hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-12 22:14:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,749 Commits 1,681 Branches 158 Tags
codeql-cli/v2.12.2
Commit Graph

49749 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
aef66c462a Merge pull request #12107 from aibaars/downgrade-tree-sitter 
Ruby: downgrade tree-sitter to 0.20.7
codeql-cli/v2.12.2 		2023-02-07 09:29:42 +00:00
Arthur Baars
12f5732782 Ruby: downgrade tree-sitter to 0.20.7 
The 0.20.9 version caused a stack overflow error on
the mongo-ruby-driver repository.
 2023-02-06 16:27:51 +01:00
Sarita Iyer
8edd378290 Merge pull request #12077 from github/codeql-cli-articles-migration-update 
Update CodeQL CLI docs articles and links to point to new location on GitHub Docs site
 2023-02-03 15:25:33 -05:00
Sarita Iyer
75b0676c95 Add tocs with links to deprecated articles 2023-02-03 13:37:53 -05:00
Sarita Iyer
d99f7b56bd Merge branch 'codeql-cli-articles-migration-update' of https://github.com/github/codeql into codeql-cli-articles-migration-update 2023-02-03 09:56:51 -05:00
Sarita Iyer
c33c5ed517 Update codeql-cli links 2023-02-03 09:56:49 -05:00
Sarita Iyer
fd977cc277 Update CONTRIBUTING.md 2023-02-02 16:13:13 -05:00
Sarita Iyer
465a3e0ece fix typo 2023-02-02 15:36:34 -05:00
Sarita Iyer
9943d0c054 update anchor links 2023-02-02 15:26:53 -05:00
Sarita Iyer
9b17ee9326 add back hidden toc tree 2023-02-02 14:39:49 -05:00
Sarita Iyer
0ab982891e adding back toc-trees to fix error 2023-02-02 14:31:03 -05:00
Sarita Iyer
2772cf79f4 Update CodeQL CLI articles with migration message 2023-02-02 14:11:02 -05:00
Mathias Vorreiter Pedersen
cd660e1067 Merge pull request #12071 from github/release-prep/2.12.2 
Release preparation for version 2.12.2
 2023-02-02 16:49:44 +00:00
Jeroen Ketema
3cf5107b45 Apply suggestions from code review 2023-02-02 15:48:29 +01:00
github-actions[bot]
a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
Michael Nebel
3cd2024a66 Merge pull request #12060 from michaelnebel/csharp11/nameof 
C# 11: Nameof on attribute declarations.
 2023-02-02 12:46:28 +01:00
Tony Torralba
62158c5e49 Merge pull request #12044 from atorralba/atorralba/webview-models 
Swift: Add new source and flow step related to WkWebView
 2023-02-02 09:27:21 +01:00
Michael Nebel
4089845ea4 C#: Test that nameof can used on method parameters and type parameters in attribute declarations. 2023-02-02 09:25:24 +01:00
Michael Nebel
7271d9987e Merge pull request #11940 from michaelnebel/csharp/dotnet7 
C#: Update project targets, workflows and other scripts to use .NET 7.
 2023-02-02 08:14:55 +01:00
Nora Dimitrijević
e137993acd Merge pull request #12061 from d10c/cpp/missing-check-scanf-join-order-fix 2023-02-02 07:57:21 +01:00
Harry Maclean
d671cc6e43 Merge pull request #12052 from hmac/barrier-guard-fix 2023-02-02 08:16:07 +13:00
Chuan-kai Lin
255f989ede Merge pull request #12034 from cklin/document-assume-small-delta 
Document pragma[assume_small_delta]
 2023-02-01 10:36:40 -08:00
Tony Torralba
24527bfc4e Minor change in WKNavigationDelegateSource to work around a bug 2023-02-01 17:44:08 +01:00
Tony Torralba
644bc56568 Add new source and flow step related to WkWebView 2023-02-01 17:44:06 +01:00
Tony Torralba
407e7cbbde Merge pull request #12045 from atorralba/atorralba/more-custom-url-schemes 
Swift: Add more sources for custom URL schemes
 2023-02-01 17:40:20 +01:00
Joe Farebrother
97b2e852c9 Merge pull request #11713 from joefarebrother/sensitive-result-receiver 
Java: Add query for leaking sensitive data through a ResultReceiver
 2023-02-01 16:34:17 +00:00
Nora Dimitrijević
1df0be3ca2 C++: Fix join order in cpp/missing-check-scanf 
The issues were:
* `revFlow`: `revFlow` joins `fwdFlow` on `vn`.
* `Node.getASuccessor()`: `MkNode` self-join on `vn`.
* `hasFlow/5`: `MkNode` self-join on `vn`.
 2023-02-01 16:29:43 +01:00
Tony Torralba
834fc51a3a Update java/ql/src/Security/CWE/CWE-927/SensitiveResultReceiver.ql 2023-02-01 15:26:26 +01:00
Tony Torralba
43b234eeb5 Switch to MaD models for UISceneDelegate methods 2023-02-01 15:15:51 +01:00
Tony Torralba
f7cc5f9627 Add more sources for custom URL schemes 
Also add the appropriate steps so that these sources are useful
 2023-02-01 15:07:37 +01:00
Geoffrey White
96ee0f68b0 Merge pull request #11935 from geoffw0/protocol-extension 
Swift: Flow sources through protocol extensions
 2023-02-01 13:47:09 +00:00
Joe Farebrother
74dba953ca Apply suggestions from docs review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-02-01 12:54:19 +00:00
Erik Krogh Kristensen
bc36a75bde Merge pull request #12057 from erik-krogh/syncPyFlow 
PY: Sync a dataflow config
 2023-02-01 11:58:40 +01:00
erik-krogh
77e014c5a4 sync added dataflow config 2023-02-01 11:46:57 +01:00
Erik Krogh Kristensen
01f6862965 Merge pull request #11833 from erik-krogh/trackPyReg 
PY: track string-constants to regular expression uses
 2023-02-01 11:40:42 +01:00
Tony Torralba
837cdf7782 Merge pull request #12046 from atorralba/atorralba/urlrequest-models 
Swift: Add taint for URLRequest fields
 2023-02-01 09:24:17 +01:00
Geoffrey White
b9d487ac35 Merge branch 'main' into protocol-extension 2023-02-01 08:21:05 +00:00
Erik Krogh Kristensen
16049d694b Merge pull request #12055 from github/dependabot/cargo/ql/tracing-0.1.37 
Bump tracing from 0.1.35 to 0.1.37 in /ql
 2023-02-01 09:07:11 +01:00
dependabot[bot]
373148decd Bump tracing from 0.1.35 to 0.1.37 in /ql 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.35 to 0.1.37.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.35...tracing-0.1.37)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-01 03:11:28 +00:00
Harry Maclean
da45d3aa7f Ruby: Fix string comparison barrier guard 
`strNode` was not properly restricted for some cases.
 2023-02-01 14:40:53 +13:00
Harry Maclean
0d68d88741 Merge pull request #11934 from hmac/actioncontroller-filters 2023-02-01 09:10:30 +13:00
Geoffrey White
7f58a2222a Merge branch 'main' into protocol-extension 2023-01-31 16:06:55 +00:00
Chris Smowton
6b0b73b5f6 Merge pull request #12033 from intrigus-lgtm/patch-8 
Fix errorneous slash
 2023-01-31 14:39:51 +00:00
Mathias Vorreiter Pedersen
a2248e6ca6 Merge pull request #12030 from MathiasVP/iterator-public-models 
C++: Make iterator classes public
 2023-01-31 14:11:52 +00:00
Mathias Vorreiter Pedersen
0d38ff8e8c Merge pull request #11920 from gsingh93/bit-shift-range 
C++: Improve left shift and right shift range analysis accuracy
 2023-01-31 14:01:41 +00:00
Erik Krogh Kristensen
8bc9ce749f Merge pull request #12038 from github/dependabot/cargo/ql/tracing-subscriber-0.3.16 
Bump tracing-subscriber from 0.3.15 to 0.3.16 in /ql
 2023-01-31 14:35:35 +01:00
dependabot[bot]
56a0b1d2d8 Merge pull request #12024 from github/dependabot/cargo/ruby/clap-3.0.14 2023-01-31 13:30:21 +00:00
dependabot[bot]
597c71011e Bump tracing-subscriber from 0.3.15 to 0.3.16 in /ql 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.15 to 0.3.16.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.15...tracing-subscriber-0.3.16)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 13:09:13 +00:00
Erik Krogh Kristensen
683761098d Merge pull request #12041 from github/dependabot/cargo/ql/flate2-1.0.25 
Bump flate2 from 1.0.24 to 1.0.25 in /ql
 2023-01-31 14:07:09 +01:00
Mathias Vorreiter Pedersen
fcc4c91739 C++: More responding to comments. 2023-01-31 13:01:00 +00:00