hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 10:52:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,685 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
f9e9ae91f7 Python: Move tests that would change under Python 3.12 to lang specific directory 
This moves the tests to Python 2, next we copy them to Python 3.
 2023-11-15 11:42:38 +01:00
Rasmus Wriedt Larsen
23419ee634 Python: Update .expected to support Python 3.12 
You might wonder why the number of lines changed, but it's due to `tty`
module receiving its' first update since 2001, so the actual number of
lines DID change :phew:

https://github.com/python/cpython/commits/3.12/Lib/tty.py

Since there is now a difference between Python 2 and Python 3, we need to restrict the lines of code test to only run as Python 3.
 2023-11-15 11:42:38 +01:00
Mathias Vorreiter Pedersen
b8f0f85840 Merge pull request #14784 from MathiasVP/no-dtt-in-tainted-arithmetic 
C++: Rewrite `cpp/tainted-arithmetic` away from `DefaultTaintTracking`
 2023-11-15 10:19:25 +00:00
Rasmus Wriedt Larsen
69453aa144 Python: Fix missing newline in .expected 2023-11-15 10:10:23 +01:00
Rasmus Wriedt Larsen
55f5b26ba6 Python: Accept new ordering of query predicates in .expected 2023-11-15 10:09:54 +01:00
Rasmus Wriedt Larsen
721bde1ce8 Python: Delete orphaned .expected files 2023-11-15 09:59:26 +01:00
Rasmus Wriedt Larsen
2e9d548083 Merge pull request #14706 from RasmusWL/class-attribute-flow 
Python: Add basic flow for class attributes
 2023-11-15 09:06:25 +01:00
Yunus AYDIN
fdefcd6a84 Merge branch 'main' of github.com:aydinnyunus/codeql 2023-11-15 09:34:06 +03:00
Yunus AYDIN
9178cec0e6 fix test errors 2023-11-15 09:33:52 +03:00
Owen Mansel-Chan
83d1fc33e1 Add change note 2023-11-14 23:16:32 +00:00
Erik Krogh Kristensen
14e51627c5 Merge pull request #14419 from rvermeulen/rvermeulen/javascript-adjust-security-severity 
JavaScript: Adjust XSS and log injection query severities
 2023-11-14 21:34:25 +01:00
Yunus AYDIN
b1702ab87e Merge branch 'main' into main 2023-11-14 23:17:49 +03:00
Remco Vermeulen
52540b42fc Merge branch 'main' into rvermeulen/javascript-adjust-security-severity 2023-11-14 11:21:38 -08:00
Remco Vermeulen
6bd7047e41 Restore XssThroughDom.ql's severity 2023-11-14 11:20:51 -08:00
AlexDenisov
57f1f5b829 Merge pull request #14768 from github/alexdenisov/move-semantics 
Swift: extract AST nodes related to move semantics
 2023-11-14 19:13:27 +01:00
Yunus AYDIN
9548a0e8fb Merge branch 'main' into main 2023-11-14 20:25:28 +03:00
Yunus AYDIN
ba672e5b35 Merge branch 'main' of github.com:aydinnyunus/codeql 2023-11-14 20:20:28 +03:00
Yunus AYDIN
2cea720f6e remove wcd directory 2023-11-14 20:19:49 +03:00
Yunus AYDIN
dbdf9e1a4f remove change-notes and fix build error 2023-11-14 20:19:28 +03:00
Mathias Vorreiter Pedersen
bff93c4484 Merge branch 'main' into no-dtt-in-tainted-arithmetic 2023-11-14 17:12:34 +00:00
Geoffrey White
0342b3eba2 Merge pull request #14772 from geoffw0/webview 
Swift: Use TaintInheritingContent in WebView.qll
 2023-11-14 16:29:32 +00:00
Geoffrey White
d28e7920b3 Merge pull request #14773 from geoffw0/fixmodel 
Swift: Fix odds and ends
 2023-11-14 16:28:33 +00:00
Yunus AYDIN
ec7309c735 Merge branch 'main' into main 2023-11-14 19:19:09 +03:00
Tamás Vajk
331ca61be9 Merge pull request #14789 from tamasvajk/autobuild/arm-nuget-restore 
C#: Do not call nuget.exe on Apple Silicon
 2023-11-14 17:13:42 +01:00
Alex Denisov
559b965e74 Swift: add change note 2023-11-14 16:11:28 +01:00
Yunus AYDIN
9f63613cf8 Merge branch 'main' into main 2023-11-14 17:29:57 +03:00
Yunus AYDIN
e576650293 remove qhelp file and add qlref 2023-11-14 17:23:42 +03:00
Felicity Chapman
6299b844f8 Merge pull request #14785 from github/felicitymay-security-severity 
Update metadata-for-codeql-queries.rst
 2023-11-14 14:13:53 +00:00
Sam Browning
4385b316c0 Apply feedback from code review 2023-11-14 09:10:07 -05:00
Sam Browning
b1dc6099ff Apply feedback from code review 2023-11-14 09:01:54 -05:00
Sam Browning
15099b3db0 Update docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-14 08:57:52 -05:00
Tamas Vajk
8334c6db91 C#: Do not call nuget.exe on Apple Silicon 2023-11-14 14:50:29 +01:00
Alex Denisov
1c75e5b2a6 Swift: add database migration scripts for move semantics 2023-11-14 14:35:58 +01:00
Mathias Vorreiter Pedersen
1623bba18a Merge branch 'main' into no-dtt-in-tainted-arithmetic 2023-11-14 13:35:15 +00:00
Tom Hvitved
475d8da342 Ruby: Include more nodes in {Hash,Array}LiteralCfgNode 2023-11-14 13:50:46 +01:00
Tom Hvitved
ae09499905 Merge pull request #14781 from hvitved/ruby/ssa-unitialized-to-string 
Ruby: Include name of variable in `UninitializedDefinition.toString`
 2023-11-14 13:49:27 +01:00
Mathias Vorreiter Pedersen
c950e26b3e C++: Rewrite 'cpp/cpp/tainted-arithmetic' away from DefaultTaintTracking. 2023-11-14 12:19:12 +00:00
Felicity Chapman
f75c062949 Update metadata-for-codeql-queries.rst 
Replace link to blog with trackable GH.io link
 2023-11-14 12:06:44 +00:00
Mathias Vorreiter Pedersen
f22d87b7c7 Merge pull request #14771 from MathiasVP/fix-missing-unbounded-write-results 
C++: Fix missing results in `cpp/unbounded-write`
 2023-11-14 12:03:13 +00:00
Tamás Vajk
e11a68803e Merge pull request #14782 from github/criemen/disable-int-test 
Disable the nuget standalone dependencies test on ARM-osx.
 2023-11-14 12:32:48 +01:00
Owen Mansel-Chan
45faed057c Improve SliceExpr documentation 2023-11-14 11:25:16 +00:00
Tom Hvitved
f1b67ade9b Ruby: Include name of variable in UninitializedDefinition.toString 2023-11-14 11:33:59 +01:00
Cornelius Riemenschneider
f9ae7c5454 Disable the nuget standalone dependencies test on ARM-osx. 
The test is failing currently, and that needs further investigation.
This is a temporary workaround to allow us to continue to work on
some necessary infrastructure investments around these tests.
 2023-11-14 11:13:55 +01:00
Geoffrey White
4bfdb769a0 Swift: Change note. 2023-11-14 10:10:04 +00:00
Geoffrey White
6783707e2c Swift: Add heuristic sink. We don't catch everything, but the simple heuristic was better than anything else I tried. 2023-11-14 10:07:12 +00:00
Geoffrey White
80cfb934ce Swift: Add some tests. 2023-11-14 09:52:53 +00:00
Geoffrey White
296dee90dd Merge remote-tracking branch 'upstream/main' into fixmodel 2023-11-14 09:38:14 +00:00
Mathias Vorreiter Pedersen
967bbbc1a7 C++: Block flow out of sinks that are qualifiers. This removes the new result duplication and keeps the new result. 2023-11-14 09:29:47 +00:00
Tamás Vajk
28a5a1d507 Merge pull request #14760 from tamasvajk/apple-silicon-check 
C#: Change IsARM to Apple silicon check
 2023-11-14 10:27:42 +01:00
Tamas Vajk
5b38ba87df Code quality improvement 2023-11-14 08:08:46 +01:00