hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 06:53:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,690 Branches 160 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
9f6240b38c Kotlin: Add test for missing override modifier on SAM methods 2022-10-07 11:22:15 +02:00
Harry Maclean
75cb0efecb Merge pull request #10538 from hmac/hmac/actioncontroller-parameters 
Ruby: Model flow through ActionController::Parameters
 2022-10-07 22:21:40 +13:00
erik-krogh
d5c45056bd fix some more style-guide violations in the alert-messages 2022-10-07 11:21:01 +02:00
erik-krogh
66c9705502 fix some more style-guide violations in the alert-messages 2022-10-07 11:19:46 +02:00
erik-krogh
a30b7120a7 fix some more style-guide violations in the alert-messages 2022-10-07 11:17:39 +02:00
Tony Torralba
5f740a5598 Merge pull request #10715 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-10-07 10:56:47 +02:00
Tom Hvitved
69fc59930f Ruby: Add ql doc to lookupSingletonMethod 2022-10-07 10:55:30 +02:00
Tamas Vajk
f51c13f0c1 Kotlin: Recognize generated files 2022-10-07 09:32:00 +02:00
Tamas Vajk
51f9314a50 Kotlin: Consider ::class type check in equals 2022-10-07 09:23:01 +02:00
Tamas Vajk
f7f12076df Kotlin: Add test case for ::class type check in equals 2022-10-07 09:22:10 +02:00
Tamas Vajk
cd64faf635 Kotlin: ignore properties in java/internal-representation-exposure check 2022-10-07 09:13:14 +02:00
Tamas Vajk
e9a304bad0 Kotlin: Add test for exposed internal representation 2022-10-07 09:12:36 +02:00
github-actions[bot]
a02dcdc5e1 Release preparation for version 2.11.1 2022-10-07 02:20:28 +00:00
github-actions[bot]
47c461a241 Add changed framework coverage reports 2022-10-07 00:26:57 +00:00
Mathias Vorreiter Pedersen
10eb548156 Merge pull request #10699 from MathiasVP/swift-mad-summaries 2022-10-06 17:44:35 +01:00
Mathias Vorreiter Pedersen
e147a6032e C++: Replace 'IRType' with 'Type' in dataflow. This means we're more compatible with the old AST library. 2022-10-06 17:26:56 +01:00
Mathias Vorreiter Pedersen
65a538ed41 C++: Exclude a few more operands from the dataflow graph. These aren't ever used for dataflow, and it should give us a slight speedup. 2022-10-06 17:22:09 +01:00
Mathias Vorreiter Pedersen
3fcb825e7f C++: Change a few indirectionIndex ranges from '[0 .. n - 1]' to '[1 .. n]'. This simplifies some arithmetic in a few predicates. 2022-10-06 17:21:09 +01:00
Mathias Vorreiter Pedersen
cfbb9e3339 Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-06 17:04:56 +01:00
Mathias Vorreiter Pedersen
7a425ffcc3 Update swift/ql/lib/codeql/swift/elements/type/NominalType.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-06 16:59:31 +01:00
Chris Smowton
28fa06ab9c Merge pull request #10709 from gregxsunday/main 
add BeegoInput.RequestBody source to Beego framework
 2022-10-06 16:04:04 +01:00
Chris Smowton
289843eb83 Remove accidentally duplicated test 
This was moved to a unit test, but the integration test version was somehow retained.
 2022-10-06 16:00:56 +01:00
Tony Torralba
ceae5eef28 Revert "Decouple from #10177" 
This reverts commit 7b34b10cee.
 2022-10-06 16:30:23 +02:00
Tony Torralba
21a0c446b4 Update java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-10-06 16:28:17 +02:00
Tony Torralba
015d48ef66 Fix select message 2022-10-06 16:28:17 +02:00
Tony Torralba
7b34b10cee Decouple from #10177 2022-10-06 16:28:17 +02:00
Tony Torralba
1bf1349167 Test all sinks 2022-10-06 16:28:17 +02:00
Tony Torralba
39b5ebfd7b Fix qhelp 2022-10-06 16:28:17 +02:00
Tony Torralba
76ea255277 Add security-severity 2022-10-06 16:28:17 +02:00
Tony Torralba
4a18892da9 Second query version 
Remove sinks flowing to write operations requirement
 2022-10-06 16:28:17 +02:00
Tony Torralba
153ec5368e First query version requiring sinks to flow to write operations 2022-10-06 16:28:17 +02:00
erik-krogh
c1fae91a1f have rb/meta/taint-steps print only one for each file, to limit the size of the output 2022-10-06 15:19:11 +02:00
Chris Smowton
812a5e5c74 Autoformat test.go 2022-10-06 14:08:56 +01:00
Chris Smowton
4e161c867e Rename 2022-10-06-beego- to 2022-10-06-beego-request-body-source.md 2022-10-06 14:01:36 +01:00
Chris Smowton
7d98b74eec Create 2022-10-06-beego- 2022-10-06 14:00:52 +01:00
Henry Mercer
7a7d164b07 Merge pull request #10698 from github/henrymercer/successfully-extracted-files-tag 
Tag successfully extracted files queries
 2022-10-06 13:21:52 +01:00
Chris Smowton
fcf24f7671 Fix typo 2022-10-06 12:59:43 +01:00
Chris Smowton
1d8547d4c1 Avoid using count(...) = 0 2022-10-06 12:57:56 +01:00
Chris Smowton
0024e54e63 Make method private 2022-10-06 12:55:17 +01:00
Chris Smowton
86e5e4c4bc Accept test changes 2022-10-06 12:40:04 +01:00
Chris Smowton
020f29a1ab Add visibility tests 2022-10-06 12:40:03 +01:00
Chris Smowton
764c139e3e Visibility consistency query: allow $default methods to have package-private (default) visibility 2022-10-06 12:40:03 +01:00
Chris Smowton
34b83f01d0 Fix naming of internal default methods 2022-10-06 12:40:03 +01:00
Chris Smowton
5e182755a5 Fix generated $default method visibilities 2022-10-06 12:40:03 +01:00
Chris Smowton
bec948682d Fix calls to static methods defined in association with local functions 
These are a bit weird since they involve static calls to unnamed synthetic class members, but while unwriteable as Java they ought to work as a database description.
 2022-10-06 12:40:03 +01:00
Chris Smowton
b79d273de4 When calling a $default method, ensure the real method gets extracted 2022-10-06 12:40:02 +01:00
Chris Smowton
3452dcbced Fix class type parameter erasure within $default methods 2022-10-06 12:40:02 +01:00
Chris Smowton
be655432d6 Use new terse extraction functions where applicable 2022-10-06 12:40:02 +01:00
Chris Smowton
03c895853b Clarify test and accept test changes 2022-10-06 12:40:02 +01:00
Chris Smowton
6119670be8 Suppress use of function type parameters in the context of building a $defaults method 
These methods have erased signatures and no type parameters, so anything that refers to one must itself be erased. For signatures this would be easy, but for potentially deep default expressions these types can occur in various places and need erasing at each occurence.
 2022-10-06 12:40:02 +01:00