hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 17:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,689 Branches 160 Tags
codeql-cli/v2.12.6
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
ff53e53e8c Merge pull request #12236 from MathiasVP/language-specific-field-flow-branch-limit-term 
Dataflow: Add a language specific term to `join` and `branch`
 2023-03-06 16:59:09 +00:00
Geoffrey White
4d327dbf4f Swift: The PointerType class isn't used any d any more. 2023-03-06 16:36:41 +00:00
Geoffrey White
61340c4b20 Swift: Permit data flow from generic arguments, rather than just pointers. 2023-03-06 16:34:12 +00:00
Geoffrey White
1e5b904514 Swift: Add test cases for mutating pointers inside containers. 2023-03-06 16:17:39 +00:00
Mathias Vorreiter Pedersen
aa09361a42 Merge pull request #12407 from MathiasVP/fix-internal-system-data-tests 2023-03-06 15:45:25 +00:00
Jeroen Ketema
47930f94e2 Merge remote-tracking branch 'upstream/main' into merge-main 2023-03-06 15:20:39 +01:00
Asger F
d4b4d22378 JS: Step through HTML sanitizers in SQL injection query 2023-03-06 15:10:26 +01:00
Mathias Vorreiter Pedersen
92ad099c1b DataFlow: Remove bindingsets, remove the call column, and swap parameter and argument columns. 2023-03-06 13:47:59 +00:00
Mathias Vorreiter Pedersen
3bf28cc752 DataFlow: Sync identical files. 2023-03-06 13:46:21 +00:00
Mathias Vorreiter Pedersen
9647b6a3f5 Swift: Add stub. 2023-03-06 13:45:04 +00:00
Mathias Vorreiter Pedersen
e6b6369a21 Ruby: Add stub. 2023-03-06 13:44:59 +00:00
Mathias Vorreiter Pedersen
5ebd50044f Python: Add stub. 2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen
4720e2a30a Java: Add stub. 2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen
067abacbb8 Go: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
b667e0136f C#: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
05314b48e8 C++: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
6e8a2a6375 DataFlow: Add a language-specific predicate for modifying 'branch' and 'join'. 2023-03-06 13:44:19 +00:00
Geoffrey White
56b6441ef5 Merge pull request #12391 from geoffw0/ptrout 
Swift: Permit data flow out through pointer arguments
 2023-03-06 13:37:22 +00:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
Mathias Vorreiter Pedersen
d2d91cfb29 C++: Accept test changes. 2023-03-06 11:30:40 +00:00
Mathias Vorreiter Pedersen
8836cbae5b C++: Make sure we use an indirect sink only for the sinks that receive a 
pointer to the data. Also fix a bug where we used 'asExpr' instead
of 'asIndirectExpr'.
 2023-03-06 11:22:58 +00:00
dependabot[bot]
3538cf89b9 Merge pull request #12404 from github/dependabot/cargo/ql/serde_json-1.0.94 2023-03-06 09:55:33 +00:00
Arthur Baars
d2ab40c184 Merge pull request #12208 from gregxsunday/main 
Add ZipSlip and TarSlip query to ruby
 2023-03-06 10:40:06 +01:00
dependabot[bot]
ce5e76a3a0 Bump serde_json from 1.0.93 to 1.0.94 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 09:32:26 +00:00
Anders Schack-Mulligen
557cb17f4d Dataflow: Minor perf fix for single config wrapper. 2023-03-06 10:24:33 +01:00
Calum Grant
b8e123dc08 Merge pull request #12402 from github/dependabot/cargo/ruby/serde_json-1.0.94 
Bump serde_json from 1.0.93 to 1.0.94 in /ruby
 2023-03-06 09:24:21 +00:00
Anders Schack-Mulligen
d4c5877484 Merge pull request #3 from MathiasVP/fix-exec-tainted 
C++: Use refactored dataflow library in `cpp/command-line-injection`
 2023-03-06 09:32:34 +01:00
Jeroen Ketema
72d03e4060 C++: Fix test that used deprecated function 2023-03-06 09:07:52 +01:00
dependabot[bot]
d34d7e51e5 Bump rayon from 1.6.1 to 1.7.0 in /ql 
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/rayon-rs/rayon/releases)
- [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.6.1...rayon-core-v1.7.0)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 04:18:21 +00:00
dependabot[bot]
f93b304578 Bump serde_json from 1.0.93 to 1.0.94 in /ruby 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 04:15:01 +00:00
Dave Bartolomeo
e169702165 Merge branch 'main' into post-release-prep/codeql-cli-2.12.4 2023-03-04 09:20:44 -05:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
Dave Bartolomeo
d589b324c9 Merge pull request #12386 from github/release-prep/2.12.4 
Release preparation for version 2.12.4
codeql-cli/v2.12.4 		2023-03-03 16:59:55 -05:00
Dave Bartolomeo
b342e93989 Move change note to appropriate pack 2023-03-03 14:43:00 -05:00
Geoffrey White
6f120a66d0 Merge pull request #12368 from geoffw0/taintarith3 
Swift: Fill some gaps in arithmetic / bitwise operations modelling
 2023-03-03 18:20:54 +00:00
Geoffrey White
9aaf30691c Merge pull request #12307 from geoffw0/stringconflationtaint 
Swift: Update swift/string-length-conflation to taint tracking
 2023-03-03 17:27:15 +00:00
Geoffrey White
c29dcefcf2 Swift: Fix .expected file. Locations had changed after the formatting fix. 2023-03-03 17:24:07 +00:00
Geoffrey White
395bf675fe Swift: Make the test work on Linux. 2023-03-03 17:14:57 +00:00
Jeroen Ketema
aa00424b75 C++: Fix experimental query that uses the deprecated freeCall predicate 2023-03-03 17:53:49 +01:00
Geoffrey White
2d889304bb Swift: Some cases in the SqlInjection test are fixed by this. 2023-03-03 16:49:13 +00:00
Geoffrey White
b2bcb2d378 Swift: Fix formatting. 2023-03-03 16:32:21 +00:00
Chris Smowton
d4e02eb846 Merge pull request #12384 from smowton/smowton/admin/java-tsp-message-cleanup 
Java TSP: test changes re: formatting improvements
 2023-03-03 16:24:35 +00:00
Geoffrey White
6e3040987a Swift: Autoformat. 2023-03-03 16:24:28 +00:00
Geoffrey White
234f17b578 Swift: Use PointerType in data flow's 'modifiable' predicate. 2023-03-03 16:23:49 +00:00
Geoffrey White
3249cee1c9 Swift: Add an overall PointerType. 2023-03-03 16:23:46 +00:00
Geoffrey White
589e0af20a Swift: Test for pointer types. 2023-03-03 16:23:29 +00:00
Geoffrey White
9423c21d46 Swift: Add simple model for pointer types. 2023-03-03 16:23:27 +00:00
Jeroen Ketema
391d9bed5b C++: Add deprecated to predicates that are deprecated according to the QLDoc 2023-03-03 17:15:47 +01:00
Jeroen Ketema
2ee8344e92 Merge pull request #12387 from jketema/qualified-deprecation 
C++: Properly deprecate `hasQualifiedName` by using the `deprecated` keyword
 2023-03-03 17:11:56 +01:00
Alex Denisov
7f3e7224df Swift: introduce type mangling 2023-03-03 16:28:41 +01:00