hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 11:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,691 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
dfe00ffe4b C++: Add a flow-after-free library. 2023-04-11 14:40:17 +01:00
erik-krogh
3c4bd5b6a7 forward toString() etc. predicates from YamlNode to Locatable 2023-04-11 15:37:01 +02:00
erik-krogh
b5e90483f5 improve the ESLint model to avoid overriding Yaml classes 2023-04-11 15:36:18 +02:00
Alexandre Boulgakov
b900185ae3 Swift: Add db upgrade/downgrade scripts for key-path component extraction. 
I've marked both scripts as "partial" since we're extracting different AST components for key-paths and don't have a good way to convert between them in QL. Each deletes the corresponding tables, but leaves non-key-path functionality intact.
 2023-04-11 14:00:13 +01:00
Mathias Vorreiter Pedersen
d65bb3b232 C++: Make basic block information available from dataflow nodes. 2023-04-11 13:52:26 +01:00
yoff
9e3d57d442 Update python/ql/test/library-tests/ApiGraphs/py3/test_captured_flask.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-04-11 14:34:40 +02:00
Alexandre Boulgakov
35a2d55d18 Swift: Extract structured keypath components. 
Changes in swift/ql/lib are generated by swift/codegen without manual intervention.
 2023-04-11 13:34:17 +01:00
Alexandre Boulgakov
2b1dea56b5 Swift: Add error query to AST tests. 
Preexisting errors are left to be fixed later.
 2023-04-11 13:34:16 +01:00
Jami
b7c7449b08 Merge pull request #12739 from jcogs33/jcogs33/add-one-more-top500-model 
Java: add summary model for `UnsupportedOperationException(String)` constructor
 2023-04-11 08:25:36 -04:00
Asger F
aef0fa3c8a JS: Expand QLDoc 2023-04-11 14:16:36 +02:00
Asger F
d702c7b990 Merge pull request #12759 from asgerf/js/getset-in-pattern 
JS: Fix parsing of 'get' or 'set' pattern with a default value
 2023-04-11 14:03:00 +02:00
Asger F
2c65a49d7c JS: Add getForwardingFunction() to API graphs 2023-04-11 14:00:30 +02:00
Asger F
4ce03d4dc4 JS: Restrict useSelector steps to local callbacks 2023-04-11 13:33:46 +02:00
Asger F
3cc931306f JS: Add test for selector nodes with multiple access paths 2023-04-11 13:33:27 +02:00
Geoffrey White
7ddfcb28e5 Swift: Rename DefaultConstantPasswordSink -> CryptoSwiftPasswordSink. 2023-04-11 11:49:21 +01:00
Chris Smowton
f6f22c0cec Merge pull request #12783 from smowton/smowton/feature/golang-hide-summary-nodes 
Go: hide summary nodes from path explanations
 2023-04-11 10:47:25 +01:00
Henry Mercer
227aee84fe Merge pull request #12768 from github/henrymercer/merge-back-3.9 
Merge `rc/3.9` back to `main`
 2023-04-11 10:44:29 +01:00
Tony Torralba
075c0f94ac Merge pull request #12785 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-11 11:34:37 +02:00
Tony Torralba
3b11b7c9fd Merge pull request #12726 from github/java/update-mad-decls-after-triage-2023-03-31T08-30-31 
Java: Update MaD Declarations after Triage
 2023-04-11 11:33:36 +02:00
Tony Torralba
944bdfde45 Apply suggestions from code review 2023-04-11 09:47:47 +02:00
Stephan Brandauer
cb8506d51a Update MaD Declarations after Triage 2023-04-11 09:25:39 +02:00
github-actions[bot]
bfdfa0b93e Add changed framework coverage reports 2023-04-11 00:15:35 +00:00
Nate Johnson
a0f4a5100f Insecure HTTP parser query for JavaScript 2023-04-09 20:38:55 -04:00
tyage
40d475863d Add change note 2023-04-08 18:36:50 +09:00
tyage
320cb99dbf Add replace method test 2023-04-08 18:31:48 +09:00
tyage
668e1accaa Remove unnecessary whiteline 2023-04-08 18:24:31 +09:00
tyage
7f9b8557ac Add Next.js router push as XSS sink 2023-04-08 18:18:34 +09:00
jarlob
72b66ffe97 Fix comment. 2023-04-07 10:01:14 +02:00
Harry Maclean
8691845d23 Ruby: Re-add test 
This got lost in an earlier refactor.
 2023-04-07 15:50:48 +08:00
Harry Maclean
2ef6d5c7b9 Ruby/QL: Remove unnecessary CLI config 2023-04-07 15:49:17 +08:00
Harry Maclean
d942b54a9d Ruby: Update scripts for merged extractor 2023-04-07 15:49:17 +08:00
Harry Maclean
c13999100b QL: Update scripts for merged extractor 2023-04-07 15:49:17 +08:00
Harry Maclean
eff4729577 QL: Merge extractor binaries into one 
There is now one binary, codeql-ql-extractor, which takes a positional
argument specifying whether to extract, generate or autobuild.
 2023-04-07 15:49:16 +08:00
Harry Maclean
e4b4d8a3cd QL: Enable derive feature in clap 
This allows nicer CLI definitions.
 2023-04-07 12:04:02 +08:00
Harry Maclean
79089b40b9 Ruby: Merge extractor binaries into one 
There is now one binary, codeql-ruby-extractor, which takes a positional
argument specifying whether to extract, generate or autobuild.
 2023-04-07 12:04:02 +08:00
Harry Maclean
5a8a6f2971 Ruby: Enable derive feature in clap 
This allows nicer CLI definitions.
 2023-04-07 12:04:02 +08:00
jarlob
7573c615f6 Fix warnings 2023-04-06 23:07:22 +02:00
jarlob
3745cccedd Fix warnings 2023-04-06 23:02:08 +02:00
jarlob
af83d8af41 Add comment 2023-04-06 22:59:09 +02:00
jarlob
9c7eecf547 Add support for composite actions 2023-04-06 22:53:59 +02:00
Geoffrey White
d4cc86cd05 Swift: Make the RNCryptor sources wider (actual usage seems to vary). 2023-04-06 20:36:12 +01:00
Jeroen Ketema
5ee9711f03 Merge pull request #12615 from jketema/product-configsig 
C++: Refactor `ProductFlow` to have a `DataFlow::ConfigSig`-like interface
 2023-04-06 19:41:46 +02:00
jarlob
baefeab2d1 fix tests 2023-04-06 19:11:04 +02:00
jarlob
0a878d4db9 Support yAml extensions 2023-04-06 19:07:38 +02:00
Aditya Sharad
e2cb209f95 Merge pull request #12771 from adityasharad/actions/fast-forward 
Actions: Add workflow to fast-forward tracking branch for latest CodeQL release
 2023-04-06 09:29:25 -07:00
Aditya Sharad
ad8d4ac79f Actions: Address comments on fast-forward workflow 2023-04-06 08:51:27 -07:00
Chris Smowton
939a025e11 Go: hide summary nodes from path explanations 
This mirrors behaviours in other languages with MaD summaries
 2023-04-06 16:41:44 +01:00
Jeroen Ketema
12702b59d3 C++: Fix deprecation warning 2023-04-06 17:13:15 +02:00
Jeroen Ketema
9123657fd2 C++: Update product flow to match data flow naming 2023-04-06 17:13:12 +02:00
Jeroen Ketema
a38c3171dd C++: Use Unit instead of string in product flow 2023-04-06 17:11:56 +02:00