hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 02:31:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,691 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael B. Gale
29c8260004 Merge pull request #12196 from github/mbg/csharp/add-msbuild-integration-tests 2023-02-16 10:29:28 +00:00
Rasmus Wriedt Larsen
766e6c400e Python: Handle if-then-else definitions in import resolution 2023-02-16 11:18:30 +01:00
Rasmus Wriedt Larsen
80f5342a6d Python: Add import regression for if-then-else definitions 2023-02-16 11:12:08 +01:00
Tony Torralba
87b54e674e Merge pull request #12178 from felickz/main 
Java - Adding support for com.microsoft.sqlserver.jdbc.SQLServerDataSource  to CWE-798
 2023-02-16 11:03:34 +01:00
Michael B. Gale
9db1366e4b Change target framework to 4.0 for mono 2023-02-16 09:55:58 +00:00
Michael B. Gale
f1adb4319a Add C# integration test which uses MSBuild 2023-02-16 09:55:57 +00:00
Paolo Tranquilli
e2d7a6910c Swift: generate raw helpers in synthesized stubs 
This will add helpers to get the underlying raw entities or constructor
arguments on stubs for synthesized classes.

For example a schema like:

```
@synth.from_class(A)
class B:
    pass

@synth.on_arguments(base=A, index=int)
class C:
    pass
```

will generate

```
cached
private Raw::A getUnderlyingEntity() { this = Synth::TB(result) }
```
in the `B.qll` stub and
```
cached
private Raw::A getUnderlyingBase() { this = Synth::TC(result, _) }

cached
private int getUnderlyingIndex() { this = Synth::TC(_, result) }
```
in the `C.qll` stub.

As stubs these can be freely changed later on.
 2023-02-16 10:49:21 +01:00
Chris Smowton
180246b99c Merge pull request #12197 from smowton/smowton/admin/go-120-features 
Go: complete Go 1.20 support
 2023-02-16 08:12:02 +00:00
Ahmed Farid
01b865f75b Update TimingAttack.qll 2023-02-16 01:36:06 +01:00
Ahmed Farid
fbfe23b7c4 Update TimingAttack.qll 2023-02-16 01:21:50 +01:00
Ahmed Farid
b8f9b2b424 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 01:11:41 +01:00
Ahmed Farid
016136a2e3 Update TimingAttack.qll 2023-02-16 01:10:36 +01:00
Chad Bentz
f3124d3239 Merge branch 'main' into main 2023-02-15 18:46:15 -05:00
Chad Bentz
2f1bd93a49 change-notes for this minorAnalysis lib change 2023-02-15 18:40:40 -05:00
Chad Bentz
2f576a4fe9 test both arguments of getConnection 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-02-15 18:26:56 -05:00
Geoffrey White
00302dc05f Swift: Model NSObject. 2023-02-15 22:12:39 +00:00
Owen Mansel-Chan
45c1537f06 Merge pull request #12198 from github/smowton/admin/update-change-note 
Update Twirp change note to new style
 2023-02-15 21:54:48 +00:00
Geoffrey White
7e8645a1f6 Swift: Model NSMutableString. 2023-02-15 21:50:05 +00:00
Geoffrey White
d04ed14b8c fix model -2 2023-02-15 21:18:50 +00:00
Rasmus Wriedt Larsen
c4fbfb0d07 Merge branch 'main' into call-graph-code 2023-02-15 20:15:04 +01:00
Rasmus Wriedt Larsen
ee5382d8a6 Merge pull request #12193 from RasmusWL/import-resolution-fixup 
Python: Fix `from <pkg> import *` import resolution
 2023-02-15 20:13:24 +01:00
Chris Smowton
3ce7fafb67 Fix unsafe test routine name 2023-02-15 19:05:01 +00:00
Chris Smowton
14655e1d8c Autoformat go 2023-02-15 18:41:14 +00:00
Geoffrey White
75dd95f458 Swift: Correct one of the tests. 2023-02-15 18:37:51 +00:00
Geoffrey White
99caafb9b9 Swift: Model NSString. 2023-02-15 18:37:51 +00:00
Chris Smowton
261a1348f0 Update Twirp change note to new style 2023-02-15 18:37:50 +00:00
Chris Smowton
c65fd69374 Add change note 2023-02-15 18:35:17 +00:00
Chris Smowton
233bd8ce8c Claim Go 1.20 support 2023-02-15 18:31:28 +00:00
Chris Smowton
7e7850374e Implement standard library models for Go 1.20 2023-02-15 18:29:49 +00:00
Joe Farebrother
d9e5c6c48a Fix typo 2023-02-15 17:21:03 +00:00
Alex Ford
74782bf6a2 Merge branch 'main' into ruby_twirp_support 2023-02-15 17:15:08 +00:00
Chris Smowton
7d2b78b463 Note that all interface types are considered comparable as of Go 1.20 2023-02-15 17:15:00 +00:00
Alex Ford
1556b1a728 Merge branch 'main' into js-use-shared-cryptography 2023-02-15 17:13:53 +00:00
Alex Ford
801ed1ce7c Ruby: add Twirp.expected 2023-02-15 17:05:33 +00:00
Alex Ford
1958b9dcd5 JS: add missing qldoc 2023-02-15 16:59:03 +00:00
Alex Ford
43af306d60 dynamic: more detailed qldoc for CryptographicOperation#getBlockMode() 2023-02-15 16:55:18 +00:00
Alex Ford
e8cbf7287d JS: breaking change note for CryptographicOperation sync 2023-02-15 16:50:24 +00:00
Alex Ford
925b4a3fa8 JS: improve documentation on deprecated CryptographicOperation#getInput() predicate 2023-02-15 16:23:46 +00:00
Alex Ford
d4d0b91085 dynamic: switch CryptographicOperation::Range#getBlockMode() back to being an abstract predicate 2023-02-15 16:23:46 +00:00
Alex Ford
c7aaad9ed0 JS: avoid adding a deprecated CryptographicOperation#getInput to py/ruby 2023-02-15 16:23:46 +00:00
Joe Farebrother
95a131d0d3 Update help text 2023-02-15 16:18:47 +00:00
Joe Farebrother
8ee36a5278 Test generator improvements 
- Accept yml files as input
- Output the correct type for constructors
 2023-02-15 16:11:22 +00:00
erik-krogh
51ddb55d7b use tainted-object to precisely model that plain object are fine, but their properties are not 2023-02-15 15:02:03 +01:00
erik-krogh
09794fa836 delete PrefixStringSanitizer 2023-02-15 14:55:02 +01:00
Rasmus Wriedt Larsen
c72dbc49fc Merge pull request #12165 from RasmusWL/crypto-updates 
Python/Ruby/JS Crypto: Add a few algorithms + block modes
 2023-02-15 14:35:40 +01:00
Rasmus Wriedt Larsen
7e16fa9cbe Python: Add change-note 2023-02-15 14:25:33 +01:00
Rasmus Wriedt Larsen
220f227707 Python: Add wrapper for isPreferredModuleForName 
We talked about how it's annoying that we in 4 places have the same fix
`isPreferredModuleForName(<module>.getFile(), <name> + ["", ".__init__"])`
, and that it would be nice to have a simple wrapper predicate that
ensures we never forget to do the `+ ["", ".__init__"]` dance...

I had trouble coming up with a name for this (ironically), but
I think `getModuleFromName` is good enough.
 2023-02-15 14:23:39 +01:00
Rasmus Wriedt Larsen
66c3529465 Python: Fix import * from __init__.py files 2023-02-15 14:10:37 +01:00
Rasmus Wriedt Larsen
df6039d6cf Python: Add import resolution regression 2023-02-15 13:50:27 +01:00
Rasmus Wriedt Larsen
e1ae3c3cfb Python: sys.exit if import resolution tests fail 2023-02-15 13:44:45 +01:00