hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 01:30:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,360 Commits 1,673 Branches 157 Tags
codeql-cli/v2.14.2
Commit Graph

57360 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
944a2ca825 JS: Replace ClearTextLogging::isSanitizerEdge with a node 2023-07-11 14:20:17 +02:00
Geoffrey White
cffdc0a8a7 Merge pull request #13698 from geoffw0/url2 
Swift: Expand taint models for URL
 2023-07-11 13:14:20 +01:00
Asger F
68584e549e JS: Replace isOptionallySanitizedEdge with a node 2023-07-11 12:57:33 +02:00
Asger F
3691b836cb JS: Add tests 2023-07-11 11:37:30 +02:00
Rasmus Wriedt Larsen
83ca47f32c Python: Add change-note 2023-07-11 11:33:06 +02:00
Rasmus Wriedt Larsen
a1225674ee Python: Add implementation note about why not targeting ESSA node 2023-07-11 11:32:26 +02:00
Jeroen Ketema
92ee31849c Merge pull request #13643 from jketema/inline-5 
Rework the remaining inline expectation tests to use the parameterized module
 2023-07-11 11:29:14 +02:00
Mathew Payne
3cc5ba1eed Remove un-needed code 2023-07-11 10:26:15 +01:00
Mathias Vorreiter Pedersen
63c5684fbb C++: Join with 'invalidPointerToDerefSource' in 'hasFlowPath' to prevent conflation of paths. 2023-07-11 10:24:01 +01:00
Asger F
0841677b14 JS: Add isSanitizerX variants in TaintTracking 2023-07-11 11:14:37 +02:00
Geoffrey White
fcc98f83c0 Swift: Autoformat. 2023-07-11 10:05:24 +01:00
Asger F
d53beb3784 JS: Embed check for in/out barriers in edge barrier check 2023-07-11 11:04:28 +02:00
Asger F
4964d811a5 JS: Add interface for isBarrier in/out 2023-07-11 11:04:28 +02:00
Geoffrey White
5ef097fd66 Swift: Update consistency check .expected to exactly match CI. 2023-07-11 09:54:39 +01:00
Alvaro Muñoz
e8563e5dfd fix row 2023-07-11 10:47:23 +02:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Geoffrey White
2d7166b903 Swift: Minor corrections. 2023-07-11 09:39:42 +01:00
Alvaro Muñoz
c2f1fbbf98 Add missing commons lang3 model for ToStringBuilder.reflectionToString 2023-07-11 10:34:17 +02:00
Jeroen Ketema
d217e1e87c Merge pull request #13647 from purs3lab/uninitialized-local 
C++: exclude uninitialized uses inside pure expression statements
 2023-07-11 10:31:33 +02:00
Jeroen Ketema
8cee4f37a4 Merge branch 'main' into inline-5 2023-07-11 10:30:11 +02:00
Alvaro Muñoz
2ce1192ee6 implement field taint inheritance for Struts2 unmarshalled objects 2023-07-11 10:28:14 +02:00
Geoffrey White
f45b89a3cc Swift: Add a few more variant test cases. 2023-07-11 09:26:37 +01:00
Alvaro Muñoz
047d486509 add new struts2 models 2023-07-11 10:23:26 +02:00
Tony Torralba
93ad204abd Merge pull request #13708 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-07-11 09:48:12 +02:00
github-actions[bot]
7b8cd77cec Add changed framework coverage reports 2023-07-11 00:19:16 +00:00
Jeroen Ketema
8cec884c59 Merge pull request #13701 from rdmarsh2/rdmarsh2/cpp/constant-array-overflow-tests-2 
C++: more constant array off-by-one tests
 2023-07-11 00:17:09 +02:00
Geoffrey White
07bbc0f537 Swift: Change note. 2023-07-10 19:28:11 +01:00
Geoffrey White
ef344c6a80 Swift: Match flag groups more strictly as other (? group types exist. 2023-07-10 19:22:53 +01:00
Geoffrey White
952a5d2aa2 Swift: Use accurate Swift regex mode flags. 2023-07-10 19:20:34 +01:00
Geoffrey White
6e80021c4e Swift: Support multiple parse mode flags. 2023-07-10 19:20:29 +01:00
Geoffrey White
f50345659e Swift: Fix parse failures due to mode flags. 2023-07-10 19:14:42 +01:00
Geoffrey White
a7a609d591 Swift: Add tests for parse modes. 2023-07-10 19:11:33 +01:00
Jeroen Ketema
3fe99dc4c7 Merge pull request #13704 from jketema/ir-test 
C++: Add assignment operation IR test where the result is being used
 2023-07-10 19:01:24 +02:00
Robert Marsh
5eea8e49b7 C++: more constant array off-by-one tests 2023-07-10 12:51:48 -04:00
Jeroen Ketema
de3251a634 C++: Add assignment operation IR test where the result is being used 2023-07-10 17:55:50 +02:00
Mathew Payne
20d4e53eaf Update go/ql/lib/change-notes/2023-06-29-modelling-go-micro.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-10 16:44:19 +01:00
Mathew Payne
ceade62f62 Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-10 16:44:11 +01:00
Mathew Payne
9c1a0225eb Update go/ql/lib/semmle/go/frameworks/GoMicro.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-10 16:43:54 +01:00
Tony Torralba
ce600367df Java: Add support for Kotlin's apply to java/android/unsafe-android-webview-fetch 2023-07-10 17:40:16 +02:00
Tony Torralba
16529cdd18 Add failing test 2023-07-10 17:40:15 +02:00
Tony Torralba
b70e21df4f Merge pull request #13702 from atorralba/atorralba/kotlin/apply 
Kotlin: Support apply
 2023-07-10 17:39:57 +02:00
Geoffrey White
7748a45c2f Swift: Initial implementation of regex mode flags. 2023-07-10 16:20:24 +01:00
Tony Torralba
0f18c0227b Kotlin: Support apply 2023-07-10 16:15:27 +02:00
Max Schaefer
63c45a0da3 Add another example of when and how to use shell-quote. 2023-07-10 14:02:17 +01:00
Mathias Vorreiter Pedersen
3fe58d97bd C++: Accept test changes. 2023-07-10 13:53:04 +01:00
Mathias Vorreiter Pedersen
ae8ecc9076 C++: Add a final configuration to preserve call contexts between configuration transitions. 2023-07-10 13:52:32 +01:00
Mathias Vorreiter Pedersen
055aea6e1a C++: Add FP caused by missing call context. 2023-07-10 13:52:30 +01:00
Geoffrey White
ce9c367e90 Swift: Add a .expected file for the consistency test failure. 2023-07-10 13:30:26 +01:00
Asger F
8234b8f175 JS: Change note 2023-07-10 13:19:44 +02:00
Asger F
d88f557dbe Merge pull request #13683 from asgerf/rb/api-graph-noobject 
Ruby: exclude Object class from API graph
 2023-07-10 12:51:15 +02:00