hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 03:31:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
53000cf9f0 C#: Update the XSS expected file. 2022-01-05 16:44:03 +01:00
Michael Nebel
7e6d88d959 C#: Only use stubs for XSS test. 2022-01-05 16:44:03 +01:00
Michael Nebel
24543a2245 C#: Update the UrlRedirect expected file. 2022-01-05 16:44:03 +01:00
Michael Nebel
47ab2061d8 C#: Replace StringValues stub from stubs.cs with the stub in Microsoft.Extensions.Primitives. 2022-01-05 16:44:03 +01:00
Michael Nebel
b3f3c2de24 C#: Convert and cleanup flow summaries for Microsoft.Extensions.Primitives.StringValues. 2022-01-05 16:41:30 +01:00
Michael Nebel
48651a6113 C#: Update flow summaries for StringValues. 2022-01-05 16:41:30 +01:00
Michael Nebel
c36bf3cebc C#: Reduce the amount of trash flow summaries produced for StringValues. 2022-01-05 16:41:30 +01:00
Michael Nebel
9a355c1050 C#: Add stubs for Microsoft.Extensions.Primitives. 2022-01-05 16:41:30 +01:00
Michael Nebel
586fddb0ce Merge pull request #7509 from hvitved/csharp/stubs-from-source 
C#: Treat QL test stubs as not from source
 2022-01-05 16:40:19 +01:00
Mathias Vorreiter Pedersen
f5062c7d80 C++: Remove a bunch of bad self joins from 'cpp/toctou-race-condition'. 2022-01-05 15:28:53 +00:00
Alex Ford
f935df9865 Merge pull request #7313 from github/ruby/rails-cookie-config 
Ruby: Add `rb/weak-cookie-configuration` query
 2022-01-05 15:20:40 +00:00
Michael Nebel
83c05f72d9 C#: Update the expected output from MinimalStubsFromSource as the stubs are now considered library code and thus produced as a part of the minimal stub. 2022-01-05 15:35:42 +01:00
Alex Ford
da8c745bd8 Ruby: Restrict Rails Setting nodes to SetterMethodCalls 2022-01-05 14:11:07 +00:00
Chris Smowton
5760841812 Merge pull request #647 from smowton/smowton/admin/not-all-you-fmt-is-log 
Declassify fmt.Fprintf as a log sink
 2022-01-05 14:09:55 +00:00
Asger Feldthaus
a7698b8727 JS: Fix double space 2022-01-05 14:35:02 +01:00
Asger Feldthaus
486beda2fa JS: Factor out common regexp in AccessPathToken 2022-01-05 14:35:02 +01:00
Asger Feldthaus
d33200ea83 JS: Add test for WithArity 2022-01-05 14:35:02 +01:00
Asger Feldthaus
21928bee6c JS: Rename padded -> inversePad 2022-01-05 14:35:01 +01:00
Asger Feldthaus
1989d51942 JS: Update documentation in Impl.qll 2022-01-05 14:35:01 +01:00
Asger Feldthaus
3ced5c9269 JS: Resolve first N tokens instead of constructing each prefix 2022-01-05 14:35:01 +01:00
Asger Feldthaus
772681d249 JS: Initial support for models as data 2022-01-05 14:34:52 +01:00
Anders Schack-Mulligen
ef714f7328 Dataflow: Sync 2022-01-05 14:25:35 +01:00
Anders Schack-Mulligen
6b6a9df0eb Dataflow: Remove abstract class 2022-01-05 14:13:26 +01:00
Tom Hvitved
433e373e41 C#: Remove restriction in CFG implementation to work with stubs 2022-01-05 14:12:17 +01:00
Michael Nebel
6fb112f8ec C#: Update tests to comply with Csv validation rules for kind. 2022-01-05 13:44:47 +01:00
Michael Nebel
45469a4fe6 C#: Fix error message. 2022-01-05 13:44:47 +01:00
Michael Nebel
c88355ea13 C#: Introduce Csv validation for kind. 2022-01-05 12:48:24 +01:00
Arthur Baars
e96fcf8568 Merge pull request #7498 from github/dependabot/cargo/ruby/generator/clap-3.0 
Update clap requirement from 2.33 to 3.0 in /ruby/generator
 2022-01-05 12:24:42 +01:00
Mathias Vorreiter Pedersen
a48d5dcf48 Merge pull request #7459 from MathiasVP/promote-arithmetic-uncontrolled 
C++: Increase precision of `cpp/arithmetic-uncontrolled` to `high`
 2022-01-05 11:24:09 +00:00
Henry Mercer
19933262c4 Java: Fix copy/paste error in existing queries 
Co-authored-by: yo-h <55373593+yo-h@users.noreply.github.com>
 2022-01-05 10:50:22 +00:00
Mathias Vorreiter Pedersen
23b8b776ab C++: Add change-note. 2022-01-05 10:12:20 +00:00
Michael Nebel
9983c1cbfb C#: Remove generated comment checks in stub files as these are not present in handwritten stubs. 2022-01-05 10:37:37 +01:00
Mathias Vorreiter Pedersen
37c72cae3e Merge branch 'main' into promote-arithmetic-uncontrolled 2022-01-05 08:12:47 +00:00
Anders Schack-Mulligen
fdb3cd03ef Merge pull request #7513 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-01-05 08:54:46 +01:00
github-actions[bot]
0aa1152899 Add changed framework coverage reports 2022-01-05 00:10:19 +00:00
Erik Krogh Kristensen
c7da8df03c Merge pull request #7511 from erik-krogh/dedup-spaces 
Python: remove duplicated spaces in qldoc
 2022-01-04 21:39:15 +01:00
Erik Krogh Kristensen
fe1107ccac remove duplicated spaces in qldoc 2022-01-04 21:03:06 +01:00
Andrew Eisenberg
49d239f4bf Push upgrades pack into lib pack 
PR Related to https://github.com/github/semmle-code/pull/40918
Removes the upgrades pack and uses ql/lib/upgrades instead.

Also, fix malformed parameter in instruction.

Co-authored-by: Chris Smowton <smowton@github.com>
 2022-01-04 11:32:52 -08:00
Dave Bartolomeo
83ceb822aa Move upgrades into standard library packs 
Move upgrade to new location

Remove incorrectly merged files

Fix upgrades section
 2022-01-04 11:30:25 -08:00
Tom Hvitved
a0766e08a1 Merge pull request #656 from github/release-prep/2.7.5 
Release preparation for version 2.7.5
 2022-01-04 18:57:50 +01:00
Tom Hvitved
fd60c6e1ad Merge pull request #7510 from github/release-prep/2.7.5 
Release preparation for version 2.7.5
 2022-01-04 18:57:43 +01:00
Alex Ford
712972cb82 Ruby: formatting 2022-01-04 16:41:23 +00:00
Alex Ford
36ea360b25 Ruby: behaviour -> behavior 2022-01-04 15:43:38 +00:00
Mathias Vorreiter Pedersen
8f843209a8 Merge pull request #7493 from MrAnno/relax-ambiguously-signed-bit-field 
C++: relax ambiguously-signed-bit-field by allowing GLib's gboolean
 2022-01-04 16:18:46 +01:00
github-actions[bot]
1dfcf427aa Release preparation for version 2.7.5 2022-01-04 14:44:56 +00:00
github-actions[bot]
980c162fe3 Release preparation for version 2.7.5 2022-01-04 14:44:48 +00:00
Mathias Vorreiter Pedersen
e31185fea4 C++: add change-note for cpp/ambiguously-signed-bit-field. 2022-01-04 14:31:19 +00:00
László Várady
6496bf8c1d C++: relax ambiguously-signed-bit-field by allowing GLib's gboolean 
The gboolean type of GLib (a widely used C library) is a typedef to int.
It is meant to represent a simple true/false value.

Resolves #7491
 2022-01-04 14:22:48 +00:00
Tom Hvitved
964915ee2e C#: Treat QL test stubs as not from source 2022-01-04 14:53:28 +01:00
Tom Hvitved
bfb573c86a Merge pull request #7508 from hvitved/python/change-note-typo2 
Python: Fix another change note typo
 2022-01-04 14:10:37 +01:00