hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 10:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,690 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
a4c9120a9a Update one of the diagnostic messages 2023-03-07 16:38:52 +00:00
Owen Mansel-Chan
2c5239ff7b Use full stops at the end of diagnostics messages 2023-03-07 16:38:51 +00:00
Owen Mansel-Chan
a7a10de9ea Emit diagnostic to pass fourth integration tests 2023-03-07 16:38:51 +00:00
Owen Mansel-Chan
8d28253175 Add tests for fourth diagnostic (Go files found but not processed) 2023-03-07 16:38:51 +00:00
Owen Mansel-Chan
01a2e74df7 Add test for diagnostic-limit-hit diagnostic 2023-03-07 16:38:50 +00:00
Owen Mansel-Chan
b6a9f87238 Use "go/autobuilder/" as prefix for all diagnostics 2023-03-07 16:38:50 +00:00
Owen Mansel-Chan
4907e5754f Address review comments 2023-03-07 16:38:49 +00:00
Owen Mansel-Chan
2a41e6ae66 Emit diagnostic to pass third inegration tests 2023-03-07 16:38:49 +00:00
Owen Mansel-Chan
4fe4dfbf83 Add tests for third diagnostic (package not found) 2023-03-07 16:38:49 +00:00
Owen Mansel-Chan
c0cc1c3fd5 Emit diagnostic to pass second integration test 2023-03-07 16:38:48 +00:00
Owen Mansel-Chan
3f805d3456 Remove unused param from function 2023-03-07 16:38:48 +00:00
Owen Mansel-Chan
137b2c9ef9 Add test for second diagnostic (newer go version) 2023-03-07 16:38:47 +00:00
Owen Mansel-Chan
cbb2fb9968 Emit diagnostic to pass first integration test 2023-03-07 16:38:47 +00:00
Owen Mansel-Chan
4d3b05e041 Add test for first diagnostic (different OS/arch) 2023-03-07 16:38:46 +00:00
Geoffrey White
72d6f56df1 Merge pull request #12413 from geoffw0/ptrout2 
Swift: Permit data flow from all generic arguments
 2023-03-07 16:27:12 +00:00
Mathias Vorreiter Pedersen
eea02e1ac1 C++: Accept test changes. 2023-03-07 16:18:43 +00:00
Mathias Vorreiter Pedersen
a39a6ea648 C++: Don't use indirect instructions for asUnitialized. 2023-03-07 16:18:27 +00:00
Mathias Vorreiter Pedersen
ce02de48a0 C++: Fix Code Scanning error. 2023-03-07 14:40:36 +00:00
Mathias Vorreiter Pedersen
f2b311a008 C++: We don't need to check type equivalence at the end anymore: the dataflow state now precisely tracks the types. 2023-03-07 14:31:11 +00:00
Mathias Vorreiter Pedersen
ce6366f023 C++: Use the parameterized module dataflow API in 'cpp/upcast-array-pointer-arithmetic'. 
This allows us to swap out the old string state with the Type-based state.
 2023-03-07 14:17:12 +00:00
Mathias Vorreiter Pedersen
0d1e061f5a C++: Implement 'getAdditionalFlowIntoCallNodeTerm'. 2023-03-07 13:45:32 +00:00
yoff
25fbd9c323 Merge branch 'main' into python/rewrite-InsecureContextConfiguration 2023-03-07 14:44:37 +01:00
Rasmus Lerchedahl Petersen
072df5dbc0 python: remove protocol family 
this concept was due to my confusion between
TLS and SSL23, but they are aliases.

We might want to bring back the concept if we model DTLS.

Also, model what exactly creations allow,
bring this back from the unrestrictions they used to be.

We accept the changes regarding sources being reported differently.
 2023-03-07 14:41:13 +01:00
Mathias Vorreiter Pedersen
63690066c5 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-03-07 13:06:43 +00:00
Mathias Vorreiter Pedersen
b054b9c5cd Merge pull request #12408 from jketema/merge-main 
C++: use-use dataflow merge main
 2023-03-07 13:05:30 +00:00
Anders Schack-Mulligen
2288eab0fd Java: Refactor BrokenCryptoAlgorithm, MaybeBrokenCryptoAlgorithm 2023-03-07 13:53:36 +01:00
Paolo Tranquilli
c4fd39ec3f C++: fix example code for FilePermissions.qll 2023-03-07 13:50:20 +01:00
Arthur Baars
78a802359e Remove references to 'ruby' in generic extractor code 2023-03-07 13:38:48 +01:00
Anders Schack-Mulligen
50935899fa Java: Refactor XSS.ql 2023-03-07 13:33:00 +01:00
Paolo Tranquilli
bdad847584 Merge pull request #12422 from github/redsun82/cpp-scanf-fp 
C++: add false positives to `MissingCheckScanf` test
 2023-03-07 13:29:22 +01:00
Rasmus Wriedt Larsen
dda29e99b2 Python: Add test of keyword argument with same name as positional-only parameter 
This is a bit of an edge case, but allowed. Since we currently don't
provide information on positional only arguments, we can't do much to
solve it right now.
 2023-03-07 13:28:48 +01:00
Asger F
05b5aea477 JS: Changenote 2023-03-07 13:15:44 +01:00
Michael B. Gale
7627a53c49 Merge pull request #12371 from github/mbg/csharp/increase-diagnostic-visibility 
C#: Make diagnostics visible everywhere
 2023-03-07 12:13:09 +00:00
Michael B. Gale
974fdd305e Merge pull request #12372 from github/mbg/csharp/check-integration-test-diagnostics 
C#: Add diagnostic checks to all remaining integration tests
 2023-03-07 12:11:47 +00:00
Michael B. Gale
b75f138507 Merge pull request #12385 from github/mbg/csharp/readd-tsp-support 
C#: Add support for the tool status page
 2023-03-07 12:10:52 +00:00
Asger F
856b50735d JS: Expand test case 2023-03-07 13:04:26 +01:00
Paolo Tranquilli
429518bcea C++: add further FP to test 2023-03-07 12:03:34 +01:00
Paolo Tranquilli
311cf4e7fd C++: add false positives to MissingCheckScanf test 
See https://github.com/github/codeql/issues/12412 for the initial
report.
 2023-03-07 11:56:05 +01:00
Anders Schack-Mulligen
d839b4038e Java: Refactor TaintedPath.ql 2023-03-07 11:53:03 +01:00
Anders Schack-Mulligen
cc75a1a97e Java: Refactor RequestForgery.ql 2023-03-07 11:39:03 +01:00
Anders Schack-Mulligen
35beadc3bb Java: Refactor SensitiveInfoLog.ql 2023-03-07 11:31:49 +01:00
Michael Nebel
40d31120d9 Merge pull request #12264 from michaelnebel/csharp/nugetnet7 
C#: Stub generator improvements.
 2023-03-07 11:30:57 +01:00
Jeroen Ketema
3a4c0a2aae Merge pull request #12389 from jketema/more-deprecated 
C++: Add `deprecated` to predicates that are deprecated according to the QLDoc
 2023-03-07 11:21:43 +01:00
Anders Schack-Mulligen
4408482699 Java: Refactor NumericCastTainted, NumericCastTaintedLocal 2023-03-07 10:42:00 +01:00
Anders Schack-Mulligen
d4e6e77200 Java: Refactor StackTraceExposure, XSS.qll 2023-03-07 10:38:00 +01:00
Anders Schack-Mulligen
c4cf2febfb Java: Refactor ResponseSplitting, ResponseSplittingLocal 2023-03-07 10:37:45 +01:00
Michael Nebel
af12affc36 C#: Re-generate stubs to update comments. 2023-03-07 10:35:13 +01:00
Asger F
0affd898de JS: Track trusted type policy callbacks 2023-03-07 10:22:26 +01:00
Michael Nebel
676c352819 C#: Update expected test output. 2023-03-07 10:19:26 +01:00
Michael Nebel
e85b2ebd20 C#: Replace stub member comment with file level comment. 2023-03-07 10:19:26 +01:00