hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 02:14:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,684 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
7524f3372d Only log once the missing java-kotlin method mapping warnings 2022-10-03 11:55:39 +02:00
Rasmus Wriedt Larsen
a0fcd4a9bf Merge pull request #10631 from RasmusWL/cleanup-options-files 
Python: Remove last `-p ../lib/` in `options` files
 2022-10-03 11:09:59 +02:00
James Fletcher
e8f1e6fe8e Update docs/codeql/writing-codeql-queries/about-codeql-queries.rst 2022-10-03 09:59:19 +01:00
Tony Torralba
f860ae8c82 Apply review suggestions 2022-10-03 10:38:35 +02:00
Tony Torralba
2036453176 Add stub generation tests 2022-10-03 10:31:14 +02:00
Tony Torralba
0645f62a0d Use monotonicAggregates to avoid non-monotonic recursions 2022-10-03 10:31:14 +02:00
Tony Torralba
66e6f4d25e Use empty string as default value for string annotation values 2022-10-03 10:31:14 +02:00
Tony Torralba
8a3ed6bdcf Apply code review suggestions 2022-10-03 10:31:14 +02:00
Tony Torralba
6f7b7c9efe If an annotation value is an array, order its elements by index 2022-10-03 10:31:14 +02:00
Tony Torralba
6f1124d7e7 Handle more annotation element value types 2022-10-03 10:31:13 +02:00
Tony Torralba
1ece12efd7 Add annotation element names 2022-10-03 10:31:13 +02:00
Tony Torralba
d4499a10d2 Fix typo 2022-10-03 10:31:13 +02:00
Tony Torralba
ee7507386c Fix annotation vs interface keyword stubbing 2022-10-03 10:31:13 +02:00
Tony Torralba
eda676df3e Add support for Annotation types stub generation 2022-10-03 10:31:13 +02:00
Tamas Vajk
ffc7e6b7b6 Extract bit not expression 2022-10-03 10:30:46 +02:00
Tamas Vajk
54b210f176 Extract logical not expression 2022-10-03 10:23:40 +02:00
Tamas Vajk
a2d0b38a6d Kotlin: extract all binary numeric operators 2022-10-03 09:52:00 +02:00
Erik Krogh Kristensen
3d00a61dac Merge pull request #10528 from erik-krogh/java-followMsg 
Java: Update the alert messages to better follow the style guide
 2022-10-03 09:49:47 +02:00
Asger F
47e5623b90 Merge pull request #10639 from hvitved/ruby/dataflow/known-element-no-floats-complexs 
Ruby: Do not attempt to track precise hash indices for floats and complex numbers
 2022-10-03 09:23:33 +02:00
Tony Torralba
683cacb8b5 Merge pull request #10640 from atorralba/atorralba/fix-cartesian-product 
Java: Fix cartesian product
 2022-10-03 08:56:47 +02:00
Harry Maclean
eaf6eb009b Update tests 2022-10-03 17:17:58 +13:00
Harry Maclean
e48665ad9f Fix doc 2022-10-03 14:13:12 +13:00
Harry Maclean
236b628ee2 Ruby: Constrain parameters flow properly 2022-10-03 14:06:06 +13:00
Harry Maclean
32baf67b07 Fix change note month 2022-10-03 09:46:01 +13:00
Harry Maclean
5c20039e09 Ruby: Slightly improve class name 2022-10-03 09:46:01 +13:00
Harry Maclean
fa1ae26fab Add change note 2022-10-03 09:46:01 +13:00
Harry Maclean
a5998fbe4d Ruby: Model ActionController::Parameters 
Add flow summaries for methods on ActionController::Parameters,
which mostly propagate taint from receiver to return value.
 2022-10-03 09:45:59 +13:00
Harry Maclean
ba83b7c6c7 Merge pull request #10599 from hmac/hmac/actioncontroller-datastreaming 
Ruby: Model send_file
 2022-10-03 09:44:05 +13:00
erik-krogh
39ffa558f1 make a few more queries consistent with the other languages 2022-10-02 22:38:25 +02:00
Alex Ford
5c32c8badf Merge pull request #10560 from alexrford/ruby/yaml-load_file 
Ruby: treat `Psych` and `YAML` as aliases for rb/unsafe-deserialization
 2022-10-02 20:19:10 +01:00
Karim Ali
9e3d5f49c5 add interprocedural cases to the tests 2022-10-02 15:54:39 +02:00
Karim Ali
72ba77d900 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:53:39 +02:00
Karim Ali
5e189b8c75 update qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
677946d19d update typos to address requested changes 2022-10-02 15:50:26 +02:00
Karim Ali
dbc86b2cd8 update qhelp to adjust for US spelling + improved readability 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
a23e17a370 fix typo in qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
2409ba2c05 update query description 2022-10-02 15:50:26 +02:00
Karim Ali
2080f0dd36 address style violation in generated alerts 2022-10-02 15:50:26 +02:00
Karim Ali
f060f056c2 rename ECBEncryption to please the codeql formatter 2022-10-02 15:50:26 +02:00
Karim Ali
fe024ef91e change TaintTracking::Configuration to DataFlow::Configuration 2022-10-02 15:50:25 +02:00
Karim Ali
21d5e417d1 add interprocedural cases to the tests 2022-10-02 15:50:25 +02:00
Karim Ali
9576e4c008 update qhelp to include a description for the accompanying example 2022-10-02 15:50:25 +02:00
Karim Ali
746f535ee5 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:50:25 +02:00
erik-krogh
2f673efc67 autoformat 2022-10-01 13:21:20 +02:00
erik-krogh
129cda00db get a few more queries in sync with other languages 2022-10-01 11:17:48 +02:00
erik-krogh
acfcc4bfe2 update two more queries to better follow the style-guide 2022-10-01 10:59:59 +02:00
erik-krogh
7d643e41f3 Merge branch 'main' into java-followMsg 2022-10-01 10:48:06 +02:00
Erik Krogh Kristensen
17e6b2af37 Merge pull request #10557 from erik-krogh/csharp-followMsg 
C#: Update the alert messages to better follow the style guide
 2022-10-01 10:47:43 +02:00
Aditya Sharad
fdd71d4647 Docs: Address review feedback on system requirements 2022-09-30 14:11:47 -07:00
erik-krogh
e2fe63f94a autoformat 2022-09-30 23:11:43 +02:00