codeql

mirror of https://github.com/github/codeql.git synced 2026-02-11 12:41:06 +01:00

Author	SHA1	Message	Date
erik-krogh	e7c6571f52	remove the "send(..)" and similar from unsafe-code-construction	2022-11-25 10:25:31 +01:00
erik-krogh	f1668801d3	add a `rb/unsafe-code-construction` query rebase	2022-11-25 10:25:30 +01:00
Jeroen Ketema	4607f5990e	C++: Add more tests that exercise the default taint barrier implementation	2022-11-25 10:19:45 +01:00
Paolo Tranquilli	8df7d465cb	Swift: cache more aggressively in CI * the QL compilation cache action is used for ql and integration tests * all caches (Bazel and QL) are populated on push	2022-11-25 08:52:46 +01:00
Rasmus Lerchedahl Petersen	77d98b217e	Python: add import	2022-11-25 08:52:35 +01:00
yoff	d804acdef7	Apply suggestions from code review Co-authored-by: Taus <tausbn@github.com>	2022-11-25 08:50:37 +01:00
Paolo Tranquilli	9b4b29cab7	Merge branch 'main' into redsun82/swift-integration-test-pack	2022-11-25 08:49:36 +01:00
Harry Maclean	f49507e59a	Ruby: Add note about WithElement usage	2022-11-25 16:55:37 +13:00
Harry Maclean	df398fb9a0	Ruby: Add more flow summary tests	2022-11-25 16:55:37 +13:00
Harry Maclean	fe13ac188f	Ruby: US spelling	2022-11-25 16:55:37 +13:00
Harry Maclean	0b065001a8	Ruby: Add tests for flow summary behaviour These test cases are a companion to the flow summary docs, and ensure that the documentated behaviour matches reality.	2022-11-25 16:55:37 +13:00
Harry Maclean	c0501c189e	Ruby: Document ?/any behaviour in output paths	2022-11-25 16:55:37 +13:00
Harry Maclean	5b07c3a746	Ruby: Elaborate WithoutElement docs	2022-11-25 16:55:37 +13:00
Harry Maclean	5e3a817064	Ruby: With[out]Element only valid in input	2022-11-25 16:55:37 +13:00
Harry Maclean	0c2dd1a5a6	Ruby: Flesh out hash-splat docs	2022-11-25 16:55:37 +13:00
Harry Maclean	43f2713925	Ruby: Update test fixture	2022-11-25 16:55:37 +13:00
Harry Maclean	78f604aef1	Ruby: Document Field access path token	2022-11-25 16:55:37 +13:00
Harry Maclean	6f852aad0b	Ruby: Document flow summary syntax	2022-11-25 16:55:36 +13:00
Harry Maclean	0a4a8516eb	Ruby: simplify Hash#transform_keys! flow summary	2022-11-25 16:55:36 +13:00
Geoffrey White	208a728d39	Swift: Fixes.	2022-11-25 00:28:53 +00:00
Geoffrey White	37cdef7ab1	Swift: add basic Alamofire taint source model.	2022-11-25 00:14:23 +00:00
Geoffrey White	afb5dc7da3	Swift: Add test for Alamofire sources.	2022-11-25 00:08:51 +00:00
Harry Maclean	2822c94aa7	Ruby: Minor refactor of barrier guard code	2022-11-25 09:12:51 +13:00
Harry Maclean	6897fb46cb	Ruby: Clean up WhenClause CFG	2022-11-25 09:12:51 +13:00
Alexander Eyers-Taylor	3c7f7511be	Merge pull request #11418 from alexet/alexet/mockito-class-rename Java: Add new Mockito runner class location.	2022-11-24 17:49:31 +00:00
alexet	e24e3bf13f	Java: Add new Mockito runner class location.	2022-11-24 16:43:57 +00:00
erik-krogh	5f6cb1684b	move the code-injection tests into a subfolder	2022-11-24 17:23:25 +01:00
Henry Mercer	df3dc6fadc	Merge pull request #11414 from github/codeql-ci/atm/release-0.4.2 JS: Bump version numbers of ML-powered packs after 0.4.2 release	2022-11-24 16:07:28 +00:00
Alex Ford	e6446e501c	Ruby: fix docs failure	2022-11-24 15:37:03 +00:00
Alex Ford	893c8763bb	Ruby: model ActiveSupport json_escape flow	2022-11-24 15:33:08 +00:00
Edoardo Pirovano	9071acea01	Merge pull request #11416 from github/edoardo/mergeback-3.8 Merge `rc/3.8` into `main`	2022-11-24 15:05:28 +00:00
Erik Krogh Kristensen	03737543d4	Merge pull request #11403 from erik-krogh/additional ReDoS: add missing additional keywords	2022-11-24 15:53:51 +01:00
Edoardo Pirovano	8eeba92a47	Merge pull request #11415 from github/edoardo/mergeback-2.11.4 Merge `codeql-cli-2.11.4` into `rc/3.8`	2022-11-24 14:42:36 +00:00
Henry Mercer	56e5f01ce0	Merge branch 'main' into codeql-ci/atm/release-0.4.2	2022-11-24 14:41:49 +00:00
Jeroen Ketema	4c94ff7deb	Merge pull request #11413 from jketema/default-taint-upper-bound-check-fix C++: Fix upper bound detection in default taint flow	2022-11-24 15:36:59 +01:00
github-actions[bot]	78d49e44b1	JS: Bump version of ML-powered library and query packs to 0.4.3	2022-11-24 14:22:14 +00:00
github-actions[bot]	8d96bfe973	JS: Bump patch version of ML-powered library and query packs	2022-11-24 14:18:13 +00:00
Nick Rolfe	50b10be2db	Ruby: StackTraceExposure: add test for a specific rescue type	2022-11-24 14:08:34 +00:00
Nick Rolfe	1c407a28cd	Apply suggestions from code review Co-authored-by: Harry Maclean <hmac@github.com>	2022-11-24 14:02:32 +00:00
Jeroen Ketema	223eeb6921	C++: Fix upper bound detection in default taint flow	2022-11-24 14:38:36 +01:00
Tony Torralba	adf905d838	Merge pull request #11368 from ka1n4t/main Java: Add binding between annotation and sink-param in MyBatis SQL Injection query	2022-11-24 14:34:57 +01:00
Tony Torralba	1d57663343	Merge pull request #11345 from atorralba/atorralba/swift/data-models Swift: Add taint models for the Data class	2022-11-24 14:23:41 +01:00
Geoffrey White	32442a33de	Merge pull request #11270 from geoffw0/optionals2 Swift: Dataflow through ?? and ? :	2022-11-24 13:20:54 +00:00
Ian Lynagh	184c903ec7	Merge pull request #11401 from igfoo/igfoo/unused Kotlin: Remove an unused argument	2022-11-24 12:47:50 +00:00
Ian Lynagh	501ea31c25	Merge pull request #11404 from igfoo/igfoo/build_refactor Kotlin build system: Refactor jar-finder	2022-11-24 12:47:34 +00:00
Anders Schack-Mulligen	f2897f5bfc	Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority Java: Adjust the prioritisation between MaD and source dispatch.	2022-11-24 13:10:48 +01:00
Tony Torralba	e4e5291511	Fix more test expectations after rebase	2022-11-24 13:03:12 +01:00
Erik Krogh Kristensen	6464135800	Merge pull request #11409 from erik-krogh/cache-more Ruby: cache the compiled extractor in the build tests	2022-11-24 12:42:33 +01:00
Tony Torralba	fc7c66dab2	Remove now unnecessary additional taint step in UnsafeJsEval	2022-11-24 12:35:52 +01:00
Tony Torralba	e67b72d954	Update test expectations	2022-11-24 12:35:51 +01:00

... 81 82 83 84 85 ...

51820 Commits