hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 08:41:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,687 Branches 159 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
4cc3a6dcf5 Swift: Fix missing QLDoc. 2023-05-05 10:43:14 +01:00
Geoffrey White
c5178de3f4 Swift: Standardize on 'AdditionalFlowStep' as well. 2023-05-05 10:21:57 +01:00
Mathias Vorreiter Pedersen
cad02441f9 Merge branch 'main' into overrun-write-only-one-alert 2023-05-05 10:14:20 +01:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
Geoffrey White
d92ecbb3cf Swift: Standardize on 'barrier' tover 'santerminology now we use ConfigSig dataflow. 2023-05-05 10:03:18 +01:00
Paolo Tranquilli
287b23c05e Codegen: actually commit changed .gitattributes file 2023-05-05 10:10:52 +02:00
Paolo Tranquilli
95248d17d1 Codegen: prepend .gitattributes entries with / 2023-05-05 10:08:44 +02:00
Tony Torralba
929d9dbdfa Merge pull request #13046 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-05-05 10:06:53 +02:00
Paolo Tranquilli
436f2437ef Codegen: also mark generated .gitattributes as linguist-generated 2023-05-05 09:59:44 +02:00
Arthur Baars
0359d29b40 Merge pull request #13055 from hmac/tree-sitter-extractor-clippy-fixes 
Shared: Fix clippy in shared extractor
 2023-05-05 09:48:51 +02:00
Paolo Tranquilli
d0047ae99f Swift: also mark swift.dbscheme as linguist-generated 2023-05-05 09:43:31 +02:00
Paolo Tranquilli
1155b97232 Codegen: mark generated checked in files as such 2023-05-05 09:29:16 +02:00
Harry Maclean
9203efbdc4 Shared: Share autobuilder code between Ruby and QL 2023-05-05 07:20:14 +00:00
Harry Maclean
c7e8f0d12a Shared: Pin rust version for shared extractor 2023-05-05 06:36:55 +00:00
Harry Maclean
a577bec22c Shared: Fix clippy warnings in shared extractor 2023-05-05 06:30:12 +00:00
github-actions[bot]
3d9e5ebfd8 Add changed framework coverage reports 2023-05-05 00:14:57 +00:00
Edward Minnix III
2d5b35067e Merge pull request #12721 from egregius313/egregius313/java/move-configurations-to-libraries 
Java: Move more dataflow configurations to `*Query.qll` files
 2023-05-04 20:14:22 -04:00
Ed Minnix
0c604b1c34 Remove generated model 2023-05-04 16:56:14 -04:00
Ed Minnix
7a295b554b Remove Map rows 2023-05-04 16:52:40 -04:00
Edward Minnix III
a34a51737f Add SyntheticFields for JwsHeader 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-05-04 16:52:40 -04:00
Ed Minnix
62cbcdb30c Add change note 2023-05-04 16:52:40 -04:00
Ed Minnix
a4f4ff15ce Change method resolveSigningKey from class to interface 
The resolveSigningKey method of SigningKeyResolverAdapter is an
implementation of that defined in SigningKeyResolver. So this changes
the type from the class to the interface it implements
 2023-05-04 16:52:40 -04:00
Ed Minnix
5c10d42915 More test cases for io.jsonwebtoken.SigningKeyResolverAdapter 2023-05-04 16:52:40 -04:00
Ed Minnix
a4fa1ec768 Test case for modeling io.jsonwebtoken.SigningKeyResolverAdapter 2023-05-04 16:52:40 -04:00
Ed Minnix
3d0147765c Add missing methods to jwtk-jjwt stubs 2023-05-04 16:52:40 -04:00
Ed Minnix
a38466b0f3 Erase generics in generated model 2023-05-04 16:52:40 -04:00
Ed Minnix
26cdf24bf0 Added MaD models for io.jsonwebtoken 2023-05-04 16:52:39 -04:00
Robert Marsh
e32e28d95f Merge pull request #13035 from MathiasVP/ranked-phi-hack-for-bounded-phi 
C++: Work around poor codegen for `forex` in IR-based range analysis
 2023-05-04 16:48:00 -04:00
Chuan-kai Lin
0984fc7cce JS: Add pragma[only_bind_out] to Locatable::toString() calls 2023-05-04 13:20:56 -07:00
Jami
3c74c8bbe0 Merge pull request #13019 from jcogs33/jcogs33/url-open-stream-updates 
Java: switch `url-open-stream` sink models to `experimentalSinkModel`
 2023-05-04 15:07:44 -04:00
Chuan-kai Lin
d968cee2c4 Java: Add pragma[only_bind_out] to Top::toString() calls 2023-05-04 11:46:35 -07:00
Mathias Vorreiter Pedersen
27c4408431 Merge pull request #12997 from MathiasVP/sync-product-flow-across-calls 
C++: Synchronize product dataflow paths on function entry points
 2023-05-04 17:37:48 +01:00
Mathias Vorreiter Pedersen
de08ada0bc C++: Accept test changes. 2023-05-04 17:29:39 +01:00
Mathias Vorreiter Pedersen
2587f8ed96 C++: Only alert on the largest possible overflow. 2023-05-04 17:29:31 +01:00
Mathias Vorreiter Pedersen
a09a8dba95 C++: Add testcase with repeated TP alerts. 2023-05-04 16:59:54 +01:00
Stephan Brandauer
62ab91c14a fix ql-for-ql warning 2023-05-04 17:48:50 +02:00
Stephan Brandauer
27703c777a pull subtypes-logic out into helper predicate, and document it 2023-05-04 17:45:17 +02:00
Stephan Brandauer
0e5591ff86 move getCallable to signature module implementation, and document it 2023-05-04 17:35:46 +02:00
Stephan Brandauer
a616a786f0 formatting 2023-05-04 17:27:27 +02:00
Jami
4e31c46b0c Merge pull request #13024 from jcogs33/jcogs33/remove-hardcoded-jwt-key-summaries 
Java: remove `hardcoded-jwt-key` experimental summary models
 2023-05-04 11:18:18 -04:00
Mathias Vorreiter Pedersen
5a5240dbf9 Merge pull request #12865 from rdmarsh2/rdmarsh2/range-analysis-ast-wrapper 
C++: AST-based wrapper for new range analysis
 2023-05-04 16:10:21 +01:00
Paolo Tranquilli
b511c5f355 Merge pull request #13012 from github/redsun82/swift-json 
Swift: add infrastructure for emitting JSON diagnostics
 2023-05-04 17:04:45 +02:00
Stephan Brandauer
36aabc077e Update java/ql/src/Telemetry/AutomodelFrameworkModeCharacteristics.qll 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2023-05-04 16:50:37 +02:00
Ed Minnix
5f3c8fef3f Privacy markers and fixed imports 2023-05-04 10:25:17 -04:00
Ed Minnix
3100e98513 Add missing change notes and update date 2023-05-04 10:25:17 -04:00
Ed Minnix
74fc6382a6 Add improper validation of array size query libraries 2023-05-04 10:25:17 -04:00
Ed Minnix
c319ee4c0d Add TempDirLocalInformationDisclosureQuery 2023-05-04 10:25:16 -04:00
Ed Minnix
b087cf9a0a Add Arithmetic query libraries 2023-05-04 10:25:16 -04:00
Ed Minnix
b6361cdd3d Move CWE-190/ArithmeticCommon.qll to semmle.code.java.security 2023-05-04 10:25:16 -04:00
Ed Minnix
77ee80fd81 Add missing change notes 2023-05-04 10:25:16 -04:00