hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 03:01:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,691 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Edward Minnix III
76f8d460e7 Merge pull request #12851 from egregius313/egregius313/mad/add-groovy-stubs-to-isInTestFile 
Java: Add `*/test/*` to model generator's list of ignored paths
 2023-04-20 11:06:38 -04:00
Paolo Tranquilli
00436828a9 Merge pull request #12883 from github/redsun82/swift-default-output-dir 
Swift: aggregate default output directories
 2023-04-20 16:58:31 +02:00
Alex Ford
9dc04f30ac Ruby: model sqlite3 2023-04-20 15:47:14 +01:00
Kasper Svendsen
b707c8162e Prevent Ruby join order regression 2023-04-20 15:52:32 +02:00
Paolo Tranquilli
c7378a1e5b Merge branch 'main' into redsun82/swift-default-output-dir 2023-04-20 15:12:07 +02:00
Arthur Baars
94e0828ab9 Merge pull request #12793 from aibaars/js-yaml-extractor 
JavaScript: switch to shared YamlPopulator
 2023-04-20 14:46:06 +02:00
Michael Nebel
aa8291e13f Merge pull request #12870 from michaelnebel/csharp/refactordataflow6 
C#: Re-factor data flow and taint tracking configurations to use the new API.
 2023-04-20 14:31:20 +02:00
Kasper Svendsen
51b6da4183 Merge pull request #12875 from kaspersv/kaspersv/prevent-ruby-join-order-regression 
Prevent Ruby join order regression
 2023-04-20 13:50:40 +02:00
Kasper Svendsen
603a97faf9 Prevent Python join order regression 2023-04-20 13:44:30 +02:00
Luke Cartey
9dc1ea1216 Merge branch 'main' into mcafee-trojan-fp 2023-04-20 12:34:38 +01:00
Erik Krogh Kristensen
377aa68bb3 Merge pull request #12854 from natejohnson05/js-insecure-http-parser 
JS - NodeJS CWE-444 InsecureHTTPParser
 2023-04-20 13:09:45 +02:00
Luke Cartey
a47778c22e Update SimpleXmlRpcServer.ql to avoid av detection 
This file was being flagged by McAfee as an `Exploit-Generic.src`
trojan. We have attempted to report this to Mcafee without success so
far. This commit therefore adjusts the file to avoid detection.
 2023-04-20 11:59:18 +01:00
Asger F
1d0a0dec6f JS: Fix typo 2023-04-20 12:48:17 +02:00
Asger F
1acc0d2ddf JS: Update model of js-yaml 2023-04-20 12:47:13 +02:00
Michael Nebel
656d8d2451 Sync files. 2023-04-20 11:29:51 +02:00
Michael Nebel
c71278ceb7 C#: Introduce parameterized module for merging three path graphs. 2023-04-20 11:29:34 +02:00
Paolo Tranquilli
60c723e7cc Swift: aggregate default output directories 
In case the extractor is run in isolation for debugging/testing, this
will avoid littering the current working directory with artifacts, and
instead having a single `extractor-out` directory to inspect or clean
up.

Also extractor logs have been nested into a `swift` directory, as the
log directory provided by the `codeql` cli is actually shared between
languages.
 2023-04-20 09:20:11 +02:00
Harry Maclean
8091d57f03 Shared: Remove unused type 2023-04-20 08:07:40 +07:00
Harry Maclean
da9a49d6e4 QL: Use high level extractor API 2023-04-20 08:07:40 +07:00
Harry Maclean
c4d7658cc6 Shared: high level API for the shared extractor 
This API makes it easy to create an extractor for simple use cases.
 2023-04-20 08:07:40 +07:00
Jeroen Ketema
b6a7661c7e Merge pull request #12880 from MathiasVP/use-after-free-fps 
C++: Add some use-after-free FP tests
 2023-04-19 20:07:10 +02:00
smiddy007
bda0ef3a75 Merge branch 'github:main' into JS-Allow-Truncated-Hash-Forge-NonKeyCipher 2023-04-19 13:40:32 -04:00
smiddy007
4f7275f064 Reformat doc and move change note 2023-04-19 13:39:18 -04:00
Nate Johnson
88411ce439 Merge branch 'main' into js-insecure-http-parser 2023-04-19 13:36:24 -04:00
smiddy007
31b56bf966 Update javascript/ql/lib/change-notes/2023-04-13-Forge-truncated-sha512-hash 
Co-authored-by: Asger F <asgerf@github.com>
 2023-04-19 13:32:23 -04:00
Mathias Vorreiter Pedersen
533e1d818b C++: Add some use-after-free FPs. 2023-04-19 17:01:55 +01:00
Geoffrey White
7285704807 Merge pull request #12876 from geoffw0/extensiondecl 
Swift: Improve ExtensionDecl.toString
 2023-04-19 16:41:48 +01:00
Geoffrey White
e895cac569 Merge pull request #12877 from geoffw0/deprecated 
Swift: Delete deprecated classes
 2023-04-19 16:41:25 +01:00
Geoffrey White
3779d8423f Swift: Autoformat. 2023-04-19 14:57:17 +01:00
Jeroen Ketema
aa3e8d6b87 Merge pull request #12815 from jketema/anon 
C++: Update test expectations after extractor changes
 2023-04-19 15:51:56 +02:00
Geoffrey White
4484574301 Swift: Rename clashing CleartextStorage modules. 2023-04-19 14:29:25 +01:00
Geoffrey White
10c222e7e2 Swift: Remove deprecated classes from queries. 2023-04-19 14:26:03 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
49dccaa89d Swift: Fix other tests. 2023-04-19 14:16:24 +01:00
Owen Mansel-Chan
23934292f0 Merge pull request #12834 from owen-mc/go/refactor-autobuilder 
Go: Refactor autobuilder
 2023-04-19 14:10:23 +01:00
Owen Mansel-Chan
65c1f4a151 Merge pull request #12873 from owen-mc/go/fix-platform-specific-tests 
Go: Fix platform specific tests
 2023-04-19 13:52:14 +01:00
Kasper Svendsen
ba6bb79dd3 Prevent Ruby join order regression 2023-04-19 14:42:27 +02:00
Geoffrey White
e9ffefaa96 Swift: Improve ExtensionDecl.toString. 2023-04-19 13:38:04 +01:00
Jeroen Ketema
1a876f7762 C++: Update test expectations after extractor changes 2023-04-19 14:12:00 +02:00
Owen Mansel-Chan
3ca04338ca Use named initialization for struct 2023-04-19 13:06:51 +01:00
Paolo Tranquilli
c2f2a0578b Merge pull request #12868 from github/redsun82/bazel-6.1.2 
Bazel: update to 6.1.2
 2023-04-19 14:06:08 +02:00
Owen Mansel-Chan
219c1686fd Wrap return values of moveToTemporaryGopath in a struct 2023-04-19 12:40:23 +01:00
Erik Krogh Kristensen
d7325ba4e1 Merge pull request #12856 from p-/p--non-constant-open-improvments 
Ruby: Add additional sanitizers for Kernel.open or IO.read or similar sinks with a non-constant value
 2023-04-19 13:39:16 +02:00
Michael Nebel
b410791f28 C#: Re-factor InsecureRandomness to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
e94b492404 C#: Delete inaccessible/dead data flow configuration in JsonWebTokenHandlerLib. 2023-04-19 13:36:30 +02:00
Michael Nebel
f976eeb909 C#: Re-factor on AppendCookieTracking to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
1b128a21e6 C#: Re-factor AuthCookieName to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
1979a78f02 C#: Re-factor RequestForgery to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
b7e36b7dec C#: Re-factor NoDisposeCallOnLocalIDisposable to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
5580023ec3 C#: Re-factor FormatInvalid to use the new API. 2023-04-19 13:36:30 +02:00