hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 10:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,691 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
1f1e2dbf98 Make dep integration test linux-only 
This is because there is no release of Dep for
MacOS (Arm).
 2023-02-13 11:59:38 +00:00
Owen Mansel-Chan
3ee3acd8fd Make Glide integration test linux-only 
This is because it is hard to install Glide on the other platforms.
 2023-02-13 11:59:37 +00:00
Owen Mansel-Chan
e635140eae Add files needed for tests 2023-02-13 11:59:37 +00:00
Owen Mansel-Chan
f2c541a461 Delete build-sample test 
This is adequately tested elsewhere.
 2023-02-13 11:59:37 +00:00
Owen Mansel-Chan
f062a8d204 Copy LGTM integration tests over 2023-02-13 11:59:36 +00:00
Owen Mansel-Chan
947a9f12a1 Make DiagnosticsReporting.qll a library 2023-02-13 11:59:36 +00:00
Kasper Svendsen
11204987f1 Reword based on review comments 2023-02-13 12:49:50 +01:00
Michael Nebel
34c6b24882 Merge pull request #12147 from michaelnebel/csharp/relaxedshift 
C# 11: Test of relaxed shift operator requirements.
 2023-02-13 12:48:39 +01:00
Arthur Baars
457a2bb2a2 Merge pull request #12093 from aibaars/oneline-match 
Ruby: add support for one-line pattern matches
 2023-02-13 12:38:28 +01:00
Jeroen Ketema
73d877e3a5 Merge pull request #12163 from jketema/dataflow-new 
C++: Add `semmle.code.cpp.dataflow.new`
 2023-02-13 12:36:16 +01:00
Kasper Svendsen
ac54caac35 Update docs/codeql/ql-language-reference/annotations.rst 
Co-authored-by: Philip Ginsbach <ginsbach@github.com>
 2023-02-13 12:35:08 +01:00
Kasper Svendsen
426425a7ca Update docs/codeql/ql-language-reference/annotations.rst 
Co-authored-by: Philip Ginsbach <ginsbach@github.com>
 2023-02-13 12:34:50 +01:00
Chris Smowton
0537579b28 Merge pull request #12131 from owen-mc/go/named-type-location 
Add `hasLocationInfo` for `Type`s
 2023-02-13 11:33:50 +00:00
Erik Krogh Kristensen
2f404df17c Merge pull request #10782 from erik-krogh/rbPoly 
Ruby: add library input as a source for `rb/polynomial-redos`
 2023-02-13 12:26:07 +01:00
erik-krogh
b85bfc8ba6 add HtmlSanitizer as a sanitizer for DOMBasedXss 2023-02-13 11:57:29 +01:00
erik-krogh
c258e44772 add failing test for spurious edge through sanitizer 2023-02-13 11:49:57 +01:00
Erik Krogh Kristensen
26d5fb2412 Merge pull request #11824 from erik-krogh/secondMissAnchor 
RB: add query detecting validators that use badly anchored regular expressions on library/remote input
 2023-02-13 11:26:05 +01:00
Jeroen Ketema
b9200c92d5 C++: Address review comments 2023-02-13 11:14:48 +01:00
Kasper Svendsen
74472d786c QLDocs: Document inline_late pragma 2023-02-13 10:51:48 +01:00
erik-krogh
634087b417 Merge branch 'main' into rbPoly 2023-02-13 10:46:00 +01:00
Michael Nebel
2ce6d5f920 Java: Update negative models test to not produce a negative summary for interface member. 2023-02-13 10:45:54 +01:00
Rasmus Wriedt Larsen
5235964b07 sync files 2023-02-13 10:44:12 +01:00
Rasmus Wriedt Larsen
b2e79e2948 Python/Ruby/JS Crypto: Add a few algorithms + block modes 
I have tried to add a few links to support the claim that these
algorithms are strong/safe. It wasn't always super easy, so in some
cases I have ended up just linking to the documentation of the
`cryptography` Python package.

Co-authored-by: REDMOND\brodes <brodes@microsoft.com>
 2023-02-13 10:40:47 +01:00
Paolo Tranquilli
f07c598a22 Merge pull request #12164 from github/redsun82/swift-codegen-outside-bazel 
Swift: make `codegen` run also outside `bazel`
 2023-02-13 10:32:20 +01:00
Michael Nebel
80628596dd Java: Exclude interface members from model generation. 2023-02-13 10:21:32 +01:00
Geoffrey White
124e4ddd4f Merge pull request #12150 from geoffw0/cfg2 
Swift: control flow for #available
 2023-02-13 09:17:06 +00:00
Tom Hvitved
0b8173e2e7 Ruby: Add another data flow test 2023-02-13 09:50:50 +01:00
Jeroen Ketema
3dfe0adf0a C++: Fix formatting 2023-02-13 09:45:23 +01:00
Paolo Tranquilli
55aacd6fe9 Merge pull request #12137 from github/redsun82/swift-doc-for-schema-doc 
Swift: add documentation for generated documentation
 2023-02-13 09:43:34 +01:00
Paolo Tranquilli
483a87abe9 Swift: make codegen run also outside bazel 2023-02-13 09:39:31 +01:00
Jeroen Ketema
3482158fee C++: Add semmle.code.cpp.dataflow.new 2023-02-13 09:38:23 +01:00
Jeroen Ketema
996eb6c63c C++: Fix Ql-for-QL warnings 2023-02-13 09:22:31 +01:00
Tony Torralba
4fad01a739 Further refactoring 
Avoid having two taint tracking configurations in the same file
 2023-02-13 09:18:05 +01:00
Tony Torralba
f3e0b6e62c PathGraph shouldn't be imported in a QLL library 2023-02-13 09:18:05 +01:00
Tony Torralba
422eb0d1bb Add change note 2023-02-13 09:18:05 +01:00
Tony Torralba
5555b5cd19 Add local version of the XXE query 2023-02-13 09:18:05 +01:00
Paolo Tranquilli
542c9218de Merge branch 'main' into redsun82/swift-doc-for-schema-doc 2023-02-13 09:07:02 +01:00
Tom Hvitved
f7a5a33474 Address review comment 2023-02-13 09:01:15 +01:00
erik-krogh
91393a7bc8 add change-note 2023-02-12 23:28:01 +01:00
erik-krogh
6474cfd4c8 add support for express-ws 2023-02-12 23:25:27 +01:00
Jami Cogswell
ad8849c6b8 Java: fix typo 2023-02-12 16:33:26 -05:00
Jami Cogswell
676e4e8461 Java: add change note 2023-02-12 16:32:31 -05:00
Sim4n6
d7af80136e Fail tests when missing annotation on sink orfail 2023-02-12 21:27:20 +01:00
Sim4n6
518684b736 Put back the annotation result=BAD 2023-02-12 21:26:12 +01:00
Sim4n6
80d4fb5e33 Organisation TarSlip/UnsafeUnpack into two folders 2023-02-12 10:51:53 +01:00
Jami Cogswell
ce1c814daa Java: update path-injection query to use new 'read-file' sink kind 2023-02-11 17:10:58 -05:00
Jami Cogswell
c87c3e30c7 Java: update getInvalidModelKind with 'read-file' kind 2023-02-11 17:07:25 -05:00
Owen Mansel-Chan
685b8b4abd Tests are no longer fooled by type aliases 2023-02-10 22:09:21 +00:00
Owen Mansel-Chan
7042f67375 Refactor code to be simpler 2023-02-10 22:09:20 +00:00
Owen Mansel-Chan
778826b528 Accept test changes 
Note that
go/ql/test/library-tests/semmle/go/Types/QualifiedNames.expected and
go/ql/test/library-tests/semmle/go/Types/Types.expected gain two lines.
In both cases this is because GenericArray and GenericSignature are
each instantiated twice, so they appear with two different locations.
 2023-02-10 22:09:20 +00:00