hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 20:21:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,690 Branches 160 Tags
codeql-cli/v2.12.7
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jami Cogswell
a77acd6745 Java: add change note 2022-12-12 17:28:12 -05:00
Jami Cogswell
f0124dae1a Java: replace exists with instanceof 2022-12-12 16:40:19 -05:00
erik-krogh
92a7e787a8 C: do the minimal change to ValueNumberBound instead 2022-12-12 22:17:50 +01:00
Jami
84b69deb55 Merge branch 'main' into jcogs33/update-externalapi-charpredicate 2022-12-12 16:01:22 -05:00
Siara
169a465214 Update docs/codeql/writing-codeql-queries/introduction-to-ql.rst 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2022-12-12 12:54:01 -08:00
Harry Maclean
0340549744 Ruby: Slight rewording 2022-12-13 09:45:31 +13:00
erik-krogh
e0045d2736 filter out string literals from the taint-sink meta query 2022-12-12 21:44:24 +01:00
Jami Cogswell
3526406db0 Java: add tests 2022-12-12 15:10:55 -05:00
ALJI Mohamed
2f68b54b27 A simple download_file() call from maybe boto3 2022-12-12 19:46:34 +01:00
Chris Smowton
dd86f7a696 Kotlin: Revert type erasure within $default functions 
This imprecise implementation turned out to cause linkage errors, e.g. when type variables in the signatures of member methods were inappropriately erased. For the time being we accept that $default methods despite having erased signatures in keeping with their JVM representation can contain expressions whose types make reference to their
surrounding function or class' type variables, even though they should be out of scope since $default methods are static and don't have type parameters, and need to cope with the inconsistency in QL.
 2022-12-12 18:33:22 +00:00
Jami Cogswell
22f8d97f31 C#: add test case 2022-12-12 13:28:01 -05:00
Jami Cogswell
446ac75c87 Java: update unit test 2022-12-12 13:28:01 -05:00
Jami Cogswell
39154b1455 C#: add isParameterless predicate to Constructor class 2022-12-12 13:28:00 -05:00
Jami Cogswell
5113041623 Java: add isParameterless predicate to Constructor class 2022-12-12 13:28:00 -05:00
Jami Cogswell
a8a8b03d2f C#: exclude parameterless constructors from DataFlowTargetApi 2022-12-12 13:28:00 -05:00
Jami Cogswell
16d8e8e931 Java: exclude parameterless constructors from DataFlowTargetApi 2022-12-12 13:28:00 -05:00
Jeroen Ketema
18dea55071 C++: Fix cpp/alloca-in-loop regressions with use-use dataflow 2022-12-12 19:15:50 +01:00
Erik Krogh Kristensen
636d5e341c Merge pull request #11652 from erik-krogh/static-useInstanceOf 
Java/C#/GO: Use instanceof in more places
 2022-12-12 17:52:04 +01:00
Jami Cogswell
e42d9e4930 Java: switch floats to ints 2022-12-12 11:39:17 -05:00
Jami Cogswell
623068c4b9 Java: add hasProvenance predicate, remove isManuallyGenerated and isBothAutoAndManuallyGenerated 2022-12-12 11:23:46 -05:00
Edward Minnix III
0ebfee8b11 Merge pull request #11241 from egregius313/egregius313/webview-file-access 
Java: Query to detect Android Webview file access
 2022-12-12 11:12:26 -05:00
erik-krogh
698e05f85a Swift/C++: Use instanceof in more places 2022-12-12 16:58:13 +01:00
erik-krogh
a1564de126 more ram 2022-12-12 16:35:01 +01:00
erik-krogh
f554e1fef1 more threads 2022-12-12 16:33:07 +01:00
erik-krogh
7526c35c60 speedup the "ATM - Check query suite" CI job 2022-12-12 16:25:25 +01:00
erik-krogh
b3a9c1ca06 Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
Erik Krogh Kristensen
4ff823c36b Merge pull request #11366 from p-/p--ruby-kernel-open-addition 
Ruby: Add additional sinks to the `rb/kernel-open` query
 2022-12-12 15:56:01 +01:00
erik-krogh
873d3553cd Merge branch 'main' into static-useInstanceOf 2022-12-12 15:36:54 +01:00
Mathias Vorreiter Pedersen
a161dddbbf C++: Accept test changes. These happen because these remote flow sources specify that the remote source is both 'isReturnValue' and 'isReturnValueDeref'. 2022-12-12 13:39:09 +00:00
Tom Hvitved
912aa461c7 Merge pull request #11654 from hvitved/ruby/stage-collapse 
Ruby: Ensure `Node::{toString,getLocation}` are computed in data flow stage
 2022-12-12 13:57:47 +01:00
Michael Nebel
0fdf9a42f2 C#: Cleanup and make the last StreamReader model explicit on its input. 2022-12-12 13:21:26 +01:00
JarLob
1d303e0470 C#: Add remote type source kind in model validation. 2022-12-12 12:56:14 +01:00
Jaroslav Lobačevski
340fd8ae4e C#: Add change note. 2022-12-12 12:56:14 +01:00
Jaroslav Lobačevski
204a1d3d06 C#: Add source TCP/UDP source models and StreamReader summary models. 2022-12-12 12:56:14 +01:00
Mathias Vorreiter Pedersen
8722fb2cf5 C++: Accept test changes. 2022-12-12 10:54:40 +00:00
Mathias Vorreiter Pedersen
ad522651ec C++: Flow through uncertain writes. 2022-12-12 10:54:26 +00:00
Mathias Vorreiter Pedersen
2999243e34 C++: Add failing IR dataflow testcase. 2022-12-12 10:42:59 +00:00
Jeroen Ketema
b2091e8632 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-12-12 11:40:36 +01:00
Chris Smowton
2bdc9e80de Merge pull request #11625 from smowton/smowton/admin/autoformat-docs-ql-files 
Autoformat docs ql files
 2022-12-12 10:37:35 +00:00
Jeroen Ketema
cb1dacfef1 C++: Fix QL-for-QL warnings 2022-12-12 11:23:29 +01:00
Mathias Vorreiter Pedersen
b2fcf87e6a Merge pull request #11638 from jketema/rewrite-tainted-path-v2 
C++: Use `FlowSource` in `cpp/path-injection`
 2022-12-12 10:08:15 +00:00
Chris Smowton
77004f3e15 Merge pull request #11258 from smowton/smowton/feature/kotlin-annotation-extraction 
Kotlin: extract annotations
 2022-12-12 09:52:49 +00:00
Alvaro Muñoz
469d7f52dc Use fluent API instead of hasPropertyWrite 2022-12-12 10:46:50 +01:00
Alvaro Muñoz
1410d2838e Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-12 09:54:02 +01:00
Paolo Tranquilli
250ac686a2 Merge branch 'main' into redsun82/swift-open-redirection 2022-12-12 08:46:23 +01:00
Michael Nebel
e0f1b38439 Merge pull request #11580 from michaelnebel/renamenegativemodels 
C#/Java: Rename Negative Summary Model to Neutral Model
 2022-12-12 07:59:06 +01:00
Harry Maclean
6c8896d83f Merge pull request #11337 from hmac/actionmailbox 
Ruby: Model ActionMailbox
 2022-12-12 10:29:23 +13:00
Tom Hvitved
58549087e0 Ruby: Ensure Node::{toString,getLocation} are computed in data flow stage 2022-12-11 20:37:24 +01:00
Tom Hvitved
367aa35d8c Ruby: Avoid SummarizedCallable::propagatesFlowExt being recursive 2022-12-11 20:37:23 +01:00
Chris Smowton
2b10e4ba04 Merge pull request #11653 from github/post-release-prep/codeql-cli-2.11.6 
Post-release preparation for codeql-cli-2.11.6
 2022-12-11 19:24:26 +00:00