hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 06:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
bda1c21562 BrokenCryptoAlgorithm block mode change notes 2022-05-16 15:49:19 +01:00
Paolo Tranquilli
9abb3f0066 Merge pull request #9172 from github/redsun82/swift-variant-in-label-store 
Swift: replace `getCanonicalPointer` with `std::variant`
 2022-05-16 16:21:47 +02:00
Paolo Tranquilli
16e3b5bfc4 Swift: make monostate explicit 2022-05-16 15:51:43 +02:00
Erik Krogh Kristensen
23981cb323 Merge pull request #7626 from erik-krogh/CWE-377 
JS: add query for detecting insecure temporary files
 2022-05-16 15:25:17 +02:00
Tamas Vajk
d4cf877259 Rework parent lookup in isUnspecialised 2022-05-16 14:59:28 +02:00
Geoffrey White
9f3fa1c45d C++: Consistent QLDoc. 2022-05-16 13:48:57 +01:00
Geoffrey White
b4a840e3ef C++: Make the checks happy. 2022-05-16 13:36:41 +01:00
Geoffrey White
9976825234 C++: Slightly more logical layout. 2022-05-16 12:51:04 +01:00
Geoffrey White
19d1578733 C++: Clean up. 2022-05-16 12:49:01 +01:00
Geoffrey White
b332659fcb C++: Split the XXE query into library files. 2022-05-16 12:41:41 +01:00
Geoffrey White
0ffd0b23ca C++: Create an XmlLibrary class to clean up the code in XXE.ql. 2022-05-16 12:17:20 +01:00
Tamas Vajk
8ebdaf1fc2 Kotlin: Fix parent class lookup from field initializers 2022-05-16 12:14:28 +02:00
Tamas Vajk
de133e80a9 Kotlin: add diagnostic test for 'Unexpected specialised instance of generic anonymous class' 2022-05-16 12:13:33 +02:00
Tom Hvitved
a9f6d203cd Merge pull request #8971 from aibaars/safe-nagivation 
Ruby: add safe navigation operator
 2022-05-16 10:53:56 +02:00
Tamas Vajk
47ec38c35a Kotlin: Exclude Kotlin files altogether from NullMaybe query 2022-05-16 10:52:20 +02:00
Mathias Vorreiter Pedersen
cee7aed81f Merge pull request #9142 from geoffw0/xxe8 
C++: Fixes some typos and increases the XXE query precision.
 2022-05-16 09:45:33 +01:00
Anders Schack-Mulligen
83f817ca45 Merge pull request #9134 from aschackmull/dataflow/perf-std-order 
Dataflow: Improve standard order through easier type check elimination.
 2022-05-16 10:05:17 +02:00
Paolo Tranquilli
1b9dcac2dd Swift: replace getCanonicalPointer with std::variant 
This turned out easier than expected previously. `llvm::PointerUnion`
was also considered, which would have less memory footprint, but it
would require more effort as it is lacking the same implicit conversions
and operators that `std::variant` provides.

Also renamed `ToTag<E>` to `TrapTagOf<E>` and introduced a derived
convenience functor `TrapLabelOf<E>`.
 2022-05-16 09:59:36 +02:00
Tamás Vajk
f7d2b2767c Merge pull request #9151 from tamasvajk/kotlin-comments-variables-1 
Kotlin: Handle variables as comment owners
 2022-05-16 09:32:19 +02:00
Tony Torralba
616b12d011 Merge pull request #8956 from atorralba/atorralba/intent-redirection-sanitizer-fix 
Java: Fix Intent Redirection sanitizer
 2022-05-16 09:21:04 +02:00
thibaut hansmann
e150a39fa0 C/C++ : fix name of cpp file + fix autoformat 2022-05-15 14:27:46 +02:00
ihsinme
f6ab338a16 Update DangerousUseSSL_shutdown.qhelp 2022-05-15 12:26:05 +03:00
Chris Smowton
ae83190629 Merge pull request #9164 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-05-14 08:44:37 +01:00
github-actions[bot]
1d39726604 Add changed framework coverage reports 2022-05-14 00:19:04 +00:00
Alex Ford
66736ebd9d sync CryptoAlgorithmNames.qll (remove isWeakBlockMode predicate) 2022-05-13 21:26:01 +01:00
Chris Smowton
77461f7ad6 Merge pull request #730 from owen-mc/bugfix/build/go-mod-tidy 
Run `go mod tidy -e` before building
 2022-05-13 19:40:05 +01:00
Chris Smowton
32e294955a Merge pull request #734 from cokeBeer/main 
fix https://github.com/github/codeql/issues/9097
 2022-05-13 19:38:55 +01:00
Chris Smowton
07c2f6e514 Merge pull request #9155 from smowton/smowton/fix/field-initializer-flow 
Kotlin: Fix initializer field flow by extracting field finality
 2022-05-13 18:41:55 +01:00
Chris Smowton
305ddb2169 Accept test changes 2022-05-13 17:44:26 +01:00
Chris Smowton
fbdd5a13c5 Autoformat 2022-05-13 17:40:58 +01:00
Chris Smowton
c76a774e35 Accept test changes 2022-05-13 17:40:58 +01:00
Chris Smowton
498d3700bd Update java/ql/test/kotlin/library-tests/field-initializer-flow/test.ql 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-05-13 17:40:58 +01:00
Chris Smowton
81baca2c17 Fix initializer field flow by extracting field finality 2022-05-13 17:40:58 +01:00
Chris Smowton
2930bd4cc2 Only attempt go.mod updating if go >= 1.16 
Prior to this (a) Go will attempt to update go.mod/sum anyhow, and (b) the `mod tidy -e` option isn't available.
 2022-05-13 17:32:00 +01:00
AlexDenisov
eacb9f1dba Merge pull request #9144 from github/alexdenisov/introduce-visitors 
Swift: Introduce visitors
 2022-05-13 17:57:47 +02:00
cokeBeer
7f21c0c3b7 fix format 2022-05-13 23:36:50 +08:00
Alex Ford
bc073eb460 python: update py/weak-cryptographic-algorithm to flag use of ECB block mode 2022-05-13 16:32:36 +01:00
Alex Ford
da135448a2 python: update tests for CryptographicOperation#getBlockMode 2022-05-13 16:32:36 +01:00
Alex Ford
9f2c59cd6d python: implement getBlockMode for CryptographicOperations 2022-05-13 16:32:36 +01:00
Alex Ford
03e34e071a ruby: inline expectations tests for CryptographicOperation concept 2022-05-13 16:32:36 +01:00
Alex Ford
4752c45fe5 ruby: update rb/weak-cryptographic-algorithm to specify the block mode if appropriate 2022-05-13 16:32:30 +01:00
Ian Lynagh
7ef9a19085 Merge pull request #9131 from github/igfoo/capture_output 
Kotlin: Don't use capture_output or text
 2022-05-13 15:59:14 +01:00
Tony Torralba
168a184602 Merge pull request #9127 from atorralba/atorralba/sensitive-info-log-improvs 
Java: Sensitive Info Log query improvements
 2022-05-13 16:57:32 +02:00
Alex Denisov
1b75034634 Swift: simplify CRTP monkey-patching 2022-05-13 16:54:15 +02:00
Alex Denisov
f857cd11c4 Swift: add comments about SwiftDispatcher lifetime 2022-05-13 16:47:45 +02:00
Ian Lynagh
153fd3a221 Kotlin: Fix diagnostics test 2022-05-13 15:36:30 +01:00
Ian Lynagh
98b0463e09 Kotlin: Accept test output 2022-05-13 15:36:30 +01:00
Ian Lynagh
b94597568a Kotlin: Write the log file as Line-delimited JSON 2022-05-13 15:36:30 +01:00
Ian Lynagh
3ae5e1a5f7 Kotlin: Add a LogMessage class 2022-05-13 15:36:30 +01:00
Alex Ford
46bb247da9 ruby: add BlockMode concept 2022-05-13 15:33:20 +01:00