hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-02 01:08:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,360 Commits 1,673 Branches 157 Tags
codeql-cli/v2.14.2
Commit Graph

57360 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sarita Iyer
0bd87f9f86 Merge pull request #13840 from github/si-10115-docs-update 
Update supported frameworks
 2023-08-01 13:05:32 -04:00
Max Schaefer
5124310f14 Update javascript/ql/src/Security/CWE-730/ServerCrash.qhelp 
Co-authored-by: Asger F <asgerf@github.com>
 2023-08-01 17:03:05 +01:00
Stephan Brandauer
cb55b10edc Merge pull request #13788 from github/kaeluka/automodel-telemetry-testing 
Java: Tests for Automodel Extraction Queries
 2023-08-01 15:30:26 +02:00
Alex Denisov
9d643ae1ed Swift: record CFG incosistency 2023-08-01 15:06:04 +02:00
Anders Schack-Mulligen
405a3a73d1 Java: Remove irrelevant import. 2023-08-01 14:31:30 +02:00
Anders Schack-Mulligen
15da4ee009 Merge pull request #13856 from aschackmull/java/maybebrokencrypto-barrier 
Java: Make the barrier in java/potentially-weak-cryptographic-algorithm less restrictive
 2023-08-01 14:20:44 +02:00
Alex Denisov
6667d9e45c Swift: SubExpr may yield unresolved nodes in certain cases while MatchedExpr is always resolved 2023-08-01 14:15:33 +02:00
Anders Schack-Mulligen
199d1431d7 Dataflow: Add change note. 2023-08-01 14:02:34 +02:00
Anders Schack-Mulligen
5946d5e806 Dataflow: Remove sync. 2023-08-01 14:02:34 +02:00
Anders Schack-Mulligen
0544205594 Swift: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Anders Schack-Mulligen
73d4b126cf Ruby: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Anders Schack-Mulligen
b27a3a81bc Python: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Anders Schack-Mulligen
21eb78ea5e Go: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Anders Schack-Mulligen
fcb482b870 C/C++: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Anders Schack-Mulligen
5c9a839ac7 C#: Adjust to use the qlpack data-flow api. 2023-08-01 13:47:09 +02:00
Anders Schack-Mulligen
c34c667e6b Java: Adjust to use the qlpack data-flow api. 2023-08-01 13:47:09 +02:00
Anders Schack-Mulligen
50e7892498 Dataflow: Autoformat/indent. 2023-08-01 13:47:08 +02:00
Anders Schack-Mulligen
d7ea60e137 Java: Move data flow lib. 2023-08-01 13:47:08 +02:00
Owen Mansel-Chan
dbc6868bc1 Update go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2023-08-01 12:23:49 +01:00
Asger F
9326fbd1dd Merge pull request #13841 from jeongsoolee09/log-injection-mad 
JS: Add support for log injection in MaD
 2023-08-01 13:09:56 +02:00
Michael Nebel
4568cccd71 Java: Add some unit tests for sourceModelKindConfig. 2023-08-01 12:56:13 +02:00
Michael Nebel
a9bc23fa3e Java: Add threat model configuration related extensible predicates and some initial tuples. 2023-08-01 12:56:13 +02:00
Michael Nebel
7ba8a663bf C#: Base the CSI query test cases on stubs. 2023-08-01 12:55:35 +02:00
Michael Nebel
c3c5fc0981 C#: Base the Configuration query test cases on stubs. 2023-08-01 12:55:35 +02:00
Michael Nebel
324eac7718 C#: Base the Concurrency query test cases on stubs. 2023-08-01 12:55:35 +02:00
Michael Nebel
cf8dc64842 C#: Base the Bad Practices query test cases on stubs. 2023-08-01 12:55:35 +02:00
Michael Nebel
49c8daefca C#: Base the Architecture query test cases on stubs. 2023-08-01 12:55:35 +02:00
Michael Nebel
ab4e643bf8 C#: Turn RuntimeVersion into a record type. 2023-08-01 12:54:55 +02:00
Alex Ford
2b741448f4 Merge pull request #13309 from maikypedia/maikypedia/ldap-injection 
Ruby: Add LDAP Injection query
 2023-08-01 10:44:46 +01:00
Cornelius Riemenschneider
41487987b5 Merge pull request #13858 from github/criemen-update-bazel 
Update bazel to 6.3.1
 2023-08-01 10:44:36 +02:00
Mathias Vorreiter Pedersen
d111fa7e94 Merge pull request #13862 from jketema/ir-test 
C++: Add IR test that shows dataflow regression after frontend update
 2023-08-01 10:06:49 +02:00
Tony Torralba
b5d08ade59 Formatting 2023-08-01 09:35:25 +02:00
Anders Schack-Mulligen
e73e312e10 Java: Add change note. 2023-08-01 09:28:56 +02:00
Stephan Brandauer
621c05dc4b Java: format 2023-08-01 09:19:03 +02:00
Stephan Brandauer
bc3e78f034 Java: add automodel framework mode test case for newly supported interface-method parameter extraction 2023-08-01 09:18:58 +02:00
Stephan Brandauer
058236877e Java: Drive-by: fix oversight in #13823 
In PR #13823, we had rewritten the endpoints that are being considered for framework mode. We used to use `DataFlow::ParameterNode` as endpoints.
However, `ParameterNode`s do not exist for the implicit `this` parameter; they also do not exist for bodiless interface-methods.

In PR #13823, we forgot to model that `this` only exists for non-static methods and to only consider parameters that we have source code for.
 2023-08-01 09:18:58 +02:00
Stephan Brandauer
5ad984f22f Java: update text expectations after merging #13823 2023-08-01 09:18:58 +02:00
Stephan Brandauer
da87d82d08 Java: fix a comment 2023-08-01 09:18:58 +02:00
Stephan Brandauer
be629b27ed Java: Automodel package private test case 2023-08-01 09:18:57 +02:00
Stephan Brandauer
f5c4155d63 Java: Automodel tests: update after merging #13818 2023-08-01 09:18:57 +02:00
Stephan Brandauer
44b8ec642e Java: merge framework mode tests into one 2023-08-01 09:18:57 +02:00
Stephan Brandauer
8cc367c45e Java: merge application mode tests into one 2023-08-01 09:18:57 +02:00
Stephan Brandauer
37b6b46dbf Java: update extraction query tests after merging PR #13747 2023-08-01 09:18:57 +02:00
Stephan Brandauer
50603102d1 Java: tests for automodel application mode, test that local calls are not candidates 2023-08-01 09:18:57 +02:00
Stephan Brandauer
457604e37e Java: tests for automodel framework mode negative example extraction 2023-08-01 09:18:57 +02:00
Stephan Brandauer
938a7a788f Java: tests for automodel application mode negative example extraction 2023-08-01 09:18:57 +02:00
Stephan Brandauer
abed936556 Java: tests for automodel framework mode positive example extraction 2023-08-01 09:18:57 +02:00
Stephan Brandauer
1bc222ec40 Java: tests for automodel application mode positive example extraction 2023-08-01 09:18:57 +02:00
Stephan Brandauer
2e89a11949 Java: tests for automodel application mode candidate extraction 2023-08-01 09:18:56 +02:00
Stephan Brandauer
18fe587e75 Java: tests for automodel framework mode candidate extraction 2023-08-01 09:18:56 +02:00