hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 16:04:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
b7d0d28ef9 Swift: QLDoc. 2022-12-01 14:23:03 +00:00
Geoffrey White
d64fd62194 Swift: resolve TODOs. 2022-12-01 14:18:24 +00:00
Asger F
eb9bee23a0 JS: Remove MkAsyncFunctionResult 2022-12-01 15:15:27 +01:00
Rasmus Wriedt Larsen
d47b3265c4 Python: Fix py/meta/points-to-call-graph 2022-12-01 14:56:10 +01:00
Michael Nebel
cd0d09d806 Java: Refactor to avoid using SummaryModelCsv. 2022-12-01 13:07:31 +01:00
Ian Lynagh
ef8e52a4b0 Merge pull request #11437 from igfoo/igfoo/NonSerializableField 
Kotlin: Enable java/non-serializable-field for Kotlin
 2022-12-01 11:01:15 +00:00
Paolo Tranquilli
4ac9c875f1 Merge pull request #11508 from github/redsun82/swift-frontend-invocations 
Swift: add `-merge-modules` to `frontend-invocations` test
 2022-12-01 11:26:58 +01:00
Rasmus Wriedt Larsen
e7264fb495 Merge pull request #11480 from RasmusWL/sink-meta-query 
Python: Add taint-sinks meta query
 2022-12-01 10:23:33 +01:00
Geoffrey White
8acc09b551 Swift: Make ql-for-ql happy. 2022-12-01 09:07:17 +00:00
Geoffrey White
1ea44374a4 Swift: Autoformat. 2022-12-01 08:47:30 +00:00
Geoffrey White
c71bd4cad9 Swift: Remove unused predicate. 2022-12-01 08:47:29 +00:00
Geoffrey White
0a0cfc34e7 Swift: Do the same for methods. 2022-12-01 08:47:29 +00:00
Geoffrey White
5a4d188255 Swift: Fix for extensions. 2022-12-01 08:47:29 +00:00
Geoffrey White
d71eeb4c95 Swift: First fix for MaD on generics. 2022-12-01 08:47:29 +00:00
Geoffrey White
8f24b0b815 Swift: Add missing comment. 2022-12-01 08:47:28 +00:00
Geoffrey White
b1b3487028 Swift: Add a test for MaD data sources in generics. 2022-12-01 08:47:28 +00:00
Felicity Chapman
38b8cf4fd4 Update docs/codeql/codeql-language-guides/basic-query-for-java-code.rst 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-12-01 08:44:40 +00:00
Jeroen Ketema
3dfe18b565 C++: Introduce the coarse upper bound check from default taint tracking 2022-12-01 09:13:48 +01:00
Tiferet Gazit
7c1bfdbf41 Merge pull request #11511 from github/tiferet/renamings 
Rename predicates to fit style guide
 2022-11-30 18:19:07 -08:00
tiferet
4a6de3e444 Apply suggestion from code review 2022-11-30 17:25:19 -08:00
Harry Maclean
bd129ede42 Merge pull request #11136 from hmac/json-flow-summaries 
Ruby: JSON flow summaries
 2022-12-01 14:19:47 +13:00
tiferet
a0a742eb82 Rename predicates to fit style guide: 
- `getEndpoints` → `appliesToEndpoint`
- `getImplications` → `hasImplications`
- `getAlerts` → `hasAlert`
 2022-11-30 17:01:56 -08:00
Jami Cogswell
94c5d53192 add a couple more tests 2022-11-30 18:51:05 -05:00
Jami Cogswell
22c4d975ad remove old import 2022-11-30 18:07:45 -05:00
Jami Cogswell
7f45e320d8 add tests 2022-11-30 18:07:45 -05:00
Jami Cogswell
210d8529b6 add query for SupportedExternalApis 2022-11-30 18:07:45 -05:00
Harry Maclean
91421528df Ruby: Update test 2022-12-01 09:01:03 +13:00
Ed Minnix
04829fc38e Java: SQLInjection example for addJavaScriptInterface query 2022-11-30 13:32:28 -05:00
Ian Lynagh
cd8c40e063 Kotlin: Enable java/non-serializable-field for Kotlin 
It now ignores compiler-generated classes
 2022-11-30 17:58:43 +00:00
Paolo Tranquilli
4e29ff1d6e Swift: add -merge-modules to frontend-invocations test 
Also, moved from Makefile to a bash source.
 2022-11-30 17:46:47 +01:00
Ed Minnix
d35321f40e Java: change WebView addJavascriptInterface query precision to medium 2022-11-30 11:35:14 -05:00
Tony Torralba
6ae10c5171 Merge pull request #11501 from atorralba/atorralba/swift/fix-data-test-expectations 
Swift: Fix expectations in data.swift
 2022-11-30 17:12:32 +01:00
Ed Minnix
e31521bd14 Java: mention the default negative value for setJavaScriptEnabled 2022-11-30 10:56:17 -05:00
Felicity Chapman
86e2333e67 Fix typo and try improving formatting 2022-11-30 15:53:19 +00:00
Edward Minnix III
b189e5b365 Java: fix precision in setJavascriptEnabled query 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-11-30 10:45:31 -05:00
Ed Minnix
5ac1e012ae Java: Mention AssetLoader in WebView file access query documentation 2022-11-30 10:43:53 -05:00
Ed Minnix
c836c4feb7 Java: Specify default value in WebView file access query 2022-11-30 10:43:05 -05:00
Edward Minnix III
710e012e09 Java: fix precision of Android WebView File access query 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-11-30 10:41:45 -05:00
Felicity Chapman
3e1d49ad80 First draft update tutorials 2022-11-30 15:38:58 +00:00
Tony Torralba
d958a62bf2 Fix expectations in data.swift 2022-11-30 16:19:55 +01:00
Karim Ali
8f456295e0 Merge pull request #11185 from karimhamdanali/swift-string-taint-steps 
Swift: add `String` taint steps
 2022-11-30 17:03:15 +02:00
erik-krogh
cddc9db690 change back to the old order of extracting externs before Xml 2022-11-30 15:46:46 +01:00
Alex Denisov
0bfe502bb0 Swift: remove patches from the extractor 
Moved elsewhere https://github.com/dsp-testing/codeql-swift-artifacts/pull/3
 2022-11-30 15:36:09 +01:00
Karim Ali
f6bc88471a update the expected output for CWE-079 
Now that we have support for taint through fields of String, we can now detect certain flows that we previously marked as [NOT DETECTED]. This commit updates the expected output of CWE-079 (and the in-code annotation of the accompanying test case) to reflect that update.
 2022-11-30 16:34:24 +02:00
erik-krogh
6620ba8cc8 Merge branch 'main' into exit-code 2022-11-30 15:26:31 +01:00
Paolo Tranquilli
b8c11de89c Merge pull request #11498 from github/redsun82/swift-codegen 
Swift: enhance `codegen` UX
 2022-11-30 15:17:18 +01:00
Owen Mansel-Chan
45e2a13c37 Merge pull request #11494 from owen-mc/dataflow/some-trivial-fixes 
Dataflow: some trivial fixes
 2022-11-30 13:59:41 +00:00
Anders Schack-Mulligen
1ce28540fb Merge pull request #11495 from intrigus-lgtm/patch-7 
Docs: Add missing `language[monotonicAggregates]` annotation
 2022-11-30 14:58:44 +01:00
Paolo Tranquilli
b4e3554af7 Merge pull request #11370 from github/alexdenisov/swift-5.7.1 
Swift: upgrade to Swift 5.7.1
 2022-11-30 14:23:12 +01:00
Paolo Tranquilli
bb3aa9e908 Swift: add --force to codegen 2022-11-30 14:19:33 +01:00