hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 02:31:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,691 Branches 160 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
43ce26e4d0 Ruby: re-add Eval.rb 2023-02-07 09:37:26 +13:00
Jeroen Ketema
a4c3ea2efc Merge pull request #9245 from ihsinme/ihsinme-patch-102 
CPP: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions
 2023-02-06 21:24:07 +01:00
Jeroen Ketema
1c35109675 C++: Add experimental tag to experimental query 2023-02-06 20:31:26 +01:00
Jeroen Ketema
868f07bc91 Merge branch 'main' into ihsinme-patch-102 2023-02-06 20:16:53 +01:00
Geoffrey White
996536b08e Swift: Remove a no-longer-needed special case from swift/unsafe-js-eval. 2023-02-06 17:35:21 +00:00
ihsinme
065ca3c227 Update DivideByZeroUsingReturnValue.ql 2023-02-06 19:42:46 +03:00
Mathias Vorreiter Pedersen
4016299aa8 Update cpp/ql/lib/semmle/code/cpp/security/Encryption.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-02-06 15:55:15 +00:00
Arthur Baars
12f5732782 Ruby: downgrade tree-sitter to 0.20.7 
The 0.20.9 version caused a stack overflow error on
the mongo-ruby-driver repository.
 2023-02-06 16:27:51 +01:00
Erik Krogh Kristensen
4eebeab8a8 Merge pull request #12078 from erik-krogh/qlCache 
QL: simplify the QL-for-QL workflow, which should also fix the cache
 2023-02-06 16:21:45 +01:00
Mathias Vorreiter Pedersen
1c9a526afa C++: Construct fewer strings. 2023-02-06 15:18:15 +00:00
erik-krogh
9364a85e49 add Rust format check to QL-for-QL tests 2023-02-06 14:26:30 +01:00
Erik Krogh Kristensen
9360ae9638 Merge pull request #12076 from erik-krogh/poly-sink-track 
PY: add tracking of strings to compile-sites for poly-redos
 2023-02-06 14:21:04 +01:00
Anders Schack-Mulligen
b4607d3fab Java: Add change notes. 2023-02-06 13:55:34 +01:00
Geoffrey White
dc59ed08f9 Merge pull request #12094 from geoffw0/string2 
Swift: Models for the String class
 2023-02-06 11:24:19 +00:00
Chris Smowton
cd2fc6566f Merge pull request #12101 from owen-mc/go/gofmt-remove-confusing-error-message 
Fix files that gofmt can't parse
 2023-02-06 10:58:54 +00:00
Mathias Vorreiter Pedersen
00fe448e3a Merge pull request #12072 from aschackmull/dataflow/stage3-perf 
Dataflow: Fix join in `fwdFlowRead` (take 2)
 2023-02-06 10:43:11 +00:00
Erik Krogh Kristensen
f32fa25c1a Merge pull request #12100 from github/dependabot/cargo/ql/serde_json-1.0.92 
build(deps): bump serde_json from 1.0.91 to 1.0.92 in /ql
 2023-02-06 10:33:32 +01:00
Arthur Baars
e382d6d000 Ruby: update stats 2023-02-06 10:28:19 +01:00
Arthur Baars
ec46f33a01 Ruby: add change note 2023-02-06 10:17:19 +01:00
Arthur Baars
f391948b53 Ruby: update expected output 2023-02-06 10:17:19 +01:00
Arthur Baars
4af0c4bb03 Ruby: desugar one-line pattern matches 2023-02-06 10:17:19 +01:00
Arthur Baars
3c15fd266d Ruby: add one-line pattern match test 2023-02-06 10:17:19 +01:00
Arthur Baars
edbba85b96 Ruby: add one-line pattern matches to AST 2023-02-06 10:17:18 +01:00
Arthur Baars
e390ca50b0 Ruby: upgrade/downgrade scripts 2023-02-06 10:17:18 +01:00
Arthur Baars
90c51ef404 Ruby: re-generate dbscheme and library 2023-02-06 10:17:18 +01:00
Arthur Baars
c554a10e06 Ruby: update tree-sitter-ruby 2023-02-06 10:17:18 +01:00
Michael B. Gale
f7a2a8677a Rename change note file 2023-02-06 09:13:11 +00:00
Michael B. Gale
6c0d2bdee1 Add example without defer statement 2023-02-06 09:10:41 +00:00
Michael B. Gale
25f907867b Update expected test output 2023-02-06 08:51:46 +00:00
Michael B. Gale
abe38373da Inline precededBySync 2023-02-06 08:47:47 +00:00
Michael B. Gale
c252ec0414 Add test for deferred close that returns error 2023-02-06 08:47:47 +00:00
Michael B. Gale
e05bce9863 Update expected test results 2023-02-06 08:47:46 +00:00
Michael B. Gale
314ecab90a Use dominatesNode and improve variable naming 2023-02-06 08:47:46 +00:00
Michael B. Gale
85a339030b Make the query a path-problem 2023-02-06 08:47:46 +00:00
Michael B. Gale
199c8641ec Rename close to sink in query 2023-02-06 08:47:46 +00:00
Michael B. Gale
f648b021a9 Despecialise parameter names for precededBySync 2023-02-06 08:47:46 +00:00
Michael B. Gale
bd6c167be6 Fixup: more docs improvements 2023-02-06 08:47:46 +00:00
Michael B. Gale
f866e16679 Use any instead of exists for isCloseSink 2023-02-06 08:47:45 +00:00
Michael B. Gale
5ab6056b26 Fixup: docs comment 2023-02-06 08:47:45 +00:00
Michael B. Gale
3f446bc76e Use three-argument hasQualifiedName 2023-02-06 08:47:45 +00:00
Michael B. Gale
07041bb659 Use Method instead of Function where able 2023-02-06 08:47:45 +00:00
Michael B. Gale
416ed57583 Fix qldoc comments 2023-02-06 08:47:45 +00:00
Michael B. Gale
f321adf9f4 Fix typo 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-02-06 08:47:44 +00:00
Michael B. Gale
10109b4925 Fix class comments 2023-02-06 08:47:44 +00:00
Michael B. Gale
49ce91fd5b Update precision to high 2023-02-06 08:47:44 +00:00
Michael B. Gale
7e9617f3ce Detect lack of error handling for os.File.Close 2023-02-06 08:47:43 +00:00
Tamás Vajk
c03fe70b8d Merge pull request #12086 from tamasvajk/feature/fix-exception-handling-archive 
C#: Change handled exception in `TrapWriter.ArchiveContents`
 2023-02-06 08:53:56 +01:00
Owen Mansel-Chan
9ed7836367 Fix files that gofmt can't parse 
We have some .go files that gofmt can't parse because they don't start
with "package". This was intentional, as they are fragments to be
included in .qhelp files. They don't affect the return code as gofmt
doesn't change their formatting, so this wasn't changing the result of
the check. However, it was confusing that when the check failed because
some other files weren't formatted correctly, the user would see the
stderr complaining about those files, so we capture stderr.

It would be an improvement to print which files are not formatted
correctly, but that was beyond my abilities with bash and makefiles.
 2023-02-06 07:16:58 +00:00
dependabot[bot]
33e8414fc4 build(deps): bump serde_json from 1.0.91 to 1.0.92 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.91 to 1.0.92.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.91...v1.0.92)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-06 03:29:59 +00:00
Sim4n6
ec82d61991 Add another frequently used step 2023-02-05 14:36:17 +01:00