hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 10:52:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,685 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
51618b46a8 Sync ApiGraphModels.qll 2022-09-20 11:47:37 +02:00
Chris Smowton
6b9d546eaf Merge pull request #10457 from github/smowton/fix/java-really-unique-fixedHasLocation 
Java: really return a unique location for non-source entities
 2022-09-20 10:46:45 +01:00
Mathias Vorreiter Pedersen
7c41219376 Merge pull request #10438 from MathiasVP/invalid-pointer-deref-query 
C++: Add a `cpp/invalid-pointer-deref` query to experimental
 2022-09-20 10:41:31 +01:00
Asger F
2fc5961b10 JS: Restrict where sub path edges are computed 2022-09-20 11:40:17 +02:00
Asger F
2c3d1de2c7 JS: Add change note 2022-09-20 11:40:17 +02:00
Asger F
0ec8c2f035 JS: fix spanner test 2022-09-20 11:40:17 +02:00
Asger F
b545bbb477 JS: Update NodeOfType test 2022-09-20 11:40:17 +02:00
Asger F
baa559e696 JS: Fix a hole in the sequelize-typescript typings 2022-09-20 11:40:17 +02:00
Asger F
47f1d62569 JS: Add generated typings to SQL models 2022-09-20 11:40:16 +02:00
Chris Smowton
14fa6d4487 Avoid deprecated Annotation.getAValue 2022-09-20 10:15:23 +01:00
AlexDenisov
addab0964f Merge pull request #10447 from github/alexdenisov/open-interception 
Swift: open(2) interception
 2022-09-20 10:47:58 +02:00
Paolo Tranquilli
9d3039f2b1 Swift: trigger workflows on bazel changes 
The `*.bazel*` trigger currently matches
* `.bazelrc`
* `.bazelversion`
* `WORKSPACE.bazel`
* `BUILD.bazel`

It will match `MODULE.bazel` as well when we add that.
 2022-09-20 10:44:16 +02:00
Alex Ford
7720d85c98 Ruby: use camelcase verion of Http module 2022-09-20 08:58:35 +01:00
Michael Nebel
eefe457c4b Merge pull request #10238 from michaelnebel/csharp/theoremsforfree 
C#: Theorems for Free - Model generation
 2022-09-20 09:30:10 +02:00
Alex Denisov
9401eda8da Swift: use http_archive instead of new_git_repository since it's faster 2022-09-20 08:38:27 +02:00
Alex Ford
52305da5a3 Ruby: move string getAQualifiedName() up to ConstantAccess 2022-09-19 21:03:05 +01:00
Alex Ford
d00c9ea2c8 Ruby: RBI library improvements, mostly for parameter types 2022-09-19 21:03:05 +01:00
Alex Ford
8d264e7e65 Ruby: add ConstanReadAcess#getAQualifiedName() predicate 2022-09-19 21:03:05 +01:00
Alex Ford
be1ac17a60 Merge branch 'main' into rb/sensitive-get-query 2022-09-19 20:57:20 +01:00
Andrew Eisenberg
714e95ea57 Merge pull request #10468 from github/aeisenberg/docs-redirect 2022-09-19 12:27:04 -07:00
Tom Hvitved
01a043ddbd Merge pull request #10464 from michaelnebel/csharp/remove-dotnet-run-support 
C#: Remove `dotnet run` support in LUA tracer.
 2022-09-19 20:25:54 +02:00
Ed Minnix
e37f62bb5e Android ContentProvider.openFile does not check mode initital commit 
Initial commit for work on a query finding instances where the `mode`
parameter of an override of the `openFile` method of the
`android.content.ContentProvider` class
 2022-09-19 10:32:02 -04:00
Ed Minnix
00891fa455 Android Manifest Incomplete provider permissions initial commit 
Initial work on checking provider elements in Android manifests for
complete permissions.
 2022-09-19 10:31:02 -04:00
Michael Nebel
6e3bc38acf C#: Fix minor issues in QL doc. 2022-09-19 16:03:50 +02:00
erik-krogh
0645b11cb1 ruby: remove unused predicate from NfaUtilsSpecific 2022-09-19 15:25:00 +02:00
erik-krogh
49d1e584a8 deprecate a source class that wasn't used anywhere 2022-09-19 15:07:18 +02:00
erik-krogh
f6ada6e022 use sanitizer class in the insecure-randomness query 2022-09-19 15:07:00 +02:00
Rasmus Wriedt Larsen
556e93ae68 Merge pull request #10384 from RasmusWL/callnode-getargbyname 
Python: Allow `CallNode.getArgByName` for keyword args after `**kwargs`
 2022-09-19 15:05:59 +02:00
yoff
f7cbcb2fef Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-09-19 14:52:18 +02:00
Rasmus Lerchedahl Petersen
6377e6c575 Python: move summary to Stdlib.qll 2022-09-19 14:36:36 +02:00
Rasmus Lerchedahl Petersen
f560719a88 Python: expand comment on flow summaries 2022-09-19 14:30:53 +02:00
Tom Hvitved
bb08e6f0fd Ruby: Three call graph fixes for singleton methods 2022-09-19 14:20:12 +02:00
Tom Hvitved
d13332cff1 Ruby: Add more call graph tests 2022-09-19 14:19:25 +02:00
Rasmus Lerchedahl Petersen
da39c14e46 Python: comment out SummarizedCallableFromModel 2022-09-19 14:06:21 +02:00
Rasmus Lerchedahl Petersen
37fb27fa1c Python: change type of LibraryCallable::getACall 
The other callables return control flow nodes,
so it is slightly inconsistent for this to return a
data flow node, but it does make models based
on API graphs nicer.
 2022-09-19 14:02:52 +02:00
Tamas Vajk
9a6b17df0e Kotlin: Add async-await dataflow test case 2022-09-19 13:38:48 +02:00
Tamas Vajk
85d883c647 Kotlin: add test to show suspend function inconsistency between source and bytecode extraction 2022-09-19 13:38:43 +02:00
erik-krogh
58851aefd6 don't mention classes that don't exist in TaintTracking.qll 2022-09-19 13:37:06 +02:00
Tamas Vajk
a6e44ed1cf Kotlin: extract suspend modifier and handle suspend SAM conversions 2022-09-19 13:36:28 +02:00
Tamas Vajk
3e58605e8e Kotlin: Add tests with suspend functions 2022-09-19 13:28:20 +02:00
erik-krogh
fb5a04a71d filter out "file read after existence check" from js/file-system-race 2022-09-19 13:26:10 +02:00
Tamas Vajk
aae8f393fe Kotlin: Adjust test to reduce overhead of listing modifiers of lambdas 2022-09-19 13:22:00 +02:00
erik-krogh
ccae0933c7 try to parse JS files without using the supported extensions 2022-09-19 12:20:20 +02:00
erik-krogh
a16233aa7d add failing parse test 2022-09-19 12:16:45 +02:00
Michael Nebel
d0c6837a79 C#: Do not recognize 'run' as supported dotnet command for tracing. 2022-09-19 11:37:46 +02:00
Erik Krogh Kristensen
a4cd913aea Merge pull request #10312 from erik-krogh/fix-caseDiff 
ensure consistent casing of names
 2022-09-19 10:43:12 +02:00
Alex Denisov
3c12644ab1 Swift: add a guard around hashing to aboid use-after-destructor 2022-09-19 10:37:26 +02:00
CodeQL CI
b48808778f Merge pull request #10264 from yoff/python/port-RaisesTuple 
Approved by tausbn
 2022-09-19 00:51:29 -07:00
CodeQL CI
ed4b64b1c4 Merge pull request #10265 from yoff/python/port-UnguardedNextInGenerator 
Approved by tausbn
 2022-09-19 00:50:52 -07:00
CodeQL CI
36f8b0554d Merge pull request #10266 from yoff/python/port-CatchingBaseException 
Approved by tausbn
 2022-09-19 00:50:05 -07:00