hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 12:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,688 Branches 160 Tags
codeql-cli/v2.12.6
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
442c4e9a4e Merge pull request #11474 from github/aibaars-patch-2 
Ruby: fix upgrade script
 2022-11-29 13:45:06 +01:00
Tom Hvitved
b075c55a60 Merge pull request #11449 from hvitved/csharp/autobuild-env-vars-integration-test 
C#: Add integration test that checks whether env vars are passed through autobuilder
 2022-11-29 13:43:15 +01:00
erik-krogh
136b6db2ad only delete the src/ folder if it was empty 2022-11-29 13:42:27 +01:00
erik-krogh
f3f7a89ef8 make the JS autobuilder consistent with Ruby when no JS code was detected 2022-11-29 13:42:27 +01:00
Felicity Chapman
0def31a2ce Update Go article 2022-11-29 12:37:10 +00:00
Tony Torralba
bf023b0aed Use dominance in path injection sanitizer to avoid FNs 2022-11-29 13:33:27 +01:00
Arthur Baars
52cf27653f Ruby: fix upgrade script 2022-11-29 13:12:14 +01:00
Paolo Tranquilli
a3a68fe83d Tweak comment in incremental-cache action 2022-11-29 13:09:45 +01:00
Michael Nebel
d2c458c066 Java/C#: Correction of autogenerated comment(s) produced by the model generator. 2022-11-29 13:05:18 +01:00
Arthur Baars
cf7ebe2fa8 Merge pull request #11471 from github/rc/3.8 
Merge rc/3.8 into main
 2022-11-29 12:57:34 +01:00
Michael Nebel
984124b3b5 Java: Improve flow test case generator to emit a data extensions YAML file and qlpack file if needed. 2022-11-29 12:54:54 +01:00
Michael Nebel
48290c95a7 Java: Update the flow test case generator to emit data extension like model data. 2022-11-29 12:54:54 +01:00
Michael Nebel
9507dc15fd Java: Remove un-needed qlfrag files. 2022-11-29 12:54:54 +01:00
Felicity Chapman
c66569bd43 Generalize cpp changes and apply to csharp 2022-11-29 11:50:26 +00:00
erik-krogh
7dcb813ff3 remove two more claseses of FPs in rb/non-constant-kernel-open 2022-11-29 12:49:23 +01:00
Michael Nebel
bc6f0c1622 Merge pull request #11243 from michaelnebel/java/dataextensions 
Java: Use data extensions for MaD models.
 2022-11-29 12:43:26 +01:00
Nora Dimitrijević
1ee04dc020 Update prepare-db-upgrade.md 
Clarify the test steps based on my experience, where I got a "database may be too new" error when the `--search-path=<codeql-root>` directory was not specified.
 2022-11-29 12:36:51 +01:00
erik-krogh
cd770e0906 Merge branch 'main' into test-ci 2022-11-29 12:17:05 +01:00
erik-krogh
7c1435b7c6 use withFileTypes in move-caches.js some more 2022-11-29 12:16:38 +01:00
Erik Krogh Kristensen
3cb31ef030 use withFileTypes in move-caches.js 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-11-29 12:10:00 +01:00
Geoffrey White
3304e9f422 Merge pull request #11459 from geoffw0/constructor 
Swift: Constructor and destructor related cleanup
 2022-11-29 11:00:22 +00:00
Tony Torralba
52ebf66d21 Add basic path sanitizer 2022-11-29 11:55:04 +01:00
Tony Torralba
1576ee9410 Add additional stub to avoid errors when building on Linux 2022-11-29 11:55:03 +01:00
Tony Torralba
8cc66172c3 Add path injection query 2022-11-29 11:55:03 +01:00
Paolo Tranquilli
52a117aaf5 Swift: optimize bazel caching in CI 
Previously the cache would become stale. Now the same incremental
cache mechanism in use for the QL cache is adopted (and factored out
in a separate action).

Namely, pushes on main will populate the cache using the commit hash as
key, while PRs will try to use the cache of their merge base, read-only.

To avoid the cache growing out of control, a simple cache eviction is
done on pushes.
 2022-11-29 11:43:54 +01:00
Geoffrey White
63c139fdbe Merge branch 'main' into constructor 2022-11-29 10:40:19 +00:00
AlexDenisov
0f87eb45db Merge pull request #11470 from github/redsun82/swift-fix-ci 
Swift: revert `swift-actions/setup-swift`
 2022-11-29 11:39:08 +01:00
Nora Dimitrijević
93cce0f4c2 Swift: upgrade script 2022-11-29 11:31:08 +01:00
Nora Dimitrijević
13bbee73d8 Swift: Add .generated.list file from codegen 2022-11-29 11:31:07 +01:00
Nora Dimitrijević
931173350f Swift: extract missing cases of AccessorKind and AccessSemantics 
This resolves the warnings that were showing up during extractor-pack
compilation.
 2022-11-29 11:31:07 +01:00
Nora Dimitrijević
36e7235493 Swift: fix -Wmissing-braces warning in extractor 
By initializing va_list the standard way,
i.e. leaving it uninitialized until va_start().
 2022-11-29 11:31:07 +01:00
Nora Dimitrijević
c89c449a2c Swift: silence cmake/vscode intellisense Problem 
i.e. "TrapLabel not found"
 2022-11-29 11:27:33 +01:00
Jeroen Ketema
d3cccca7f1 C++: Filter duplicate (source, sink)-pairs 2022-11-29 11:17:39 +01:00
Paolo Tranquilli
9a25de3ef1 Swift: revert swift-actions/setup-swift 2022-11-29 11:17:08 +01:00
Jeroen Ketema
378206ae7d C++: Stop taint from flowing to arithmetic types 
These are not likely to give the user much control over what can be accessed.
 2022-11-29 11:15:28 +01:00
Karim Ali
f0d9dabca2 updated expected output for LocalTaint and Tain 2022-11-29 12:13:10 +02:00
Karim Ali
9b3c4e8db2 add test case for unicodeScalars 2022-11-29 12:12:10 +02:00
Karim Ali
7541b01a86 add test case for utf8CString 2022-11-29 12:12:10 +02:00
Karim Ali
58a87396ba add taint steps for fields of String 
if a String is tainted, then all its fields (including those declared in extensions) should be tainted as well
 2022-11-29 12:12:10 +02:00
Mathias Vorreiter Pedersen
4233c91a7e Merge pull request #11469 from atorralba/atorralba/swift/fix-local-taint 
Swift: Fix local taint
 2022-11-29 10:00:12 +00:00
Jeroen Ketema
718663415b C++: Stop flow from going through another source 
Without this we get confusing results:
```
    char *userAndFile = argv[2];
    char *fileName = argv[1];
    fopen(fileName, "wb+"); // Both argv[1] and argv[2] marked as source without
                            // this change.
```

While here add some more test cases.
 2022-11-29 10:52:57 +01:00
Jeroen Ketema
63334764d7 C++: Rewrite cpp/path-injection to not use DefaultTaintTracking 2022-11-29 10:52:57 +01:00
Jeroen Ketema
2ef13d1df7 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-29 10:43:01 +01:00
erik-krogh
915d680fcc use a node script instead of bash to move the compilation cache 2022-11-29 10:41:08 +01:00
erik-krogh
67e9841bf3 place the compilation cache in the temp dir 2022-11-29 10:40:54 +01:00
Tony Torralba
0e59257442 Fix local taint steps 
Local taint should include local flow and simple summaries through library code
 2022-11-29 10:36:56 +01:00
Tom Hvitved
f3dca95958 Merge pull request #11087 from hvitved/dataflow/summary-ctx 
Data flow: Add summary/return context to pruning stages 2-4
 2022-11-29 10:36:53 +01:00
Geoffrey White
c3dc9672f7 Merge branch 'main' into constructor 2022-11-29 09:30:03 +00:00
Geoffrey White
e0c8a8ecff Merge pull request #11458 from geoffw0/simplify 
Swift: Simplify some QL.
 2022-11-29 09:29:12 +00:00
Felicity Chapman
5898615f5a Merge pull request #11420 from github/felicitymay-8441-query-guides-java 
LGTM deprecation: updates to CodeQL for Java articles
 2022-11-29 09:23:21 +00:00