hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-12 22:14:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,749 Commits 1,681 Branches 158 Tags
codeql-cli/v2.12.2
Commit Graph

49749 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nora Dimitrijević
fb88372c0f Merge pull request #11862 from d10c/swift/rename-iterabledeclcontext 2023-01-30 16:03:49 +01:00
AlexDenisov
48434f4be3 Merge pull request #12025 from github/alexdenisov/ignore-sandbox-exec 
Swift: ignore sandbox-exec
 2023-01-30 15:59:19 +01:00
erik-krogh
02da718786 add code-injection sink for node-pty 2023-01-30 15:14:25 +01:00
Alex Denisov
b71c5e6c4b Swift: ignore sandbox-exec 2023-01-30 15:10:30 +01:00
Erik Krogh Kristensen
862948f1cc Merge pull request #12014 from erik-krogh/axios 
JS: add support for axios used as a global variable
 2023-01-30 14:55:49 +01:00
Ian Lynagh
25e703e562 Merge pull request #11579 from igfoo/igfoo/only_lockless 
Kotlin: Remove legacy trap-locking support
 2023-01-30 13:44:31 +00:00
Michael Nebel
115a0a4318 C#: Add change note. 2023-01-30 14:28:35 +01:00
Michael Nebel
b25414fe93 C#: Add DB upgrade and downgrade scripts. 2023-01-30 14:28:35 +01:00
Michael Nebel
ff546c1497 C#: Add test cases for ref fields. 2023-01-30 14:28:35 +01:00
Michael Nebel
2be090bb91 C#: Add predicate isRef to the CIL Field class. 2023-01-30 14:28:35 +01:00
Michael Nebel
db047c2c4a C#: Extract CIL fields using their underlying types for a reference type field and annotate the field as a reference type. 2023-01-30 14:28:35 +01:00
Michael Nebel
812bc20812 C#: Add CIL fields as entities that can carry type annotations. 2023-01-30 14:28:35 +01:00
Michael Nebel
23acd5c255 C#: Small re-factor of the Modifier class. 2023-01-30 14:28:34 +01:00
Michael Nebel
3a4ec90ae9 C#: Extraction of ref modifier for fields. 2023-01-30 14:28:34 +01:00
Erik Krogh Kristensen
e46960e0cf Merge pull request #12022 from github/dependabot/cargo/ql/regex-1.7.1 
Bump regex from 1.6.0 to 1.7.1 in /ql
 2023-01-30 13:11:54 +01:00
dependabot[bot]
e3afb1640a Bump regex from 1.6.0 to 1.7.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.6.0 to 1.7.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.6.0...1.7.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 11:19:30 +00:00
Erik Krogh Kristensen
8198bbf893 Merge pull request #12019 from github/dependabot/cargo/ql/serde_json-1.0.91 
Bump serde_json from 1.0.82 to 1.0.91 in /ql
 2023-01-30 12:16:49 +01:00
Nora Dimitrijević
9346f4d760 Swift: fix failing tests 2023-01-30 11:39:06 +01:00
dependabot[bot]
f430e83fca Bump serde_json from 1.0.82 to 1.0.91 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.82 to 1.0.91.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.91)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 10:36:14 +00:00
Erik Krogh Kristensen
f647910e0c Merge pull request #12018 from erik-krogh/qlDependabot 
QL: fixup the dependabot config for QL-for-QL
 2023-01-30 11:35:05 +01:00
Erik Krogh Kristensen
78683e4e8a Merge pull request #11879 from erik-krogh/rbRegConcept 
RB: add a RegexExecution concept, and use it for better regexp tracking
 2023-01-30 11:33:09 +01:00
erik-krogh
40a576b775 fixup the dependabot config for QL-for-QL 2023-01-30 11:22:17 +01:00
erik-krogh
f04a9cb523 Merge branch 'main' into rbRegConcept 2023-01-30 11:05:40 +01:00
Erik Krogh Kristensen
3508a4b799 Merge pull request #12016 from erik-krogh/newEntity 
QL: support the NewEntity module in QL-for-QL
 2023-01-30 11:01:11 +01:00
erik-krogh
54c4c23b46 support the NewEntity module in QL-for-QL 2023-01-30 10:34:06 +01:00
Mathias Vorreiter Pedersen
6a8c570915 Merge pull request #12009 from MathiasVP/fix-fwd-flow-read-join 
DataFlow: Fix join in `fwdFlowRead`
 2023-01-30 09:23:43 +00:00
Harry Maclean
f7cdd430a2 Ruby: Small fix 2023-01-30 21:55:19 +13:00
Harry Maclean
7778524e08 Ruby: Refactor 2023-01-30 21:52:59 +13:00
Harry Maclean
5e9210fcea Ruby: use getAnAncestor 2023-01-30 21:21:38 +13:00
Harry Maclean
708e303c01 Ruby: Model except: with a const argument 2023-01-30 21:17:31 +13:00
Harry Maclean
28716866d8 Ruby: getAction -> getAnAction 2023-01-30 18:52:47 +13:00
Harry Maclean
246ad46eb1 Ruby: Account for filter skip ordering 
A `skip_*_filter :foo` call only has an effect if there was an earlier
call that registered `:foo` as a filter.
 2023-01-30 18:50:30 +13:00
Harry Maclean
a164e76a5d Ruby: Model actioncontroller filter overrides 
If a filter is registered twice with the same name, the last
registration wins.
 2023-01-30 18:05:22 +13:00
Harry Maclean
28c3bd3e2f Ruby: QL4QL fix 2023-01-30 17:41:36 +13:00
Harry Maclean
fb86ef4aac Ruby: Model ActionController filters 
ActionController filters provide a way to register callbacks that run
before, after or around an action (i.e. HTTP request handler). They run
in the same class context as the action, so can get/set instance
variables and generally interact with the action in arbitrary ways.

In order to track flow between filters and actions, we have to model the
callback chain. This commit does that. A later change will add dataflow
steps to actually track flow through the chain.
 2023-01-30 17:41:36 +13:00
erik-krogh
e3455a9b21 add support for axios used as a global variable 2023-01-29 22:55:20 +01:00
Nora Dimitrijević
d5f11dfe60 Swift: db upgrade/downgrade script 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
1396d07662 Swift: subsume IterableDeclContext into Decl [tests] 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
9a5614e8c5 Swift: subsume IterableDeclContext into Decl [codegen'd] 2023-01-28 00:44:49 +01:00
Nora Dimitrijević
f96c18a6db Swift: subsume IterableDeclContext into Decl [hand-written] 2023-01-28 00:44:48 +01:00
Mathias Vorreiter Pedersen
95b15825f9 DataFlow: Sync identical files. 2023-01-27 16:24:31 +00:00
Mathias Vorreiter Pedersen
a691535e77 C++: Fix join order in 'fwdFlowRead'. 2023-01-27 16:24:08 +00:00
Jami Cogswell
85c228a0cd Java: remove old sinks 2023-01-27 10:40:17 -05:00
Jami Cogswell
a3fe8c0e93 Java: add change note 2023-01-27 10:35:16 -05:00
Jami Cogswell
9bf43483db Java: update package for QueryProducer sinks 2023-01-27 10:16:42 -05:00
Geoffrey White
6c0b50c696 Merge pull request #11980 from geoffw0/modern2 
Swift: Structure modernized queries more consistently
 2023-01-27 14:33:43 +00:00
Geoffrey White
794ba428a7 Merge pull request #11942 from geoffw0/rncrypt4 
Swift: add RNCryptor sinks to swift/static-initialization-vector
 2023-01-27 14:33:06 +00:00
James Fletcher
812306cb52 Merge pull request #12006 from felickz/patch-2 
Add link to codeql metadata article for problem.severity
 2023-01-27 13:59:06 +00:00
alexet
1b0952c512 Use Java 11 for some integration tests 2023-01-27 13:51:44 +00:00
Chad Bentz
4fee536e6d table spacing 2023-01-27 08:19:43 -05:00