54887 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	6897b20722	Merge pull request #11601 from MathiasVP/keep-std-string-iterator	2022-12-08 12:59:33 +00:00
Michael Nebel	670ae6c84c	Merge pull request #11593 from michaelnebel/csharp/patternmatchspan ... C#: Pattern match Span<char> and ReadOnlySpan<char> against a constant string.	2022-12-08 13:53:00 +01:00
Michael Nebel	5883957a67	Merge pull request #11589 from michaelnebel/csharp/numericintptr ... C#: nint/System.IntPtr and nuint/System.UIntPtr are indistinguishable…	2022-12-08 13:52:44 +01:00
Chris Smowton	8789dfb655	Make river-crossing example comply with the CodeQL style guide	2022-12-08 12:33:42 +00:00
Mathias Vorreiter Pedersen	36d0903733	C++: Simplify 'getSourceVariable'.	2022-12-08 12:29:15 +00:00
Chris Smowton	81110b19e7	Merge pull request #11612 from smowton/smowton/admin/merge-rc38-into-main ... Merge rc/3.8 into main	2022-12-08 12:25:59 +00:00
Chris Smowton	045e3a2cf3	Kotlin: extract callable modality	2022-12-08 12:22:50 +00:00
Geoffrey White	07ea006cee	Swift: Add support for CSV modelled sinks as well.	2022-12-08 11:36:55 +00:00
Geoffrey White	dba344451f	Swift: Add UncontrolledFormatStringExtensions.qll.	2022-12-08 11:32:50 +00:00
Chris Smowton	0d2474bd55	Autoformat	2022-12-08 11:30:53 +00:00
ALJI Mohamed	9336f4f1a2	Considering the use of contextlib.closing() method	2022-12-08 12:26:59 +01:00
Chris Smowton	49bc524fd0	Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main	2022-12-08 11:12:30 +00:00
Rasmus Wriedt Larsen	d684dbdf5c	Merge pull request #10656 from porcupineyhairs/PyPamImprove ... Python: Improve the PAM authentication bypass query	2022-12-08 11:59:10 +01:00
Rasmus Wriedt Larsen	a826c4f48b	Merge branch 'main' into call-graph-code	2022-12-08 11:39:30 +01:00
Jeroen Ketema	a6bc9fd10f	Merge pull request #11591 from jketema/getenv ... C++: Model `secure_getenv` and `_wgetenv` as local flow sources	2022-12-08 10:44:28 +01:00
Asger F	f2b99c5fff	Docs: Update README to mention Python 2 requirement	2022-12-08 09:50:01 +01:00
Jeroen Ketema	fc49ede33d	C++: Add change note	2022-12-08 09:44:23 +01:00
Jeroen Ketema	a2dac3a41e	C++: Move remote flow sink test and also handle local and remote sinks	2022-12-08 09:36:19 +01:00
Mathias Vorreiter Pedersen	ba3d50a462	Merge pull request #11566 from MathiasVP/skip-lvalue-types	2022-12-08 07:53:20 +00:00
Paolo Tranquilli	0058bf4443	Swift: add timeout to inetgration tests on macOS	2022-12-08 08:44:29 +01:00
Jami Cogswell	e9e5f92603	Java: update notModeled for negative numbers	2022-12-07 21:46:52 -05:00
retanoj	0edfc6e01e	greedy matching	2022-12-08 09:23:24 +08:00
Mathias Vorreiter Pedersen	9f85175ee1	C++: Fix blowup in 'stripPointer'.	2022-12-07 22:35:37 +00:00
Mathias Vorreiter Pedersen	5ae3228928	C++: Fix TODO.	2022-12-07 22:34:10 +00:00
Mathias Vorreiter Pedersen	68f0997d87	C++: Generalize loads and stores.	2022-12-07 22:34:10 +00:00
Mathias Vorreiter Pedersen	589f7bdbcc	C++: Introduce BaseSourceVariableInstruction.	2022-12-07 22:34:03 +00:00
Jami Cogswell	aa7e6d7811	Java: add negative numbers	2022-12-07 17:17:35 -05:00
Aditya Sharad	c7725ec37c	Merge pull request #11605 from github/smowton/admin/merge-2.11.5-into-rc38 ... Merge codeql-cli-2.11.5 into rc/3.8	2022-12-07 14:09:05 -08:00
Henry Mercer	78f15755d7	Merge branch 'main' into codeql-ci/atm/release-0.4.3	2022-12-07 20:49:26 +00:00
Chris Smowton	32494859cd	Merge remote-tracking branch 'origin/codeql-cli-2.11.5' into smowton/admin/merge-2.11.5-into-rc38	2022-12-07 20:06:08 +00:00
github-actions[bot]	d577eeeea8	JS: Bump version of ML-powered library and query packs to 0.4.4	2022-12-07 20:05:30 +00:00
github-actions[bot]	9702ea02fb	JS: Bump patch version of ML-powered library and query packs	2022-12-07 20:01:33 +00:00
Ian Lynagh	6267da44ae	Kotlin: Improve diagnostic limit message ... The message saying that the limit was exceeded is now given at the same severity as the original message.	2022-12-07 18:33:35 +00:00
Mathias Vorreiter Pedersen	54c12cd715	C++: Reintroduce 'StdBasicStringIterator'.	2022-12-07 18:21:52 +00:00
Geoffrey White	1d4631e231	C++: Better solution.	2022-12-07 18:00:38 +00:00
Tom Hvitved	35938067fe	Merge pull request #11517 from aibaars/phi-reads-in-data-flow-graph ... Ruby: Include SSA "phi reads" in DataFlow::Node	2022-12-07 18:58:44 +01:00
Mathias Vorreiter Pedersen	05d89b29e2	Merge branch 'main' into skip-lvalue-types	2022-12-07 17:50:23 +00:00
Geoffrey White	627162b343	C++: Fix cpp/offset-use-before-range-check performance.	2022-12-07 17:32:36 +00:00
Ian Lynagh	e6c3bcec63	Java/Kotlin: Update the diagnostic severity documentation	2022-12-07 17:14:51 +00:00
Geoffrey White	a8b8b54f8d	Update cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql ... Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2022-12-07 16:44:33 +00:00
Geoffrey White	80cd994e36	Swift: Add taint reach to SummaryStats.ql.	2022-12-07 16:17:24 +00:00
Alvaro Muñoz	38b2f537d4	Use ReplyCall.super syntax instead of this.(ReplyCall)	2022-12-07 16:39:07 +01:00
Geoffrey White	4b8575bfc3	C++: Simplify the query slightly.	2022-12-07 15:35:45 +00:00
Arthur Baars	898a4006b0	Merge pull request #10747 from aibaars/ruby-more-flow ... Ruby: also treat included/prepended modules as subclasses	2022-12-07 15:49:00 +01:00
Geoffrey White	b3d838d678	C++: Define the sources more clearly and consistently (fixes performance issue).	2022-12-07 14:45:39 +00:00
Chris Smowton	9f9a51685b	Merge pull request #11510 from smowton/smowton/fix/kotlin-populate-source-class-files ... Kotlin: stub trap .class files when extracting a class from Kotlin source	2022-12-07 14:33:42 +00:00
Edward Minnix III	170c9af9e8	Merge pull request #11238 from egregius313/egregius313/webview-setjavascriptenabled ... Java: Query for detecting enabling Javascript in Android WebSettings	2022-12-07 09:31:58 -05:00
Arthur Baars	d862972d5e	Ruby: Add use-use stress test	2022-12-07 15:28:51 +01:00
Arthur Baars	d5f4340cf5	Ruby: address comment	2022-12-07 15:28:50 +01:00
Arthur Baars	f11f2cb1a0	Ruby: Update tests	2022-12-07 15:28:50 +01:00