codeql

mirror of https://github.com/github/codeql.git synced 2026-02-04 09:11:08 +01:00

Author	SHA1	Message	Date
Michael Nebel	a98cf0ae45	C#: Re-factor the GlobalTaintTracking test.	2023-04-12 11:15:14 +02:00
Michael Nebel	0dc612f23f	C#: Re-factor the TaintTracking test.	2023-04-12 11:15:14 +02:00
Mathias Vorreiter Pedersen	49cceb2901	C++: Fix joins.	2023-04-12 09:58:24 +01:00
Michael Nebel	b5b0d60074	Merge pull request #12731 from michaelnebel/csharp/refactorcleatextstorage C#: Re-factor CleartextStorage to use the new API.	2023-04-12 09:32:56 +02:00
Tony Torralba	cc6a923eef	Merge pull request #12798 from github/workflow/coverage/update Update CSV framework coverage reports	2023-04-12 09:04:53 +02:00
erik-krogh	fe5e4845b1	use 1-based column locations for diagnostics	2023-04-12 08:14:15 +02:00
github-actions[bot]	a55f5ed933	Add changed framework coverage reports	2023-04-12 00:15:16 +00:00
Geoffrey White	cdcee5cc75	Swift: Add high-level CryptoSwift sinks.	2023-04-11 19:59:43 +01:00
Geoffrey White	539f8f0f70	Swift: Add mid-level CryptoSwift sinks and prevent duplication that results. Overall this doesn't give us any new results in tests, but makes paths shorter, and in the real world I expect it to add reliability.	2023-04-11 19:54:55 +01:00
Geoffrey White	51a62b54ee	Swift: Add low-level CryptoSwift sinks.	2023-04-11 19:54:48 +01:00
Geoffrey White	d299d92025	Swift: Prevent potentially misleading duplicate results.	2023-04-11 19:39:09 +01:00
Geoffrey White	4995f13234	Swift: Add tests for swift/weak-sensitive-data-hashing on CryptoSwift.	2023-04-11 18:46:38 +01:00
Geoffrey White	03a4084c11	Swift: Update some sinks to CSV format.	2023-04-11 18:10:54 +01:00
Geoffrey White	256c3f66ca	Swift: Various minor fixes / consistency improvements to sinks.	2023-04-11 17:04:09 +01:00
Arthur Baars	83cd55cb29	Js/Yaml: add getFile() predicate	2023-04-11 16:01:44 +01:00
Robert Marsh	18c3feb9d8	C++: remove commented-out code Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2023-04-11 10:41:18 -04:00
Mathias Vorreiter Pedersen	259d5b6452	C++: Add use-after-free change note.	2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen	c1960c6ff9	C++: Add double-free change note.	2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen	3c88590df2	C++: Accept test changes for the new use-after-query.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	725004a6fe	C++: Modernize use-after-free query using dataflow.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	17fe5f2317	C++: Change the id of the experimental double-free query to not overlap with the new non-experimental one.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	a8151b4ee4	C++: Add double-free tests.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	fb2ec15dad	C++: Add double-free query documentation.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	cc12e74c23	C++: Add double-free query.	2023-04-11 14:44:15 +01:00
Mathias Vorreiter Pedersen	dfe00ffe4b	C++: Add a flow-after-free library.	2023-04-11 14:40:17 +01:00
erik-krogh	3c4bd5b6a7	forward toString() etc. predicates from YamlNode to Locatable	2023-04-11 15:37:01 +02:00
erik-krogh	b5e90483f5	improve the ESLint model to avoid overriding Yaml classes	2023-04-11 15:36:18 +02:00
Alexandre Boulgakov	b900185ae3	Swift: Add db upgrade/downgrade scripts for key-path component extraction. I've marked both scripts as "partial" since we're extracting different AST components for key-paths and don't have a good way to convert between them in QL. Each deletes the corresponding tables, but leaves non-key-path functionality intact.	2023-04-11 14:00:13 +01:00
Mathias Vorreiter Pedersen	d65bb3b232	C++: Make basic block information available from dataflow nodes.	2023-04-11 13:52:26 +01:00
yoff	9e3d57d442	Update python/ql/test/library-tests/ApiGraphs/py3/test_captured_flask.py Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2023-04-11 14:34:40 +02:00
Alexandre Boulgakov	35a2d55d18	Swift: Extract structured keypath components. Changes in swift/ql/lib are generated by swift/codegen without manual intervention.	2023-04-11 13:34:17 +01:00
Alexandre Boulgakov	2b1dea56b5	Swift: Add error query to AST tests. Preexisting errors are left to be fixed later.	2023-04-11 13:34:16 +01:00
Jami	b7c7449b08	Merge pull request #12739 from jcogs33/jcogs33/add-one-more-top500-model Java: add summary model for `UnsupportedOperationException(String)` constructor	2023-04-11 08:25:36 -04:00
Asger F	aef0fa3c8a	JS: Expand QLDoc	2023-04-11 14:16:36 +02:00
Asger F	d702c7b990	Merge pull request #12759 from asgerf/js/getset-in-pattern JS: Fix parsing of 'get' or 'set' pattern with a default value	2023-04-11 14:03:00 +02:00
Asger F	2c65a49d7c	JS: Add getForwardingFunction() to API graphs	2023-04-11 14:00:30 +02:00
Asger F	4ce03d4dc4	JS: Restrict useSelector steps to local callbacks	2023-04-11 13:33:46 +02:00
Asger F	3cc931306f	JS: Add test for selector nodes with multiple access paths	2023-04-11 13:33:27 +02:00
Geoffrey White	7ddfcb28e5	Swift: Rename DefaultConstantPasswordSink -> CryptoSwiftPasswordSink.	2023-04-11 11:49:21 +01:00
Chris Smowton	f6f22c0cec	Merge pull request #12783 from smowton/smowton/feature/golang-hide-summary-nodes Go: hide summary nodes from path explanations	2023-04-11 10:47:25 +01:00
Henry Mercer	227aee84fe	Merge pull request #12768 from github/henrymercer/merge-back-3.9 Merge `rc/3.9` back to `main`	2023-04-11 10:44:29 +01:00
Tony Torralba	075c0f94ac	Merge pull request #12785 from github/workflow/coverage/update Update CSV framework coverage reports	2023-04-11 11:34:37 +02:00
Tony Torralba	3b11b7c9fd	Merge pull request #12726 from github/java/update-mad-decls-after-triage-2023-03-31T08-30-31 Java: Update MaD Declarations after Triage	2023-04-11 11:33:36 +02:00
Tony Torralba	944bdfde45	Apply suggestions from code review	2023-04-11 09:47:47 +02:00
Stephan Brandauer	cb8506d51a	Update MaD Declarations after Triage	2023-04-11 09:25:39 +02:00
github-actions[bot]	bfdfa0b93e	Add changed framework coverage reports	2023-04-11 00:15:35 +00:00
Nate Johnson	a0f4a5100f	Insecure HTTP parser query for JavaScript	2023-04-09 20:38:55 -04:00
tyage	40d475863d	Add change note	2023-04-08 18:36:50 +09:00
tyage	320cb99dbf	Add replace method test	2023-04-08 18:31:48 +09:00
tyage	668e1accaa	Remove unnecessary whiteline	2023-04-08 18:24:31 +09:00

... 32 33 34 35 36 ...

54887 Commits