codeql

mirror of https://github.com/github/codeql.git synced 2026-01-24 11:52:56 +01:00

Author	SHA1	Message	Date
Jean Helie	6260768e6a	update query message to incoude extensibleType	2023-10-11 14:02:24 +02:00
Jean Helie	c41676a21a	update query message to incoude extensibleType	2023-10-11 14:02:12 +02:00
Owen Mansel-Chan	477d8f8b9a	Merge pull request #14064 from amammad/amammad-go-NewFileSystemAccess Go: New File System Access Sinks	2023-10-11 12:58:38 +01:00
Owen Mansel-Chan	96543b8337	Merge pull request #14075 from amammad/amammad-go-JWT Go: Improved JWT query, JWT decoding without verification	2023-10-11 12:31:43 +01:00
amammad	c630300374	fix a tests	2023-10-11 13:18:55 +02:00
amammad	d63b33bb08	fix a tests	2023-10-11 13:16:30 +02:00
Mathias Vorreiter Pedersen	02915582eb	Merge pull request #14432 from MathiasVP/select-the-right-node-for-flow-sources C++: Use fully converted instructions as the target of modelled functions	2023-10-11 13:04:16 +02:00
Owen Mansel-Chan	8a3aa2c767	Fix formatting	2023-10-11 11:46:31 +01:00
Tamas Vajk	267fd23b26	C#: Include the `void` type in value types	2023-10-11 12:01:17 +02:00
Tamás Vajk	304d7a4395	Merge pull request #14429 from tamasvajk/relax-metadata_handle-keyset C#: Remove `keyset` from `metadata_handle` relation	2023-10-11 12:00:11 +02:00
Erik Krogh Kristensen	85bb14f04f	Merge pull request #14405 from erik-krogh/tagCall JS: recognize tagged template literals as `DataFlow::CallNode`	2023-10-11 11:25:34 +02:00
Mathias Vorreiter Pedersen	d54ab640c7	Merge branch 'main' into select-the-right-node-for-flow-sources	2023-10-11 10:17:10 +01:00
Alex Denisov	4133284bc8	Swift: skip declarations marked as unavailable	2023-10-11 10:55:49 +02:00
Tamás Vajk	aa7a667919	Merge pull request #14421 from tamasvajk/csharp/autobuilder-test C#: Add autobuilder test with global.json	2023-10-11 10:35:53 +02:00
amammad	5e273238ca	fix qldoc	2023-10-11 10:33:44 +02:00
Asger F	89bd00a4ec	Ruby: port queries to ConfigSig-style	2023-10-11 10:06:19 +02:00
Asger F	6df919a917	JS/Ruby: remove sync between two queries	2023-10-11 10:06:11 +02:00
Rasmus Wriedt Larsen	68d00a829e	Merge pull request #14430 from RasmusWL/api-graph-import-star Python: Better allow `import *` to work with API graphs	2023-10-11 10:03:46 +02:00
Erik Krogh Kristensen	6377e92067	Update javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll Co-authored-by: Asger F <asgerf@github.com>	2023-10-11 09:52:48 +02:00
Erik Krogh Kristensen	e99b1598d1	Merge pull request #14433 from erik-krogh/delete-expected JS: delete an .expected file outside the test directories	2023-10-11 09:44:04 +02:00
Tamás Vajk	c587dbb72a	Merge pull request #14428 from tamasvajk/feature/deterministic-conflict-resolution C#: Make conflicting assembly selection deterministic in standalone	2023-10-11 08:40:50 +02:00
amammad	4499048d8e	better query quality thanks to owen	2023-10-10 23:41:45 +02:00
amammad	877605d31b	change c to C for fixing the qhelp error :)	2023-10-10 23:35:05 +02:00
amammad	b6968d9260	fix beego tests	2023-10-10 23:30:26 +02:00
amammad	8d6f985aea	fix afero additional step and tests	2023-10-10 23:24:04 +02:00
amammad	db9f74bc78	fix tests	2023-10-10 23:15:07 +02:00
amammad	82483a206e	fix tests	2023-10-10 23:14:11 +02:00
amammad	38b0ed8176	fix issues according to codereview	2023-10-10 23:12:30 +02:00
amammad	14d1e08051	reformat	2023-10-10 22:34:26 +02:00
erik-krogh	ccd06c78b9	delete an .expected file outside the test directories	2023-10-10 21:35:19 +02:00
Alex Eyers-Taylor	3ac3169278	CPP: Add some range analysis cases	2023-10-10 20:01:14 +01:00
Robert Marsh	484d020c39	Merge branch 'main' into rdmarsh2/swift/autoclosure-cfg	2023-10-10 18:47:13 +00:00
Eric Bickle	7a4382fb69	Merge branch 'main' into fix/thread-resource-arithmetic	2023-10-10 09:38:16 -07:00
Eric Bickle	80c8259e34	Remove unnecessary AdditionalValueStep check	2023-10-10 09:35:45 -07:00
Mathias Vorreiter Pedersen	f1cefc8900	Merge branch 'main' into select-the-right-node-for-flow-sources	2023-10-10 17:35:37 +01:00
Mathias Vorreiter Pedersen	496f190d70	C++: Accept test changes.	2023-10-10 16:45:31 +01:00
Mathias Vorreiter Pedersen	512c10ec59	C++: Use the fully converted expression when converting models to dataflow nodes.	2023-10-10 16:45:25 +01:00
Rasmus Wriedt Larsen	ee75b104eb	Python: Add change-note	2023-10-10 17:45:11 +02:00
Rasmus Wriedt Larsen	72d0dcdaba	Python: Workaround for module level items from `import *` not being LocalSourceNodes	2023-10-10 17:45:11 +02:00
Rasmus Wriedt Larsen	6521e5165c	Python: Extend `import *` with plain use (no calls or anything)	2023-10-10 17:45:11 +02:00
yoff	f1266a3e81	Merge pull request #14417 from github/tausbn/python-add-flow-for-assignment-expressions	2023-10-10 17:09:20 +02:00
Tamas Vajk	4c6073ebce	C#: Remove `keyset` from `metadata_handle` relation	2023-10-10 16:49:48 +02:00
Tamas Vajk	2378e31c5e	C#: Make conflicting assembly selection deterministic	2023-10-10 16:32:02 +02:00
Michael B. Gale	be16cb4190	Merge pull request #14415 from github/mbg/go/dependabot-config	2023-10-10 14:36:34 +01:00
Michael B. Gale	ce905bba41	Apply suggestions from code review Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>	2023-10-10 14:21:20 +01:00
Tamás Vajk	bc1c22cda2	Merge pull request #14425 from tamasvajk/standalone/nuget-download-lazy C#: Only download nuget.exe if there are packages.config files	2023-10-10 14:28:43 +02:00
Rasmus Wriedt Larsen	2d947a4f53	Merge pull request #13781 from maikypedia/maikypedia/python-unsafe-deserialization Python: Add unsafe deserialization sinks (CWE-502)	2023-10-10 13:30:38 +02:00
Owen Mansel-Chan	542d5a2451	Merge pull request #14414 from owen-mc/go/fix-incorrect-integer-conversion-performance-regression Go: Change MaxValueState API to get architecture bit size	2023-10-10 11:27:18 +01:00
Jeroen Ketema	3b777c2764	C++: Rewrite `cpp/cgi-xss` to not use default taint tracking Also add a test that demonstrates that we need to look at inidrect expressions and not direct ones.	2023-10-10 11:56:39 +02:00
amammad	242f7e1c53	update pg :)	2023-10-10 11:42:32 +02:00

... 132 133 134 135 136 ...

66447 Commits