hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 17:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,689 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
6d665da4dc Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Felicity Chapman
719708cb89 Fix typo 2023-03-21 12:00:55 +00:00
Felicity Chapman
da96ed1ff9 A few tweaks 2023-03-21 12:00:55 +00:00
Felicity Chapman
41becfe2ba Add new article to manual TOC 2023-03-21 12:00:55 +00:00
Chris Smowton
219031f62b Merge pull request #12609 from smowton/smowton/admin/maven-wrapper-http-test 
Java: maven-http-repository test: add Maven wrapper
 2023-03-21 11:14:19 +00:00
Mathias Vorreiter Pedersen
2ce0d2b7ee C++: Accept more test changes. 2023-03-21 10:07:23 +00:00
Mathias Vorreiter Pedersen
eab43973b7 C++: Add change note. 2023-03-21 10:00:11 +00:00
yoff
4e6b93e239 Merge branch 'main' into fix-dataflow-consistency-output 2023-03-21 10:57:36 +01:00
Stephan Brandauer
0a605638e5 Merge branch 'main' into java/update-mad-decls-after-triage-2023-03-13T13-21-27 2023-03-21 10:56:53 +01:00
Mathias Vorreiter Pedersen
40cc2e7891 C++: Also exclude unevaluated buffers in 'OverflowStatic'. 2023-03-21 09:53:39 +00:00
Mathias Vorreiter Pedersen
4d2a1ea149 C++: Also add a FP test to 'OverflowStatic'. 2023-03-21 09:50:47 +00:00
Mathias Vorreiter Pedersen
8623d8eb8e C++: Exclude unevaluated expressions from BufferAccess. 2023-03-21 09:48:09 +00:00
Mathias Vorreiter Pedersen
b37bb660c5 C++: Add FP caused by a BufferAccess inside an unevalauted context. 2023-03-21 09:37:18 +00:00
Chris Smowton
2876b4aa5d maven-httpo-repository: add Maven wrapper 
Maven 3.9.1 changes the format of the error message this test is looking for (though it still matches the target regex). Use the Maven wrapper to avoid such sensitivity to the precise version present in the environment.
 2023-03-21 09:25:33 +00:00
Rasmus Wriedt Larsen
e90559b86d Python: Add missing options files 
I could not for the life of me figure out why the tests were failing,
when they were working for me locally 🤦
 2023-03-21 10:24:28 +01:00
Tony Torralba
956f991b8d Merge pull request #12603 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-03-21 10:11:51 +01:00
Rasmus Wriedt Larsen
346086524b Python: Accept dataflow-consistency test changes 
To PRs must have had a conflict when merged separately
 2023-03-21 10:09:01 +01:00
Stephan Brandauer
3134ad859e Merge branch 'main' into java/update-mad-decls-after-triage-2023-03-20T12-45-37 2023-03-21 10:04:00 +01:00
Tony Torralba
1f991807d4 Merge pull request #12366 from github/java/update-mad-decls-after-triage-2023-03-02T12-08-59 
Java: Update MaD Declarations after Triage
 2023-03-21 09:40:03 +01:00
Jeroen Ketema
2fdfa0808a C++: Refactor experimental queries to use DataFlow::ConfigSig 2023-03-21 09:16:59 +01:00
Jeroen Ketema
1f75c3836e C++: Refactor dataflow examples to use DataFlow::ConfigSig 2023-03-21 09:16:58 +01:00
Jeroen Ketema
4e752369c5 Merge pull request #12598 from jketema/default-config 
C++: Adjust the internals of default taint tracking to use `DataFlow::ConfigSig`
 2023-03-21 08:59:27 +01:00
Erik Krogh Kristensen
cc46d7fef3 Merge pull request #12605 from github/dependabot/cargo/ql/serde-1.0.158 
Bump serde from 1.0.157 to 1.0.158 in /ql
 2023-03-21 08:20:13 +01:00
dependabot[bot]
7420e90a46 Bump serde from 1.0.157 to 1.0.158 in /ql 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.157 to 1.0.158.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.157...v1.0.158)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-21 04:06:18 +00:00
Raul Garcia
1400b4b520 Update UnsafeUsageOfClientSideEncryptionVersion.ql 
*  predicate `isUnsafeClientSideAzureStorageEncryptionViaObjectCreation` was not useful (it was meant to detect the SDK code, not its usage)
* fixed & simplified `isUnsafeClientSideAzureStorageEncryptionViaAttributes`, the original query was not finding the right code.
NOTE: tested with a real project: https://github.com/wastore/azure-storage-samples-for-python/tree/master/ClientSideEncryptionToServerSideEncryptionMigrationSamples/ClientSideEncryptionV1ToV2
 2023-03-20 18:52:58 -07:00
Raul Garcia
569c38c833 Cleanup main 
cleanup main
 2023-03-20 18:38:42 -07:00
Raul Garcia
c3cb3ad477 Cleaning up main branch 
Cleaning up main branch
 2023-03-20 18:32:37 -07:00
Raul Garcia
c169e8360e Merge branch 'github:main' into main 2023-03-20 17:44:37 -07:00
github-actions[bot]
6598cc44ee Add changed framework coverage reports 2023-03-21 00:15:33 +00:00
Jeroen Ketema
7cdd2b69c9 C++: Adjust the internals of default taint tracking to use DataFlow::ConfigSig 2023-03-20 18:58:16 +01:00
AlexDenisov
43b3f379e9 Merge pull request #12596 from github/redsun82/swift-do-not-print-labels-in-function-types 
Swift: remove labels from function type printing
 2023-03-20 18:01:02 +01:00
Gulshan Singh
bae1dfebb2 Address some review comments on RangeNode class 2023-03-20 09:46:03 -07:00
Gulshan Singh
e2fdfbb71f Add RangeNode class 2023-03-20 09:46:02 -07:00
Ed Minnix
b64ca5dcaa Remove "private" marker from configurations 2023-03-20 12:26:54 -04:00
Ed Minnix
c7816ea180 Conform Config modules to naming convention 2023-03-20 12:26:54 -04:00
Ed Minnix
8856730843 Refactor CWE-614/InsecureCookie 2023-03-20 12:26:54 -04:00
Ed Minnix
de6959c688 Refactor CWE-209/StackTraceExposure 2023-03-20 12:26:54 -04:00
Ed Minnix
73a17536f5 Refactor CWE-129 queries 2023-03-20 12:26:54 -04:00
Ed Minnix
ae57807359 Refactor CWE-089 Sql queries 2023-03-20 12:26:54 -04:00
Ed Minnix
e6e974a752 Refactor CWE-079/SqlConcatenated 2023-03-20 12:26:54 -04:00
Ed Minnix
c1ee2dce61 Refactor CWE-078/ExecTaintedLocal 2023-03-20 12:26:54 -04:00
Edward Minnix III
ac58299d9e Merge pull request #12541 from egregius313/egregius313/refactor-queries-to-new-dataflow-api 
Java: Refactor more queries to the new DataFlow module API
 2023-03-20 12:24:26 -04:00
Tony Torralba
1258812428 Fix Argument[this] 2023-03-20 17:13:44 +01:00
Tony Torralba
f685b93379 Add change note 2023-03-20 17:09:48 +01:00
Tony Torralba
a66b7ed54a Fix incorrect model, add missing model 2023-03-20 17:09:48 +01:00
Stephan Brandauer
0cab45e4b9 update old data to current standard (stream creation arg is a sink) 2023-03-20 17:09:48 +01:00
Stephan Brandauer
8802fbdfe7 Update java/ql/lib/ext/java.nio.file.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-20 17:09:48 +01:00
Stephan Brandauer
bc227179c7 Update java/ql/lib/ext/org.geogebra.web.full.main.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-20 17:09:48 +01:00
Tony Torralba
bc99a44f3a Apply suggestions from code review 2023-03-20 17:09:48 +01:00
Stephan Brandauer
12bb0d98c0 move toFile back to its original location 2023-03-20 17:09:48 +01:00