hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 14:46:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,929 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.3
Commit Graph

60929 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
14e51627c5 Merge pull request #14419 from rvermeulen/rvermeulen/javascript-adjust-security-severity 
JavaScript: Adjust XSS and log injection query severities
 2023-11-14 21:34:25 +01:00
Remco Vermeulen
52540b42fc Merge branch 'main' into rvermeulen/javascript-adjust-security-severity 2023-11-14 11:21:38 -08:00
Remco Vermeulen
6bd7047e41 Restore XssThroughDom.ql's severity 2023-11-14 11:20:51 -08:00
AlexDenisov
57f1f5b829 Merge pull request #14768 from github/alexdenisov/move-semantics 
Swift: extract AST nodes related to move semantics
 2023-11-14 19:13:27 +01:00
Mathias Vorreiter Pedersen
bff93c4484 Merge branch 'main' into no-dtt-in-tainted-arithmetic 2023-11-14 17:12:34 +00:00
Geoffrey White
0342b3eba2 Merge pull request #14772 from geoffw0/webview 
Swift: Use TaintInheritingContent in WebView.qll
 2023-11-14 16:29:32 +00:00
Geoffrey White
d28e7920b3 Merge pull request #14773 from geoffw0/fixmodel 
Swift: Fix odds and ends
 2023-11-14 16:28:33 +00:00
Tamás Vajk
331ca61be9 Merge pull request #14789 from tamasvajk/autobuild/arm-nuget-restore 
C#: Do not call nuget.exe on Apple Silicon
 2023-11-14 17:13:42 +01:00
Alex Denisov
559b965e74 Swift: add change note 2023-11-14 16:11:28 +01:00
Felicity Chapman
6299b844f8 Merge pull request #14785 from github/felicitymay-security-severity 
Update metadata-for-codeql-queries.rst
 2023-11-14 14:13:53 +00:00
Sam Browning
4385b316c0 Apply feedback from code review 2023-11-14 09:10:07 -05:00
Sam Browning
b1dc6099ff Apply feedback from code review 2023-11-14 09:01:54 -05:00
Sam Browning
15099b3db0 Update docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-14 08:57:52 -05:00
Tamas Vajk
8334c6db91 C#: Do not call nuget.exe on Apple Silicon 2023-11-14 14:50:29 +01:00
Alex Denisov
1c75e5b2a6 Swift: add database migration scripts for move semantics 2023-11-14 14:35:58 +01:00
Mathias Vorreiter Pedersen
1623bba18a Merge branch 'main' into no-dtt-in-tainted-arithmetic 2023-11-14 13:35:15 +00:00
Tom Hvitved
475d8da342 Ruby: Include more nodes in {Hash,Array}LiteralCfgNode 2023-11-14 13:50:46 +01:00
Tom Hvitved
ae09499905 Merge pull request #14781 from hvitved/ruby/ssa-unitialized-to-string 
Ruby: Include name of variable in `UninitializedDefinition.toString`
 2023-11-14 13:49:27 +01:00
Mathias Vorreiter Pedersen
c950e26b3e C++: Rewrite 'cpp/cpp/tainted-arithmetic' away from DefaultTaintTracking. 2023-11-14 12:19:12 +00:00
Felicity Chapman
f75c062949 Update metadata-for-codeql-queries.rst 
Replace link to blog with trackable GH.io link
 2023-11-14 12:06:44 +00:00
Mathias Vorreiter Pedersen
f22d87b7c7 Merge pull request #14771 from MathiasVP/fix-missing-unbounded-write-results 
C++: Fix missing results in `cpp/unbounded-write`
 2023-11-14 12:03:13 +00:00
Tamás Vajk
e11a68803e Merge pull request #14782 from github/criemen/disable-int-test 
Disable the nuget standalone dependencies test on ARM-osx.
 2023-11-14 12:32:48 +01:00
Owen Mansel-Chan
45faed057c Improve SliceExpr documentation 2023-11-14 11:25:16 +00:00
Tom Hvitved
f1b67ade9b Ruby: Include name of variable in UninitializedDefinition.toString 2023-11-14 11:33:59 +01:00
Cornelius Riemenschneider
f9ae7c5454 Disable the nuget standalone dependencies test on ARM-osx. 
The test is failing currently, and that needs further investigation.
This is a temporary workaround to allow us to continue to work on
some necessary infrastructure investments around these tests.
 2023-11-14 11:13:55 +01:00
Geoffrey White
296dee90dd Merge remote-tracking branch 'upstream/main' into fixmodel 2023-11-14 09:38:14 +00:00
Mathias Vorreiter Pedersen
967bbbc1a7 C++: Block flow out of sinks that are qualifiers. This removes the new result duplication and keeps the new result. 2023-11-14 09:29:47 +00:00
Tamás Vajk
28a5a1d507 Merge pull request #14760 from tamasvajk/apple-silicon-check 
C#: Change IsARM to Apple silicon check
 2023-11-14 10:27:42 +01:00
Tamas Vajk
5b38ba87df Code quality improvement 2023-11-14 08:08:46 +01:00
Erik Krogh Kristensen
db42b60015 Merge pull request #14779 from github/dependabot/cargo/ql/tracing-subscriber-0.3.18 
Bump tracing-subscriber from 0.3.17 to 0.3.18 in /ql
 2023-11-14 07:57:55 +01:00
dependabot[bot]
f8c8d59cb5 Bump tracing-subscriber from 0.3.17 to 0.3.18 in /ql 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.17 to 0.3.18.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.17...tracing-subscriber-0.3.18)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-14 03:56:51 +00:00
Owen Mansel-Chan
c8779d0d0b Fix another test 
No change in alerts, just 3 extra nodes.
 2023-11-13 23:56:25 +00:00
Owen Mansel-Chan
28160e418c Update tests 2023-11-13 23:26:30 +00:00
Owen Mansel-Chan
ed349f7d6b Improve value flow through arrays 2023-11-13 23:26:16 +00:00
Sam Browning
fa569dcef4 Delete requirements.txt 2023-11-13 17:28:14 -05:00
Sam Browning
040d971588 Merge branch 'main' into sabrowning1/queries-panel-language-selector 2023-11-13 17:27:35 -05:00
Sam Browning
e95bfc816e Clarify that queries run against selected database 2023-11-13 17:15:41 -05:00
Sam Browning
44935cef63 Tweak for style 2023-11-13 17:08:31 -05:00
Sam Browning
190050f577 Tweak formatting and styling 2023-11-13 16:52:33 -05:00
Sam Browning
458baeff32 Add content on queries panel and language selector 2023-11-13 15:59:51 -05:00
Geoffrey White
c14d4042e0 Merge pull request #14748 from geoffw0/pathinjectionsinks 
Swift: Add more path injection sinks
 2023-11-13 20:15:16 +00:00
Geoffrey White
5a451e964d Swift: Model mainDocumentURL. 2023-11-13 19:51:51 +00:00
Geoffrey White
b157d73c10 Swift: Make the URLRequest test more accurate. 2023-11-13 19:36:03 +00:00
Geoffrey White
985d1990eb Swift: Fix typo. 2023-11-13 18:55:11 +00:00
Geoffrey White
463096e4be Swift: Modernize tainted content in WebView.qll. 2023-11-13 18:30:40 +00:00
Geoffrey White
892beeab6d Swift: Add test case. 2023-11-13 18:25:59 +00:00
Geoffrey White
9ec2f9204b Swift: Correct components(separatedBy:) models. 2023-11-13 17:43:21 +00:00
Mathias Vorreiter Pedersen
c73e6f1fa8 C++: Accept more test changes. 2023-11-13 16:51:07 +00:00
Mathias Vorreiter Pedersen
9aafbfce13 C++: Fix test annotation. 2023-11-13 16:17:18 +00:00
Mathias Vorreiter Pedersen
cc6268339b C++: Fix failing test and accept test cases. 2023-11-13 15:57:22 +00:00