hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-31 16:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,929 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.3
Commit Graph

60929 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
e677c1ffe6 Java: Add qltest 2023-09-13 15:43:46 +02:00
Anders Schack-Mulligen
c8094d34a7 Dataflow: Add type-based call-edge pruning. 2023-09-13 15:43:45 +02:00
Anders Schack-Mulligen
300425540a Java: Minor improvement to TypeFlow for super accesses. 2023-09-13 15:43:45 +02:00
Anders Schack-Mulligen
a7b677ba40 Java: Bugfix for SuperAccess.isOwnInstanceAccess(). 2023-09-13 15:43:45 +02:00
Anders Schack-Mulligen
110a4c81e3 Java: Minor perf fix. 2023-09-13 15:43:45 +02:00
Dave Bartolomeo
edf6a80c3b Merge pull request #14185 from michaelnebel/csharp/quotinghotfixrc 
C#: Quoting hotfix.
 2023-09-13 09:34:05 -04:00
Alex Ford
79c305c1a1 Merge pull request #14124 from alexrford/rb/dataflow-query-refactor 
Ruby: Use the new dataflow API for checked in queries
 2023-09-13 14:24:47 +01:00
Koen Vlaswinkel
0434cce4c3 Java: Fix formatting of AutomodelVsCode.qll file 2023-09-13 14:54:03 +02:00
Tom Hvitved
bb7ba7872f Merge pull request #14203 from hvitved/ruby/semantic-merge-fix 
Ruby: Fix semantic merge conflict
 2023-09-13 14:53:18 +02:00
Koen Vlaswinkel
95296f1518 Java: Use don't care expression for kind and provenance 2023-09-13 14:45:47 +02:00
Tom Hvitved
f15cbb9316 Ruby: Simplify viableSourceCallableNonInit 2023-09-13 14:25:28 +02:00
Max Schaefer
e722e3288f Merge pull request #13771 from github/max-schaefer/server-side-url-redirect-help 
JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.
 2023-09-13 13:20:48 +01:00
yoff
62b41799d2 Merge pull request #14178 from yoff/python/broaden-sql-injection-frameworks 
Python: import all frameworks in SQL-injection query
 2023-09-13 14:14:09 +02:00
Mathias Vorreiter Pedersen
177fcacf38 Merge pull request #14134 from MathiasVP/add-surprising-lifetimes-to-experimental 
C++: Copy the Coding Standards' use-after-lifetime-ended query to Experimental
 2023-09-13 13:06:18 +01:00
Tom Hvitved
f3a78efe03 Ruby: Fix semantic merge conflict 2023-09-13 14:04:20 +02:00
yoff
7d931492d8 Update python/ql/lib/semmle/python/security/dataflow/SqlInjectionCustomizations.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-13 13:37:18 +02:00
Michael Nebel
0127b779b5 C#: Address review comments. 2023-09-13 13:31:58 +02:00
Alex Ford
b5ec99cb2f Ruby: fix missing qldoc 2023-09-13 12:28:19 +01:00
Mathias Vorreiter Pedersen
a0018c92e1 Merge pull request #14193 from MathiasVP/fully-converted-expressions-for-flow-after-free 
C++: Use fully converted expressions for `cpp/use-after-free` and `cpp/double-free`
 2023-09-13 12:24:23 +01:00
Alex Eyers-Taylor
0c10fa0c87 CPP: Add a location to TranslatedElement to help with debugging IR creation 2023-09-13 12:21:30 +01:00
Ian Lynagh
bd1d6e1d1e Merge pull request #14188 from igfoo/igfoo/kotlin-1.9.20 
Kotlin: Support 1.9.20
 2023-09-13 12:19:46 +01:00
Mathias Vorreiter Pedersen
0cd4e32ed8 C++: Add AST consistency query. 2023-09-13 12:15:40 +01:00
Koen Vlaswinkel
585fb9db7e C#: Add VS Code model editor queries 2023-09-13 13:12:55 +02:00
Koen Vlaswinkel
7db082f3fd Java: Add VS Code model editor queries 2023-09-13 13:04:26 +02:00
Erik Krogh Kristensen
cd5973764b Merge pull request #14112 from erik-krogh/pyAllowedHosts 
Py: add sanitizer guard for `url_has_allowed_host_and_scheme`
 2023-09-13 12:59:38 +02:00
Mathias Vorreiter Pedersen
af51a0a9ca C++: Respond to review comments. 2023-09-13 11:43:12 +01:00
Mathias Vorreiter Pedersen
81d20be1ee Update cpp/ql/src/experimental/Security/CWE/CWE-416/UseAfterExpiredLifetime.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-09-13 11:37:32 +01:00
Rasmus Wriedt Larsen
7292730391 Python: Add change-note 2023-09-13 11:55:48 +02:00
Rasmus Wriedt Larsen
f62c4108ef Python: Move url_has_allowed_host_and_scheme to Django.qll 2023-09-13 11:55:44 +02:00
Tom Hvitved
7400b4741e Merge pull request #14108 from hvitved/dataflow/more-consistency-checks 
Data flow: Add `ArgumentNode` consistency checks
 2023-09-13 11:30:51 +02:00
Tom Hvitved
bb85f87d7b Merge pull request #11725 from hvitved/ruby/capture-field-flow 
Ruby: Reimplement flow through captured variables using field flow
 2023-09-13 10:52:36 +02:00
Geoffrey White
3bf0d66d6c Merge pull request #13906 from geoffw0/commandinject2 
Swift: Add tests and develop command injection query
 2023-09-13 08:59:06 +01:00
Stephan Brandauer
7a7dc9b68f Merge pull request #14184 from github/kaeluka/application-mode-new-candidates-fixes 
Java: Automodel, new candidates fix
 2023-09-13 09:27:10 +02:00
Tom Hvitved
88d2e2590f Ruby: Rename LambdaSelfParameterNode to LambdaSelfReferenceNode 2023-09-13 08:52:22 +02:00
Kevin Stubbings
f9fe86a1ca Added change-notes 2023-09-12 21:34:30 -07:00
Kevin Stubbings
7d213d5bb9 Add Integer/Boolean Sanitizer 2023-09-12 21:10:11 -07:00
Ian Lynagh
df9c601571 Kotlin: Pass memory limits to kotlinc in some tests 
We can run out of memory with the defaults
 2023-09-12 23:14:41 +01:00
Robert Marsh
d9e694be9d Swift: update test expectation for collection content 2023-09-12 19:20:43 +00:00
Robert Marsh
4b970ff774 Swift: update models for array/collection content 2023-09-12 19:20:22 +00:00
Tom Hvitved
d3558f8579 Python: Update expected test output 2023-09-12 21:18:31 +02:00
Rasmus Wriedt Larsen
1de7460aba Python: Don't warn on multipleArgumentCall 2023-09-12 21:16:14 +02:00
Robert Marsh
3b7295b0fd Swift: unify ArrayContent and CollectionContent 2023-09-12 19:12:44 +00:00
Robert Marsh
7ca6b6f9a6 Swift: add dataflow test for async for 2023-09-12 19:05:03 +00:00
Robert Marsh
53ad559da5 Swift: fix for-try-await CFG 2023-09-12 19:04:30 +00:00
Mathias Vorreiter Pedersen
05080924de C++: Don't use converted expressions in 'LeapYear.qll'. 2023-09-12 19:48:52 +01:00
Mathias Vorreiter Pedersen
b03054b1ed C++: Make sure some instruction also gives back the 'ParenthesisExpr's. 2023-09-12 19:46:42 +01:00
Mathias Vorreiter Pedersen
71fe6f5d4b C++: Use fully converted expressions in 'cpp/use-after-free' and 'cpp/double-free'. 2023-09-12 19:28:57 +01:00
Robert Marsh
ecf1d98ce5 Merge pull request #14165 from rdmarsh2/rdmarsh2/swift/keypath-write-flow 
Swift: flow through writeable keypaths
 2023-09-12 14:24:40 -04:00
Tom Hvitved
c9910f5464 C++: Update expected test output 2023-09-12 20:05:12 +02:00
Tom Hvitved
53302117a1 C#: Implement missingArgumentCallExclude and multipleArgumentCallExclude 2023-09-12 20:05:11 +02:00