codeql

mirror of https://github.com/github/codeql.git synced 2026-02-03 08:41:05 +01:00

Author	SHA1	Message	Date
CodeQL CI	c1a52031cf	Merge pull request #12968 from github/release-prep/2.13.1 Release preparation for version 2.13.1 codeql-cli/v2.13.1	2023-04-28 13:14:42 +01:00
github-actions[bot]	3bd29171fb	Release preparation for version 2.13.1	2023-04-28 12:14:35 +00:00
Geoffrey White	837f16c212	Swift: Address singleton set literal warning	2023-04-28 12:16:28 +01:00
Michael B. Gale	edfe2d7ab7	Merge pull request #12944 from github/mbg/go/html-template-sanitizers Go: Add `html/template` functions as sanitisers for XSS queries	2023-04-28 12:15:57 +01:00
Felicity Chapman	8ca80d3170	Update links to CodeQL manual Make CodeQL CLI a single item in the side navigation	2023-04-28 12:07:26 +01:00
Mathias Vorreiter Pedersen	43527573d0	C++: Fix back edge detection for phi nodes.	2023-04-28 11:58:56 +01:00
Mathias Vorreiter Pedersen	faf846bd58	C++: Disable flow through nodes that are sources of phi edges' back edges.	2023-04-28 11:36:42 +01:00
Michael B. Gale	5a44fae515	Go: add test for unrelated A->C data flow	2023-04-28 10:56:12 +01:00
Mathias Vorreiter Pedersen	2716c73f87	C++: Add change note.	2023-04-28 10:49:49 +01:00
Mathias Vorreiter Pedersen	c35cb70c9f	C++: Fix inconsistencies.	2023-04-28 10:40:18 +01:00
Mathias Vorreiter Pedersen	fd2f0257b6	C++: Accept query changes.	2023-04-28 10:25:12 +01:00
Mathias Vorreiter Pedersen	24d1cac9d7	C++: Accept test changes.	2023-04-28 10:25:07 +01:00
Mathias Vorreiter Pedersen	ee7b137c24	C++: Add dataflow for static locals.	2023-04-28 10:24:57 +01:00
Mathias Vorreiter Pedersen	3eca60cc40	C++: Add static local testcases.	2023-04-28 10:23:36 +01:00
Mathias Vorreiter Pedersen	205bb76036	Merge pull request #12960 from MathiasVP/fp-invalid-deref-2 C++: Add more FPs for `cpp/invalid-pointer-deref`	2023-04-28 09:47:46 +01:00
Mathias Vorreiter Pedersen	4ef58cd662	C++: Remove unused parameter in test.	2023-04-28 09:30:30 +01:00
Owen Mansel-Chan	8415c4a4eb	Remove ArgumentNode assumption	2023-04-28 09:23:38 +01:00
Owen Mansel-Chan	c7c0a73b90	Accept review suggestions	2023-04-28 09:23:37 +01:00
Owen Mansel-Chan	52cc61198d	Use `CallExpr.hasImplicitArgs()`	2023-04-28 09:23:37 +01:00
Owen Mansel-Chan	b928f13d94	Add `CallExpr.hasImplicitArgs()`	2023-04-28 09:23:36 +01:00
Owen Mansel-Chan	f3c1c53b54	Add CallExpr.getCalleeType() This avoids using `getTarget()`, so it works even when that doesn't exist (for example when calling a variable with function type).	2023-04-28 09:23:36 +01:00
Stephan Brandauer	bd3aaf0306	remove comment that no longer applies	2023-04-28 10:16:18 +02:00
Anders Schack-Mulligen	ce64408442	Merge pull request #12954 from aschackmull/java/implicitlypublic Java: Add SrcCallable.isImplicitlyPublic convenience predicate.	2023-04-28 10:07:45 +02:00
Asger F	ee25f97ea5	Merge pull request #12956 from asgerf/js/express-array-routes JS: Properly recognise Express middlewares in an array	2023-04-28 09:57:35 +02:00
Mathias Vorreiter Pedersen	5f4d0892ff	Merge pull request #12900 from MathiasVP/ir-translate-constant-static-local-vars-2	2023-04-28 08:46:25 +01:00
tyage	933b55d37d	Track interfile useRouter	2023-04-28 15:49:26 +09:00
Asger F	8a9308c8b0	JS: Update test output	2023-04-28 07:55:20 +02:00
Owen Mansel-Chan	3f095db853	Formatted parameters always a variadic parameter	2023-04-28 06:09:11 +01:00
Owen Mansel-Chan	f2368a9441	Do not use variadic sink fn in tests	2023-04-28 06:09:11 +01:00
Owen Mansel-Chan	bc0f9030e3	use CallNode.getSyntacticArgument	2023-04-28 06:09:10 +01:00
Owen Mansel-Chan	2d3fed9c07	Accept intended test result changes	2023-04-28 06:09:10 +01:00
Owen Mansel-Chan	17077f3ec5	Update OutParameter.getExitNode for implicit varargs slices	2023-04-28 06:09:10 +01:00
amammad	b3669b818b	v1.3 change name according to camelCase	2023-04-28 04:56:47 +02:00
Asger F	0c8f895e0f	JS: Add one more test	2023-04-27 21:06:20 +02:00
Asger F	97a942de80	JS: Update test output	2023-04-27 21:04:35 +02:00
Robert Marsh	376e01ae3d	C++: update docs for new range analysis AST wrapper	2023-04-27 14:59:18 -04:00
Mathias Vorreiter Pedersen	5c23474634	C++: Add FPs for 'cpp/invalid-pointer-deref'.	2023-04-27 18:49:05 +01:00
Mathias Vorreiter Pedersen	e506f638fc	DataFlow: Sync identical files.	2023-04-27 18:40:33 +01:00
Mathias Vorreiter Pedersen	478f2dca3b	C++: Add a new dataflow consistency test.	2023-04-27 18:39:41 +01:00
Geoffrey White	268db8b541	Merge pull request #3 from MathiasVP/add-puns-to-mad-2 Swift: Syntax for selecting `PostUpdateNode`s in CSV rows	2023-04-27 17:36:23 +01:00
Mathias Vorreiter Pedersen	6c095d8143	Merge pull request #12953 from MathiasVP/fp-invalid-deref C++: Add FP for `cpp/invalid-pointer-deref`	2023-04-27 17:29:37 +01:00
Michael B. Gale	72b082806b	Go: Update `html-template-escaping-passthrough` Modify this query to apply sanitizers only in the data flow between untrusted inputs and passthrough conversion types.	2023-04-27 17:14:38 +01:00
Mathias Vorreiter Pedersen	e46c53af1d	C++: accept test changes.	2023-04-27 17:13:02 +01:00
Mathias Vorreiter Pedersen	1372ee7a44	Update cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2023-04-27 17:10:44 +01:00
Asger F	0fb79bdf64	JS: Include a local step before store step	2023-04-27 17:58:02 +02:00
Asger F	c674afb674	JS: Fix condition in getRouteHandlerNode Previous version did not account for arrays	2023-04-27 17:58:02 +02:00
Geoffrey White	74274e834e	Swift: Add the four complete examples from the doc pages to the examples directory.	2023-04-27 16:52:00 +01:00
yoff	54ced06ada	Merge branch 'main' into python/captured-variables-for-typetracking	2023-04-27 17:32:41 +02:00
Asger F	682ff23e04	JS: Update Express test	2023-04-27 16:36:04 +02:00
Asger F	36889f6d72	JS: Fix isResponse/isRequest	2023-04-27 16:35:56 +02:00

... 15 16 17 18 19 ...

54887 Commits