hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 01:30:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,360 Commits 1,673 Branches 157 Tags
codeql-cli/v2.14.2
Commit Graph

57360 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
d24a05a1b9 Merge branch 'main' into rdmarsh2/cpp/constant-array-overflow-tests 2023-07-05 13:49:17 +01:00
Mathias Vorreiter Pedersen
f714de0040 Merge pull request #13610 from MathiasVP/promote-overrun-write-again 
C++: Move `cpp/overrun-write` back to `medium` precision
 2023-07-05 13:39:12 +01:00
Tamas Vajk
d0b8b683af Adjust error handling when dotnet --info is called 2023-07-05 14:26:00 +02:00
Jeroen Ketema
7bb77abac7 C++: Add IR tests that cause regressions after extractor frontend update 2023-07-05 14:01:11 +02:00
Alex Ford
df62cf8a5a qlformat 2023-07-05 12:19:57 +01:00
Alex Ford
082f26bcb1 Ruby: update TaintStep.ql output 2023-07-05 12:19:55 +01:00
Alex Ford
9a263e12ec Ruby: rack - add some qldoc 2023-07-05 12:18:52 +01:00
Alex Ford
bf25b07c17 Ruby: rack - request input tests 2023-07-05 12:18:52 +01:00
Alex Ford
175d524146 Ruby: rack - add Rack#Utils.parse_query summary 2023-07-05 12:18:52 +01:00
Alex Ford
cc6f6418f5 Ruby: rack - start modelling request inputs 2023-07-05 12:18:52 +01:00
Mathias Vorreiter Pedersen
60c0226dce Update cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp 
Co-authored-by: Calum Grant <42069085+calumgrant@users.noreply.github.com>
 2023-07-05 12:03:47 +01:00
Max Schaefer
f89992eb16 Address more review feedback. 2023-07-05 12:02:11 +01:00
Alex Ford
9b2cd768e1 Ruby: rack - add env['QUERY_STRING'] as an http request input 2023-07-05 11:59:18 +01:00
Alex Ford
b6912decc1 Merge pull request #13483 from alexrford/rb/rack-extend-app-and-resp 
Ruby: rack - model more responses and app types
 2023-07-05 11:58:01 +01:00
Tamás Vajk
9eae9464c9 Merge pull request #13659 from tamasvajk/standalone-minor-fixes 
C#: Minor fixes in standalone extraction
 2023-07-05 12:22:16 +02:00
Max Schaefer
921d8de8dc Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-07-05 11:19:30 +01:00
Mathias Vorreiter Pedersen
5ea929dbdb Merge pull request #13662 from geoffw0/swapmodel 
Swift: Add dataflow model for 'swap'
 2023-07-05 09:44:51 +01:00
Geoffrey White
c1c605ebac Swift: Change note. 2023-07-04 17:42:40 +01:00
Geoffrey White
df816268cb Swift: Model swap. 2023-07-04 17:37:49 +01:00
Max Schaefer
5fb6b5810f Clarify that splitting arguments on space is not safe. 2023-07-04 15:58:37 +01:00
Max Schaefer
74af0b1f05 Improve command-injection example and provide a fixed version. 2023-07-04 15:58:37 +01:00
Geoffrey White
155122509c Swift: Add a dataflow test for swap. 2023-07-04 15:21:41 +01:00
Geoffrey White
2870bc2ee0 Swift: Use US spelling. 2023-07-04 13:35:26 +01:00
Taus
97610d2cac Java: Add query for counting sink model instances 
Also adds a more sensible ordering to the existing queries.
 2023-07-04 14:24:52 +02:00
Geoffrey White
6f3dba5f98 Swift: Tweak qhelp and example. 2023-07-04 13:21:51 +01:00
Tamas Vajk
9b2fd8df9f Add todo comment 2023-07-04 14:03:04 +02:00
Tamas Vajk
ffc09c44c2 Minor fixes in standalone extraction 2023-07-04 13:54:23 +02:00
Tamas Vajk
ef0e102cd7 Retrieve package IDs from files and restore the not yet restored ones 
Read all files in the repo and look for `PackageReference` XML elements
to extract the package IDs, then restore the packages that are not yet
restored. This change improves the percentage of found assemblies on the
Powershell repo from 95% to 97% compared to a traced extraction. Also,
it increases the number of assemblied only referenced in the standalone
extraction from 79 to 134.
 2023-07-04 13:52:12 +02:00
Tamas Vajk
cd6419503f Execute dotnet restore on all projects in standalone 
Previously, we only did this for the solution files in the repository, but
there might be projects that are not added to any solution. This change
improves the percentage of found assemblies on the Powershell repo from
81% to 95%.
 2023-07-04 13:52:12 +02:00
Tamas Vajk
728f3bce2d Refactor dotnet restore command invocation 2023-07-04 13:52:12 +02:00
Tamas Vajk
d2b0c872f5 Code quality improvements 2023-07-04 13:52:12 +02:00
Alex Ford
5fafd9ecc1 Merge branch 'main' into rb/rack-extend-app-and-resp 2023-07-04 11:43:30 +01:00
Geoffrey White
7f9cb16ab1 Swift: Add a test with multiple evaluations. 2023-07-04 11:34:10 +01:00
Geoffrey White
cb4139f173 Swift: Add test cases with sanitized inputs. 2023-07-04 11:19:15 +01:00
Geoffrey White
72f500b501 Swift: Change note. 2023-07-04 10:21:39 +01:00
Tom Hvitved
5f6586600e Merge pull request #13630 from github/post-release-prep/codeql-cli-2.13.5 
Post-release preparation for codeql-cli-2.13.5
 2023-07-04 10:58:44 +02:00
Alex Denisov
3b2bbcc95c Docs: update supported Swift versions 2023-07-04 10:09:28 +02:00
Michael Nebel
3cde59e409 Merge pull request #13651 from michaelnebel/telemetrytop100 
Java/C#: Reduce the amount of telemetry being produced.
 2023-07-04 08:33:53 +02:00
Michael Nebel
238f390738 Merge pull request #13452 from michaelnebel/refactorstackprinting 
Re-factor printing of summary component stacks.
 2023-07-04 08:29:10 +02:00
Taus
b7e4bd290d Java: Use an IPA type instead of a string 
While the string representation is useful for quickly modifying queries, it's
a bit clunky when the data needs to be further parsed. Instead, the two queries
now select all of the columns of the sinkmodel separately (which makes it easy
to pull them out of the relevant output later on).
 2023-07-03 23:17:55 +02:00
Robert Marsh
1c2c48c74a C++: more constant-array-overflow tests 2023-07-03 16:59:02 -04:00
Geoffrey White
a050de7e15 Swift: Grammar. 2023-07-03 17:11:49 +01:00
Michael Nebel
243c592447 Address review comments. 2023-07-03 17:01:08 +02:00
Michael Nebel
23a119b8c2 Java/C#: Reduce the amount of telemetry being produced. 2023-07-03 16:54:07 +02:00
Chuan-kai Lin
6912f7ed3a Merge pull request #13638 from cklin/remove-pragma-assume-small-delta 
Remove pragma[assume_small_delta]
 2023-07-03 07:00:36 -07:00
Geoffrey White
6c10b934ea Swift: Add examples as tests. 2023-07-03 13:39:14 +01:00
Geoffrey White
373eb00975 Swift: Add qhelp and examples. 2023-07-03 13:39:13 +01:00
Michael Nebel
b942cd9085 C#: Address review comments. 2023-07-03 14:36:07 +02:00
Michael Nebel
e06bc8fd8d Ruby: Use serialize to for the string representation of ConstantValue. 2023-07-03 14:36:07 +02:00
Michael Nebel
bddd22f522 Sync files and make language specific adjustments. 2023-07-03 14:36:07 +02:00