hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,684 Branches 159 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan Brandauer
715b1351f3 Java: share considerSubtypes predicate between Java modes 2023-06-07 14:55:00 +02:00
Michael Nebel
f9c890be35 C#: Address review comments. 2023-06-07 14:53:41 +02:00
Stephan Brandauer
7e77e2ea82 Java: comment why we're using erased types in MaD 2023-06-07 14:42:20 +02:00
Stephan Brandauer
a8799fe981 Java: share getCallable interface between automodel extraction modes 2023-06-07 14:38:52 +02:00
Tamás Vajk
ccb622348b Merge pull request #13382 from tamasvajk/feature/standalone-dll-unsafe 
C#: Change standalone extraction to allow unsafe code
 2023-06-07 14:37:11 +02:00
Tony Torralba
6d7234f8ed Merge pull request #13225 from atorralba/atorralba/java/path-injection-mad-sinks-2 
Java: Migrate path injection sinks to models-as-data (simplified)
 2023-06-07 14:27:36 +02:00
Tony Torralba
35b4c438ff Fix Gson's JsonArray.add models 
When the type of the argument isn't JsonElement, the summary must be taint flow instead of value flow
 2023-06-07 14:12:20 +02:00
yoff
911835c30e Merge pull request #13392 from yoff/java/test-type-tracking-through-flow-summaries 
java: test type tracking through flow summaries
 2023-06-07 14:10:23 +02:00
Stephan Brandauer
92ad02a752 Java: update getRelatedLocation qldoc 2023-06-07 14:09:07 +02:00
Rasmus Lerchedahl Petersen
6ddf1f7eaf ruby/python: remove predicates from interface 2023-06-07 14:07:08 +02:00
Stephan Brandauer
be6b1d8aaf Java: remove SkipFrameworkModeling characteristic in favour of later evaluation 2023-06-07 13:58:56 +02:00
yoff
7ab3cde3aa Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-07 13:54:31 +02:00
Stephan Brandauer
2e16b71215 Java: update qldoc of ClassQualifierCharacteristic 2023-06-07 13:52:57 +02:00
Stephan Brandauer
1bfbfec1bc Java: use problem.severity in automodel extraction queries 2023-06-07 13:44:52 +02:00
Ian Lynagh
d6ac5cdc94 Kotlin: Remove kotlin-explorer 
This was an exploration tool that I don't think has been used for some
time.
 2023-06-07 12:39:00 +01:00
Erik Krogh Kristensen
6ba7f9a238 Merge pull request #13352 from erik-krogh/once-again-deps-not-py-cpp 
delete old deprecations
 2023-06-07 13:00:57 +02:00
Michael Nebel
d4d571e435 C#: Better change note. 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2023-06-07 12:44:36 +02:00
Michael Nebel
3eb3178ba5 C#: Add change note. 2023-06-07 12:43:31 +02:00
Michael Nebel
5c9b0b9b76 C#: Address review comments. 2023-06-07 12:43:31 +02:00
Tony Torralba
46b30453e3 Merge pull request #13386 from github/java/update-mad-decls-after-triage-2023-06-06T14-38-29 
Java: Update MaD Declarations after Triage
 2023-06-07 12:33:26 +02:00
Tamás Vajk
8fe025eb64 Merge pull request #13384 from tamasvajk/fix/standalone-explicit-interface-error 
C#: Improve error message for missing explicit interface implementation
 2023-06-07 12:19:08 +02:00
Rasmus Lerchedahl Petersen
aec1e4a713 java: address ql alert 2023-06-07 11:40:50 +02:00
Rasmus Lerchedahl Petersen
76e1c6f76f java: test type tracking through flow summaries 2023-06-07 11:18:53 +02:00
Nora Dimitrijević
cad6582701 Merge branch 'main' into swift/brace-stmt-variables 2023-06-07 10:51:58 +02:00
Tamas Vajk
0f75449abb Improve code quality 2023-06-07 10:40:58 +02:00
Paolo Tranquilli
0b09fdae43 Merge branch 'main' into alexdenisov+redsun82/tuple-mangling 2023-06-07 10:40:38 +02:00
Tony Torralba
416d3d587d Accept test changes 
An uncovered test case is now correctly covered
 2023-06-07 10:33:17 +02:00
Paolo Tranquilli
357542a160 Merge pull request #13258 from github/redsun82/swift-synth-properties 
Codegen: allow `synth` properties of non-`synth` classes
 2023-06-07 10:31:06 +02:00
Geoffrey White
aa8878ba86 Merge pull request #13356 from geoffw0/qualname 
Swift: Add FieldDecl.getQualifiedName
 2023-06-07 09:08:16 +01:00
Rasmus Wriedt Larsen
0c8b4251cf Python: Avoid duplicated query-id 2023-06-07 10:07:01 +02:00
Tony Torralba
b5bbe63144 Merge pull request #13389 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-06-07 09:48:44 +02:00
Tony Torralba
27763d6bbe Improve ZipSlip exclusion to take varargs into account 2023-06-07 09:25:56 +02:00
Paolo Tranquilli
700e3d5e53 Codegen: rename ipa to synth 2023-06-07 09:12:39 +02:00
Tony Torralba
8001ae9669 Update java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-06-07 09:08:24 +02:00
Tony Torralba
60725e9580 Update java/ql/lib/ext/org.springframework.core.io.model.yml 2023-06-07 09:07:22 +02:00
Tom Hvitved
48ac3e58ee Python: Use CallGraphConstruction in call graph construction 2023-06-07 09:02:03 +02:00
Tom Hvitved
88c5700c24 Ruby: Use CallGraphConstruction in call graph construction 2023-06-07 09:02:03 +02:00
Tom Hvitved
4bf124bffe Ruby/Python: Add CallGraphConstruction module for recursive type-tracking based call graph construction 2023-06-07 09:02:03 +02:00
Tony Torralba
2f12ae2e0d Update java/ql/lib/ext/okhttp3.model.yml 2023-06-07 08:57:12 +02:00
github-actions[bot]
a14e7fa694 Add changed framework coverage reports 2023-06-07 00:16:58 +00:00
Tom Hvitved
322b254cba Type tracking: Use noopt+inline_late in TypeBackTracker::[small]step 2023-06-06 20:46:14 +02:00
Nora Dimitrijević
189dee69bc Merge branch 'main' into swift/brace-stmt-variables 2023-06-06 17:40:25 +02:00
Nora Dimitrijević
03e94c7137 Swift: add library pack change note 2023-06-06 17:37:02 +02:00
Michael Nebel
4dae7ad35a C#: Only inject the shared compilation flag, if argument is not exe or dll. 2023-06-06 17:22:52 +02:00
Stephan Brandauer
b31131d33a Merge pull request #13344 from github/java/update-mad-decls-after-triage-2023-06-01T12-58-13 
Java: Update MaD Declarations after Triage
 2023-06-06 17:08:50 +02:00
Nora Dimitrijević
a831456e94 Swift: make BraceStmt's variable a synth property 2023-06-06 16:54:47 +02:00
Nora Dimitrijević
4a29087ce7 Swift: update Cfg test: VarDecls no longer in BraceStmt basic blocks 
This is a consequence of VarDecls not being Elements of BraceStmts. =
 2023-06-06 16:54:47 +02:00
Nora Dimitrijević
8ccbad601b Swift: PrintAst test changes 2023-06-06 16:54:47 +02:00
Nora Dimitrijević
026492836c Swift: codegen 2023-06-06 16:54:46 +02:00
Nora Dimitrijević
387cde5972 Swift: add BraceStmt.getVariable(_) child with logic in QL. 2023-06-06 16:54:46 +02:00