codeql

mirror of https://github.com/github/codeql.git synced 2026-01-29 06:12:58 +01:00

Author	SHA1	Message	Date
Alex Ford	9d421ffa8d	Ruby: configsig rb/improper-ldap-auth	2023-09-21 12:24:15 +01:00
Tom Hvitved	2343e5ecd8	C#: Regenerate `NHibernate` stubs	2023-09-21 12:56:11 +02:00
Tom Hvitved	e944b90eef	C#: Regenerate `Microsoft.AspNetCore.App` stubs	2023-09-21 12:56:05 +02:00
Tom Hvitved	c547adc9d4	C#: Regenerate `Microsoft.NetCore.App` stubs	2023-09-21 12:56:04 +02:00
Tom Hvitved	58f45ea198	C#: Regenerate `Newtonsoft.Json` stubs	2023-09-21 12:56:04 +02:00
Anders Schack-Mulligen	3dadfa2243	Dataflow: review fixes	2023-09-21 11:52:41 +02:00
Tom Hvitved	8b2c233b61	C#: Use new stub generator in `make_stubs_nuget.py`	2023-09-21 11:33:25 +02:00
Tom Hvitved	e021fb46c8	C#: Roslyn based stub generation	2023-09-21 11:33:25 +02:00
Tom Hvitved	6021d00f7e	C#: Move some methods into newly created `Semmle.Extraction.CSharp.Util` project	2023-09-21 11:33:25 +02:00
Tom Hvitved	2429a5383d	C#: Move `NestPaths` to `Semmle.Util`	2023-09-21 11:33:25 +02:00
Mathias Vorreiter Pedersen	3d8231be1b	Merge pull request #14269 from MathiasVP/add-getParameter-to-parameter-node	2023-09-21 09:20:57 +01:00
Paolo Tranquilli	60b7d79fba	Revert "Revert "Swift: use C++20 constraints and concepts to simplify code""	2023-09-21 10:17:22 +02:00
Tamás Vajk	40bf5c17fb	Merge pull request #14273 from tamasvajk/standalone/remove-runtime-nuget-packages C#: Remove platform-specific runtime nuget packages from the reference list in Standalone	2023-09-21 09:50:10 +02:00
Erik Krogh Kristensen	0783d7b271	Merge pull request #14278 from github/dependabot/cargo/ql/rayon-1.8.0 Bump rayon from 1.7.0 to 1.8.0 in /ql	2023-09-21 08:30:41 +02:00
Tamás Vajk	011391bd27	Merge pull request #14243 from tamasvajk/parallelize-restore C#: Parallelize restore logic of missing packages	2023-09-21 08:04:27 +02:00
dependabot[bot]	d0554a05f9	Bump rayon from 1.7.0 to 1.8.0 in /ql Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.7.0 to 1.8.0. - [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md) - [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.7.0...rayon-core-v1.8.0) --- updated-dependencies: - dependency-name: rayon dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-21 03:10:09 +00:00
Sarita Iyer	292a9481e6	Pending changes exported from your codespace	2023-09-20 22:02:14 +00:00
Alex Eyers-Taylor	d0849311a6	CPP: Fix use after free FPs by elimnatiing freeing nodes rather than freeing expressions.	2023-09-20 18:47:57 +01:00
Alex Eyers-Taylor	9de6230bbf	CPP: Add use after free false positive example.	2023-09-20 18:34:47 +01:00
Geoffrey White	fef5a49fcb	Swift: Remove now duplicate extension logic.	2023-09-20 15:36:15 +01:00
Rasmus Lerchedahl Petersen	12dab88ec7	Python: rename concept `NoSqlQuery` -> `NoSqlExecution`	2023-09-20 15:49:35 +02:00
Rasmus Lerchedahl Petersen	4ec8b3f02f	Python: Model `map_reduce`	2023-09-20 15:44:12 +02:00
Tamas Vajk	d29585c8b7	C#: Remove platform-specific runtime nuget packages from the reference list in Standalone	2023-09-20 15:24:01 +02:00
Rasmus Lerchedahl Petersen	7c085ecc61	Python: Add test for `map_reduce` Also log requirement for old versions of `pymongo`	2023-09-20 15:23:18 +02:00
Anders Schack-Mulligen	d285afba08	Typetracking: minor perf fix.	2023-09-20 14:52:49 +02:00
Michael Nebel	0b84dee65e	C#: Minor improvements to the ExternalApi implementation.	2023-09-20 14:34:27 +02:00
Koen Vlaswinkel	9e2984770f	Java: Fix identification of supported endpoints in framework mode	2023-09-20 14:25:06 +02:00
Koen Vlaswinkel	73ebd21c33	Java: Refactor most of the logic out of the model editor query files	2023-09-20 14:13:28 +02:00
Koen Vlaswinkel	509b7fe0f8	Java: Add tests for supported framework methods	2023-09-20 14:11:00 +02:00
Koen Vlaswinkel	6adbc406a7	Java: Add tests for private methods	2023-09-20 14:05:28 +02:00
Koen Vlaswinkel	8e55189b84	Java: Add tests for generic interfaces/classes/methods	2023-09-20 14:02:34 +02:00
Koen Vlaswinkel	6e78aac6cc	Java: Rename CallableMethod to Endpoint	2023-09-20 13:57:27 +02:00
Koen Vlaswinkel	fee9640077	Java: Update query id/tags and documentation	2023-09-20 13:54:35 +02:00
Koen Vlaswinkel	fe7ce0ae0b	Java: Rename queries from fetch methods to endpoints	2023-09-20 13:52:49 +02:00
Koen Vlaswinkel	082a45400d	Java: Rename AutomodelVsCode to ModelEditor	2023-09-20 13:51:05 +02:00
Tom Hvitved	455cde2f64	Merge pull request #14267 from hvitved/ruby/fix-join Ruby: Fix bad join	2023-09-20 13:49:51 +02:00
Michael Nebel	13dd9a6c37	C#: Address review comments.	2023-09-20 13:43:38 +02:00
Michael Nebel	50a9219a3b	C#: Re-factor most of the logic out of the model editor query files.	2023-09-20 13:08:01 +02:00
Michael Nebel	45432f211c	C#: Identify whether callables in the source code are supported in terms of MaD.	2023-09-20 13:01:24 +02:00
github-actions[bot]	3acf5244b0	Post-release preparation for codeql-cli-2.14.6	2023-09-20 10:25:10 +00:00
Chris Smowton	07dbad509c	Merge pull request #14265 from phillmv/patch-1 s/Replace/ReplaceAll/ in LogInjectionGood.go	2023-09-20 11:06:15 +01:00
Chris Smowton	a8afa05b1d	Correct ReplaceAll params ReplaceAll doesn't take a count argument	2023-09-20 10:00:53 +01:00
Mathias Vorreiter Pedersen	22d66b6d81	Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll	2023-09-20 09:56:10 +01:00
Mathias Vorreiter Pedersen	fb1ce2ab70	C++: Lift 'getParameter' to 'ParameterNode'.	2023-09-20 09:51:35 +01:00
Rasmus Wriedt Larsen	8e864ab84a	Merge pull request #14262 from RasmusWL/dataflow-labeler Misc: Update auto labeler for shared dataflow pack	2023-09-20 10:26:44 +02:00
Anders Schack-Mulligen	5c40d553b4	Java: Switch XmlParsers lib to lightweight data flow.	2023-09-20 10:21:53 +02:00
Anders Schack-Mulligen	d7e965f863	Dataflow: Add lightweight api based on TypeTracking.	2023-09-20 10:21:21 +02:00
Anders Schack-Mulligen	d7bd8c7ffd	Shared/TypeTracking: Add support for flow from non-LocalSourceNode source and bugfix in smallstep.	2023-09-20 10:19:33 +02:00
Tom Hvitved	1442bddf36	Ruby: Fix bad join Before ``` Evaluated relational algebra for predicate DataFlowPublic#e1781e31::BarrierGuard#PolynomialReDoSCustomizations#32063fa3::PolynomialReDoS::lengthGuard#::getAMaybeGuardedCapturedDef#0#f@3c903abq with tuple counts: 280924 ~0% {2} r1 = SCAN Ssa#da392372::Make#SsaImpl#ff97b16a::SsaInput#::Definition::definesAt#3#dispred#ffff OUTPUT In.2, In.0 280924 ~0% {2} r2 = JOIN r1 WITH BasicBlocks#d5fe3e99::BasicBlock::getScope#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1 103843 ~1% {2} r3 = JOIN r2 WITH SSA#304893e3::Ssa::CapturedEntryDefinition#f ON FIRST 1 OUTPUT Lhs.0, Lhs.1 103843 ~5% {3} r4 = JOIN r3 WITH Ssa#da392372::Make#SsaImpl#ff97b16a::SsaInput#::Definition::getSourceVariable#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0 19665045 ~0% {3} r5 = JOIN r4 WITH Ssa#da392372::Make#SsaImpl#ff97b16a::SsaInput#::Definition::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Rhs.1 19497860 ~0% {3} r6 = JOIN r5 WITH Call#841c84e8::MethodCall::getBlock#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 19496808 ~0% {3} r7 = JOIN r6 WITH CfgNodes#ace8e412::ExprCfgNode::getExpr#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 19496808 ~0% {3} r8 = JOIN r7 WITH CfgNodes#ace8e412::ExprNodes::CallCfgNode#ff ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2 19496808 ~0% {3} r9 = JOIN r8 WITH ControlFlowGraph#46cebcbd::CfgNode::getBasicBlock#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 19496808 ~3% {4} r10 = SCAN r9 OUTPUT In.0, true, In.1, In.2 49434 ~7% {3} r11 = JOIN r10 WITH DataFlowPublic#e1781e31::guardControlsBlock#3#fff_120#join_rhs ON FIRST 2 OUTPUT Rhs.2, Lhs.2, Lhs.3 117 ~4% {3} r12 = JOIN r11 WITH PolynomialReDoSCustomizations#32063fa3::PolynomialReDoS::lengthGuard#3#cpe#12#ff ON FIRST 1 OUTPUT Lhs.2, Rhs.1, Lhs.1 0 ~0% {1} r13 = JOIN r12 WITH SsaImpl#ff97b16a::Cached::getARead#1#ff ON FIRST 2 OUTPUT Lhs.2 return r13 ``` After ``` Evaluated relational algebra for predicate DataFlowPublic#e1781e31::BarrierGuard#PolynomialReDoSCustomizations#32063fa3::PolynomialReDoS::lengthGuard#::getAMaybeGuardedCapturedDef#0#f@137a23jm with tuple counts: 280924 ~0% {2} r1 = SCAN Ssa#da392372::Make#SsaImpl#ff97b16a::SsaInput#::Definition::definesAt#3#dispred#ffff OUTPUT In.2, In.0 280924 ~0% {2} r2 = JOIN r1 WITH BasicBlocks#d5fe3e99::BasicBlock::getScope#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1 103843 ~1% {2} r3 = JOIN r2 WITH SSA#304893e3::Ssa::CapturedEntryDefinition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0 102517 ~1% {2} r4 = JOIN r3 WITH Call#841c84e8::MethodCall::getBlock#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 102378 ~2% {2} r5 = JOIN r4 WITH CfgNodes#ace8e412::ExprCfgNode::getExpr#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 102378 ~2% {2} r6 = JOIN r5 WITH CfgNodes#ace8e412::ExprNodes::CallCfgNode#ff ON FIRST 1 OUTPUT Lhs.0, Lhs.1 102378 ~0% {2} r7 = JOIN r6 WITH ControlFlowGraph#46cebcbd::CfgNode::getBasicBlock#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 102378 ~0% {3} r8 = SCAN r7 OUTPUT In.0, true, In.1 7417 ~5% {2} r9 = JOIN r8 WITH DataFlowPublic#e1781e31::guardControlsBlock#3#fff_120#join_rhs ON FIRST 2 OUTPUT Rhs.2, Lhs.2 22 ~0% {2} r10 = JOIN r9 WITH PolynomialReDoSCustomizations#32063fa3::PolynomialReDoS::lengthGuard#3#cpe#12#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 12 ~0% {2} r11 = JOIN r10 WITH SsaImpl#ff97b16a::Cached::getARead#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 12 ~0% {2} r12 = JOIN r11 WITH Ssa#da392372::Make#SsaImpl#ff97b16a::SsaInput#::Definition::getSourceVariable#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1 0 ~0% {1} r13 = JOIN r12 WITH Ssa#da392372::Make#SsaImpl#ff97b16a::SsaInput#::Definition::getSourceVariable#0#dispred#ff ON FIRST 2 OUTPUT Lhs.0 return r13 ```	2023-09-20 09:51:15 +02:00
Joe Farebrother	4497e22195	Add an additional example and additional test cases for authorize attribute cases	2023-09-20 04:13:34 +01:00

... 67 68 69 70 71 ...

62527 Commits