hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 00:44:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
1b30cf8eca Merge branch 'main' into call-graph-tests 2022-11-22 13:39:27 +01:00
Erik Krogh Kristensen
158ea26dd1 Merge pull request #11362 from erik-krogh/read-only-cache 
CI: use read-only-cache when running on a PR
 2022-11-22 13:04:34 +01:00
Erik Krogh Kristensen
f67219965e Merge pull request #11082 from erik-krogh/shellArr 
JS: treat arrays that gets executed with shell:true as a sink for `js/shell-command-constructed-from-input`
 2022-11-22 13:03:50 +01:00
Erik Krogh Kristensen
b2267c0e49 Merge pull request #11343 from erik-krogh/redundantAssignment 
QL: add redundant-assignment query
 2022-11-22 13:03:14 +01:00
Erik Krogh Kristensen
06386b2cdd Merge pull request #11072 from erik-krogh/slicing 
JS: poly-redos: don't sanitize calls through substring calls that just remove the start
 2022-11-22 13:02:09 +01:00
erik-krogh
6b5cd9abc3 use RegExpTreeView insteaed of RegexTreeView in JS 2022-11-22 12:55:48 +01:00
erik-krogh
f9b775e4b8 do private imports of the deprecated Dep modules 2022-11-22 12:39:56 +01:00
Tony Torralba
1667fbad88 Add change note 2022-11-22 11:48:21 +01:00
Tony Torralba
43f4dd8bc4 Consider taint through bitwise operations on PendingIntent flags 2022-11-22 11:39:30 +01:00
Tom Hvitved
ed841aee30 Merge pull request #11329 from hvitved/csharp/qltest-ci 
C#: Add workflow for running QL tests
 2022-11-22 11:36:16 +01:00
ka1n4t
ce2ba21240 Add binding between annotation and sink-param 2022-11-22 18:32:14 +08:00
Rasmus Wriedt Larsen
84faf49bf0 Python: Add tests for compound arguments field flow 2022-11-22 11:29:00 +01:00
Rasmus Wriedt Larsen
d876acde4c Python: Fix SINK/SINK_F usage for crosstalk tests 
As discussed in PR review
https://github.com/github/codeql/pull/11208#discussion_r1022473421
 2022-11-22 11:29:00 +01:00
Anders Peter Fugmann
d799466e9d Merge pull request #11338 from andersfugmann/update_swift_codeowners 
Swift: set @github/codeql-swift as owner
 2022-11-22 11:24:19 +01:00
Paolo Tranquilli
414f18fc97 Swift: fix extractor tests pack 
This allows `codeql query compile` to run on integration test queries.
 2022-11-22 10:58:57 +01:00
Erik Krogh Kristensen
ef270232dc Merge pull request #11358 from erik-krogh/rubyDelPacks 
Ruby: delete the target/packs folder in the `compile-queries` job
 2022-11-22 10:56:52 +01:00
Geoffrey White
949cfb758d Merge branch 'main' into alamofire2 2022-11-22 09:29:53 +00:00
erik-krogh
10c602d9fb CI: use read-only-cache when running on a PR 2022-11-22 10:20:09 +01:00
Anders Schack-Mulligen
15aa8b62b8 Merge pull request #11359 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-11-22 09:47:38 +01:00
Tom Hvitved
313767539a C#: Add workflow for running QL tests 2022-11-22 09:32:44 +01:00
github-actions[bot]
e70eb3a3ee Add changed framework coverage reports 2022-11-22 00:19:21 +00:00
erik-krogh
29055f7709 delete packs 2022-11-22 00:12:33 +01:00
Jami
8a73675483 Merge pull request #11070 from jcogs33/java-regex-injection 
Java: Promote regex injection query from experimental
 2022-11-21 15:04:26 -05:00
Mathias Vorreiter Pedersen
c2ac60fc34 Merge pull request #11311 from MathiasVP/repair-mustflow 
C++: Repair `MustFlow` library for use-use flow
 2022-11-21 19:13:10 +00:00
Jami Cogswell
9e2ec9d12f apply docs review suggestion 2022-11-21 13:39:46 -05:00
Edoardo Pirovano
6c33ddcd47 Merge pull request #11349 from github/edoardo/2.11.4-mergeback 
Merge `rc/3.8` into `main`
 2022-11-21 18:08:27 +00:00
Erik Krogh Kristensen
af367a5fdf Merge pull request #11348 from erik-krogh/cache-full-extractor 
Ruby: cache the entire extractor
 2022-11-21 18:06:32 +01:00
erik-krogh
76ceb49841 re-introduce the paths requirements in the ruby workflows 2022-11-21 17:55:57 +01:00
Erik Krogh Kristensen
53ba22ab5c simplify pack creation 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-11-21 17:55:57 +01:00
erik-krogh
3b7ce0680d Ruby: build queries on an XL worker, and use all the threads 2022-11-21 17:55:57 +01:00
erik-krogh
999e8ed0d0 Ruby: remove the path on branch pushes, for caching 2022-11-21 17:55:57 +01:00
erik-krogh
b1db390200 Ruby: use compilation cache in the ruby-build workflow 2022-11-21 17:55:57 +01:00
erik-krogh
9c792902c7 Ruby: cache the entire extractor 2022-11-21 17:55:57 +01:00
erik-krogh
64707f4f7b remove redundant assignments 2022-11-21 17:45:05 +01:00
erik-krogh
937365141f QL: add redundant-assignment query 2022-11-21 17:41:02 +01:00
tiferet
1c9545e49a Address comment from code review: 
Make `SyntacticHeuristics` an explicit import
 2022-11-21 08:00:31 -08:00
Tony Torralba
e28f1ffe18 Merge pull request #11346 from atorralba/atorralba/java/fix-path-models 
Java: Fix a couple of taint models for `java.nio.file.Path(s)`
 2022-11-21 16:57:00 +01:00
Erik Krogh Kristensen
4f08000a2e Merge pull request #11344 from erik-krogh/all-the-cache 
Ruby: Use compilation cache for the qltest CI workflow
 2022-11-21 16:26:29 +01:00
Tony Torralba
16a76853f4 Add libxml2 sinks 2022-11-21 16:25:51 +01:00
Taus
f12e15b46b Python: Fix implicit this warnings 2022-11-21 15:23:13 +00:00
Mathias Vorreiter Pedersen
7e80a57724 C++: Make ql-for-ql happy. 2022-11-21 15:13:19 +00:00
Erik Krogh Kristensen
b4661f4a59 Merge pull request #11245 from erik-krogh/rb-redosMod 
Ruby: use the shared regex pack
 2022-11-21 15:34:20 +01:00
Tony Torralba
01dcf6a9ac Merge pull request #11340 from atorralba/atorralba/disabled-poms 
Java: Handle disabled Maven repositories
 2022-11-21 15:31:53 +01:00
Taus
a385e87273 Python: Add change note for module resolution 
Also adapts the version-specific tests to support results specific to
Python 2 (though at the moment there are no such tests).
 2022-11-21 14:29:39 +00:00
Tony Torralba
5000a14451 Add change note 2022-11-21 15:22:26 +01:00
Mathias Vorreiter Pedersen
fcd9dd0be4 Update cpp/ql/lib/change-notes/2022-11-16-must-flow.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-11-21 14:18:20 +00:00
Taus
8f4eb7107a Merge pull request #10861 from tausbn/python-clean-up-import-resolution 
Python: Clean up import resolution
 2022-11-21 15:18:08 +01:00
erik-krogh
57a7f89485 change merge-base to merge_base 2022-11-21 15:15:12 +01:00
Tony Torralba
57656d0a7e Fix a couple of java.nio.file.Path(s) MaD rows 2022-11-21 15:14:02 +01:00
erik-krogh
f50778ae26 Ruby: set ram usage to 52GB in the qltest workflow 2022-11-21 15:02:14 +01:00