hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 10:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,691 Branches 160 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
8726766465 C#: Remove the API special case for GetHashCode, Equals and IEquatable.Equals as these are now excluded based on their type. 2022-04-19 12:50:51 +02:00
Michael Nebel
f6fd401df1 C#: Add some testcases, where we don't get a summary due to the use of simple types. 2022-04-19 12:50:51 +02:00
Michael Nebel
f9e5c6b77d C#: Don't use simple types in summaries test cases as these will be excluded in generation purely based on the type. 2022-04-19 12:50:51 +02:00
Michael Nebel
f533636ad7 C#: Remove taint when it flows via a primitive/simple type (as is the case for java). 2022-04-19 12:50:51 +02:00
Nick Rolfe
76587c4144 Ruby: fix capitalisation of String in qhelp 2022-04-19 11:42:31 +01:00
Nick Rolfe
468c718da0 Ruby: simplify predicate 2022-04-19 11:32:26 +01:00
Nick Rolfe
ac805f0cdc Ruby: simplify predicate by using DataFlow::CallNode 2022-04-19 11:27:33 +01:00
Nick Rolfe
ca4dc0583d Ruby: fix comment typos 2022-04-19 11:15:34 +01:00
Geoffrey White
6e184f2438 C++: Rename variables 'a' and 'b'. 2022-04-19 10:57:42 +01:00
Nick Rolfe
14de91ce94 Ruby: make StringSubstitutionCal extend DataFlow::CallNode 2022-04-19 10:52:14 +01:00
Mathias Vorreiter Pedersen
a7c0113bc7 Merge pull request #8741 from geoffw0/autogen 
C++: Fix issue with extremely long comments in AutogeneratedFile.qll
 2022-04-19 10:45:16 +01:00
Geoffrey White
da38c9041c C++: Improvements from PR comments. 2022-04-19 10:25:00 +01:00
Geoffrey White
50c7e47dd9 C++: Improve QLDoc. 2022-04-19 10:15:12 +01:00
Erik Krogh Kristensen
6799232009 fix typo in qldoc 2022-04-19 11:09:27 +02:00
Geoffrey White
da454128ed Update cpp/ql/src/Security/CWE/CWE-611/XXE.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-04-19 10:08:07 +01:00
Geoffrey White
0aa1945f30 C++: Comments. 2022-04-19 10:04:15 +01:00
Mathias Vorreiter Pedersen
91b413d59f Dataflow: Sync identical files. 2022-04-19 09:57:21 +01:00
Erik Krogh Kristensen
4b6d8e6865 add missing qldoc 2022-04-19 10:56:58 +02:00
Mathias Vorreiter Pedersen
d5722ffa61 C++: Add 'nomagic' to 'revPartialPathStep'. 2022-04-19 09:56:41 +01:00
Erik Krogh Kristensen
8e5a7bcd76 add change-note 2022-04-19 10:53:48 +02:00
Erik Krogh Kristensen
e0b5197d3c a slight refactor 2022-04-18 22:21:41 +02:00
Erik Krogh Kristensen
7f592a6c64 merge Clipboard.qll and DragAndDrop.qll, and support InputEvent 2022-04-18 22:17:31 +02:00
Robert Marsh
cae08c505f Merge branch 'main' into rdmarsh2/ir-global-vars 2022-04-18 15:25:03 -04:00
Robert Marsh
b5c8413f5c Merge branch 'main' into rdmarsh2/ir-global-vars 2022-04-18 15:19:25 -04:00
Chuan-kai Lin
b433f08cef Merge pull request #8770 from cklin/csharp-downgrades-remove-version 
C#: remove version from downgrades pack
 2022-04-18 09:41:21 -07:00
Chuan-kai Lin
8e850ee564 C#: remove version from downgrades pack 2022-04-18 08:46:05 -07:00
Chad Bentz
990b7a29e8 Docs - Supported Queries - Fixing broken link 
update link target
 2022-04-18 10:30:24 -04:00
Marcono1234
6a48ba955c Clarify that min, max and rank may have multiple results 2022-04-16 19:12:25 +02:00
Marcono1234
8fdfe5426f Clarify min, max and rank documentation regarding expression type 2022-04-16 18:53:07 +02:00
jorgectf
9e1b98e5a4 Detach MyBatisAbstractSqlMethodsStep from MyBatisAbstractSql 2022-04-15 13:08:04 +02:00
Jean Helie
f1f00ccac5 ML: add .gitkeep to resources dir in which ML models are to be found 2022-04-15 12:19:06 +02:00
Chris Smowton
90505949c7 Generally define lower-numbered data-flow configs in terms of higher-numbered ones 
Since usually we have DataFlow3::Configurations that stand alone, DataFlow2::Configurations that depend on them, and finally DataFlow::Configurations that produce a top-level query result (for example), qll files where the reverse pattern holds will usually not be concurrently importable due to dataflow configuration recursion prevention.
 2022-04-15 09:25:40 +01:00
Chris Smowton
27d87e9300 Add TaintTracking3 2022-04-15 09:25:26 +01:00
Erik Krogh Kristensen
2e5d435bea add CWE-400, and add a reference to DoS attacks 2022-04-14 18:37:50 +02:00
Geoffrey White
8a32c17c56 C++: Fix the issue. 2022-04-14 17:03:28 +01:00
Paolo Tranquilli
24697feebc Swift: integrated template name in dataclass 2022-04-14 15:53:15 +02:00
Paolo Tranquilli
197ea5b8f3 Swift: use more @property in codegen 2022-04-14 12:28:52 +02:00
Paolo Tranquilli
71f9b25500 Swift: uses classes instead of Enum for Properties 2022-04-14 11:35:11 +02:00
Paolo Tranquilli
64496b4c97 Swift: cleanup and some docstrings for codegen 
Also added code generation and clang formatting to the pre-commit
configuration.
 2022-04-14 11:27:41 +02:00
Paolo Tranquilli
91fd83a554 Swift: dbscheme generator 
This patch introduces the basic infrastructure of the code generation
suite and the `dbscheme` generator.

Notice that the checked in `schema.yml` should reflect swift 5.6 but
might need some tweaking.

Closes https://github.com/github/codeql-c-team/issues/979
 2022-04-14 11:27:41 +02:00
Jean Helie
d094bbc06d Merge pull request #8546 from github/jhelie/enforce-unknown-incompatibiliy-with-notasink 
ML: add defensive check to ensure Unknown endpoints cannot also be NotASink
 2022-04-14 11:21:18 +02:00
Geoffrey White
2ac21d6932 C++: Use isBarrier rather than isBarrierOut (which is going away). 2022-04-14 09:21:57 +01:00
Harry Maclean
cf0611d1e7 Pass args to jq via --arg 2022-04-14 13:50:41 +12:00
Harry Maclean
a90647798e Fail workflow if COMMENT_ID fails validation 
And print an error message to STDERR.
 2022-04-14 13:21:38 +12:00
Harry Maclean
c9a5cb4bf6 Distinguish between validated and raw COMMENT_ID 2022-04-14 13:19:14 +12:00
Harry Maclean
c3f1fba985 Merge pull request #8598 from hmac/hmac/insecure-dep-resolution 
Ruby: Add rb/insecure-dependency query
 2022-04-14 02:09:44 +02:00
Erik Krogh Kristensen
4c97f68a3d remove postmessage events as source for js/resource-exhaustion 2022-04-13 23:14:42 +02:00
Erik Krogh Kristensen
51a0b6d501 remove client-side remote-flow from js/resource-exhaustion 2022-04-13 23:05:59 +02:00
Geoffrey White
27b6b99cd0 C++: Correct and improve some comments and naming. 2022-04-13 18:34:15 +01:00
Nick Rolfe
a1a7d2c088 Ruby: add changenote for rb/incomplete-sanitization 2022-04-13 17:32:38 +01:00