hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 14:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cornelius Riemenschneider
7aa3d0fd26 Merge pull request #9091 from github/criemen/dotnet-lua-tracing-config 
C#: Port the existing compiler-tracing.spec files to Lua.
 2022-05-10 10:54:20 +02:00
Anders Schack-Mulligen
f85e06c2e4 Dataflow: Sync. 2022-05-10 10:12:39 +02:00
Cornelius Riemenschneider
40503aa368 Address review. 2022-05-10 08:06:25 +00:00
Harry Maclean
a6cab022f6 Ruby: Add missing import 2022-05-10 17:32:01 +12:00
Harry Maclean
7b63493fa9 Ruby: Fix identification IO.open args 2022-05-10 17:32:00 +12:00
Harry Maclean
79c6dc1af0 Refactor IO/File modelling 
The main goal here is to get rid of the duplicate definitions of module
`IO`, which currently exist in both `frameworks/core/IO.qll` and
`frameworks/Files.qll`.

We do this by moving the classes inside `Files::IO` to `core/IO.qll`,
but moving most of the actual definitions of those classes to an
internal module `core.internal.FileOrIO`. This means both `Files.qll`
and `IO.qll` can depend on them without leaking them to end users.
 2022-05-10 17:32:00 +12:00
Harry Maclean
2d12ad6238 Ruby: Model IO.popen 
This method is very similar to `Kernel.system`: it executes its
arguments as a system command in various ways.
 2022-05-10 17:32:00 +12:00
yoff
b6605bc330 Merge pull request #8634 from RasmusWL/promote-xxe 
Python: Promote XXE and XML-bomb queries
 2022-05-09 21:54:55 +02:00
Rasmus Lerchedahl Petersen
1c7e533144 python: format 2022-05-09 21:22:27 +02:00
Erik Krogh Kristensen
e80ee46fe4 add model for the cash library 2022-05-09 21:01:07 +02:00
Mathias Vorreiter Pedersen
66ca01a717 Merge pull request #9094 from redsun82/swift-codegen-predicate-properties 
Swift codegen: add predicate properties
 2022-05-09 17:17:10 +01:00
luchua-bc
75e7148912 Standardize the query and update qldoc 2022-05-09 16:10:11 +00:00
Paolo Tranquilli
c08e6fdc1e Swift codegen: add predicate properties 
Properties marked with `predicate` in the schema are now accepted.

* in the dbscheme, they will translate to a table with a single `id`
  column (and the table name will not be pluralized)
* in C++ classes, they will translate to `bool` fields
* in QL classes, they will translate to predicates

Closes https://github.com/github/codeql-c-team/issues/1016
 2022-05-09 17:50:49 +02:00
Paolo Tranquilli
effa9ee207 Merge pull request #9034 from redsun82/swift-cpp-gen 
Swift: add structured C++ generated classes
 2022-05-09 17:49:23 +02:00
Geoffrey White
265500faa8 Merge pull request #8800 from geoffw0/unsafeput 
C++: Add a test for experimental query NoCheckBeforeUnsafePutUser.ql.
 2022-05-09 16:20:19 +01:00
Rasmus Lerchedahl Petersen
2a5908ff49 python: require all settings be vulnerable 
at least all thos not in tests
 2022-05-09 17:08:49 +02:00
Cornelius Riemenschneider
bf0e32ae82 C#: Port the existing compiler-tracing.spec files to Lua. 2022-05-09 14:45:34 +00:00
Rasmus Wriedt Larsen
4a6789182d Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-09 16:37:12 +02:00
Anders Schack-Mulligen
135d7f6e32 Dataflow: Prune more cons-candidates. 2022-05-09 16:21:12 +02:00
Anders Schack-Mulligen
1b0e9d5cd7 Dataflow: Fix join order in nodeMayUseSummary. 2022-05-09 16:21:12 +02:00
Henry Mercer
3c4715928e Merge pull request #9083 from github/henrymercer/fetch-codeql-with-gh-cli 
Actions: Fetch CodeQL CLI using `gh` rather than third-party Action
 2022-05-09 14:40:29 +01:00
Anders Schack-Mulligen
f24364d951 Merge pull request #9045 from hvitved/dataflow/subpaths-perf-take2 
Data flow: Speedup `subpaths` predicate (take 2)
 2022-05-09 15:39:11 +02:00
Henry Mercer
71d1069a0a Fix typo 2022-05-09 14:31:05 +01:00
Henry Mercer
198c96982c Add a comment to explain the unusual Action path 2022-05-09 14:30:41 +01:00
CodeQL CI
e099b94cc4 Merge pull request #9081 from asgerf/js/global-step-refactor 
Approved by erik-krogh
 2022-05-09 06:30:37 -07:00
ihsinme
a7c69ba6ab create new branchihsinme-patch-87 in fork 2022-05-09 13:15:27 +00:00
ihsinme
09cd168197 create new branchihsinme-patch-88 in fork 2022-05-09 13:05:06 +00:00
Rasmus Wriedt Larsen
c218162104 Merge branch 'main' into pypam 2022-05-09 14:20:05 +02:00
Rasmus Wriedt Larsen
ab1252d196 Python: Add @precision high for py/pam-auth-bypass 2022-05-09 14:19:40 +02:00
Geoffrey White
85cc9b8901 C++: Use getClassAndName. 2022-05-09 13:06:44 +01:00
Geoffrey White
28dca3fa9f Merge pull request #8245 from ihsinme/ihsinme-patch-67 
CPP: Add query for CWE-476: NULL Pointer Dereference when using exception handling blocks
 2022-05-09 12:26:20 +01:00
Geoffrey White
9709c2fa94 C++: Use compliant PascalCase / make the checks happy. 2022-05-09 11:58:57 +01:00
Henry Mercer
804ca3e1a7 Actions: Fetch CodeQL CLI using gh rather than third-party Action 2022-05-09 11:42:01 +01:00
Erik Krogh Kristensen
fc1ab06c1c autoformat 2022-05-09 12:39:38 +02:00
Erik Krogh Kristensen
53b26eba17 Merge pull request #8724 from erik-krogh/postMessage 
JS: promote the `js/missing-origin-verification` query
 2022-05-09 12:28:58 +02:00
Erik Krogh Kristensen
fe1e47bc17 Merge pull request #8710 from bananabr/dragAndDrop 
JS: drag and drop API Xss sources
 2022-05-09 12:22:28 +02:00
Erik Krogh Kristensen
611a412f2a Merge pull request #8990 from bananabr/selection 
JS: Selection API DOM text source
 2022-05-09 12:22:18 +02:00
Paolo Tranquilli
93f8b6b29d Swift: add missing trap_affix 2022-05-09 12:20:22 +02:00
Paolo Tranquilli
20317a280b Swift: make width fields unsigned 2022-05-09 12:19:52 +02:00
thibaut hansmann
f3f2e59472 C/C++ : Fix remove the useless variable 2022-05-09 12:01:42 +02:00
Asger F
88b5bbe024 JS: Update test expectation 2022-05-09 11:55:07 +02:00
Rasmus Wriedt Larsen
de05b108fa Python: Fix singleton set 2022-05-09 11:01:13 +02:00
Rasmus Wriedt Larsen
36349222a9 Python: Fix casing of XMLDomParsing 2022-05-09 11:00:25 +02:00
Rasmus Wriedt Larsen
f22bd039f3 Python: Slight refactor of LxmlParsing 2022-05-09 10:56:39 +02:00
Rasmus Wriedt Larsen
f5854f33da Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-09 10:53:25 +02:00
Michael Nebel
9a45949e8c Merge pull request #9044 from michaelnebel/csharp/flowsummariestest 
C#: Flow summaries test should print, whether a summary is generated or not.
 2022-05-09 10:06:19 +02:00
Michael Nebel
1401e7ddb3 Merge pull request #8855 from michaelnebel/csharp/singlereadstore 
C#: Only allow two read and two store steps in model capturing.
 2022-05-09 10:05:53 +02:00
Paolo Tranquilli
9c5b2d7e9d Swift: tweaks for use in the PoC branch 2022-05-09 09:46:47 +02:00
Paolo Tranquilli
918ba1b1fc Swift: make generator.run accept options 2022-05-09 09:34:49 +02:00
AlexDenisov
c21849bb2e Merge pull request #9015 from redsun82/swift-enable-dynamic-library 
Swift: enable dynamic mode
 2022-05-09 09:15:37 +02:00