hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 05:42:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,685 Branches 159 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
1e96b1e559 JS: Fix typo 2022-05-24 11:57:30 +02:00
Asger Feldthaus
777d344dde JS: Fix up qldoc for getAValueReachingSink 2022-05-24 11:57:30 +02:00
Asger Feldthaus
e2858b7b64 JS: Update ATM code 2022-05-24 11:57:30 +02:00
Asger Feldthaus
8da96ed403 JS: Update doc comment 2022-05-24 11:57:30 +02:00
Asger F
1ae97d9d54 Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
9fad4b883b JS: Autoformat 2022-05-24 11:57:30 +02:00
Asger Feldthaus
76ba78294f JS: Make API::EntryPoint overrides optional 2022-05-24 11:57:30 +02:00
Asger Feldthaus
ce9c3b3eb5 JS: Also rename predicates on API::EntryPoint 2022-05-24 11:57:30 +02:00
Asger Feldthaus
19a5db9f89 JS: Rename getARhs -> getASink 2022-05-24 11:57:30 +02:00
Asger Feldthaus
4c6192670e JS: Rename getAnImmediateUse -> getASource 2022-05-24 11:57:30 +02:00
Asger F
a7b73f44b2 Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Calum Grant <42069085+calumgrant@users.noreply.github.com>
 2022-05-24 11:57:30 +02:00
Asger F
73baa49c5d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
82c35e6f65 Mention that the interaction and be with any external codebase 2022-05-24 11:57:29 +02:00
Asger Feldthaus
6a12864dab JS: Document how API graphs should be interpreted 2022-05-24 11:57:29 +02:00
Ian Lynagh
07e450d513 Merge pull request #9269 from igfoo/igfoo/cfg 
Kotlin: Fix CFG
 2022-05-24 10:53:00 +01:00
Alex Denisov
fa09078976 Swift: do not keep trap files for tests 2022-05-24 11:48:45 +02:00
Alex Denisov
8e8da66325 Swift: share .gitignore across all tests 2022-05-24 11:48:06 +02:00
Chris Smowton
fd60ab420d Merge pull request #9278 from github/dependabot/github_actions/actions/setup-go-3 
Bump actions/setup-go from 1 to 3
 2022-05-24 10:24:31 +01:00
Mathias Vorreiter Pedersen
3e1a6a777e Swift: Accept test changes. 2022-05-24 10:22:06 +01:00
Mathias Vorreiter Pedersen
dda60abfef Swift: Add CFG for a couple more expressions. 2022-05-24 10:21:04 +01:00
Erik Krogh Kristensen
b2d3a7dca5 add change-note for the public renamed predicate 2022-05-24 11:20:08 +02:00
Alex Denisov
528f6f73c5 Swift: add integration tests 2022-05-24 11:12:35 +02:00
Mathias Vorreiter Pedersen
7752a38ee5 Merge pull request #9274 from MathiasVP/swift-extract-semantics-and-accessor-kinds 
Swift: Extract semantics and accessor kinds
 2022-05-24 10:12:30 +01:00
Chris Smowton
bd06a071c4 Change owner of Go-related workflows 2022-05-24 10:11:36 +01:00
Erik Krogh Kristensen
a404a8c61a use more set literals instead of big disjunctions 2022-05-24 11:09:10 +02:00
Erik Krogh Kristensen
b48806968c delete redundant import 2022-05-24 11:02:41 +02:00
Erik Krogh Kristensen
395ec106b9 remove unused field 2022-05-24 11:02:18 +02:00
Mathias Vorreiter Pedersen
21641eb1cd Swift: Make the 'semantics.ql' test plantform-independent. 2022-05-24 10:00:14 +01:00
Erik Krogh Kristensen
d58fe8e193 add explicit this 2022-05-24 10:59:13 +02:00
Erik Krogh Kristensen
d1ad08ecb5 fix misspellings in predicate names 2022-05-24 10:57:13 +02:00
Harry Maclean
334c43a2b7 Ruby: Add tests for ActiveSupport modelling 2022-05-24 09:35:26 +01:00
Harry Maclean
deff24e8e0 Fix singleton set literal 2022-05-24 09:35:26 +01:00
Harry Maclean
1fd54ed8c3 Ruby: Recognised ActiveSupport::TaggedLogging as a logger 2022-05-24 09:35:26 +01:00
Harry Maclean
dc4ddf6899 Ruby: Recognise ActiveSupport::Logger as a logger 2022-05-24 09:35:26 +01:00
Harry Maclean
14d2ff6528 Ruby: Model ActiveSupport extensions to Enumerable 2022-05-24 09:35:26 +01:00
Harry Maclean
ad2eaf0835 Ruby: Flow for ActiveSupport String extensions 
Add taint flow summaries for ActiveSupport String extensions which
transform the string in various ways, for example `camelcase` and
`underscore`.

DCA suggests this increases the sensitivity of rb/code-injection,
catching cases such as

    params[:foo].camelcase.constantize
 2022-05-24 09:35:26 +01:00
Tom Hvitved
6345816acf Rework ContentDataFlow implementation 2022-05-24 10:34:06 +02:00
Mathias Vorreiter Pedersen
be453142b8 Merge pull request #8730 from geoffw0/reachesperf 
C++: Better join order for reachesWithoutAssignment.
 2022-05-24 09:22:21 +01:00
Jeroen Ketema
05f09919b0 Merge pull request #9276 from jketema/upgrade-script-script 
Support Go and Swift in the `prepare-db-upgrade` script
 2022-05-24 10:09:31 +02:00
Tamas Vajk
5a54218ac7 Kotlin: Fix missing kotlin to java property mapping 2022-05-24 10:03:17 +02:00
Tamas Vajk
19400249a9 Kotlin: Add test for missing kotlin to java property mapping 2022-05-24 10:02:32 +02:00
Mathias Vorreiter Pedersen
a0659072b5 Swift: Add tests and accept test changes. 2022-05-24 09:00:34 +01:00
Mathias Vorreiter Pedersen
cf5f1e593e Swift: Extract new entities. 2022-05-24 08:57:05 +01:00
Mathias Vorreiter Pedersen
cdb081eaec Swift: Update schema and update generated files. 2022-05-24 08:57:05 +01:00
Felicity Chapman
4ea892f2d2 Fix typo 2022-05-24 08:10:19 +01:00
Michael Nebel
42be60ea57 C#: Address codereview comments. 2022-05-24 08:21:39 +02:00
Michael Nebel
a8b103b89c Java: Update dependencies. 2022-05-24 08:21:39 +02:00
Michael Nebel
94664f11f5 C#/Java/Ruby: Sync files. 2022-05-24 08:21:39 +02:00
Michael Nebel
eed02a2a9f C#: Fix issue with isAutoGenerated predicate and make sure that data flow only use relevant summaries. 2022-05-24 08:21:38 +02:00
dependabot[bot]
dfa9d9ff85 Bump actions/setup-go from 1 to 3 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 1 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-24 03:39:16 +00:00