hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 17:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,689 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maiky
8dca585207 Expected 2023-05-23 20:04:34 +02:00
Maiky
ad5355a04a Pg Library, change note and Frameworks.qll 2023-05-23 19:49:03 +02:00
Arthur Baars
e33f3a6668 Merge pull request #13154 from aibaars/sync-dbscheme-py 
JS/Ruby/QL/Python: sync dbscheme fragments
 2023-05-23 19:14:29 +02:00
Mathias Vorreiter Pedersen
4b92a2a3d0 C++: Fix Code Scanning error. 2023-05-23 10:13:19 -07:00
Geoffrey White
2c5202018d Swift: Add sinks. 2023-05-23 18:11:33 +01:00
Mathias Vorreiter Pedersen
43459c16fd C++: Modernize the PrintIRStoreSteps (and rename it to PrintIRFieldFlowSteps) after the use-use flow changes. 2023-05-23 10:02:54 -07:00
Mathias Vorreiter Pedersen
8ee7694e7d C++: Modernize the PrintIRLocalFlow after the use-use flow changes. 2023-05-23 10:02:30 -07:00
Mathias Vorreiter Pedersen
0519ceeeaa C++/C#: Sync identical files. 2023-05-23 10:00:26 -07:00
Mathias Vorreiter Pedersen
ccc9e09dbd C++: Add mechanism to hide specific instructions and operands from PrintIR. 2023-05-23 10:00:09 -07:00
Mathias Vorreiter Pedersen
81dbfecbfc C++: Promote the product-dataflow library out of experimental. 2023-05-23 09:48:50 -07:00
Mathias Vorreiter Pedersen
6fca8dfd39 Merge pull request #13260 from jketema/test-config-sig 
C++: Rewrite flow test common to use inline expectation test module
 2023-05-23 09:38:43 -07:00
Sim4n6
90c174de4e Updated the .expected file accordingly 2023-05-23 17:36:50 +01:00
Geoffrey White
8573b30239 Swift: Add test cases. 2023-05-23 17:29:51 +01:00
Philip Ginsbach
71a6e62c75 Merge pull request #13264 from github/ginsbach/MoveSignaturesSection 
move section on signatures in the QL specification
 2023-05-23 17:22:01 +01:00
Philip Ginsbach
1179f20d88 Merge pull request #13263 from github/ginsbach/DocumentAnnotationsForParameterised 
update QL specification on annotations for parameterised modules
 2023-05-23 17:20:26 +01:00
Asger F
e4e52e77f7 QL4QL: Add query to warn about name clashes between summarized callables 2023-05-23 18:01:31 +02:00
Jeroen Ketema
1be9463297 Add forgotten classes related to the legacy InlineExpectationsTest class 2023-05-23 17:39:01 +02:00
Asger F
0592c8ba99 Ruby: avoid name clash for "assoc" summary 2023-05-23 17:34:19 +02:00
Philip Ginsbach
3e7389e1f8 move section on signatures in the QL specification 2023-05-23 16:29:35 +01:00
Philip Ginsbach
f884473447 be more explicit about annotation caveats 2023-05-23 16:23:17 +01:00
Philip Ginsbach
10a02d6387 Signatures column for pragmas table 2023-05-23 16:23:17 +01:00
Philip Ginsbach
846dffb5ff Signatures column for simple annotations table 2023-05-23 16:23:16 +01:00
Philip Ginsbach
6f4b02ef14 add documentation for extensible annotation 2023-05-23 16:08:38 +01:00
Philip Ginsbach
89d246ba34 add documentation for additional annotation 2023-05-23 16:06:57 +01:00
Edward Minnix III
52340802bb Merge pull request #13097 from egregius313/egregius313/java/webgoat/ssrf-regex-fix 
Java: Add constraint to `HostnameSanitizingPrefix` to prevent false negatives in SSRF queries
 2023-05-23 10:50:43 -04:00
Asger F
50a7b21928 Ruby: fix a name clash for summaries called "delete" 2023-05-23 16:49:17 +02:00
Jeroen Ketema
aeb6293757 C++: Rewrite flow test common to use inline expectation test module 
This also rewrites all uses of flow test common to use `DataFlow::ConfigSig`.

Note that the removed deprecated aliases are 14 months old by now and, hence,
can be safely removed.
 2023-05-23 16:34:41 +02:00
Alex Ford
9ccfec0571 Ruby: move actiondispatch components to an internal subdirectory 2023-05-23 15:26:52 +01:00
Arthur Baars
7c5fef37eb Merge pull request #13257 from smowton/smowton/hotfix/useless-assignment-to-field-exclude-method-receivers 
Hotfix: Go: exclude method receivers from dead-store-of-field query
 2023-05-23 16:20:34 +02:00
Alex Ford
9f5c73cf63 Ruby: add a test case for instantiating ActionDispatch::Request directly 2023-05-23 15:18:32 +01:00
Alex Ford
1c9e4c0f0b Ruby: test for RequestInputAccess instances in ActionDispatch 2023-05-23 15:17:38 +01:00
Paolo Tranquilli
09ce29b79f Merge branch 'codeql-cli-2.13.3' into redsun82/swift-hidden-ast 2023-05-23 16:12:54 +02:00
Paolo Tranquilli
a14f7dd153 Merge pull request #13238 from github/redsun82/swift-remove-props-from-interpolated-strings 
Swift: remove unneeded properties from `InterpolatedStringLiteralExpr`
 2023-05-23 15:57:31 +02:00
Alex Ford
c2f5bacc47 Ruby: consider more calls to e.g. ActionDispatch::Request#params as remote input sources 2023-05-23 14:50:16 +01:00
Alex Ford
27729af088 Ruby: move ActionDispatch::Request logic out of ActionController.qll 2023-05-23 14:49:57 +01:00
Alex Ford
9b4914c3f6 Ruby: split ActionDispatch modelling into multiple component files 2023-05-23 14:48:45 +01:00
Paolo Tranquilli
fce33d369b Merge branch 'codeql-cli-2.13.3' into redsun82/swift-hidden-ast 2023-05-23 15:31:29 +02:00
Chris Smowton
99c211955b Hotfix: Go: exclude method receivers from dead-store-of-field query 2023-05-23 14:31:25 +01:00
Geoffrey White
b2a958f8d3 Merge pull request #13163 from geoffw0/cleartextlogging 
Swift: Make the cleartext logging query consistent with other cleartext-* queries.
 2023-05-23 14:14:56 +01:00
Jeroen Ketema
ee36d32ef0 Merge pull request #12789 from jketema/inline 
Turn inline expectation test into a parameterized module
 2023-05-23 14:58:48 +02:00
Paolo Tranquilli
86eecea5f6 Merge branch 'codeql-cli-2.13.3' into cleartextlogging 2023-05-23 14:44:36 +02:00
Paolo Tranquilli
aca85d76ee Merge branch 'codeql-cli-2.13.3' into redsun82/swift-remove-props-from-interpolated-strings 2023-05-23 14:42:00 +02:00
Paolo Tranquilli
f964d196dc Merge pull request #13213 from geoffw0/hideenumcasedecl 
Swift: Add EnumDecl.getEnumElement(_)
 2023-05-23 14:37:02 +02:00
Tom Hvitved
eaa84cb819 Ruby: Include underlying SSA parameter definition in localFlowSsaParamCaptureInput 2023-05-23 13:56:29 +02:00
Tony Torralba
6f012d51c0 Merge pull request #13091 from atorralba/atorralba/java/inputstreamwrapper-transitive 
Java: Make inputStreamWrapper consider supertypes transitively
 2023-05-23 13:28:17 +02:00
Michael Nebel
8cef798a6f Merge pull request #13202 from michaelnebel/csharp/systemdatetimedefaults 
C#: System.DateTime defaults.
 2023-05-23 13:11:20 +02:00
Chris Smowton
8b28848c82 Merge pull request #13250 from smowton/smowton/hotfix/golang-field-store-varargs-function 
Hotfix: Go: count passing to a vararg function as escaping
 2023-05-23 12:03:48 +01:00
Paolo Tranquilli
67d4788dc5 Merge branch 'codeql-cli-2.13.3' into hideenumcasedecl 2023-05-23 12:53:07 +02:00
Paolo Tranquilli
7aac538480 Merge branch 'codeql-cli-2.13.3' into redsun82/swift-remove-props-from-interpolated-strings 2023-05-23 12:47:17 +02:00
Paolo Tranquilli
b4edc92079 Swift: make hideability spread upward in the hierarchy 2023-05-23 12:45:18 +02:00