hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-15 14:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,690 Branches 160 Tags
codeql-cli/v2.12.6
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
bc5b7455cf add failing test 2022-11-07 09:14:52 +01:00
Dave Bartolomeo
b8e1aa67d8 Merge pull request #11134 from github/post-release-prep/codeql-cli-2.11.3 
Post-release preparation for codeql-cli-2.11.3
 2022-11-05 13:54:49 -04:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
Dave Bartolomeo
8344d5a376 Merge pull request #11133 from github/release-prep/2.11.3 
Release preparation for version 2.11.3
codeql-cli/v2.11.3 		2022-11-04 22:50:41 -04:00
Mathias Vorreiter Pedersen
60ac031db4 Merge pull request #11036 from geoffw0/simplify3 2022-11-05 00:31:05 +00:00
Dave Bartolomeo
013b7eff1c Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-11-04 18:46:32 -04:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Tiferet Gazit
5198ad7612 Merge pull request #11055 from github/tiferet/sink-classification-reasons 
Sink endpoint characteristics
 2022-11-04 11:24:08 -07:00
Henry Mercer
b32f4b844a Merge pull request #11118 from github/henrymercer/atm-check-queries-improvements 
ATM: Miscellaneous improvements for the check queries workflow
 2022-11-04 18:04:32 +00:00
Arthur Baars
9992ecc317 Merge branch 'codeql-cli-2.11.2' into ruby/ast-ref-table-docs 2022-11-04 17:59:35 +01:00
Calum Grant
e9e94dcb0f Merge pull request #10932 from github/nickrolfe/ruby-dataflow-docs 
Ruby: data flow docs
 2022-11-04 16:47:00 +00:00
tiferet
833041c62e Fix QLDoc style errors 2022-11-04 09:30:31 -07:00
tiferet
2aa4651534 Remove predicates not yet used from the current PR 2022-11-04 09:30:31 -07:00
tiferet
74c8bfff4f Minor changes from code review 2022-11-04 09:30:31 -07:00
tiferet
e60c016fc6 Format fixes 2022-11-04 09:30:31 -07:00
tiferet
cbf81b8839 Improve the import structure 2022-11-04 09:30:31 -07:00
tiferet
300456cd3e Enforce the abstraction over characteristics: 
Make the implementations of specific `EndpointCharacteristic`s private.
 2022-11-04 09:30:31 -07:00
tiferet
c0cc754fb5 Rename ClassificationReasons 
Change the name to EndpointCharacteristics.
 2022-11-04 09:30:30 -07:00
tiferet
a4939b91e7 Generalize the definition of a known sink: 
If the list of reasons includes positive indicators with maximal confidence for this class, it's a known sink for the class.

This negates the need for each query config to define the isKnownSink predicate individually.
 2022-11-04 09:30:29 -07:00
tiferet
08bbe596a2 Create the sink ClassificationReasons 
Write the reasons that indicate that an endpoint is a sink for each sink type.

Also fix import error.
 2022-11-04 09:30:29 -07:00
erik-krogh
d7f1491f41 fix non-attached annotations for newtype branches 2022-11-04 17:19:42 +01:00
Dave Bartolomeo
649c3af98a Merge pull request #11127 from github/henrymercer/fix-atm-pr-checks 
ATM: Fix CodeQL pack workspace references
 2022-11-04 12:19:42 -04:00
Alex Ford
53e83ff048 Ruby: AST ref docs - add futher reading section 2022-11-04 16:01:31 +00:00
Alex Ford
13aad99194 Ruby: AST ref docs - add Calls section intro 2022-11-04 16:01:31 +00:00
Alex Ford
a77fc96067 Ruby: AST ref docs - note about desugaring and synthesized AstNodes 2022-11-04 16:01:31 +00:00
Alex Ford
530b29ccdf Ruby: AST ref docs - note AssignExpr 2022-11-04 16:01:31 +00:00
Alex Ford
9cf3284371 Ruby: AST ref docs - add a missing space 2022-11-04 16:01:31 +00:00
Mathias Vorreiter Pedersen
bd549e527c Merge pull request #11128 from jketema/dont-use-old 
C++: Do not use the old dataflow library in `additional-flow-to-parameter`
 2022-11-04 15:59:52 +00:00
Arthur Baars
5aee96d907 Merge branch 'codeql-cli-2.11.2' into ruby/ast-ref-table-docs 2022-11-04 16:39:29 +01:00
Arthur Baars
a11de9b145 Merge branch 'codeql-cli-2.11.2' into nickrolfe/ruby-dataflow-docs 2022-11-04 16:38:19 +01:00
Arthur Baars
20bebba1ff Merge pull request #10957 from aibaars/doc-api-graph 
Ruby: document API graphs
 2022-11-04 16:36:38 +01:00
Arthur Baars
58c0e65542 Merge pull request #11129 from aibaars/improve-weak-crypto 
Ruby: Improve weak crypto query
 2022-11-04 16:31:55 +01:00
alexet
c07db098a7 QLSpec: Adress comments from review 2022-11-04 15:27:21 +00:00
Arthur Baars
610bbeee97 Update docs/codeql/codeql-language-guides/using-api-graphs-in-ruby.rst 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-04 16:21:57 +01:00
Chris Smowton
8fd4041511 Kotlin: always populate the files table 
Previously individual top-level file declarations relied on their corresponding file-class to declare their `File` instance, but this can be scuppered by a Java extractor replacing that file-class and identifying a different file location.
 2022-11-04 15:00:27 +00:00
Arthur Baars
98f4c29913 Ruby: weak crypto: do not report weak hash algorithms 
Weak hash algorithms such as MD5 and SHA1 are often
used in non security sensitive contexts and reporting
all uses is far too noisy.
 2022-11-04 15:58:50 +01:00
Erik Krogh Kristensen
418d632738 Merge pull request #11123 from erik-krogh/stableCI-followup-2 
fix typo in compile-queries workflow
 2022-11-04 15:48:27 +01:00
Jeroen Ketema
fc2013334f C++: Do not use the old dataflow library in additional-flow-to-parameter 
Either both queries here should use the old library or neither should. The
expectation is that the expected results between the queries differ depending
on the additional flow step in one of them.
 2022-11-04 15:46:36 +01:00
AlexDenisov
c7da814bca Merge pull request #11122 from github/alexdenisov/make-macos-sed-happy 
Swift: make sed on macos happy
 2022-11-04 15:45:06 +01:00
Paolo Tranquilli
0370d1a1ba Merge pull request #11008 from github/redsun82/swift-macos-integration-tests 
Swift: rework workflows
 2022-11-04 15:44:42 +01:00
Alex Ford
d218572c72 Ruby: Apply review suggestions for AST reference guide 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-04 14:42:33 +00:00
Tom Hvitved
05bf86acb6 Merge pull request #11126 from hvitved/cpp/position-overrides 
C++: Let `(Indirect|Direct)Position` be sub classes of `Position`
 2022-11-04 15:35:27 +01:00
AlexDenisov
0260ecfbdb Merge branch 'main' into alexdenisov/make-macos-sed-happy 2022-11-04 15:17:08 +01:00
Henry Mercer
0b9588bf9e ATM: Add test pack to workspace 2022-11-04 14:07:14 +00:00
Henry Mercer
3e863a539a ATM: Fix CodeQL pack workspace references 
This fixes the
[ATM PR checks](https://github.com/github/codeql/actions/runs/3392995797/jobs/5639827326)
breaking on main as a result of
https://github.com/github/codeql/pull/11004.
 2022-11-04 14:03:34 +00:00
Tom Hvitved
95835b8297 C++: Let (Indirect|Direct)Position be sub classes of Position 2022-11-04 14:31:18 +01:00
erik-krogh
def9b5e2ce fix typo in compile-queries workflow 2022-11-04 13:58:29 +01:00
Erik Krogh Kristensen
265838aa2c Merge pull request #11117 from erik-krogh/stableCI-followup 
fix merge-base compilation when running directly on main
 2022-11-04 13:56:41 +01:00
Arthur Baars
fadc278485 Merge branch 'codeql-cli-2.11.2' into nickrolfe/ruby-dataflow-docs 2022-11-04 13:05:26 +01:00
AlexDenisov
476bbfbdb7 Update qltest.sh 2022-11-04 13:04:24 +01:00