hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 18:34:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,683 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
524dac551b Add upgrade and downgrade folders 2022-10-11 16:40:08 +02:00
Tamas Vajk
9eea6d4193 Kotlin: Extract type parameter modifiers (reified, in, out) 2022-10-11 16:40:07 +02:00
Nick Rolfe
078c3e9d28 Ruby: create top-level module for ActionMailer 2022-10-11 15:22:42 +01:00
Mathias Vorreiter Pedersen
7ac9c1e832 Merge pull request #10713 from MathiasVP/fix-types-in-ir-dataflow 
C++: Fix `getType` for experimental IR dataflow
 2022-10-11 15:20:49 +01:00
Rasmus Wriedt Larsen
b3f10311b3 Merge pull request #10752 from RasmusWL/pymssql 
Python: DB Modeling: Add `pymssql` and `executemany` in general
 2022-10-11 15:55:04 +02:00
Tamas Vajk
9b2cc6c318 Kotlin/Java: Exclude generated code from java/missing-override-annotation 2022-10-11 15:48:46 +02:00
Tony Torralba
0892a5795d Add taint step for subscript expressions 2022-10-11 15:33:45 +02:00
Sylwia Budzynska
319923f445 Add python cx_oracle, phoenixdb, pyodbc models 2022-10-11 15:29:57 +02:00
Tamás Vajk
8523d21f8c Merge pull request #10696 from tamasvajk/kotlin-lateinit 
Kotlin: Extract `lateinit` modifier
 2022-10-11 15:03:10 +02:00
Tamás Vajk
e9835ec07e Merge pull request #10756 from tamasvajk/kotlin-fix-java-modifier 
Kotlin: extract `protected` modifier from java class files
 2022-10-11 15:02:13 +02:00
Erik Krogh Kristensen
66c2de87b0 Merge pull request #10729 from erik-krogh/py-last-msg 
Py: fix some more style-guide violations in the alert-messages
 2022-10-11 14:48:14 +02:00
Rasmus Wriedt Larsen
ac30cfa5c1 Python: Apply suggestions from code review 2022-10-11 14:05:27 +02:00
erik-krogh
a826dbbdee fix capitalization in stack-trace-exposure 2022-10-11 13:59:10 +02:00
Tom Hvitved
7171fd1bb2 Update python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackerSpecific.qll 
Co-authored-by: Taus <tausbn@github.com>
 2022-10-11 13:58:51 +02:00
Tom Hvitved
f1c44f72b5 Python: Sync on TypeTracker.qll changes 2022-10-11 13:58:50 +02:00
Tom Hvitved
2e8f46ddd9 Type tracking: Split up levelStep into levelStepNoCall and levelStepCall 
To reduce non-linear recursion during call graph construction.
 2022-10-11 13:58:46 +02:00
Mathias Vorreiter Pedersen
95e798565b C++: Expand on the comment about missing types in the database. Also rename 'getType0' to 'getTypeImpl' to avoid confusion. 2022-10-11 12:57:51 +01:00
Erik Krogh Kristensen
0883b1782d Merge pull request #10730 from erik-krogh/ql-last-msg 
QL: fix some more style-guide violations in the alert-messages
 2022-10-11 13:43:21 +02:00
erik-krogh
7500a31814 fix that js/file-system-race could have FPs related to loops 2022-10-11 13:41:51 +02:00
erik-krogh
0220f0aa5c use type-tracking instead 2022-10-11 13:37:01 +02:00
Asger F
02656b16c3 Merge pull request #10685 from asgerf/rb/splat-and-local-field-step 
Ruby: summarize unary splat operators and add local field step
 2022-10-11 13:28:58 +02:00
erik-krogh
b64a1b7c42 add a missing qldoc 2022-10-11 13:26:04 +02:00
erik-krogh
cadb948d57 add change-note 2022-10-11 13:26:03 +02:00
erik-krogh
d427e55507 add qhelp 2022-10-11 13:26:03 +02:00
erik-krogh
557dd10896 add a rb/unsafe-shell-command-construction query 2022-10-11 13:26:01 +02:00
Ian Lynagh
b31a721929 Kotlin: Remove some noisy diagnostics 2022-10-11 12:20:42 +01:00
erik-krogh
0d5da42ddd add a getName() utility to DataFlow::ParameterNode 2022-10-11 13:05:22 +02:00
erik-krogh
75422dfa72 add library for reasoning about gems and .gemspec files 2022-10-11 13:05:19 +02:00
erik-krogh
99b90789e5 add .shellescape as a sanitizer for rb/command-injection 2022-10-11 13:05:19 +02:00
erik-krogh
b16b3c0394 move cwe-078 tests into subfolders 2022-10-11 13:05:19 +02:00
Tamas Vajk
43f9331052 Kotlin: adjust extracted property reference base class 2022-10-11 12:52:26 +02:00
Tamas Vajk
92b425b1c2 Kotlin: Add test to show imperfections in property reference extraction 2022-10-11 12:51:06 +02:00
Alvaro Muñoz
2ab34c85b2 Deprecate previous version 2022-10-11 12:46:01 +02:00
Alvaro Muñoz
15f641893e Deprecate previous version 2022-10-11 12:44:46 +02:00
Alvaro Muñoz
d5520d93c8 Deprecate previous version 2022-10-11 12:43:20 +02:00
Alvaro Muñoz
30958f7cde Deprecate previous version 2022-10-11 12:42:40 +02:00
Alvaro Muñoz
2a1b2db4c3 Deprecate previous version 2022-10-11 12:40:32 +02:00
Erik Krogh Kristensen
01bc5f7226 Merge pull request #10731 from erik-krogh/rb-last-msg 
Ruby: fix some more style-guide violations in the alert-messages
 2022-10-11 12:16:52 +02:00
Mathias Vorreiter Pedersen
5cfc3fe8df C++: Use 'DataFlowType' instead of 'Type' for the 'getType' predicate in 'PostUpdateNode'. 2022-10-11 11:00:25 +01:00
Tom Hvitved
878654e0ff Merge pull request #10763 from hvitved/ruby/move-summarized-callable-from-model 
Ruby: Move `SummarizedCallableFromModel` into `ModelsAsData.qll`
 2022-10-11 11:47:38 +02:00
Tom Hvitved
2b75562037 Ruby: Use DataFlow::Configuration in RegExpConfiguration.qll 2022-10-11 11:39:45 +02:00
erik-krogh
42e1735f2a update expected output 2022-10-11 11:37:26 +02:00
Alvaro Muñoz
5c412b9363 Use Pascal convention 2022-10-11 11:24:07 +02:00
erik-krogh
8779da8c0b reintroduce Psych 2022-10-11 11:14:52 +02:00
Alvaro Muñoz
ad80642b18 Consider other XSS unsafe content-types when reasoning about XSS vulnerabilities 2022-10-11 11:13:17 +02:00
Erik Krogh Kristensen
7d282c3d75 fix casing in alert-message 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-10-11 11:12:59 +02:00
Tom Hvitved
d6df69d481 Merge pull request #10754 from hvitved/dataflow/non-hidden-succ-fast-tc 
Data flow: Improve `fastTC` bound in `PathNodeImpl::getANonHiddenSuccessor`
 2022-10-11 11:12:58 +02:00
Tom Hvitved
53abdb3fb5 Ruby: Move SummarizedCallableFromModel into ModelsAsData.qll 2022-10-11 11:06:35 +02:00
erik-krogh
4da0508dae Merge branch 'main' into py-last-msg 2022-10-11 10:49:19 +02:00
erik-krogh
cdf9d65e44 bump typos 2022-10-11 10:44:34 +02:00