codeql

mirror of https://github.com/github/codeql.git synced 2026-01-24 20:02:58 +01:00

Author	SHA1	Message	Date
Chris Smowton	db045e0d9e	Merge pull request #14729 from github/dependabot/go_modules/go/extractor/extractor-dependencies-479a80dd5e Bump the extractor-dependencies group in /go/extractor with 1 update	2023-11-09 09:40:13 +00:00
Tamas Vajk	fd99e1f6a5	C#: Add test case with nuget package containing tools	2023-11-09 10:33:34 +01:00
Cornelius Riemenschneider	b4ec13235d	Address review.	2023-11-09 09:40:29 +01:00
Tom Hvitved	5ae025f39a	C#: Add change note	2023-11-09 08:45:25 +01:00
Tom Hvitved	76e6f81075	C#: Allow for explicit interface names in MaD consistency check	2023-11-09 08:34:36 +01:00
Tom Hvitved	136adb2df2	C#: Regenerate `dotnet/runtime` models	2023-11-09 08:34:36 +01:00
Tom Hvitved	f920bc164a	C#: Update model generator to output one file per namespace	2023-11-09 08:34:36 +01:00
Tom Hvitved	7aed6f9233	C#: Manually update some MaD rows	2023-11-09 08:34:36 +01:00
Tom Hvitved	11c113bbd5	C#: Use new format for generics when parsing MaD rows	2023-11-09 08:34:36 +01:00
Tom Hvitved	84773fcde4	C#: Convert existing models using model converter	2023-11-09 08:34:35 +01:00
Tom Hvitved	74f483a6f5	C#: Update model conversion queries	2023-11-09 08:34:35 +01:00
Tom Hvitved	6f4311d656	C#: Include type parameters when printing MaD rows with generics	2023-11-09 08:34:06 +01:00
dependabot[bot]	8a3f29a6bf	Bump the extractor-dependencies group in /go/extractor with 1 update Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools). - [Release notes](https://github.com/golang/tools/releases) - [Commits](https://github.com/golang/tools/compare/v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>	2023-11-09 03:49:54 +00:00
Ben Rodes	79dcb4b48c	Update cpp/ql/lib/change-notes/2023-11-8-strsafe-models.md Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2023-11-08 12:37:55 -05:00
Benjamin Rodes	bdae2af0e2	Adding missing strsafe sprintf variants.	2023-11-08 12:20:53 -05:00
Benjamin Rodes	c3ff181198	Adding change log	2023-11-08 12:20:04 -05:00
Rasmus Wriedt Larsen	3023d3b8c0	Python: Add change-note	2023-11-08 17:20:05 +01:00
Rasmus Wriedt Larsen	4943fc5a57	Python: Model taint from `re.<func>` calls	2023-11-08 17:18:40 +01:00
Rasmus Wriedt Larsen	851c30e797	Python: Add taint modeling of `re.Match` objects	2023-11-08 17:18:09 +01:00
Mathias Vorreiter Pedersen	68e7f84c23	Merge pull request #14661 from geoffw0/commandinject4 Swift: Fix defaultImplicitTaintRead on fields	2023-11-08 15:52:18 +00:00
Geoffrey White	6b434d10ce	Merge pull request #14701 from geoffw0/promotecmdline Swift: Promote the command injection query out of experimental	2023-11-08 15:46:29 +00:00
Paolo Tranquilli	e68826bf99	Merge pull request #14261 from github/alexdenisov/upgrade-to-swift-5.9 Swift: upgrade to 5.9	2023-11-08 16:15:41 +01:00
Cornelius Riemenschneider	6b37d2009b	Merge branch 'main' into criemen/js-bazel	2023-11-08 16:11:47 +01:00
Mathias Vorreiter Pedersen	38bd893c81	Merge branch 'main' into no-dtt-in-unbounded-write	2023-11-08 15:06:59 +00:00
Rasmus Wriedt Larsen	ea4761d3b6	Python: Add tests of taint-flow for `re` module	2023-11-08 16:05:22 +01:00
Mathias Vorreiter Pedersen	e90803a81c	C++: Rewrite 'cpp/unbounded-write' away from DefaultTaintTracking.	2023-11-08 14:57:04 +00:00
Cornelius Riemenschneider	512c6a59c5	Merge pull request #14718 from github/criemen/go-ub Restructure go Makefile: Build the per-platform target.	2023-11-08 15:30:57 +01:00
Mathias Vorreiter Pedersen	d8e75e66d7	Merge pull request #14717 from github/alexdenisov/fix-cfg-for-single-value-stmt-expr Swlft: fix CFG for SingleValueStmtExpr	2023-11-08 14:26:00 +00:00
Rasmus Wriedt Larsen	9b0ad8295e	Python: Add test of nested classes	2023-11-08 14:58:40 +01:00
Shati Patel	3586231e7d	Merge pull request #14668 from github/shati-patel/docs-databases VS Code extension docs: Changes to database downloads	2023-11-08 13:55:43 +00:00
Rasmus Wriedt Larsen	9d5cf0b331	Merge branch 'main' into class-attribute-flow	2023-11-08 14:30:53 +01:00
Rasmus Wriedt Larsen	6d4e000c7c	Merge pull request #14590 from RasmusWL/fix-dataflow-class-scope Python: Fix dataflow consistency error due to missing class scope	2023-11-08 14:30:34 +01:00
Rasmus Wriedt Larsen	43d9d2ceb7	Merge pull request #14603 from github/max-schaefer/broken-crypto-algorithm-link JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.	2023-11-08 14:29:24 +01:00
Anders Schack-Mulligen	f9132c5ff0	Java: Duplicate a bit more code to postpone Java-C# cleanup.	2023-11-08 14:04:34 +01:00
Tamas Vajk	2273bb13b8	C#: Include all (legacy) nuget restored folders in standalone references	2023-11-08 14:02:41 +01:00
Tamas Vajk	b782e5bf44	C#: Add test case with legacy nuget restore	2023-11-08 14:01:10 +01:00
Tamás Vajk	4ae35d179e	Merge pull request #14707 from tamasvajk/standalone/framework-nuget-1 C#: Keep only one framework reference nuget package in standalone	2023-11-08 12:52:52 +01:00
Alex Denisov	d510739ca2	Swift: add 5.9 chagenote	2023-11-08 12:20:33 +01:00
Anders Schack-Mulligen	1f4cd74a1c	Java/C++: Move SsaReadPosition to shared qlpack.	2023-11-08 12:11:17 +01:00
Michael Nebel	795e32c681	Merge pull request #14693 from michaelnebel/csharp/fixcompilerwarning C#: Fix compiler warning of possible null de-reference.	2023-11-08 12:04:41 +01:00
Michael Nebel	b1c3915fd9	Merge pull request #14712 from michaelnebel/csharp/tracerdotnettest C#: Tracer improvement for `dotnet test`	2023-11-08 12:03:19 +01:00
Geoffrey White	d78a7b9d94	Swift: Add credit to change note.	2023-11-08 10:46:57 +00:00
Michael Nebel	0cf00ebb5d	C#: Re-introduce null check in cached entity hash code calculation.	2023-11-08 10:59:06 +01:00
Cornelius Riemenschneider	f12310cb86	The java-version-too-old relies on a Java 8 installation. We don't have a Java 8 build on the M1 machines, therefore skip this test.	2023-11-08 10:36:47 +01:00
Cornelius Riemenschneider	137403f649	Java: Move more tests to use the try_use_java11() helper. This is in preparation of executing these tests on GH-hosted M1 runners, where we need to have architecture-specific path handling. It's nicer to fix all of this in one place (the helper), than to run around fixing individual tests.	2023-11-08 10:33:50 +01:00
Mathias Vorreiter Pedersen	ab64d9a9d6	Merge pull request #14713 from MathiasVP/no-gvn-as-ssa-in-range-analysis C++: Don't use GVN as SSAVariable in new range analysis	2023-11-08 09:28:15 +00:00
Michael Nebel	69e8621062	C#: Fix compiler warning of possible null de-reference.	2023-11-08 10:21:26 +01:00
Paolo Tranquilli	ac838d72de	Codegen: mark all generated files and classes as `INTERNAL`	2023-11-08 10:02:17 +01:00
Paolo Tranquilli	b7543f5dc7	Codegen: pass `ql_internal` to `Stub`	2023-11-08 09:54:21 +01:00
Michael Nebel	cd4a546763	C#: Add CIL extraction change note.	2023-11-08 09:40:01 +01:00

... 16 17 18 19 20 ...

61599 Commits