86313715a4
Merge pull request #19184 from Napalys/js/request_handlers
...
JS: Support for `Request` and `NextRequest`
2025-04-14 08:07:24 +02:00
yoff
85527101bd
Merge pull request #19205 from yoff/ruby/refine-uninitialised-local
...
ruby: refine `rb/uninitialized-local-variable`
2025-04-11 23:08:01 +02:00
yoff
7517272d34
ruby: remove repetitive change note
2025-04-11 23:01:15 +02:00
yoff
b988be8ff6
ruby: improve help file
...
This has improved autofixes
I hope it also helps humans
2025-04-11 21:29:01 +02:00
yoff
85e27cae60
Merge branch 'main' into ruby/refine-uninitialised-local
2025-04-11 18:09:59 +02:00
Aditya Sharad
2dc88d87ae
Merge pull request #19278 from adityasharad/actions/integration-test-filters
...
Actions: Fix handling of paths-ignore in autobuild scripts, add integration tests for configured path filters
2025-04-11 20:53:33 +05:30
yoff
eb0f8e9572
ruby: add rb/uninitialized-local-variable to quality suite
2025-04-11 16:27:21 +02:00
Mathias Vorreiter Pedersen
11aef7019e
Merge pull request #19273 from MathiasVP/prepare-shared-mad-generation-for-cpp
...
Shared: Prepare model generation for C++ adoption
2025-04-11 07:22:56 -07:00
yoff
6a76a40cf4
ruby: adjust change notes
2025-04-11 16:18:03 +02:00
yoff
2477233508
ruby: only report on method calls
...
Interviewing a Ruby developer, I learned that
dealing with nil is common practice.
So alerts are mostly useful, if we can point to a place where this has gone wrong.
2025-04-11 15:01:57 +02:00
Mathias Vorreiter Pedersen
877118fb3b
Merge pull request #19274 from MathiasVP/prepare-cpp-for-mad-generation
...
C++: Prepare for model generation adoption
2025-04-11 05:11:36 -07:00
Mathias Vorreiter Pedersen
deef95d384
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
...
Co-authored-by: Taus <tausbn@github.com >
2025-04-11 12:43:59 +01:00
Mathias Vorreiter Pedersen
bfc494c0e1
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
...
Co-authored-by: Taus <tausbn@github.com >
2025-04-11 12:43:51 +01:00
yoff
b641d5f177
ruby: fix FP
2025-04-11 13:22:42 +02:00
