hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,684 Branches 159 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
1280d43e36 Merge pull request #9141 from github/post-release-prep/codeql-cli-2.9.2 
Post-release preparation for codeql-cli-2.9.2
 2022-05-17 10:01:37 +01:00
Mathias Vorreiter Pedersen
0b0161f261 Merge pull request #737 from github/post-release-prep/codeql-cli-2.9.2 
Post-release preparation for codeql-cli-2.9.2
 2022-05-17 10:01:21 +01:00
Tony Torralba
2b6d7bb3d8 Add support for InlineExpectationsTest to Kotlin 2022-05-17 10:55:00 +02:00
Tamás Vajk
3b07fe70a1 Merge pull request #9174 from tamasvajk/kotlin-fix-isUnspecialised 
Kotlin: Fix parent class lookup from field initializers in `isUnspecialised`
 2022-05-17 10:48:52 +02:00
Erik Krogh Kristensen
55ffdb4aa1 make most imports in ApiGraphModelsSpecific.qll private 2022-05-17 10:34:17 +02:00
Erik Krogh Kristensen
1f8e7c39f4 fix typo in comment 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-05-17 10:32:31 +02:00
Erik Krogh Kristensen
7abb7552a7 Merge pull request #9184 from erik-krogh/actionInjection 
JS: change @id from js/actions/injection to js/actions/command-injection
 2022-05-17 10:24:51 +02:00
Anders Schack-Mulligen
4f5ccfd76c Merge pull request #9181 from Marcono1234/marcono1234/FloatingPointLiteral-rename 
Java: Rename `FloatingPointLiteral` to `FloatLiteral`
 2022-05-17 10:08:49 +02:00
Tom Hvitved
f2e28c311a Merge pull request #9180 from hvitved/csharp/entity-framework-sql-sinks 
C#: Add missing EntityFramework SQL sinks
 2022-05-17 09:50:49 +02:00
Erik Krogh Kristensen
2550988006 change @id from js/actions/injection to js/actions/command-injection 2022-05-17 09:25:05 +02:00
Tamás Vajk
350d137b2e Merge pull request #9145 from tamasvajk/kotlin-useless-param 
Kotlin: Respect `override` modifier in useless parameter query
 2022-05-17 08:43:59 +02:00
Tamás Vajk
fcb3d78eae Merge pull request #9146 from tamasvajk/kotlin-inner-class-static 
Kotlin: exclude Kotlin source from 'inner class could be static' check
 2022-05-17 08:43:39 +02:00
Tamás Vajk
26553cefc5 Merge pull request #9149 from tamasvajk/kotlin-maybe-null 
Kotlin: Exclude operands of `NotNullExpr` from NullMaybe query
 2022-05-17 08:43:24 +02:00
Tamás Vajk
d8c22901c9 Merge pull request #9150 from tamasvajk/kotlin-MissingInstanceofInEquals 
Kotlin: Add more type check casts to MissingInstanceofInEquals query
 2022-05-17 08:43:06 +02:00
Marcono1234
4e1a73f4d9 Java: Rename FloatingPointLiteral to FloatLiteral 
"Floating point" refers to both `double` and `float`, and is also used by
the JLS in this way. Therefore the old CodeQL class name for `float` literals
was misleading.
 2022-05-16 22:06:04 +02:00
Tom Hvitved
15449b701f C#: Add missing EntityFramework SQL sinks 2022-05-16 20:57:40 +02:00
Arthur Baars
05dce09037 Ruby: update tree-sitter-ruby 2022-05-16 19:08:46 +02:00
ihsinme
1a375ec653 Update cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-05-16 19:55:33 +03:00
Geoffrey White
cf932eb21c C++: Repair typo fix from main. 2022-05-16 16:46:14 +01:00
Geoffrey White
7b1cd70300 Merge branch 'main' into xxe9 2022-05-16 16:45:24 +01:00
Nick Rolfe
c518150b49 Merge pull request #9132 from github/nickrolfe/misspelling 
QL for QL: generalise non-US spelling query
 2022-05-16 16:03:36 +01:00
Alex Ford
0cc0494586 codeql format 2022-05-16 15:54:31 +01:00
Alex Ford
bda1c21562 BrokenCryptoAlgorithm block mode change notes 2022-05-16 15:49:19 +01:00
Paolo Tranquilli
9abb3f0066 Merge pull request #9172 from github/redsun82/swift-variant-in-label-store 
Swift: replace `getCanonicalPointer` with `std::variant`
 2022-05-16 16:21:47 +02:00
Paolo Tranquilli
16e3b5bfc4 Swift: make monostate explicit 2022-05-16 15:51:43 +02:00
Erik Krogh Kristensen
23981cb323 Merge pull request #7626 from erik-krogh/CWE-377 
JS: add query for detecting insecure temporary files
 2022-05-16 15:25:17 +02:00
Tamas Vajk
d4cf877259 Rework parent lookup in isUnspecialised 2022-05-16 14:59:28 +02:00
Geoffrey White
9f3fa1c45d C++: Consistent QLDoc. 2022-05-16 13:48:57 +01:00
Geoffrey White
b4a840e3ef C++: Make the checks happy. 2022-05-16 13:36:41 +01:00
Geoffrey White
9976825234 C++: Slightly more logical layout. 2022-05-16 12:51:04 +01:00
Geoffrey White
19d1578733 C++: Clean up. 2022-05-16 12:49:01 +01:00
Geoffrey White
b332659fcb C++: Split the XXE query into library files. 2022-05-16 12:41:41 +01:00
Geoffrey White
0ffd0b23ca C++: Create an XmlLibrary class to clean up the code in XXE.ql. 2022-05-16 12:17:20 +01:00
Tamas Vajk
8ebdaf1fc2 Kotlin: Fix parent class lookup from field initializers 2022-05-16 12:14:28 +02:00
Tamas Vajk
de133e80a9 Kotlin: add diagnostic test for 'Unexpected specialised instance of generic anonymous class' 2022-05-16 12:13:33 +02:00
yoff
dac1b6867a python: Avoid abstract class in public interface 
use construction from Ruby with `ParameterNodeImpl`
 2022-05-16 09:12:06 +00:00
Tom Hvitved
a9f6d203cd Merge pull request #8971 from aibaars/safe-nagivation 
Ruby: add safe navigation operator
 2022-05-16 10:53:56 +02:00
Tamas Vajk
47ec38c35a Kotlin: Exclude Kotlin files altogether from NullMaybe query 2022-05-16 10:52:20 +02:00
Mathias Vorreiter Pedersen
cee7aed81f Merge pull request #9142 from geoffw0/xxe8 
C++: Fixes some typos and increases the XXE query precision.
 2022-05-16 09:45:33 +01:00
yoff
a7a646960d python: sync other file 2022-05-16 08:15:16 +00:00
yoff
5794e64940 python: sync file 2022-05-16 08:12:25 +00:00
yoff
2822ed9594 Merge remote-tracking branch 'upstream/main' into python-dataflow/flow-summaries-from-scratch 2022-05-16 08:10:15 +00:00
Anders Schack-Mulligen
83f817ca45 Merge pull request #9134 from aschackmull/dataflow/perf-std-order 
Dataflow: Improve standard order through easier type check elimination.
 2022-05-16 10:05:17 +02:00
Paolo Tranquilli
1b9dcac2dd Swift: replace getCanonicalPointer with std::variant 
This turned out easier than expected previously. `llvm::PointerUnion`
was also considered, which would have less memory footprint, but it
would require more effort as it is lacking the same implicit conversions
and operators that `std::variant` provides.

Also renamed `ToTag<E>` to `TrapTagOf<E>` and introduced a derived
convenience functor `TrapLabelOf<E>`.
 2022-05-16 09:59:36 +02:00
Tamás Vajk
f7d2b2767c Merge pull request #9151 from tamasvajk/kotlin-comments-variables-1 
Kotlin: Handle variables as comment owners
 2022-05-16 09:32:19 +02:00
Tony Torralba
616b12d011 Merge pull request #8956 from atorralba/atorralba/intent-redirection-sanitizer-fix 
Java: Fix Intent Redirection sanitizer
 2022-05-16 09:21:04 +02:00
thibaut hansmann
e150a39fa0 C/C++ : fix name of cpp file + fix autoformat 2022-05-15 14:27:46 +02:00
ihsinme
f6ab338a16 Update DangerousUseSSL_shutdown.qhelp 2022-05-15 12:26:05 +03:00
Chris Smowton
ae83190629 Merge pull request #9164 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-05-14 08:44:37 +01:00
github-actions[bot]
1d39726604 Add changed framework coverage reports 2022-05-14 00:19:04 +00:00