hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-14 22:21:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,690 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
b0a237bcc1 fix qlpack version string 2021-10-12 11:01:18 +00:00
Erik Krogh Kristensen
d6d626e932 QL: fix qlpack version string 2021-10-12 11:01:18 +00:00
hubwriter
516674697b Fix one-word typo 2021-10-12 11:30:02 +01:00
Chris Smowton
c6b9db37be Merge pull request #581 from github/RasmusWL/normalize-qlpack 
Packaging: Normalize src/qlpack.yml
 2021-10-12 11:02:18 +01:00
Alex Ford
f870c38e4c enable actions workflows for rc branches 2021-10-12 10:47:27 +01:00
Alex Ford
48f3d48a11 add some test cases for checking against spurious flow into ERB templates 2021-10-12 10:37:22 +01:00
Arthur Baars
2a7f3fbfaf Add upgrade script 2021-10-12 11:36:10 +02:00
Shati Patel
1c3239972c Merge pull request #6854 from shati-patel/packaging-beta-note 
Docs: Update beta note for packaging
 2021-10-12 10:33:59 +01:00
Taus
75c4d6a8a0 Merge pull request #6650 from yoff/python-dataflow/init-time 
Python: Import time dataflow
 2021-10-12 11:31:03 +02:00
Rasmus Lerchedahl Petersen
61008fd3d0 Merge branch 'main' of github.com:github/codeql into python/promote-regex-injection 2021-10-12 11:28:12 +02:00
Rasmus Lerchedahl Petersen
b093aaaf27 Python: switch to type tracking 
for tracking compiled regexes
 2021-10-12 11:23:27 +02:00
yoff
43f7eede0b Merge pull request #6182 from haby0/python/LogInjection 
Python: CWE-117 Log injection
 2021-10-12 10:54:45 +02:00
yoff
c007c9460c Merge pull request #6843 from RasmusWL/dataflow-bool-expr 
Python: Add data-flow for `x or y` and `x and y`
 2021-10-12 10:40:54 +02:00
Rasmus Lerchedahl Petersen
f34d1ee997 Python: Update test expectation following rename 2021-10-12 10:36:18 +02:00
Tom Hvitved
97bbb12e06 Merge pull request #6838 from hvitved/csharp/enumerate-files-dir-not-found 
C#: Make `GetCSharpArgsLogs` robust against log directory not existing
 2021-10-12 10:00:27 +02:00
haby0
d52f95d24d Auto Formatting 2021-10-12 09:36:44 +08:00
Nick Rolfe
8e14b6582d Remove unused predicate 2021-10-11 18:15:41 +01:00
Mathias Vorreiter Pedersen
df8c399efb Merge pull request #6710 from ihsinme/ihsinme-patch-70 
CPP: Add query for CWE-1041 Use of Redundant Code
 2021-10-11 17:17:01 +01:00
Alex Ford
7270fe0ee7 slightly limit viable template files from render calls 2021-10-11 17:12:08 +01:00
Alex Ford
cdfee1f27d better RenderCall#getTemplateFile performance and accuracy 2021-10-11 16:46:10 +01:00
ihsinme
4334acb6f2 Update FindWrapperFunctions.qhelp 2021-10-11 18:40:03 +03:00
Tony Torralba
a8aa8e3bb4 Use InlineExpectationsTest directly 2021-10-11 16:38:20 +02:00
yoff
0629ce00de Merge pull request #6214 from haby0/python/ClientSuppliedIpUsedInSecurityCheck 
[Python] CWE-348:  Client supplied ip used in security check
 2021-10-11 16:38:04 +02:00
Geoffrey White
ac6acfb660 C++: Use data flow. 2021-10-11 15:36:00 +01:00
Owen Mansel-Chan
058a04f756 Merge pull request #6795 from owen-mc/inline-expectation-test-trivial-change 
Change class name in InlineExpectationTest to avoid clash
 2021-10-11 15:35:17 +01:00
shati-patel
c7fbddce54 Docs: Update beta note for packaging 2021-10-11 15:02:25 +01:00
Rasmus Wriedt Larsen
bca1cb141c Packaging: Normalize src/qlpack.yml 
Port of 4) from https://github.com/github/codeql/pull/6605

> Dependencies from query packs to other packs are always "*" since
these dependencies are always from source and we should get the
latest.

Compare with [C++ change](https://github.com/github/codeql/pull/6605/files#diff-0236560ca1b9c19eb7c74d8bfecd1c78005e762122f8bcdaee9eb9b20460bf9c).
 2021-10-11 14:36:14 +02:00
Rasmus Wriedt Larsen
c7196916aa Packaging: Normalize src/qlpack.yml 
Port of 4) from https://github.com/github/codeql/pull/6605

> Dependencies from query packs to other packs are always "*" since
these dependencies are always from source and we should get the
latest.

Compare with [C++ change](https://github.com/github/codeql/pull/6605/files#diff-0236560ca1b9c19eb7c74d8bfecd1c78005e762122f8bcdaee9eb9b20460bf9c).
 2021-10-11 14:36:12 +02:00
Marcono1234
ba0dbd5871 Java: Improve IncorrectSerializableMethods.ql; address review comments 2021-10-11 14:29:10 +02:00
Rasmus Lerchedahl Petersen
19f6cc00c8 Python: rewrite import time test 2021-10-11 14:28:25 +02:00
yoff
5aee715931 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-10-11 13:00:21 +02:00
Arthur Baars
fac4df203a Update tree-sitter-ruby 2021-10-11 12:53:16 +02:00
Tom Hvitved
98d1ee5178 API graphs: Avoid non-linear recursion 2021-10-11 12:01:33 +02:00
Tom Hvitved
68ea3e7b49 Data flow: Add debugging predicates for rendering data flow graphs for summarized callables 2021-10-11 11:29:08 +02:00
Tom Hvitved
d5955f1ae1 Java: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
Tom Hvitved
30bf2aade4 C#: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
Tom Hvitved
61973c399e C#: Make GetCSharpArgsLogs robust against log directory not existing 2021-10-11 11:28:49 +02:00
Tom Hvitved
c75e2d306d Merge pull request #6852 from hvitved/csharp/interpret-element0-bad-magic 
C#: Avoid bad magic in `interpretElement0`
 2021-10-11 11:27:35 +02:00
haby0
c2d0fcfbe6 Update python/ql/test/experimental/query-tests/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 16:46:02 +08:00
haby0
29ddc76e2f Update python/ql/test/experimental/query-tests/Security/CWE-117/LogInjection.expected 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 16:43:30 +08:00
Rasmus Wriedt Larsen
8444388ec7 Python: Update .expected 2021-10-11 09:48:56 +02:00
Rasmus Wriedt Larsen
1552c108b0 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 09:34:15 +02:00
Tom Hvitved
b05d76a131 C#: Avoid bad magic in interpretElement0 2021-10-11 09:30:52 +02:00
Tony Torralba
0919746f1a Merge pull request #6844 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-11 09:25:46 +02:00
github-actions[bot]
ea0a0522a7 Add changed framework coverage reports 2021-10-11 00:08:32 +00:00
Marcono1234
a7670fbcab Java: Enhance IncorrectSerializableMethods.ql 2021-10-11 02:05:53 +02:00
Marcono1234
12936ff5fe Java: Fix IncorrectSerializableMethods.ql using wrong readObject signature 2021-10-11 02:05:53 +02:00
Marcono1234
b009886664 Java: Add TypeObjectInputStream 2021-10-11 02:05:50 +02:00
Marcono1234
a74d423d82 Java: Improve AnnotationPresentCheck.ql 2021-10-11 01:03:46 +02:00
Rasmus Lerchedahl Petersen
64b1aeaecd Python: Shorten toString for module vars 2021-10-10 15:59:31 +02:00