hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 18:21:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
8bdbaf4b57 C++: Autoformat. 2022-01-20 09:52:24 +00:00
CodeQL CI
cfa670c123 Merge pull request #7651 from erik-krogh/CWE-471 
Approved by asgerf, esbena
 2022-01-20 01:47:39 -08:00
Tom Hvitved
a1cdf256ad Merge pull request #7667 from github/release-prep/2.7.6 
Release preparation for version 2.7.6
codeql-cli/v2.7.6 		2022-01-20 10:45:17 +01:00
Tom Hvitved
8c00d3e643 Merge pull request #669 from github/release-prep/2.7.6 
Release preparation for version 2.7.6
 2022-01-20 10:45:00 +01:00
Erik Krogh Kristensen
4e8e3a7420 simplify expressions that could be type-casts 2022-01-20 10:41:35 +01:00
Benjamin Muskalla
2748bbffa3 Merge pull request #7656 from bmuskalla/excludeMainLoggingGenerator 
Java: Exclude irrelevant rows from models
 2022-01-20 10:40:51 +01:00
Tony Torralba
967308fbfd Change InsecureTrustManagerConfiguration to DataFlow 2022-01-20 10:24:47 +01:00
mc
c105d71952 Update InsecureTrustManager.qhelp 
Fixed typos and carried out and editorial review
 2022-01-20 10:24:46 +01:00
Tony Torralba
7a1a45f5f9 QLDoc 2022-01-20 10:24:46 +01:00
Tony Torralba
77c2b43560 Add change note and severity score 2022-01-20 10:24:43 +01:00
Michael Nebel
76a0853f5b C#: Add struct declaration and update line numbers for the existing test cases. 2022-01-20 10:23:57 +01:00
Tony Torralba
d58bb4753e Refactor tests 2022-01-20 10:23:19 +01:00
Tony Torralba
ab4dc30f54 Refactor into libraries 2022-01-20 10:23:18 +01:00
Tony Torralba
7cd05fb685 Move from experimental 2022-01-20 10:23:18 +01:00
Erik Krogh Kristensen
6e9771fbf6 QL: make FieldAccess::getDeclaration return a FieldDecl 2022-01-20 09:59:45 +01:00
Michael Nebel
7d7ab58108 C#: Add flow test for record struct fields. 2022-01-20 09:58:02 +01:00
Michael Nebel
210bad6c29 C#: Add test case for with expressions for record structs, structs and anonymous types. 2022-01-20 09:58:02 +01:00
Michael Nebel
fc7f642734 C#: With expression examples for record structs, structs and anonymous types. 2022-01-20 09:58:02 +01:00
Michael Nebel
858aec3839 C#: Add test for source of the struct parameterless constructor(s). 2022-01-20 09:58:02 +01:00
Michael Nebel
073d2f2c75 C#: Add some example struct types, including one with a default constructor declarations. 2022-01-20 09:58:01 +01:00
Michael Nebel
547f492be0 Merge pull request #7577 from michaelnebel/csharp/line-pragma 
C#: Make support for Line span pragma
 2022-01-20 09:51:57 +01:00
Erik Krogh Kristensen
708c18d4c2 QL: update the name of the consistency query to make code-scanning alerts more clear 2022-01-20 09:41:13 +01:00
Erik Krogh Kristensen
b8f1fb3954 JS: fix ql/field-only-used-in-charpred within JavaScript 2022-01-20 09:41:13 +01:00
Erik Krogh Kristensen
3d3c6875a6 QL: add query detecting fields that are only used within the charpred 2022-01-20 09:41:10 +01:00
github-actions[bot]
4ce8ccc52b Release preparation for version 2.7.6 2022-01-20 08:21:18 +00:00
github-actions[bot]
1e5721b9b9 Release preparation for version 2.7.6 2022-01-20 08:21:09 +00:00
Harry Maclean
5dcee6ba27 Ruby: Add File.open as a FileSystemAccess 2022-01-20 21:09:41 +13:00
Rasmus Lerchedahl Petersen
32cbeae05f python: missing start tag for relation 2022-01-20 08:56:12 +01:00
Rasmus Lerchedahl Petersen
d10ad3bdd4 python: update stats for tables 2022-01-20 08:42:32 +01:00
Harry Maclean
6bae03a7cc Ruby: Update string const barrier guard 
This change recognises guards like `FOO.include?`, where `FOO` is an array
constant.
 2022-01-20 17:34:12 +13:00
Harry Maclean
13a0ece25c Ruby: Add test case: array constant barrier guard 
This guard isn't yet recognised as a `StringConstArrayInclusionCall`.
 2022-01-20 17:07:01 +13:00
Owen Mansel-Chan
bfae3fdf97 Merge pull request #665 from owen-mc/update-function-get-a-call 
Update `Function.getACall()`
 2022-01-19 23:36:20 +00:00
Andrew Eisenberg
95355b5854 Docs: Add back removed section on getting started 
Adds a second getting started, specifically for checking out the
codeql repo as a way to get the core queries.

This ensures that people wanting to work in the traditional way still
have the old docs available.
 2022-01-19 13:36:57 -08:00
Jonathan Leitschuh
23548c50e1 Fix typo in FileWritable 2022-01-19 16:14:38 -05:00
Chris Smowton
5a2a15c9da Merge pull request #668 from github/smowton/fix/no-pack-install-verify 
Don't use codeql pack install --verify
 2022-01-19 20:01:42 +00:00
Tom Hvitved
70f4efb834 Merge pull request #7646 from hvitved/csharp/roslyn-tuple-elements-workaround 
C#: Workaround Roslyn bug in `INamedTypeSymbol.TupleElements`
 2022-01-19 19:54:29 +01:00
Chris Smowton
7f39b1e12c Don't use codeql pack install --verify 
This shouldn't fail, but currently does due to a bug and is unnecessary in any case.
 2022-01-19 18:40:05 +00:00
Tom Hvitved
128682b59e C#: Replace Argument[-1] with Argument[Qualifier] in all flow summaries 2022-01-19 18:54:24 +01:00
Rasmus Lerchedahl Petersen
7e9a9e3d9a python: remove compiler warnings 2022-01-19 18:01:58 +01:00
shati-patel
dc71ecef83 Docs: Mention packaging commands in CodeQL extension 2022-01-19 16:36:01 +00:00
Rasmus Wriedt Larsen
b9ee2960e2 Python: Add change-note 2022-01-19 17:24:53 +01:00
Rasmus Wriedt Larsen
aa10ad6a8a Python: Fix RegexInjection query, add old deprecated versions 2022-01-19 17:22:44 +01:00
Rasmus Wriedt Larsen
e82ea7ad17 Python: move regex injection configuration files 
I did not notice that these went to the wrong location in
https://github.com/github/codeql/pull/6693. They should be in the
dataflow folder with the rest of the data-flow configurations files, the
injection folder is for old points-to based modeling.
 2022-01-19 17:21:46 +01:00
Owen Mansel-Chan
4d1dcb3260 Remove first disjunct as it is a subset of second disjunct 2022-01-19 16:21:06 +00:00
Tom Hvitved
0990a1b404 C#: Get rid of negative parameter/argument data-flow positions 2022-01-19 17:14:37 +01:00
Tony Torralba
695e77a219 Simplify isSslSocket predicate 2022-01-19 17:01:28 +01:00
Mathias Vorreiter Pedersen
40c8881575 Merge pull request #7472 from erik-krogh/redundant-aggregate 
QL-for-QL: Add a could-be-cast query
 2022-01-19 15:48:00 +00:00
Henry Mercer
58b1a6fd40 Merge pull request #7655 from github/henrymercer/bump-atm-query-pack-v0.0.6 
JS: Bump ML-powered query packs to v0.0.6
 2022-01-19 15:44:55 +00:00
Tony Torralba
e442e50e6b Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-01-19 16:43:48 +01:00
Tony Torralba
101ad777e3 Move things around after rebase 2022-01-19 16:43:48 +01:00