hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 07:36:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
59,785 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.1
Commit Graph

59785 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
BD
31550b22b6 Merge branch 'main' into enable-gokit-by-default 2023-10-04 12:42:09 +05:30
Ed Minnix
581d410304 Add change note 2023-10-03 22:29:00 -04:00
Ed Minnix
e122d81336 Add new source kinds for threat modeling 2023-10-03 22:29:00 -04:00
Edward Minnix III
a1d3667f1c Refactor Hudson file methods to MaD 2023-10-03 22:28:59 -04:00
Edward Minnix III
3a75c0fde7 Refactor DatabaseInput to MaD 2023-10-03 22:28:59 -04:00
Edward Minnix III
655470f3da Refactor EnvInput to MaD 2023-10-03 22:28:47 -04:00
Josh Brown
de2e8b0b12 explicit "this" qualifiers 2023-10-03 16:13:54 -07:00
Josh Brown
ad86e576a4 autoformat 2023-10-03 13:40:17 -07:00
Josh Brown
b683a3caf8 Merge branch 'main' into jb1/16-cryptography-models-libraries-and-queries-migration 2023-10-04 07:24:29 +11:00
Robert Marsh
06da5fd05c Swift: move import to make codegen happy 2023-10-03 17:23:00 +00:00
Geoffrey White
d258f69ab0 Merge pull request #14329 from geoffw0/sinks 
Swift: Update summary queries
 2023-10-03 17:39:00 +01:00
Geoffrey White
34b33e1577 Merge pull request #14328 from geoffw0/debugdesc 
Swift: Model .description, .debugDescription more generally
 2023-10-03 17:37:22 +01:00
Geoffrey White
c518f39a0c Merge pull request #14357 from geoffw0/commandinject3 
Swift: Replace two additional taint steps with implicit reads
 2023-10-03 17:34:59 +01:00
amammad
22c4b5113d do gofmt 2023-10-03 18:29:34 +02:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Robert Marsh
cdef0796e3 Swift: QLDoc for NilCoalescingExpr.qll 2023-10-03 15:00:03 +00:00
Robert Marsh
497f0aa8ab Swift: sync test files and update expectation 2023-10-03 14:57:04 +00:00
Michael Nebel
8224f172b2 Merge pull request #14257 from michaelnebel/java/threatmodelsources 
Java: Introduce a class of dataflow nodes for the threat modeling.
 2023-10-03 16:10:49 +02:00
Mathias Vorreiter Pedersen
9a139ea903 C++: Accept test changes. 2023-10-03 15:58:35 +02:00
Mathias Vorreiter Pedersen
57d3f3f482 C++: Actually propagate the 'isBarrier1' or 'isBarrier2' predicates to the dataflow configurations. 2023-10-03 15:58:24 +02:00
Mathias Vorreiter Pedersen
9df5e43fae C++: Block flow through indirect flow through pointer-arithmetic instructions when following flow for the allocation size. 2023-10-03 15:31:50 +02:00
Owen Mansel-Chan
7c8233aade Add change note 2023-10-03 13:35:26 +01:00
Tamás Vajk
df988e46da Merge pull request #14351 from tamasvajk/csharp/standalone-compilation 
C#: Extract compilation DB entity in standalone mode
 2023-10-03 14:21:21 +02:00
Owen Mansel-Chan
5433636d49 Fix formatting errors in files included in qhelp 2023-10-03 12:48:03 +01:00
Owen Mansel-Chan
2a52455619 Improve output of check-formatting in Makefile 
The list of files that would change when reformatted is now printed.
Also, parsing errors now make the check fail.
 2023-10-03 12:48:01 +01:00
Ian Lynagh
c365f459fd Merge pull request #14355 from igfoo/igfoo/lang-vers 
Kotlin: Specify language version when compiling for old compilers
 2023-10-03 11:33:23 +01:00
Bharadwaj Machiraju
53a291aeae Remove GoKit from untrusted flow sources test 2023-10-03 15:39:52 +05:30
Bharadwaj Machiraju
6c8ae55a68 Enable GoKit module into the default list 2023-10-03 15:39:52 +05:30
Mathias Vorreiter Pedersen
dbe3bd0c50 Merge pull request #14360 from MathiasVP/promote-use-after-free-and-double-free 
C++: Promote `cpp/double-free` and `cpp/use-after-free` to Code Scanning
 2023-10-03 11:52:23 +02:00
Michael Nebel
fcbd301de8 Java: Address review comments. 2023-10-03 10:36:45 +02:00
Mathias Vorreiter Pedersen
b6ed9ccfda C++: Add change notes. 2023-10-03 09:33:40 +02:00
Mathias Vorreiter Pedersen
7084dc1a88 C++: Promote 'cpp/use-after-free' and 'cpp/double-free' to Code Scanning. 2023-10-03 09:22:47 +02:00
Mathias Vorreiter Pedersen
5632dd5e46 Merge pull request #14275 from alexet/fix-use-after-free-fp 
CPP: Fix some use after free FPs.
 2023-10-03 09:16:42 +02:00
Michael Nebel
5b949b19f7 Java: Cleanup threat model taxanomy to align with the EDR. 2023-10-03 09:16:39 +02:00
Michael Nebel
5c700afa27 Java: Add some threat model dataflow tests. 2023-10-03 09:16:39 +02:00
Michael Nebel
537965c0e8 Java: Add some testfiles. 2023-10-03 09:16:39 +02:00
Michael Nebel
2055d5492c Java: Let RemoteFlowSource and LocalUserInput extends SourceNode and fine grain the LocalUserInput threat models. 2023-10-03 09:16:38 +02:00
Michael Nebel
9a112dde66 Java: Introduce a class of dataflow nodes for the threat modeling. 2023-10-03 09:16:38 +02:00
Geoffrey White
0f1711fe1e Swift: Test insertMany. 2023-10-02 23:04:07 +01:00
Geoffrey White
bbd3c66d5a Swift: Update for CollectionContent. 2023-10-02 20:32:24 +01:00
Geoffrey White
81b358a711 Swift: Replace a similar additional taint step in another query. 2023-10-02 20:19:40 +01:00
Geoffrey White
27bdee8058 Swift: Replace additional taint step with implict read. 
Now that we have array content, this is a more principled approach than having a special case data step.
 2023-10-02 20:19:30 +01:00
Robert Marsh
ca722dc74c Swift: add NilCoalescingTest node to CFG 
Fixes an issue where a nil-coalescing operation used in a boolean
context would result in no control flow out of the default operand of
the nil-coalescing operator.
 2023-10-02 18:07:11 +00:00
Ian Lynagh
513a39f0b4 Kotlin: Specify language versino when compiling for old compilers 
Otherwise builds with Kotlin 2 won't work with older compilers.
 2023-10-02 18:14:01 +01:00
Ian Lynagh
f3c5c01ec5 Kotlin: Drop support for 1.4.32 
We never claimed to support anything < 1.5.0, and compiling with
-language-version 1.4 fails as it's not meant to support sealed classes.

If we build 1.4.32 with -language-version 1.5 using a 2.0 compiler,
then the resulting plugin also fails.
 2023-10-02 17:29:10 +01:00
Geoffrey White
db5e0ff7a8 Swift: Autoformat. 2023-10-02 16:06:38 +01:00
Tom Hvitved
2684a22484 Merge pull request #14255 from hvitved/dataflow/perf-improvements 
Data flow: Performance improvements
 2023-10-02 16:37:24 +02:00
Tamas Vajk
b2514b3c69 Adjust expected test output 2023-10-02 13:35:16 +02:00
Geoffrey White
3d552d7d5d Swift: Simplify FloatPoint model now that it works to do so. 2023-10-02 11:59:26 +01:00