hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 15:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
3772efd193 .gitignore bazel symlinks 2022-04-01 14:04:50 +02:00
Paolo Tranquilli
8a5e611453 Bazel: add skeleton bazel workspace 
This moves in codeql some internal bazel definitions in preparation for
future work.
 2022-04-01 14:04:50 +02:00
Sebastian Bauersfeld
504e7e4a55 Update python/ql/lib/change-notes/2022-03-30-flask-recognize-body-param.md 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-04-01 18:41:27 +07:00
Erik Krogh Kristensen
29a5bdb601 Merge pull request #7339 from erik-krogh/pyPerf 
Python: Cache more predicates to improve performance.
 2022-04-01 13:37:21 +02:00
Michael Nebel
81904cc993 C#: Refactor isIrrelevantOverrideOrImplementation to make it easier to extend it with more methods later. 2022-04-01 13:27:05 +02:00
Erik Krogh Kristensen
eae2a6af36 update expected output for Locations.ql 2022-04-01 12:58:00 +02:00
Erik Krogh Kristensen
ed7e1206ff rename isBeforeCode to isCommentAfterCode 2022-04-01 12:55:00 +02:00
Tony Torralba
4cf0ebc5a8 Add change note 2022-04-01 12:43:27 +02:00
github-actions[bot]
ee746d20df Release preparation for version 2.8.5 2022-04-01 10:39:31 +00:00
github-actions[bot]
950519c884 Release preparation for version 2.8.5 2022-04-01 10:39:24 +00:00
Tony Torralba
cc9b16beff Fix wrong models of spring-web 2022-04-01 12:37:30 +02:00
Tony Torralba
3747aec144 Improve models of spring-beans 2022-04-01 12:37:22 +02:00
Chris Smowton
3b0bd3bc0f Improve wording 2022-04-01 11:31:31 +01:00
Chris Smowton
314bd20eb2 Merge pull request #711 from rverme/patch-1 
Address incorrectly referenced parameter in QLdoc
 2022-04-01 11:22:57 +01:00
Chris Smowton
81e60eb145 Add change note 2022-04-01 11:20:03 +01:00
Chris Smowton
99026a6071 Improve wording of isAdditionalFlow/TaintStep qldoc 2022-04-01 11:07:27 +01:00
Michael Nebel
5cb2bd9245 C#: Exclude IEquatable Equals implementations. 2022-04-01 11:39:41 +02:00
Michael Nebel
02a0cbf0f4 C#: Add test cases. 2022-04-01 11:32:10 +02:00
Michael Nebel
99bbca8c31 C#: Exclude overrides of Equals and GetHashCode in model generation. 2022-04-01 11:32:10 +02:00
Michael Nebel
f480ab9fd2 Merge pull request #8629 from michaelnebel/csharp/capturemodelmetadata 
C#: Improve query meta data.
 2022-04-01 10:40:05 +02:00
Jeroen Ketema
f2beb9eb2b Merge pull request #8622 from MathiasVP/fix-cpp-performance 
C++: Fix bad magic and bad join
 2022-04-01 09:51:16 +02:00
rverme
9b6dd60615 Address incorrectly reference parameter in QLdoc 
The qldoc of the predicate `isParameterOf` mentions the parameter `fd` that does not exists and is possible replaced by `c`
 2022-04-01 09:37:56 +02:00
Michael Nebel
c139850cd6 Merge pull request #8609 from michaelnebel/csharp/operatorsummaries 
C#: Operator flow
 2022-04-01 09:04:04 +02:00
Michael Nebel
01e57e90c9 C#: Fix query name for source model generation. 2022-04-01 08:54:35 +02:00
Harry Maclean
ae60d40511 Ruby: Fix typo in rb/insecure-dependency qhelp 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-04-01 15:35:53 +13:00
Harry Maclean
5814db19d5 Ruby: Fix bug in rb/insecure-dependency query 
Only look at the first component of strings for the prefix.

Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-04-01 15:35:21 +13:00
Harry Maclean
3d96c5e6db Ruby: Add test case for rb/insecure-dependency 
This tests that we recognise kwargs in hashrocket style:

    gem "foo", "1.2.3", :git => "..."

as well as the modern style:

    gem "foo", "1.2.3", git: "..."
 2022-04-01 15:30:07 +13:00
Chris Smowton
9309a652df Merge pull request #8493 from JLLeitschuh/feat/JLL/test_assertion_guard_preconditions 
[Java]: Add precondition support for testing library asserts
 2022-03-31 22:30:09 +01:00
Rasmus Wriedt Larsen
d2b03bb480 Python: Fix SimpleXmlRpcServer.ql 2022-03-31 20:37:28 +02:00
Rasmus Wriedt Larsen
4abab22066 Python: Promote XXE and XML-bomb queries 
Need to write a change-note as well, but will do that tomorrow
 2022-03-31 18:47:50 +02:00
Rasmus Wriedt Larsen
b8d3c5e96f Python: Remove last bits of experimental XML modeling 2022-03-31 18:40:26 +02:00
Rasmus Wriedt Larsen
5083023aa8 Python: Move XML parsing PoC 
Since the folder where it used to live is now empty otherwise :O
 2022-03-31 18:37:47 +02:00
Alex Ford
8b0ebbfecc Ruby: replace use of deprecated getStringOrSymbol() 2022-03-31 17:21:17 +01:00
Rasmus Wriedt Larsen
673220b231 Python: Minor cleanup of XmlParsingTest 2022-03-31 18:18:35 +02:00
Alex Ford
882f78c6f9 Merge remote-tracking branch 'origin/main' into ruby/weak-cryptographic-algorithm 2022-03-31 17:17:46 +01:00
Rasmus Wriedt Larsen
b4c0065aeb Python: Extend FileSystemAccess for xml.sax and xml.dom.* parsing 2022-03-31 18:08:47 +02:00
Rasmus Wriedt Larsen
1d7cec60ae Python: xml.sax.parse is not a method call 
And it's not possible to provide a parser argument either
 2022-03-31 17:50:23 +02:00
Rasmus Wriedt Larsen
e11269715d Python: Promote xml.sax and xml.dom.* modeling 2022-03-31 17:44:00 +02:00
Rasmus Wriedt Larsen
05bb0ef976 Python: Align xml.etree.ElementTree modeling 
I didn't find a good way to actually share the stuff, so we kinda just
have 2 things that look very similar :|
 2022-03-31 17:24:16 +02:00
Rasmus Wriedt Larsen
70b3eecdd5 Python: Merge xml.etree.ElementTree models 
I forgot about the existing ones when I promoted it
 2022-03-31 17:13:11 +02:00
Alex Ford
2b66dfa93e Ruby: replace a range field with instanceof 2022-03-31 15:39:11 +01:00
Chris Smowton
9bcf466aa8 Accept expected test result improvement 2022-03-31 15:19:08 +01:00
Stephan Brandauer
2cbb25acaa another review fix 2022-03-31 16:04:04 +02:00
Erik Krogh Kristensen
06fdaacd82 just look at the field name in the "detect uses of the field in an inbetween class"-check 2022-03-31 15:30:56 +02:00
Erik Krogh Kristensen
fa651d2f60 remove the override restriction from ql/unused-field 2022-03-31 15:30:19 +02:00
Chris Smowton
2829770003 Autoformat and fix typo 2022-03-31 14:11:09 +01:00
Michael Nebel
2edd6d72c0 C#: Improve query meta data. 2022-03-31 14:56:23 +02:00
Anders Schack-Mulligen
f1ec2e3260 Merge pull request #8426 from atorralba/atorralba/missing-severities 
Java: Add missing security-severity scores
 2022-03-31 14:53:47 +02:00
Chris Smowton
fa8791f1d5 Merge pull request #8620 from jketema/doc-typo-fix 
CLI docs: make the running text match the example
 2022-03-31 12:36:51 +01:00
Anders Schack-Mulligen
8d9ce5fb4c Merge pull request #8625 from aschackmull/java/qldoc-casing-fix 
Java: Fix acronym casing in qldoc referring to Java class names.
 2022-03-31 13:33:11 +02:00