hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-24 11:52:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,686 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
366c574308 Python: Move import logic into its own module 2022-09-08 14:52:08 +00:00
Ed Minnix
59909751ae Change allowBackup tests to use qlref test format 
Due to some limitations of comments in XML, it is simpler to implement
the `android:allowBackup` tests using the qlref/expectations test format.
 2022-09-08 10:34:17 -04:00
Ed Minnix
e69a8269ad Move CleartextStorage test files into separate dir 
Move the files for the CleartextStorage tests into their own directory
to avoid issues with extraction
 2022-09-08 10:33:05 -04:00
Mathias Vorreiter Pedersen
594c40a375 Merge pull request #10355 from MathiasVP/fix-unequalIntegralSsa-standard-order 
C++: Avoid bad standard order in range analysis
 2022-09-08 14:58:44 +01:00
erik-krogh
88f295fbb1 make a shared library of the typo database 2022-09-08 15:49:43 +02:00
Tom Hvitved
b3653cc3d0 Merge pull request #10216 from hvitved/ssa/shared-lib 
SSA: Create a new `codeql/shared-ssa` library pack and move implementation there
 2022-09-08 15:39:29 +02:00
Tom Hvitved
e3948e6683 Merge pull request #10354 from hvitved/ruby/convert-flow-test 
Ruby: Convert data-flow test to use inline test expectations
 2022-09-08 15:20:58 +02:00
erik-krogh
a21a4275f3 add taint-step in js/insecure-randomness for selecting a random element 2022-09-08 15:00:00 +02:00
Mathias Vorreiter Pedersen
f119b50c2f C++: Predicate factoring to prevent a bad standard order. 2022-09-08 13:55:27 +01:00
Ian Lynagh
12ca801ecf Merge pull request #10350 from github/release-prep/2.10.5 
Release preparation for version 2.10.5
codeql-cli/v2.10.5 		2022-09-08 13:38:47 +01:00
Tom Hvitved
46127f9f59 Ruby: Convert data-flow test to use inline test expectations 2022-09-08 14:32:21 +02:00
Tamas Vajk
824ba6ed2a Kotlin: Catch exception thrown by kotlinc 2022-09-08 14:09:18 +02:00
github-actions[bot]
a9d80a5a48 Release preparation for version 2.10.5 2022-09-08 11:35:54 +00:00
erik-krogh
a35fe1ffab Merge branch 'main' into js-followMsg 2022-09-08 13:09:15 +02:00
Taus
8b8e74cc9a Merge pull request #10314 from RasmusWL/revert-alert-msgs-change 2022-09-08 13:00:47 +02:00
Asger F
df90b99b67 Merge pull request #10348 from RasmusWL/ruby-fix 
Ruby: Fix ActiveResource HTTP client request modeling
 2022-09-08 12:59:27 +02:00
Erik Krogh Kristensen
57bf92a70c Merge pull request #10347 from erik-krogh/mermaid 
JS: add a markdown step through the `mermaid` library
 2022-09-08 12:41:58 +02:00
Rasmus Wriedt Larsen
978c165cf4 Ruby: Fix ActiveResource HTTP client request modeling 
This was a conflict between the merge of
https://github.com/github/codeql/pull/9974 and
https://github.com/github/codeql/pull/10114
 2022-09-08 12:14:18 +02:00
Rasmus Wriedt Larsen
1d834799a2 Merge pull request #10114 from RasmusWL/shared-http-client-request 
Ruby/Python: Shared HTTP client request concept
 2022-09-08 11:58:06 +02:00
Jeroen Ketema
9a923d8239 Merge pull request #10311 from jketema/more-builtins 
C++: Support more builtin operations
 2022-09-08 11:55:22 +02:00
Ian Lynagh
b62193d4bf Merge pull request #10333 from igfoo/igfoo/extractStaticInitializer2 
Kotlin: Remove a cast from extractStaticInitializer
 2022-09-08 10:51:36 +01:00
Tamas Vajk
56ef1739a3 Kotlin: fix KFunctionX.invoke extraction 2022-09-08 10:49:10 +02:00
Tamas Vajk
fdf3488500 Kotlin: Add test with extraction error due to missing base class of KFunctionX 2022-09-08 10:49:01 +02:00
Alex Denisov
a8a2c9e212 Swift: CWE-757: update severity 2022-09-08 10:40:16 +02:00
Alex Denisov
d455a557be Swift: CWE-757: update docs and user facing text 2022-09-08 10:31:23 +02:00
Tom Hvitved
ac307137ad Merge pull request #10341 from hvitved/ruby/inline-getavaluereachablefromsource 
Ruby: Inline `getAValueReachableFromSource`
 2022-09-08 10:20:43 +02:00
Jeroen Ketema
6330be3902 C++: Update DB scheme stats file 2022-09-08 10:06:57 +02:00
Jeroen Ketema
04000be050 C++: Add DB scheme upgrade and downgrade scripts 2022-09-08 10:06:57 +02:00
Jeroen Ketema
1140d27bda C++: Add tests for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
2410321acf C++: Add change note for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
23b9b07f28 C++: Support more builtin operations 2022-09-08 10:06:57 +02:00
Alex Denisov
d18ad665b6 Swift: CWE-757: Insecure TLS configuration 2022-09-08 09:34:04 +02:00
Michael Nebel
e265b07a93 Merge pull request #10127 from michaelnebel/csharp/clearscontent 
C#: Replace clears content with CSV summaries.
 2022-09-08 09:26:08 +02:00
Erik Krogh Kristensen
9534f31eac Merge pull request #10343 from erik-krogh/spreadFunction 
JS: recognize calls to `Function` when spread arguments are used
 2022-09-08 09:25:10 +02:00
erik-krogh
0407198dd2 add a markdown step through the mermaid library 2022-09-08 09:23:45 +02:00
Tony Torralba
2681b3d032 Merge pull request #10345 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-09-08 09:15:21 +02:00
Asger F
ada72b865f Merge pull request #10332 from asgerf/js/type-confusion-bugfix 
JS: bugfixes in TypeThroughThroughParameterTampering
 2022-09-08 09:02:16 +02:00
Harry Maclean
30c9bea8b3 Merge pull request #9974 from hmac/hmac/active-resource 
Ruby: Model ActiveResource
 2022-09-08 07:44:59 +01:00
github-actions[bot]
7e72f53631 Add changed framework coverage reports 2022-09-08 00:21:30 +00:00
Mathias Vorreiter Pedersen
417b2152d8 Merge pull request #10319 from geoffw0/cleartextbarrier 2022-09-08 00:30:57 +01:00
erik-krogh
6447234428 recognize calls to Function where spread arguments are used 2022-09-07 22:55:51 +02:00
erik-krogh
e829387cdb add failing test for call the Function with a spread argument 2022-09-07 22:54:21 +02:00
Mathias Vorreiter Pedersen
7062263885 C++: Accept test changes. 2022-09-07 21:11:52 +01:00
Tom Hvitved
0070662072 Ruby: Inline getAValueReachableFromSource 2022-09-07 20:28:38 +02:00
Mathias Vorreiter Pedersen
a052614dbf C++: Two fixes to ensure we don't use getUniqueId in the new range analysis library. (1) don't use it to rank basic blocks, and (2) don't use it in 'toString' on bounds. 2022-09-07 18:45:43 +01:00
Ed Minnix
09b723fc6d Formatting fixes for allowBackup tests 2022-09-07 13:30:19 -04:00
Andrew Eisenberg
144a0455d8 Merge pull request #10146 from github/aeisenberg/remove-db-upgrades-doc 
Remove upgrade database docs
 2022-09-07 09:49:26 -07:00
Mathias Vorreiter Pedersen
76d433d4ee Merge pull request #9997 from rdmarsh2/rdmarsh2/cpp/product-flow 
C++: Experimental product flow library
 2022-09-07 17:34:39 +01:00
Ed Minnix
c69a2be976 Moved allowBackup query logic to allowsBackup pred 2022-09-07 12:08:25 -04:00
Ed Minnix
5206c792b0 Additional Unit tests for the allowBackup query 2022-09-07 12:07:48 -04:00