hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 17:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,689 Branches 160 Tags
codeql-cli/v2.12.7
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
e44aca0b33 Java: Add printAST test with javadoc 2023-03-13 12:02:50 +01:00
Arthur Baars
41a53ec109 Address comments 2023-03-13 11:50:03 +01:00
Geoffrey White
e4837f7da9 Merge pull request #12489 from geoffw0/typealiastests 
Swift: Skeleton + tests for type alias support
 2023-03-13 10:38:43 +00:00
Asger F
5461f94c6c Merge pull request #12424 from asgerf/js/html-sanitizer-for-sql 
JS: Add html sanitizers as a taint step in a few queries
 2023-03-13 11:36:19 +01:00
Asger F
41dd63adc7 Handle forwardRef in React 2023-03-13 11:30:18 +01:00
Anders Schack-Mulligen
7c0e89ffdd Java: Refactor ArithmeticTainted.ql, TempDirLocalInformationDisclosure.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
da273269cb Java: Refactor PolynomialReDoS.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
f53a05bf13 Merge pull request #12475 from aschackmull/dataflow/mergepathgraph 
Dataflow: Add MergePathGraph module.
 2023-03-13 11:26:24 +01:00
Jeroen Ketema
a0fca20f0d Merge pull request #12498 from jketema/frontend-tests 
C++: Update `.expected` after frontend changes
 2023-03-13 11:25:58 +01:00
Anders Schack-Mulligen
c380ecbbbc Data flow: Add change notes. 2023-03-13 11:09:13 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Erik Krogh Kristensen
25e6b976c8 Merge pull request #12405 from github/dependabot/cargo/ql/rayon-1.7.0 
Bump rayon from 1.6.1 to 1.7.0 in /ql
 2023-03-13 10:57:11 +01:00
Geoffrey White
7512d81331 Merge pull request #12484 from geoffw0/summarydetail 
Swift: Update swift/summary/summary-statistics to DataFlow::ConfigSig
 2023-03-13 09:54:54 +00:00
Tom Hvitved
6ee231fac5 Ruby: Add more tests for flow through constructors 2023-03-13 10:52:01 +01:00
Geoffrey White
0d1be2294c Merge branch 'main' into typealiastests 2023-03-13 09:38:54 +00:00
Geoffrey White
8d666d00c2 Swift: Update codegen. 2023-03-13 09:21:44 +00:00
Geoffrey White
9a5dbd078e Merge pull request #12485 from geoffw0/qldocraw 
Swift: Add generated QLDoc to the Raw.qll file.
 2023-03-13 09:10:55 +00:00
Jeroen Ketema
bd47c4f9ec C++: Update .expected after frontend changes 2023-03-13 09:40:10 +01:00
Tony Torralba
e834f9302e Fix Apache Commons HTTP Client and SQL Injection tests 2023-03-13 09:36:53 +01:00
Harry Maclean
9c3d141c9c Ruby: Add change note 2023-03-13 18:57:55 +13:00
dependabot[bot]
7ab3bb1239 Bump serde from 1.0.154 to 1.0.155 in /ql 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.154 to 1.0.155.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.154...v1.0.155)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 04:10:45 +00:00
Harry Maclean
fe995dd99b Ruby: ActiveRecord::Connection.execute SQL sink 2023-03-13 09:03:54 +13:00
Harry Maclean
025cd34dab Ruby: Taint flow through ActionController params 
We were not recognising "require" as returning a Parameters instance.
 2023-03-13 08:52:41 +13:00
Harry Maclean
2d95b6a049 Ruby: Add count_by_sql as SQL sink 2023-03-13 08:40:32 +13:00
Harry Maclean
c97dccf0de Ruby: Add reorder as a SQL sink 
In recent versions of Rails this method doesn't seem to be vulnerable,
but it may be in previous versions. There's a slight FP risk here, but
I think it is small.
 2023-03-13 08:38:17 +13:00
Mathias Vorreiter Pedersen
ab58d4c11f Merge pull request #12415 from github/rdmarsh2/swift/constructor-flow 2023-03-10 23:16:37 +00:00
Arthur Baars
c67bfff33b Ruby: strip \\?\ from display paths 2023-03-10 22:32:11 +01:00
Arthur Baars
4bfcc31ef0 Ruby: support long paths on Windows 2023-03-10 22:32:11 +01:00
Ed Minnix
59eea2a4a3 Change FlowState classes to use IPAs instead of string 2023-03-10 15:24:04 -05:00
Ed Minnix
b6eeac5bc8 Update names to new naming convention 2023-03-10 15:13:58 -05:00
Robert Marsh
d9732361fc Swift: autoformat 2023-03-10 19:28:01 +00:00
Geoffrey White
fbde174a89 Swift: Autoformat. 2023-03-10 19:02:54 +00:00
Arthur Baars
50ff82fe51 Merge pull request #12482 from github/revert-12245-calumgrant/codeowners-dynamic 
Revert "Update CODEOWNERS for dynamic teams"
 2023-03-10 19:44:12 +01:00
Geoffrey White
7ddd08fb1e Swift: Extend an extractor test as well. 2023-03-10 18:35:03 +00:00
Geoffrey White
f6e7837cb8 Swift: Extend the PrintAST test as well. 2023-03-10 18:28:11 +00:00
Geoffrey White
0c900e4b8a Swift: Add a test for aliased types. 2023-03-10 18:26:48 +00:00
Mathias Vorreiter Pedersen
d4269251be Swift: Add QL skeleton for aliased types. 2023-03-10 18:15:40 +00:00
Arthur Baars
7b8ac609f7 Merge pull request #12478 from aibaars/js-fix-npe 
JS: fix NPE
 2023-03-10 18:49:46 +01:00
Geoffrey White
c2f6ee320f Swift: Add QLDoc to the Raw.qll file. 2023-03-10 17:43:30 +00:00
Robert Marsh
e931d59bea Merge pull request #12479 from jketema/simple-range-analysis-wrapper 
C++: Introduce wrapper for the semantic range analysis mimicking the simple one
 2023-03-10 10:01:28 -05:00
Edward Minnix III
e2acc26419 Apply docs review suggestions 
- Punctuation
- Rewording

Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-03-10 09:47:47 -05:00
Calum Grant
1b2ba15753 Revert "Update CODEOWNERS for dynamic teams" 2023-03-10 14:39:22 +00:00
Geoffrey White
7bd0f53df9 Swift: Update swift/summary/summary-statistics to DataFlow::ConfigSig. 2023-03-10 14:39:03 +00:00
Taus
998827f491 Merge pull request #12481 from aschackmull/all/autoformat-ignore-blame 
Ignore auto-format commits in git blame.
 2023-03-10 15:36:04 +01:00
Owen Mansel-Chan
286a56c9b3 Merge pull request #12450 from owen-mc/unexpected-directory-layout 
Diagnostic for imports with relative package paths
 2023-03-10 14:35:02 +00:00
Anders Schack-Mulligen
1e64748ffe Dataflow: Autoformat. 2023-03-10 15:12:19 +01:00
Anders Schack-Mulligen
955cc5a1be Ignore auto-format commits in git blame. 2023-03-10 15:08:49 +01:00
Anders Schack-Mulligen
289f921171 Dataflow: Sync. 2023-03-10 14:56:54 +01:00
Anders Schack-Mulligen
a836444bc6 Dataflow: Add some qldoc. 2023-03-10 14:56:54 +01:00
Anders Schack-Mulligen
00f0879ff5 Dataflow: Sync. 2023-03-10 14:56:54 +01:00