hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
265500faa8 Merge pull request #8800 from geoffw0/unsafeput 
C++: Add a test for experimental query NoCheckBeforeUnsafePutUser.ql.
 2022-05-09 16:20:19 +01:00
Rasmus Lerchedahl Petersen
2a5908ff49 python: require all settings be vulnerable 
at least all thos not in tests
 2022-05-09 17:08:49 +02:00
Cornelius Riemenschneider
bf0e32ae82 C#: Port the existing compiler-tracing.spec files to Lua. 2022-05-09 14:45:34 +00:00
Rasmus Wriedt Larsen
4a6789182d Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-09 16:37:12 +02:00
Anders Schack-Mulligen
135d7f6e32 Dataflow: Prune more cons-candidates. 2022-05-09 16:21:12 +02:00
Anders Schack-Mulligen
1b0e9d5cd7 Dataflow: Fix join order in nodeMayUseSummary. 2022-05-09 16:21:12 +02:00
Henry Mercer
3c4715928e Merge pull request #9083 from github/henrymercer/fetch-codeql-with-gh-cli 
Actions: Fetch CodeQL CLI using `gh` rather than third-party Action
 2022-05-09 14:40:29 +01:00
Anders Schack-Mulligen
f24364d951 Merge pull request #9045 from hvitved/dataflow/subpaths-perf-take2 
Data flow: Speedup `subpaths` predicate (take 2)
 2022-05-09 15:39:11 +02:00
Henry Mercer
71d1069a0a Fix typo 2022-05-09 14:31:05 +01:00
Henry Mercer
198c96982c Add a comment to explain the unusual Action path 2022-05-09 14:30:41 +01:00
CodeQL CI
e099b94cc4 Merge pull request #9081 from asgerf/js/global-step-refactor 
Approved by erik-krogh
 2022-05-09 06:30:37 -07:00
ihsinme
09cd168197 create new branchihsinme-patch-88 in fork 2022-05-09 13:05:06 +00:00
Rasmus Wriedt Larsen
c218162104 Merge branch 'main' into pypam 2022-05-09 14:20:05 +02:00
Rasmus Wriedt Larsen
ab1252d196 Python: Add @precision high for py/pam-auth-bypass 2022-05-09 14:19:40 +02:00
Geoffrey White
85cc9b8901 C++: Use getClassAndName. 2022-05-09 13:06:44 +01:00
Geoffrey White
28dca3fa9f Merge pull request #8245 from ihsinme/ihsinme-patch-67 
CPP: Add query for CWE-476: NULL Pointer Dereference when using exception handling blocks
 2022-05-09 12:26:20 +01:00
Geoffrey White
9709c2fa94 C++: Use compliant PascalCase / make the checks happy. 2022-05-09 11:58:57 +01:00
Henry Mercer
804ca3e1a7 Actions: Fetch CodeQL CLI using gh rather than third-party Action 2022-05-09 11:42:01 +01:00
Erik Krogh Kristensen
fc1ab06c1c autoformat 2022-05-09 12:39:38 +02:00
Erik Krogh Kristensen
53b26eba17 Merge pull request #8724 from erik-krogh/postMessage 
JS: promote the `js/missing-origin-verification` query
 2022-05-09 12:28:58 +02:00
Erik Krogh Kristensen
fe1e47bc17 Merge pull request #8710 from bananabr/dragAndDrop 
JS: drag and drop API Xss sources
 2022-05-09 12:22:28 +02:00
Erik Krogh Kristensen
611a412f2a Merge pull request #8990 from bananabr/selection 
JS: Selection API DOM text source
 2022-05-09 12:22:18 +02:00
Paolo Tranquilli
93f8b6b29d Swift: add missing trap_affix 2022-05-09 12:20:22 +02:00
Paolo Tranquilli
20317a280b Swift: make width fields unsigned 2022-05-09 12:19:52 +02:00
thibaut hansmann
f3f2e59472 C/C++ : Fix remove the useless variable 2022-05-09 12:01:42 +02:00
Asger F
88b5bbe024 JS: Update test expectation 2022-05-09 11:55:07 +02:00
Rasmus Wriedt Larsen
de05b108fa Python: Fix singleton set 2022-05-09 11:01:13 +02:00
Rasmus Wriedt Larsen
36349222a9 Python: Fix casing of XMLDomParsing 2022-05-09 11:00:25 +02:00
Rasmus Wriedt Larsen
f22bd039f3 Python: Slight refactor of LxmlParsing 2022-05-09 10:56:39 +02:00
Rasmus Wriedt Larsen
f5854f33da Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-09 10:53:25 +02:00
Michael Nebel
9a45949e8c Merge pull request #9044 from michaelnebel/csharp/flowsummariestest 
C#: Flow summaries test should print, whether a summary is generated or not.
 2022-05-09 10:06:19 +02:00
Michael Nebel
1401e7ddb3 Merge pull request #8855 from michaelnebel/csharp/singlereadstore 
C#: Only allow two read and two store steps in model capturing.
 2022-05-09 10:05:53 +02:00
Paolo Tranquilli
9c5b2d7e9d Swift: tweaks for use in the PoC branch 2022-05-09 09:46:47 +02:00
Paolo Tranquilli
918ba1b1fc Swift: make generator.run accept options 2022-05-09 09:34:49 +02:00
AlexDenisov
c21849bb2e Merge pull request #9015 from redsun82/swift-enable-dynamic-library 
Swift: enable dynamic mode
 2022-05-09 09:15:37 +02:00
AlexDenisov
fe72dfe7d4 Merge pull request #9028 from redsun82/swift-trapgen 
Swift: add `trapgen` unit tests
 2022-05-09 09:15:22 +02:00
Paolo Tranquilli
6cbfb5a10c Swift cppgen: emit final trap before bases 2022-05-09 09:02:20 +02:00
Michael Nebel
83aa65ff53 C#/Java: Remove redudandant QL comment in CaptureModel. 2022-05-09 07:36:41 +02:00
Michael Nebel
76fd424795 C#: Turn isAutogenerated predicate into a predicate without result. 2022-05-09 07:30:06 +02:00
Michael Nebel
9b855c30cc Merge pull request #9043 from michaelnebel/csharp/xml-injection-path 
C#: Convert xml injection query to a path problem.
 2022-05-09 07:18:01 +02:00
Marcono1234
c760d39d59 Merge remote-tracking branch 'remotes/origin/main' into marcono1234/statement-expression 2022-05-09 00:28:19 +02:00
Marcono1234
36f56b5a18 Java: Rename StmtExpr to ValueDiscardingExpr 
As mentioned by aschackmull during review, StatementExpression as defined
by the JLS only lists possible types of expressions, it does _not_ specify
that their value is discarded. Therefore, for example any method call could
be considered a StatementExpression.

The name ValueDiscardingExpr was chosen as replacement because the JLS uses
the phrase "if the expression has a value, the value is discarded" multiple
times.
 2022-05-09 00:27:15 +02:00
Mathias Vorreiter Pedersen
176e40f139 Merge pull request #9052 from github/post-release-prep/codeql-cli-2.9.1 
Post-release preparation for codeql-cli-2.9.1
 2022-05-06 13:15:17 +01:00
Mathias Vorreiter Pedersen
ef7363c48e Merge pull request #732 from github/post-release-prep/codeql-cli-2.9.1 
Post-release preparation for codeql-cli-2.9.1
 2022-05-06 13:15:10 +01:00
github-actions[bot]
fea657ce01 Post-release preparation for codeql-cli-2.9.1 2022-05-05 19:05:56 +00:00
github-actions[bot]
1a25457178 Post-release preparation for codeql-cli-2.9.1 2022-05-05 19:05:50 +00:00
ihsinme
b98ddc72f5 Update DangerousUseOfExceptionBlocks.ql 2022-05-05 21:05:22 +03:00
Alex Ford
4844e4f454 ruby: replace the dataflow layer RBI library with the AST layer version 2022-05-05 18:40:12 +01:00
Alex Ford
bedb1d4584 ruby: Add AST layer version of the RBI library 2022-05-05 18:37:56 +01:00
Alex Ford
961f867bed Ruby: fix getAssociatedMethod predicate to include class methods 2022-05-05 18:09:42 +01:00