hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,684 Branches 159 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
a5dc4f430c Python: Expand test-filter tests 
With no virtual environment enabled, none of the third-party library
test case are found.
 2022-05-30 14:11:50 +02:00
Mathias Vorreiter Pedersen
ef31aec29e Swift: Autoformat. 2022-05-30 12:58:12 +01:00
Michael Nebel
61151d8980 Java: Update workflows and scripts usages to only generate summaries and sinks. 2022-05-30 13:53:44 +02:00
Mathias Vorreiter Pedersen
425d66e454 Update swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll 2022-05-30 12:52:48 +01:00
Mathias Vorreiter Pedersen
2106d48785 Swift: Add 'Argument.getIndex()' and use it in 'DataFlowDispatch'. 2022-05-30 12:51:29 +01:00
Mathias Vorreiter Pedersen
0d8a9458c6 Merge branch 'main' into rdmarsh2/swift/dataflow-global-flow 2022-05-30 12:46:06 +01:00
yoff
cd46f31cba Merge branch 'main' into py/CsvInjection 2022-05-30 13:41:31 +02:00
Michael Nebel
72dd1a6ec9 Java: Generate models without sources. 2022-05-30 13:40:14 +02:00
Rasmus Wriedt Larsen
7a6646dcaf Merge pull request #8883 from erik-krogh/pyMaD 
Python: add MaD implementation
 2022-05-30 13:31:07 +02:00
Michael Nebel
a0ae8b3a97 Merge pull request #9361 from michaelnebel/java/capturemodels-metadata 
Java: Update capture models meta data.
 2022-05-30 13:22:09 +02:00
Asger F
5f42866de3 Merge pull request #9318 from asgerf/js/type-confusion-parmaeter-tampering-barrier 
JS: Fix FP in js/type-confusion-through-parameter-tampering
 2022-05-30 12:52:37 +02:00
Erik Krogh Kristensen
b700972e6f fix bad join in XmlParers::getAResult 2022-05-30 12:37:51 +02:00
Max Schaefer
820dfac48c Manually write out a transitive closure. 2022-05-30 12:37:50 +02:00
Max Schaefer
ea70aaff57 Improve detection of UMD modules. 
We previously required the `define` to appear directly as an expression statement, but there are common patterns where this is not the case.
 2022-05-30 12:37:50 +02:00
Max Schaefer
47e425a184 Improve inVoidContext to take conditional expressions into account. 2022-05-30 12:37:50 +02:00
Erik Krogh Kristensen
adb40f9360 Merge pull request #9289 from erik-krogh/es2022 
JS: Support the remaining of the finished ES2022 proposals
 2022-05-30 12:27:19 +02:00
Erik Krogh Kristensen
ab28b0a690 Merge pull request #9348 from erik-krogh/polyRegSyntax 
JS: use syntactically correct JS in poly-redos example
 2022-05-30 12:26:04 +02:00
Erik Krogh Kristensen
e557d8839b have the Instance token just be an alias for ReturnValue 2022-05-30 12:21:42 +02:00
Erik Krogh Kristensen
c7a8008897 Merge pull request #9235 from kaeluka/extractor-update-typescript-4_7 
JS: Update the extractor to use TypeScript 4.7
 2022-05-30 12:02:06 +02:00
Erik Krogh Kristensen
63e637503d rewrite js/sensitive-get-query to use routing trees 2022-05-30 11:55:09 +02:00
Chris Smowton
49d9d8e7d6 Remove unused imports 2022-05-30 09:59:11 +01:00
Chris Smowton
2f436c800b Merge pull request #9357 from smowton/smowton/fix/extension-properties-backing-fields 
Kotlin: Disambiguate the names and trap labels of backing fields of extension properties
 2022-05-30 09:55:02 +01:00
Asger F
cc42f2f824 Merge pull request #8606 from asgerf/js/api-graph-api 
JS/Python/Ruby: Document how API graphs should be interpreted
 2022-05-30 10:49:14 +02:00
Michael Nebel
815dff338d Java: Update capture models meta data. 2022-05-30 09:44:39 +02:00
Michael Nebel
6a4a4cbbe4 Java: Re-generate commons-io models. 2022-05-30 08:16:58 +02:00
Michael Nebel
48da8dde6f Java: Do not derive new write-file sinks. 2022-05-30 08:16:58 +02:00
Michael Nebel
ad4d8304ed Java: Update hand written summary for writeLines as the generated one will be ignored. 2022-05-30 08:16:58 +02:00
Michael Nebel
7e5dd7a065 Java: Manually prefix kind column with generated. 2022-05-30 08:16:58 +02:00
Michael Nebel
0f33c3188c Java: Re-arrange import pattern for generated models. 2022-05-30 08:16:58 +02:00
Michael Nebel
71bcae068e Java: Avoid generating new regex-use sinks. 2022-05-30 08:16:58 +02:00
Michael Nebel
ff928bbb45 Java: Update commons-io SHA for model regeneration. 2022-05-30 08:16:58 +02:00
Michael Nebel
7d171f86ea Merge pull request #9335 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-05-29 13:33:10 +02:00
github-actions[bot]
31c91a6faa Add changed framework coverage reports 2022-05-29 00:16:56 +00:00
thiggy1342
09f082081f Simple tests passing 2022-05-28 23:29:58 +00:00
thiggy1342
39baadbdd2 test ql packs must be in the security directory 2022-05-28 23:19:32 +00:00
Adam Thigpen
52ac93b82e adding skeleton for experimental unit tests 2022-05-28 15:14:42 -04:00
Adam Thigpen
a37443106b reduce false positives with some sanitizers 2022-05-28 15:14:42 -04:00
Adam Thigpen
2bf160c008 initial draft of decompression-api query 2022-05-28 15:14:32 -04:00
Chris Smowton
6ea87cd718 Accept test changes 2022-05-27 22:05:57 +01:00
Mathias Vorreiter Pedersen
7c25063f7f Merge branch 'main' into swift-decls-in-cfg 2022-05-27 17:56:58 +01:00
Mathias Vorreiter Pedersen
c734646099 Swift: Accept test changes. 2022-05-27 17:42:51 +01:00
Mathias Vorreiter Pedersen
6d5504412a Swift: Only create a 'ThrowCompletion' for functions that actually can throw. 2022-05-27 17:42:51 +01:00
Henry Mercer
013b4c8768 Swift: Update mention of manifest file in docs 2022-05-27 17:31:47 +01:00
Andrew Eisenberg
ce2bf8477c Update codeql-workspace.yml 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-05-27 17:31:47 +01:00
Andrew Eisenberg
a82fea59e9 Add comment to codeql-workspace.yml 2022-05-27 17:31:47 +01:00
Andrew Eisenberg
7ab3a418be Convert .codeqlmanifest.json to codeql-workspace.yml 
The semantics are the same, except one is json, the other is
yaml.
 2022-05-27 17:31:47 +01:00
Mathias Vorreiter Pedersen
b9809b4219 Swift: CFG for opening existentials. 2022-05-27 17:29:22 +01:00
Mathias Vorreiter Pedersen
02c73d3c1c Swift: Fix implicit-this alert. 2022-05-27 17:25:56 +01:00
Chris Smowton
9ea139566d Disambiguate the names and trap labels of backing fields of extension properties 2022-05-27 16:27:48 +01:00
Chris Smowton
6eb2935469 Merge pull request #9220 from smowton/smowton/fix/promoted-companion-object-fields 
Associate certain companion object fields with the parent class
 2022-05-27 16:19:10 +01:00