hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-31 08:06:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,239 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.2
Commit Graph

60239 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
66a4f1bf74 Bump chrono from 0.4.29 to 0.4.30 in /ql 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.29 to 0.4.30.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.29...v0.4.30)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-08 04:04:05 +00:00
Mathias Vorreiter Pedersen
49fee35b37 Merge pull request #13947 from rdmarsh2/rdmarsh2/swift/dictionary-flow-tuples 
Swift: collection/tuple content for dictionary flow
 2023-09-07 22:05:10 +01:00
Robert Marsh
0d79158bb1 Swift: remove TODOs after deciding not to do them 2023-09-07 20:15:12 +00:00
Robert Marsh
603f2cd3b2 Swift: fix test expectation properly 2023-09-07 19:35:02 +00:00
Mathias Vorreiter Pedersen
32ed82eecc Merge pull request #14154 from MathiasVP/fix-off-by-one-in-asDefiningArgument 2023-09-07 18:48:57 +01:00
Robert Marsh
0fff540add Swift: update a test expectation for dictionary flow 2023-09-07 16:14:23 +00:00
Robert Marsh
4f4491a876 Swift: autoformat 2023-09-07 16:14:05 +00:00
Robert Marsh
5fe942e642 Swift: flow through writeable keypaths 2023-09-07 15:56:44 +00:00
Rasmus Wriedt Larsen
2182bf17dc Merge pull request #14160 from erik-krogh/py-clear-text-log-help 
Py: add new qhelp for clear-text-logging
 2023-09-07 16:35:19 +02:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
Alex Ford
947fa0de62 Ruby: fix qldoc warnings 2023-09-07 14:57:04 +01:00
Alex Ford
4a01de13ef Ruby: avoid toString in query warning 2023-09-07 14:54:50 +01:00
Stephan Brandauer
c4f5213d68 Java: format 2023-09-07 15:50:03 +02:00
Stephan Brandauer
836a5822f3 Java: Automodel App Mode: remove bogus implementation 2023-09-07 15:49:58 +02:00
Stephan Brandauer
c173d9ae40 Java: automodel application mode: generate models for overridden method candidates 2023-09-07 15:49:58 +02:00
Stephan Brandauer
3121949123 Java: automodel application mode: test case for overridden method candidate 2023-09-07 15:49:58 +02:00
Stephan Brandauer
1e1b59ed52 Java: automodel: additionally consider sources for alreadyAiModeled property 2023-09-07 15:49:58 +02:00
Stephan Brandauer
6f7d78183f Java: add endpoints for parameters of overridden methods in automodel application mode 2023-09-07 15:49:57 +02:00
Stephan Brandauer
dff8259e78 Java: support remote sources in automodel positive example extraction 2023-09-07 15:49:57 +02:00
Stephan Brandauer
fcabca4581 Java: Export MaD output in application mode extraction queries 2023-09-07 15:49:57 +02:00
Stephan Brandauer
8d133f86c7 Java: replace getArgIndex by getMaDInput 2023-09-07 15:49:57 +02:00
Stephan Brandauer
902a585b47 Java: remove isArgOf predicate 2023-09-07 15:49:57 +02:00
Stephan Brandauer
caaf2f83d7 Java: enable model exclusion characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
344aa9cb6b Java: enable local call characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
afc5aedd0a Java: enable exception characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
a526b79211 Java: enable unexploitable is/exists characteristics also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
f55d950be3 Java: update application mode extraction test expectations after adding source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer
937e452ce0 Java: add extensibleType to sampling keys 2023-09-07 15:49:57 +02:00
Stephan Brandauer
eb1e29d284 Java: add new endpoint class for source candidates in application mode 2023-09-07 15:49:57 +02:00
Stephan Brandauer
7cfcbf6b71 Java: add extensible type to endpoint class in application mode 2023-09-07 15:49:56 +02:00
Alex Ford
0aee7f6ac6 Ruby: qlformat 2023-09-07 14:47:02 +01:00
Alex Ford
13300a2e2f Ruby: un-private PathGraph imports 2023-09-07 14:24:46 +01:00
Alex Ford
a893911dba Ruby: Use a newtype instead of DataFlow::FlowState for insecure-download 2023-09-07 14:22:18 +01:00
Alex Ford
75fdde543f Ruby: Use a newtype instead of DataFlow::FlowState for hardcoded-data 2023-09-07 14:13:26 +01:00
Rasmus Lerchedahl Petersen
b07d085157 Python: make test PoC a proper package 2023-09-07 15:04:27 +02:00
Rasmus Lerchedahl Petersen
970e881697 Python: Follow naming convention 2023-09-07 15:03:51 +02:00
Alexander Eyers-Taylor
df2b313c5e Merge pull request #14155 from alexet/reach-end-of-function-return 
CPP: Make functions that reach the end return.
 2023-09-07 13:58:43 +01:00
Alex Eyers-Taylor
43a72f2a8e CPP:Add tests for the aliased IR. 2023-09-07 13:42:31 +01:00
Alex Eyers-Taylor
404145dd1b CPP: Update tests 2023-09-07 13:42:31 +01:00
Alex Ford
0d7d5a35c9 Ruby: Use a newtype instead of DataFlow::FlowState for code-injection 2023-09-07 13:39:10 +01:00
Alex Eyers-Taylor
b44c4587a4 CPP: Remove sucessors of non-returning IR calls. 2023-09-07 12:58:20 +01:00
Alex Eyers-Taylor
e8dfecc4a4 CPP: Fix test result 2023-09-07 12:49:13 +01:00
Alex Eyers-Taylor
d603b7ac3c CPP: Make functions that reach the end return. 
This is UB in C++ but not C where it is only bad if the result is used.
 2023-09-07 12:39:48 +01:00
Alex Ford
dfc3b33910 Ruby: Use a newtype instead of DataFlow::FlowState for unicode-bypass-validation 2023-09-07 12:09:47 +01:00
Michael B. Gale
3b708993c7 Go: Add diagnostic for 1.21 toolchain error 2023-09-07 11:51:20 +01:00
erik-krogh
bf3fe3cd66 add new qhelp for clear-text-logging 2023-09-07 12:39:13 +02:00
Michael B. Gale
38892bb51b Merge pull request #13999 from github/mbg/csharp/standalone/dotnet-version 
C# Standalone: Install .NET SDK specified in `global.json`
 2023-09-07 11:30:53 +01:00
Rasmus Wriedt Larsen
ec0529d68c Merge pull request #14145 from p-/p--asyncio-cmdi-exec 
Python: Support for command injection sinks found in the `asyncio` module
 2023-09-07 11:27:50 +02:00
Rasmus Wriedt Larsen
bfb4be26c2 Python: Autoformat 2023-09-07 10:31:39 +02:00
Rasmus Wriedt Larsen
54c456d95d Python: Apply suggestions from code review 2023-09-07 10:28:46 +02:00