hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 18:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,691 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
b16444dd22 Merge pull request #12903 from github/dependabot/cargo/ql/regex-1.8.1 
Bump regex from 1.8.0 to 1.8.1 in /ql
 2023-04-24 11:05:13 +02:00
Geoffrey White
1f126b60ff Swift: Touch UnsafeWebViewFetch.qhelp. 2023-04-24 09:35:32 +01:00
Alex Ford
edf48f4839 Ruby: add sqlite3 to Frameworks.qll 2023-04-24 09:11:14 +01:00
Paolo Tranquilli
1ed5f6ac96 Swift: flush log files on log flushing 2023-04-24 10:08:37 +02:00
Paolo Tranquilli
f9a52f894e Merge branch 'main' into redsun82/swift-logging-assertions-and-prints 2023-04-24 09:58:19 +02:00
Paolo Tranquilli
c04ac9c04e Swift: demote wrong assertion 2023-04-24 09:57:51 +02:00
dependabot[bot]
5e274c9664 Bump tracing-subscriber from 0.3.16 to 0.3.17 in /ql 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.16 to 0.3.17.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.16...tracing-subscriber-0.3.17)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-24 04:12:25 +00:00
dependabot[bot]
a5e919b6cb Bump regex from 1.8.0 to 1.8.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits/1.8.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-24 04:12:06 +00:00
Harry Maclean
9ea0b19ead Replace deprecated extension in devcontainer 2023-04-23 06:05:25 +00:00
Harry Maclean
3f6087e179 Shared: formatting 2023-04-23 06:04:55 +00:00
Harry Maclean
690c243987 Shared: add CI check for shared extractor 2023-04-23 05:50:22 +00:00
Harry Maclean
9005684b10 Shared: Add integration test for shared extractor 
This is a very basic test but provides some confidence that the extractor is
working.
 2023-04-23 05:29:22 +00:00
Ed Minnix
19e6a9a1d3 Fix version of PathGraph used 2023-04-21 19:08:56 -04:00
Ed Minnix
40aed29858 Refactor Java Integration tests to new API 2023-04-21 18:22:28 -04:00
jarlob
6e9f54ef55 Use double curly braces 2023-04-21 19:03:38 +02:00
Arthur Baars
b919547e31 Add change note 2023-04-21 17:42:02 +02:00
Arthur Baars
bc44b9e4fb Python: update stats for YAML tables 2023-04-21 17:42:02 +02:00
Arthur Baars
c4a7353583 Python: upgrade/downgrade scripts 2023-04-21 17:42:02 +02:00
Arthur Baars
f61565cab1 Python: add YAML library 2023-04-21 17:42:02 +02:00
Arthur Baars
9c25c150a3 Python: add YAML dbscheme fragment 2023-04-21 17:42:02 +02:00
Rasmus Wriedt Larsen
b60cab254a Python: Accept .expected change 2023-04-21 15:25:47 +02:00
Joe Farebrother
a4d7570788 Add more sources 2023-04-21 14:23:01 +01:00
Joe Farebrother
9881fdfe27 Convert sources to MaD 2023-04-21 14:19:17 +01:00
Rasmus Wriedt Larsen
4094ec5fcc Python: Change additional dict store/read steps to not affect taint-tracking 2023-04-21 14:43:24 +02:00
Rasmus Wriedt Larsen
f80a0916ac Python: Don't report get/setdefault as unresolved calls for dict tests 2023-04-21 14:42:20 +02:00
Rasmus Wriedt Larsen
e0e978bd3e Python: Fix ql4ql alerts 2023-04-21 14:18:50 +02:00
Rasmus Wriedt Larsen
b56869551d Python: Support more dictionary read/store steps 
The `setdefault` behavior is kinda strange, but no reason not to support
it.
 2023-04-21 14:18:50 +02:00
Rasmus Wriedt Larsen
6e31f64aaa Python: Add test for dictionary flow 2023-04-21 14:18:46 +02:00
Erik Krogh Kristensen
4bf03e7962 Merge pull request #12897 from github/dependabot/cargo/ql/regex-1.8.0 
Bump regex from 1.7.3 to 1.8.0 in /ql
 2023-04-21 12:57:33 +02:00
Asger F
f3b14e13b2 Merge pull request #12841 from asgerf/rb/api-graph-class-nodes 
Ruby: add API node representing a module/class object
 2023-04-21 10:59:51 +02:00
Harry Maclean
ac1d250596 Shared: fix language prefix in extractor 2023-04-21 15:07:47 +07:00
Paolo Tranquilli
55f23ffa6f Merge branch 'main' into redsun82/swift-logging-assertions-and-prints 2023-04-21 09:18:48 +02:00
Michael Nebel
239a763ef9 Merge pull request #12845 from michaelnebel/csharp/xssrefactor 
C#: Re-factor Xss to use the new data flow API.
 2023-04-21 08:55:07 +02:00
dependabot[bot]
149753c052 Bump regex from 1.7.3 to 1.8.0 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.7.3 to 1.8.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-21 04:03:04 +00:00
Ed Minnix
64ea4833d9 Erase generics in typeAsModel 2023-04-20 17:09:36 -04:00
Jami Cogswell
85542638d7 Java: refactor CaptureModelsSpecific; resolve conflict for isInTestFile 2023-04-20 16:23:12 -04:00
Jami Cogswell
94f11029ee Java: refactor ExternalApi 2023-04-20 16:19:15 -04:00
Jami Cogswell
2ae4b646a0 Java: adjust genVsMan query test cases 2023-04-20 16:19:15 -04:00
Jami Cogswell
2ca8103a7e Java: remove isImplicitlyPublic predicate since not needed for this use-case 2023-04-20 16:19:15 -04:00
Jami Cogswell
5dbd11a584 Java: move veryPublic predicate 2023-04-20 16:19:15 -04:00
Jami Cogswell
fa1a6da60d Java: update genVsMan query test case 2023-04-20 16:19:15 -04:00
Jami Cogswell
7c72ece4a0 Java: update genVsMan coverage query to use ModelApi instead of DataFlowTargetApi 2023-04-20 16:19:15 -04:00
Jami Cogswell
9828ad0fc3 Java: add draft of class to represent callables we are interested in modeling 2023-04-20 16:19:15 -04:00
Jami Cogswell
2e76e12316 Java: add class and predicates to approximate an effectively public method 2023-04-20 16:19:15 -04:00
Geoffrey White
bfbd45a220 Swift: Fix CSV field sinks. 2023-04-20 18:14:34 +01:00
Geoffrey White
d317ad80e5 Swift: Convert to CSV sinks. 2023-04-20 17:53:00 +01:00
Nora Dimitrijević
1f861fda25 Merge pull request #12736 from d10c/swift/capture-flow 
Swift: Closure Capture Helper APIs
 2023-04-20 18:45:56 +02:00
Michael Nebel
0fdeeba46f C#: Re-refactor Xss to use the new API. 2023-04-20 18:38:15 +02:00
Geoffrey White
380bf21a38 Swift: Update InsecureTLSExtensions.ql sinks to not depend on AssignExpr. 2023-04-20 17:15:48 +01:00
Geoffrey White
c1a95d57bb Swift: Add some test cases. 2023-04-20 17:15:47 +01:00