hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 10:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,691 Branches 160 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
d19504fca2 C++: Add cpp/unused-local-variable test case with switch initializer 
This is similar to the test case with the `if` initializer, and we should
not forget about it once we support `if` initialization.
 2022-04-05 18:27:53 +02:00
Owen Mansel-Chan
603c1d518e Extend DataFlowCallable to include file scopes 
The motivation is so that getEnclosingCallable() can cope with
nodes that are not in a callable.
 2022-04-05 16:00:53 +01:00
Alex Ford
ccd7bb5e70 Merge pull request #8421 from alexrford/ruby/weak-cryptographic-algorithm 
Ruby: Add `rb/weak-cryptographic-algorithm` query
 2022-04-05 14:34:45 +01:00
Ahmed Farid
29f69bde75 Update zipslip_bad.py 2022-04-05 12:46:51 +00:00
Ahmed Farid
dfe7f532ac Update CopyFile.qll 2022-04-05 12:42:05 +00:00
Ahmed Farid
0d6d07886b Rename Zip.qll to CopyFile.qll 2022-04-05 12:37:14 +00:00
Ahmed Farid
8882bc1533 Update Frameworks.qll 2022-04-05 12:32:10 +00:00
Ahmed Farid
68bfe38529 Update Zip.qll 2022-04-05 12:31:30 +00:00
Michael Nebel
2562910b94 C#: Update Csv validation to allow sources and sink kinds to be prefixed with generated. 2022-04-05 14:25:34 +02:00
Michael Nebel
d7bf024318 Java: Add testcase for generated summary model. 2022-04-05 14:25:34 +02:00
Michael Nebel
0374f84c05 Java: Make support for generated as a part of kind. 2022-04-05 14:25:34 +02:00
Michael Nebel
3a04e9a03d Java: Update java capture models with new kind column (including tests). 2022-04-05 12:55:47 +02:00
Michael Nebel
412699f407 C#: Modify generator and update test output with updated kind column. 2022-04-05 12:51:01 +02:00
Rasmus Wriedt Larsen
5b96db26b3 Python: Rewrite concepts to use extends ... instanceof ... 
This solved performance problems experienced in
https://github.com/github/codeql/pull/8634, and this commit+PR is to
ensure we get this change in as fast as possible.
 2022-04-05 12:34:15 +02:00
Rasmus Wriedt Larsen
b7f56dd17e Python: Rewrite concepts to use extends ... instanceof ... 
This caused compilation time for `ConceptsTest.ql` to go from 1m24s to
7s
 2022-04-05 12:31:09 +02:00
Rasmus Wriedt Larsen
a7dab53ed2 Python: Add change-note 2022-04-05 11:46:49 +02:00
Rasmus Wriedt Larsen
1f285b8983 Python: Rename to XmlParsingVulnerabilityKind 
To keep up with style guide
 2022-04-05 11:07:12 +02:00
Rasmus Wriedt Larsen
ab59d5c786 Python: Rename to XmlParsing 
To follow our style guide
 2022-04-05 11:06:22 +02:00
Michael Nebel
c2920405fc C#: Add a query for detecting flow summaries that are discarded due to existing handwritten models. 2022-04-05 08:55:12 +02:00
Michael Nebel
3937714f9f C#: The CaptureSummaryModels query should only produce summary models that will not be discarded at run-time. 2022-04-05 08:55:12 +02:00
Michael Nebel
784327c183 Java/Ruby: Hardcode generated flag to false. 2022-04-05 08:55:12 +02:00
Michael Nebel
8e1fa35367 C#: Add testcase, where generated flow summary is ignored. 2022-04-05 08:55:12 +02:00
Michael Nebel
de76df3988 C#: Only use generated summaries, if no handwritten model exist for a particular dataflow callable. 2022-04-05 08:55:12 +02:00
Michael Nebel
30dc4ae788 C#: Add testcase with multiple generated flow summaries. 2022-04-05 08:55:12 +02:00
Michael Nebel
689e8f1952 C#: Small testcase with a summary flow model that is listed as generated. 2022-04-05 08:55:12 +02:00
Michael Nebel
26ad4861a3 C#: Introduce parsing of the kind field. 2022-04-05 08:55:12 +02:00
Michael Nebel
f8b094ac1f C#: Only use generated flow summaries in case no handwritten summary exists. 2022-04-05 08:55:11 +02:00
Michael Nebel
4d953da480 C#: Initial steps to allow generated as a part of the kind. 2022-04-05 08:55:11 +02:00
Michael Nebel
1f72f6c2cd Merge pull request #8559 from michaelnebel/csharp/generateflowmodelsscript 
C#: Generate Flow Models script
 2022-04-05 08:43:22 +02:00
Harry Maclean
1df1f42589 Fail workflow if files cannot be uploaded 2022-04-05 14:16:42 +12:00
Harry Maclean
5739a3b4e8 Fix typo 2022-04-05 14:14:39 +12:00
Harry Maclean
342bb17fb6 Simplify shell script 2022-04-05 14:03:29 +12:00
Harry Maclean
de743418e2 Add more validations to workflow inputs 2022-04-05 13:36:34 +12:00
Harry Maclean
815c6f4113 Use env vars instead of contexts 2022-04-05 12:03:10 +12:00
Harry Maclean
8f3578c92a Ruby: Include query results in test 2022-04-05 10:20:02 +12:00
Robert Marsh
a3072fcd83 Merge pull request #8664 from geoffw0/privdata3 
C++: More enhancements to PrivateData.qll
 2022-04-04 14:43:19 -04:00
ihsinme
73de757f39 Update DangerousUseOfExceptionBlocks.ql 2022-04-04 21:38:03 +03:00
Geoffrey White
04b8306f06 C++: Add some more patterns. 2022-04-04 16:57:00 +01:00
Geoffrey White
d2e7f22d1b C++: Group all phone number related exprs together. 2022-04-04 16:48:03 +01:00
Geoffrey White
d42ee7d279 C++: Extend tests. 2022-04-04 16:46:56 +01:00
Michael Nebel
8c3be653c2 C#: Update test output. 2022-04-04 16:07:46 +02:00
Michael Nebel
3fe941aae2 C#: Add missing empty ext column in generated summaries. 2022-04-04 15:58:35 +02:00
Michael Nebel
c6fe54c41b C#: Add script for running CaptureModel queries and generate qll source file. 2022-04-04 15:58:35 +02:00
Marcono1234
6dd14a6cb3 Java: Fix reflection predicate for getMethod having non-public method result 2022-04-04 15:10:49 +02:00
Tom Hvitved
415a1c2107 Java/C#: Update CaptureModels.qll 2022-04-04 13:51:44 +02:00
Tom Hvitved
57f2a74636 Python: Implement ContentSet 2022-04-04 13:51:44 +02:00
Tom Hvitved
7113c1b29c C#: Implement ContentSet 2022-04-04 13:51:44 +02:00
Tom Hvitved
b91858e7cf Java: Implement ContentSet 2022-04-04 13:51:44 +02:00
Tom Hvitved
d99bb65ea9 C++: Implement ContentSet 2022-04-04 13:51:44 +02:00
Tom Hvitved
725d76e934 Ruby: Implement ContentSet 2022-04-04 13:51:44 +02:00