hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 19:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,689 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ed Minnix
64668883a4 Add good example to documentation 2023-01-09 09:59:38 -05:00
Ed Minnix
2ec73c50f9 Mention WebView in alert message 2023-01-09 09:55:09 -05:00
Arthur Baars
664fdc3b2a Merge pull request #11815 from aibaars/too-many-fields 
Ruby: use record_parse_error_for_node to report extractor error
 2023-01-09 15:40:19 +01:00
Mathias Vorreiter Pedersen
0f93e5c907 Merge pull request #11781 from MathiasVP/as-expr-for-arrays 
C++: Map more expressions to `OperandNode`s
 2023-01-09 14:38:22 +00:00
Erik Krogh Kristensen
5157d4df7b Merge pull request #11581 from erik-krogh/stdin 
Rb: add stdin as source for unsafe-deserialization
 2023-01-09 13:57:47 +01:00
Chris Smowton
e9bbb5d7fa Merge pull request #11730 from smowton/smowton/admin/improve-sql-unescaped-docs 
Java: improve naming and description of SqlUnescaped.ql
 2023-01-09 12:50:27 +00:00
yoff
c01ce955ba Merge pull request #11778 from yoff/shared/inline-tests 
Shared: Inline test expectations
 2023-01-09 13:21:18 +01:00
Chris Smowton
2e26fb1171 Merge pull request #11819 from smowton/smowton/admin/port-java-autobuilder-tests 
Add Java autobuilder integration tests
 2023-01-09 12:17:39 +00:00
Chris Smowton
efe23c1da7 Note that alerts should not be re-raised 2023-01-09 10:56:13 +00:00
Chris Smowton
994a46289f Add change note 2023-01-09 10:56:13 +00:00
Chris Smowton
ef27f9fe96 Replace one more mention of escaping 2023-01-09 10:56:13 +00:00
Chris Smowton
45c732a6f9 Java: improve naming and description of SqlUnescaped.ql 
Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.
 2023-01-09 10:56:13 +00:00
Mathias Vorreiter Pedersen
381301e552 Update swift/ql/lib/swift.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-01-09 10:32:52 +00:00
Geoffrey White
9333e80def Swift: Add getVaList stub to the test. 2023-01-09 10:29:37 +00:00
Taus
06ea249997 Merge pull request #11820 from yoff/python/fix-downgrades 
Python: fix downgrade script
 2023-01-09 11:24:41 +01:00
Mathias Vorreiter Pedersen
6bb09ef289 Swift: Add integral type classes. 2023-01-09 09:43:09 +00:00
Mathias Vorreiter Pedersen
9be9636816 Merge pull request #11670 from atorralba/atorralba/swift/predicate-injection 
Swift: Add predicate injection query
 2023-01-09 08:54:13 +00:00
erik-krogh
d67e756f42 make the import of Gem private 2023-01-09 09:13:01 +01:00
Harry Maclean
5b117084db Merge pull request #11534 from hmac/array-inclusion-barrier-guard-constant 
Ruby: Make array inclusion barrier more sensitive
 2023-01-09 20:57:09 +13:00
Paolo Tranquilli
82d9edfabf Merge branch 'main' into redsun82/swift-open-redirection 2023-01-09 08:44:02 +01:00
Sarita Iyer
f15291a9de Change the order of sections 2023-01-06 15:00:43 -05:00
Sarita Iyer
d079c7a5ef Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-01-06 14:57:24 -05:00
Jami Cogswell
a3c7b2c3a2 Java: move java.lang.Math.min to the correct file 2023-01-06 14:35:09 -05:00
Geoffrey White
bb50a99b36 Swift: Additional test cases. 2023-01-06 18:48:46 +00:00
Geoffrey White
b5dd815249 Swift: Flow through optional binding. 2023-01-06 18:34:22 +00:00
Geoffrey White
c598d9b882 Swift: Generalize an SSA case for variables declared in Patterns. 2023-01-06 18:34:22 +00:00
Geoffrey White
8a9a69fa00 Swift: Add more dataflow tests for of optionals, patterns, enums. 2023-01-06 18:34:22 +00:00
Jeroen Ketema
a743fbcc95 Merge pull request #11799 from jketema/case-uncomment 
C++: Uncomment cases in dbscheme
 2023-01-06 19:26:53 +01:00
Sarita Iyer
d7bf2d9375 docs for codeql pack compatibility 2023-01-06 12:07:24 -05:00
Geoffrey White
04f87a26a9 Swift: Test layout change. 2023-01-06 16:52:54 +00:00
Sarita Iyer
a9867a266e fixed link 2023-01-06 11:50:07 -05:00
Sarita Iyer
d68cfc7d4f codeql pack compatibility docs 2023-01-06 11:17:02 -05:00
erik-krogh
538adb47a3 update expected output for DuplicateCharacterInSet 2023-01-06 15:41:57 +01:00
Chris Smowton
831255e9c0 Merge pull request #11832 from github/mbg/fix/go-version-warnings 
Go: Handle output from `go version` more gracefully
 2023-01-06 14:05:39 +00:00
Jeroen Ketema
c1bc097355 C++: Add upgrade/downgrade scripts for dbscheme update 2023-01-06 14:26:24 +01:00
Jeroen Ketema
cdb34bb1f9 C++: Update database stats file 2023-01-06 14:26:23 +01:00
Jeroen Ketema
b9b0c8091f C++: Uncomment cases in dbscheme 
Note that the builtin types `__int{8,16,32,64}` are not uncommented,
as these are never and could have never been generated by the
extractor.
 2023-01-06 14:26:23 +01:00
Geoffrey White
f3914ffe25 Merge pull request #11823 from geoffw0/heuristicalloc 
C++: Use HeuristicAllocationExpr in more queries
 2023-01-06 13:13:14 +00:00
Jami
f5e5f6dfd1 Merge pull request #11821 from jcogs33/jcogs33/fix-mad-typos 
Java: fix typos in MaD row `name` columns for `MappingSqlQuery` and `MappingSqlQueryWithParameters`
 2023-01-06 07:59:30 -05:00
Rasmus Lerchedahl Petersen
03bd6cb414 python: Allow optional result=OK 
Also add a further test case
 2023-01-06 13:33:12 +01:00
erik-krogh
10308f5875 track string-constants to regular expression uses 2023-01-06 13:17:31 +01:00
Nick Rolfe
4c5f149afd Merge pull request #11831 from github/post-release-prep/codeql-cli-2.12.0 
Post-release preparation for codeql-cli-2.12.0
 2023-01-06 12:15:17 +00:00
Michael B. Gale
1ef1d63c11 Add test for parseGoVersion 2023-01-06 11:20:51 +00:00
Michael B. Gale
9af9b32722 Find the last line of output from go version 2023-01-06 11:20:39 +00:00
Geoffrey White
bb451f3911 C++: Fix result duplication. 2023-01-06 11:05:47 +00:00
github-actions[bot]
cdb8f67601 Post-release preparation for codeql-cli-2.12.0 2023-01-06 10:36:34 +00:00
Rasmus Lerchedahl Petersen
8d9e94a00f swift: fix typo 2023-01-06 11:22:49 +01:00
erik-krogh
0a1769657d add change-note 2023-01-06 09:09:09 +01:00
erik-krogh
19d2b49562 drive-by: make Base64.decode64(..) into a flowsummary that is shared with all queries 2023-01-06 09:04:37 +01:00
erik-krogh
1a27441cfb drive-by: delete code-execution sinks from unsafe-deserialization, we risked duplicate alerts 2023-01-06 09:04:36 +01:00