erik-krogh
f3f3b9417b
fix some more style-guide violations in the alert-messages
2022-10-07 11:24:29 +02:00
erik-krogh
944ca4a0da
fix some more style-guide violations in the alert-messages
2022-10-07 11:23:34 +02:00
Tamas Vajk
26c4216fef
Kotlin: Extract override modifier on SAM methods
2022-10-07 11:23:14 +02:00
erik-krogh
368f84785b
fix some more style-guide violations in the alert-messages
2022-10-07 11:22:22 +02:00
Tamas Vajk
9f6240b38c
Kotlin: Add test for missing override modifier on SAM methods
2022-10-07 11:22:15 +02:00
Harry Maclean
75cb0efecb
Merge pull request #10538 from hmac/hmac/actioncontroller-parameters
...
Ruby: Model flow through ActionController::Parameters
2022-10-07 22:21:40 +13:00
erik-krogh
d5c45056bd
fix some more style-guide violations in the alert-messages
2022-10-07 11:21:01 +02:00
erik-krogh
66c9705502
fix some more style-guide violations in the alert-messages
2022-10-07 11:19:46 +02:00
erik-krogh
a30b7120a7
fix some more style-guide violations in the alert-messages
2022-10-07 11:17:39 +02:00
Tony Torralba
5f740a5598
Merge pull request #10715 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-10-07 10:56:47 +02:00
Tom Hvitved
69fc59930f
Ruby: Add ql doc to lookupSingletonMethod
2022-10-07 10:55:30 +02:00
Tamas Vajk
f51c13f0c1
Kotlin: Recognize generated files
2022-10-07 09:32:00 +02:00
Tamas Vajk
51f9314a50
Kotlin: Consider ::class type check in equals
2022-10-07 09:23:01 +02:00
Tamas Vajk
f7f12076df
Kotlin: Add test case for ::class type check in equals
2022-10-07 09:22:10 +02:00
Tamas Vajk
cd64faf635
Kotlin: ignore properties in java/internal-representation-exposure check
2022-10-07 09:13:14 +02:00
Tamas Vajk
e9a304bad0
Kotlin: Add test for exposed internal representation
2022-10-07 09:12:36 +02:00
github-actions[bot]
a02dcdc5e1
Release preparation for version 2.11.1
2022-10-07 02:20:28 +00:00
github-actions[bot]
47c461a241
Add changed framework coverage reports
2022-10-07 00:26:57 +00:00
Mathias Vorreiter Pedersen
10eb548156
Merge pull request #10699 from MathiasVP/swift-mad-summaries
2022-10-06 17:44:35 +01:00
Mathias Vorreiter Pedersen
e147a6032e
C++: Replace 'IRType' with 'Type' in dataflow. This means we're more compatible with the old AST library.
2022-10-06 17:26:56 +01:00
Mathias Vorreiter Pedersen
65a538ed41
C++: Exclude a few more operands from the dataflow graph. These aren't ever used for dataflow, and it should give us a slight speedup.
2022-10-06 17:22:09 +01:00
Mathias Vorreiter Pedersen
3fcb825e7f
C++: Change a few indirectionIndex ranges from '[0 .. n - 1]' to '[1 .. n]'. This simplifies some arithmetic in a few predicates.
2022-10-06 17:21:09 +01:00
Mathias Vorreiter Pedersen
cfbb9e3339
Apply suggestions from code review
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-10-06 17:04:56 +01:00
Mathias Vorreiter Pedersen
7a425ffcc3
Update swift/ql/lib/codeql/swift/elements/type/NominalType.qll
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-10-06 16:59:31 +01:00
Chris Smowton
28fa06ab9c
Merge pull request #10709 from gregxsunday/main
...
add BeegoInput.RequestBody source to Beego framework
2022-10-06 16:04:04 +01:00
Chris Smowton
289843eb83
Remove accidentally duplicated test
...
This was moved to a unit test, but the integration test version was somehow retained.
2022-10-06 16:00:56 +01:00
Tony Torralba
ceae5eef28
Revert "Decouple from #10177 "
...
This reverts commit 7b34b10cee
2022-10-06 16:30:23 +02:00
Tony Torralba
21a0c446b4
Update java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-10-06 16:28:17 +02:00
Tony Torralba
015d48ef66
Fix select message
2022-10-06 16:28:17 +02:00
Tony Torralba
7b34b10cee
Decouple from #10177
2022-10-06 16:28:17 +02:00
Tony Torralba
1bf1349167
Test all sinks
2022-10-06 16:28:17 +02:00
Tony Torralba
39b5ebfd7b
Fix qhelp
2022-10-06 16:28:17 +02:00
Tony Torralba
76ea255277
Add security-severity
2022-10-06 16:28:17 +02:00
Tony Torralba
4a18892da9
Second query version
...
Remove sinks flowing to write operations requirement
2022-10-06 16:28:17 +02:00
Tony Torralba
153ec5368e
First query version requiring sinks to flow to write operations
2022-10-06 16:28:17 +02:00
erik-krogh
c1fae91a1f
have rb/meta/taint-steps print only one for each file, to limit the size of the output
2022-10-06 15:19:11 +02:00
Chris Smowton
812a5e5c74
Autoformat test.go
2022-10-06 14:08:56 +01:00
Chris Smowton
4e161c867e
Rename 2022-10-06-beego- to 2022-10-06-beego-request-body-source.md
2022-10-06 14:01:36 +01:00
Chris Smowton
7d98b74eec
Create 2022-10-06-beego-
2022-10-06 14:00:52 +01:00
Henry Mercer
7a7d164b07
Merge pull request #10698 from github/henrymercer/successfully-extracted-files-tag
...
Tag successfully extracted files queries
2022-10-06 13:21:52 +01:00
Chris Smowton
fcf24f7671
Fix typo
2022-10-06 12:59:43 +01:00
Chris Smowton
1d8547d4c1
Avoid using count(...) = 0
2022-10-06 12:57:56 +01:00
Chris Smowton
0024e54e63
Make method private
2022-10-06 12:55:17 +01:00
Chris Smowton
86e5e4c4bc
Accept test changes
2022-10-06 12:40:04 +01:00
Chris Smowton
020f29a1ab
Add visibility tests
2022-10-06 12:40:03 +01:00
Chris Smowton
764c139e3e
Visibility consistency query: allow $default methods to have package-private (default) visibility
2022-10-06 12:40:03 +01:00
Chris Smowton
34b83f01d0
Fix naming of internal default methods
2022-10-06 12:40:03 +01:00
Chris Smowton
5e182755a5
Fix generated $default method visibilities
2022-10-06 12:40:03 +01:00
Chris Smowton
bec948682d
Fix calls to static methods defined in association with local functions
...
These are a bit weird since they involve static calls to unnamed synthetic class members, but while unwriteable as Java they ought to work as a database description.
2022-10-06 12:40:03 +01:00
Chris Smowton
b79d273de4
When calling a $default method, ensure the real method gets extracted
2022-10-06 12:40:02 +01:00
