hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-02 09:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,360 Commits 1,673 Branches 157 Tags
codeql-cli/v2.14.2
Commit Graph

57360 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
464ac60db1 Amend and order 2023-07-12 15:48:18 +01:00
Maiky
d7d9ffc449 Doc error 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-07-12 16:44:17 +02:00
Ian Lynagh
fe24cc1900 Merge pull request #13718 from igfoo/igfoo/file_classes 
Kotlin: Improve file class support
 2023-07-12 15:42:16 +01:00
Mathew Payne
3a1e3f71cc Update go/ql/lib/change-notes/2023-06-29-modelling-go-micro.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 15:09:56 +01:00
Owen Mansel-Chan
5f76cafc64 Merge pull request #13672 from owen-mc/go/make-parameter-nodes-for-unused-parameters-2 
Go: make `ParameterNode`s for unused parameters #2 (make a disjoint class for unused ones)
 2023-07-12 15:04:46 +01:00
Taus
49194a2af7 Java: Limit the number of samples extracted in application mode 
Uses the same trick as for the negative examples, this time with a limit of 7
candidates for each endpoint signature.

As this duplicates some of the logic used in another query, it may be worthwhile
to consider extracting this into a shared parameterized module.
 2023-07-12 15:13:10 +02:00
Mathew Payne
f2caf196b7 Update go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.expected 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 13:09:02 +01:00
Mathew Payne
25e7ddec31 Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 13:08:44 +01:00
Mathew Payne
e31cce56d1 Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 13:00:21 +01:00
Mathew Payne
e951720573 Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 12:59:45 +01:00
Mathew Payne
7f6067de42 Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 12:59:01 +01:00
Mathew Payne
cefb914af6 Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 12:58:23 +01:00
Mathew Payne
94e96cb7a8 Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-12 12:57:32 +01:00
Ian Lynagh
af5cd7cf4f Merge pull request #13723 from igfoo/igfoo/kotlin-1.9.0 
Kotlin: Run CI with 1.9.0
 2023-07-12 12:24:04 +01:00
Mathias Vorreiter Pedersen
2c2f9b9e17 C++: Fix comment. 2023-07-12 11:59:29 +01:00
Mathias Vorreiter Pedersen
19872d5adf Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-12 11:58:07 +01:00
Mathias Vorreiter Pedersen
3d5414b84c Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-12 11:57:51 +01:00
Ian Lynagh
75c835c9d2 Add missing "a" to a qldoc comment 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2023-07-12 11:24:42 +01:00
Malayke
827a2df631 Update CONTRIBUTING.md 
add swift
 2023-07-12 18:05:14 +08:00
Owen Mansel-Chan
78816f082e Make QLDoc comments more concise too 2023-07-12 11:01:54 +01:00
Owen Mansel-Chan
2ad12f18f1 Make QL more concise 2023-07-12 10:56:03 +01:00
Rasmus Wriedt Larsen
98ed5cf522 Python: Move not this instanceof ParameterDefinition logic 2023-07-12 11:31:27 +02:00
Alvaro Muñoz
ff1ae7d9c6 add change note 2023-07-12 11:05:25 +02:00
Alvaro Muñoz
0247278bad add change note 2023-07-12 11:03:24 +02:00
Alvaro Muñoz
07e25e36b3 Merge branch 'java/langs3_improvements' of https://github.com/pwntester/codeql into java/langs3_improvements 2023-07-12 11:00:04 +02:00
Alvaro Muñoz
46e326e106 add change note 2023-07-12 10:59:56 +02:00
Tony Torralba
c54e93f005 Merge pull request #13705 from atorralba/atorralba/java/android-unsafe-fetch-apply 
Java: Add support for Kotlin's `apply` to java/android/unsafe-android-wevbiew-fetch
 2023-07-12 09:45:54 +02:00
Asger F
c7abd4c2af JS: Remove the unused edge-sanitizer hook in UnvalidatedDynamicMethodCall 2023-07-12 09:26:37 +02:00
Alvaro Muñoz
51f7031416 Update java/ql/lib/ext/org.apache.commons.lang3.builder.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-07-12 09:06:05 +02:00
Maiky
cea3477ac2 Qhelp and examples 2023-07-12 02:13:07 +02:00
Maiky
c255f8717d Change hasFlowPath to flowPath 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-07-11 19:20:54 +02:00
Maiky
c4f72dd2f2 Change make to global 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-07-11 19:20:34 +02:00
Ian Lynagh
b83f0275e3 Kotlin: Accept test changes for Kotlin 1.9.0 2023-07-11 17:37:24 +01:00
Ian Lynagh
470e033090 Kotlin: Restrict a test's results to those in the test directory 2023-07-11 17:37:23 +01:00
Malayke
bf1db35d87 Update CONTRIBUTING.md 
add go
 2023-07-11 23:32:58 +08:00
Ian Lynagh
6dedd9286c Kotlin: Record "file class" info from the compiler 
We were making file classes when the parent was a file, but not when it
was a class marked as one.
 2023-07-11 15:58:42 +01:00
Ian Lynagh
cfd29de677 Kotlin: Add Class.isFileClass() 2023-07-11 15:58:41 +01:00
Ian Lynagh
2162530729 Kotlin: Add an integration test for file classes 2023-07-11 15:58:41 +01:00
Owen Mansel-Chan
8e85f4d91c Merge pull request #13601 from pwntester/ruby/add_bun_support 
Go: Add support for Bun library
 2023-07-11 14:48:48 +01:00
Owen Mansel-Chan
84bfd10352 Merge pull request #13589 from owen-mc/go/tolerate-go-mod-not-in-project-root 
Go: Deal better with a single go.mod file which is not in the project root
 2023-07-11 14:32:10 +01:00
Asger F
c8af28c2ca Merge pull request #13700 from asgerf/js/path-join-spread 
JS: Recognize 'fs/promises' alias and handle spread arguments in path.join()
 2023-07-11 15:31:13 +02:00
Asger F
1a395c5b34 JS: Use sanitizerOut in PrototypePollutingAssignment 2023-07-11 15:24:10 +02:00
Asger F
03bdebe3b3 JS: Update a test. 
The test had a bug on the line `src = src` so the new code is "more equivalent than usual"
 2023-07-11 15:24:09 +02:00
Ian Lynagh
a603f21ce1 Kotlin: Use 1.9.0 for CI 2023-07-11 14:10:48 +01:00
Asger F
b09ed4b0e3 JS: Update UnsafeJQueryPlugin 2023-07-11 15:01:33 +02:00
Asger F
a1d8a05bcb JS: Update ResourceExhaustion 2023-07-11 14:56:53 +02:00
Asger F
58a557b18e JS: Update InsecureRandomness 2023-07-11 14:56:43 +02:00
Asger F
e863e2376d JS: Use sanitizerIn in ExtenralAPIUsedWithUntrustedData 2023-07-11 14:50:29 +02:00
Asger F
094302a27b JS: Replace sanitizing prefix edge with node 2023-07-11 14:48:13 +02:00
Ian Lynagh
c21797dd3c Kotlin: Add a test for file classes 2023-07-11 13:21:56 +01:00