hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 15:04:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,680 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
4ae25c2d34 don't mention arrays in the qhelp for rb/shell-command-constructed-from-input, because there are no array 2024-04-10 14:26:00 +02:00
Owen Mansel-Chan
0e67aa5baa Merge pull request #16172 from owen-mc/go/perf/synth-location 
Go: Avoid magic in `TSynthLocation` definition
 2024-04-10 13:02:18 +01:00
Owen Mansel-Chan
f45305ec3f Merge pull request #16170 from owen-mc/go/add-comments-in-extractor 
Go: Add comments in extractor with link to online documentation
 2024-04-10 12:50:18 +01:00
Michael Nebel
ff498f616a C#: Some renaming. 2024-04-10 13:20:57 +02:00
Rasmus Wriedt Larsen
9615e2ded9 Python: Remove deprecated stubs for points-to tests 
I grep'ed through all our options files, and couldn't find any tests
that relies on these anymore 👍
 2024-04-10 13:12:36 +02:00
Rasmus Wriedt Larsen
78ca691912 Python: remove deprecated points-to test for zope 2024-04-10 13:12:17 +02:00
Rasmus Wriedt Larsen
3db560158a Merge pull request #16169 from RasmusWL/mad-remoteflowsource 
Python: Fix `RemoteFlowSourceFromCsv`
 2024-04-10 13:06:42 +02:00
Mathias Vorreiter Pedersen
59936c8642 Merge pull request #16151 from MathiasVP/use-shared-typeflow-lib 
C++: Use the shared typeflow library
 2024-04-10 12:02:03 +01:00
Michael Nebel
3b42dc25a1 C#: Also use AssemblyLookupLocation for framework dlls. 2024-04-10 12:56:48 +02:00
Owen Mansel-Chan
a18a4fb62e Avoid magic in TSynthLocation definition 
This improves performance, because in this case magic is not beneficial.
 2024-04-10 11:47:13 +01:00
Michael Nebel
99f0ed26e9 C#: Make the assembly lookup case insensitive on the dll file extension and log if no dlls are found in a directory. 2024-04-10 12:45:28 +02:00
Michael Nebel
9eb13833fa C#: Code quality improvements. 2024-04-10 12:45:18 +02:00
Michael Nebel
2bea927d43 C#: Update expected test output. 2024-04-10 12:41:39 +02:00
Michael Nebel
d04bf6b6d6 C#: Don't include Semmle.* dlls, if the executing runtime is used as framework. 2024-04-10 12:41:39 +02:00
Michael Nebel
646b272b4e C#: Move the AssemblyPath class to its own file. 2024-04-10 12:41:39 +02:00
Michael Nebel
6299d9cecd C#: Introduce AssemblyPath and re-factor AssemblyCache to use this instead of strings. 2024-04-10 12:41:29 +02:00
Michael Nebel
bee54e4247 C#: Add desktop runtime dependencies integration test. 2024-04-10 12:35:52 +02:00
Owen Mansel-Chan
b4829addf7 Add comments with link to online doc 2024-04-10 10:48:23 +01:00
Rasmus Wriedt Larsen
4fed3cf12d Python: Fix RemoteFlowSourceFromCsv 2024-04-10 11:31:34 +02:00
Joe Farebrother
976ca48317 Review suggestions - rename sink class and add barrier out 2024-04-10 10:17:19 +01:00
Dave Bartolomeo
996f535f0b Merge pull request #16103 from github/dbartol/javadoc-record 
Allow `@param` tags to apply to record parameters
 2024-04-09 14:21:45 -04:00
Geoffrey White
138975e4a8 C++: Add ZMQ summary models. 2024-04-09 18:10:15 +01:00
Geoffrey White
783ce48538 C++: Add test cases for ZMQ summary models. 2024-04-09 18:08:56 +01:00
Mathias Vorreiter Pedersen
8a92a4250f C++: Autoformat. 2024-04-09 17:53:33 +01:00
Dave Bartolomeo
b9cfeaf614 Add test case 2024-04-09 12:41:32 -04:00
Taus
3656376cc4 Merge pull request #16064 from github/max-schaefer/fix-unexploitable-types 
Automodel: Filter unexploitable types in application mode.
 2024-04-09 17:14:53 +02:00
Mathias Vorreiter Pedersen
a53ef495ee C++: Simplify 'hasExactBufferType' and add comments. 2024-04-09 16:04:20 +01:00
Felicity Chapman
5253c96aa2 Merge pull request #16162 from github/felicitymay/threat-models-csharp 
Make duplicated content clear
 2024-04-09 15:47:44 +01:00
Mathias Vorreiter Pedersen
291cc0a671 C++: Anonymous namespaces provide internal linkage. 2024-04-09 15:25:13 +01:00
Owen Mansel-Chan
5e4a5c1571 Merge pull request #16160 from owen-mc/java/delete-jdk-internal-models 
Java: Delete models for JDK internal packages
 2024-04-09 15:01:16 +01:00
Mathias Vorreiter Pedersen
2a7420ce11 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/TypeFlow.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-04-09 15:00:23 +01:00
Geoffrey White
1264e6e292 C++: Fit the function pointer tests better with what is and isn't working. 2024-04-09 14:57:15 +01:00
Max Schaefer
deb78b248b Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2024-04-09 14:38:17 +01:00
Tom Hvitved
6c9a0e4a9a Merge pull request #16154 from hvitved/ruby/redundant-implicit-read 
Ruby: Remove two redundant `allowImplicitRead` predicates
 2024-04-09 15:38:05 +02:00
Jeroen Ketema
46c44b4dc0 C++: Update QLDoc of IRDeclarationEntry to reflect current reality 2024-04-09 15:15:41 +02:00
Jeroen Ketema
e821a62b44 C++: Update expected test results 2024-04-09 15:15:41 +02:00
Rasmus Wriedt Larsen
6f1a9d4574 Merge pull request #16159 from RasmusWL/fix-integration-tests 
Python: Fixup integration tests after no dep inst
 2024-04-09 15:08:20 +02:00
Michael B. Gale
0c3c20ece1 Docs: Add macOS 14 to list of supported operating systems 2024-04-09 14:06:24 +01:00
Felicity Chapman
e6d63b980d Make duplicated content clear 2024-04-09 14:05:42 +01:00
Mathias Vorreiter Pedersen
e9cd2dc9e1 C++: Implement 'lambdaCreation' and 'lambdaCall' for models-as-data. 2024-04-09 14:05:32 +01:00
Rasmus Wriedt Larsen
16e2ac898f JS: Parser: Remove direct this.strict assignment 2024-04-09 14:58:14 +02:00
Geoffrey White
4d5f158652 C++: Pivot ReturnKind solution to derive types from SSA + AST, rather than SSA + MAD. 2024-04-09 13:49:21 +01:00
Rasmus Wriedt Larsen
6ce38be3cc Merge pull request #16112 from github/tausbn/python-various-extractor-fixups 
Python: Various extractor fixups
 2024-04-09 14:46:23 +02:00
Asger F
f5355cfa98 Dynamic: Sync ApiGraphModels.qll 2024-04-09 14:37:20 +02:00
Rasmus Wriedt Larsen
1985dd629d JS: Parser: Never run in strict mode 
This initial change is a bit of a hacky way to achieve our goals (since
it doesn't rewrite all the uses of this.strict), but it is easy to
understand is correct. Let's accept test changes NOW, and ensure that
later changes don't change things further.
 2024-04-09 14:37:07 +02:00
Asger F
82101434fd Dynamic: Add hasPrettyName() 2024-04-09 14:32:59 +02:00
Asger F
8cb80d6014 JS: Switch from hasLocationInfo to Location 2024-04-09 14:32:59 +02:00
Asger F
81b96a8041 JS: Ensure MkClassInstance exists for base classes 2024-04-09 14:32:58 +02:00
Asger F
29a61458e0 JS: Add test case showing problem with chains going through internal classes 2024-04-09 14:32:58 +02:00
Asger F
56ebe6c727 JS: More re-export logic to handle subclass export 2024-04-09 14:32:58 +02:00