hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 04:01:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,689 Branches 160 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
683761098d Merge pull request #12041 from github/dependabot/cargo/ql/flate2-1.0.25 
Bump flate2 from 1.0.24 to 1.0.25 in /ql
 2023-01-31 14:07:09 +01:00
Mathias Vorreiter Pedersen
fcc4c91739 C++: More responding to comments. 2023-01-31 13:01:00 +00:00
dependabot[bot]
7f22c4c474 Bump clap from 3.0.12 to 3.0.14 in /ruby 
Bumps [clap](https://github.com/clap-rs/clap) from 3.0.12 to 3.0.14.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.0.12...v3.0.14)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 12:49:34 +00:00
dependabot[bot]
8410e46067 Bump flate2 from 1.0.24 to 1.0.25 in /ql 
Bumps [flate2](https://github.com/rust-lang/flate2-rs) from 1.0.24 to 1.0.25.
- [Release notes](https://github.com/rust-lang/flate2-rs/releases)
- [Commits](https://github.com/rust-lang/flate2-rs/compare/1.0.24...1.0.25)

---
updated-dependencies:
- dependency-name: flate2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 12:48:10 +00:00
Erik Krogh Kristensen
481dab700c Merge pull request #12037 from github/dependabot/cargo/ql/num_cpus-1.14.0 
Bump num_cpus from 1.13.1 to 1.14.0 in /ql
 2023-01-31 13:45:43 +01:00
Michael Nebel
478474bbed C#: Add ref field test case. 2023-01-31 13:35:47 +01:00
yoff
7ae389bb28 Merge pull request #12026 from erik-krogh/nodePty 
JS: add code-injection sink for node-pty
 2023-01-31 13:27:32 +01:00
Michael Nebel
ecadb56419 C#: Update CIL consistency test expected output. 2023-01-31 13:21:00 +01:00
Michael Nebel
5657bd0547 C#: Update type annontations test to exclude OS specific stuff. 2023-01-31 13:21:00 +01:00
Michael Nebel
177fcbb4eb C#: Update attribute test to exclude OS specific declarations. 2023-01-31 13:21:00 +01:00
Michael Nebel
0ed48616a7 C#: Use stubs for CWE-321/HardcodedSymmetricEncryptionKey. 2023-01-31 13:21:00 +01:00
Michael Nebel
9808482c41 C#: Update Minimal stubs from source testcase expected output. 2023-01-31 13:21:00 +01:00
Michael Nebel
3510f465b2 C#: Use stubs for ThreadUnsafeICryptoTransformLambda. 2023-01-31 13:21:00 +01:00
Michael Nebel
f3555b1076 C#: Update options files as some classes has been moved to other dll's. 2023-01-31 13:21:00 +01:00
Michael Nebel
5ccfc4d3f4 C#: Add System.Security.Cryptography as a dependency to the HashWithoutSalt query test. 2023-01-31 13:21:00 +01:00
Michael Nebel
fd74c10b06 C#: Use stubs for ThreadUnsafeICryptoTransform. 2023-01-31 13:21:00 +01:00
Michael Nebel
14888d4382 C#: Use stubs for CWE-327 test cases. 2023-01-31 13:21:00 +01:00
Michael Nebel
89de6cb8a0 C#: Update library tests. 2023-01-31 13:20:59 +01:00
Michael Nebel
33a923a85b C#: Use IsKind instead of Kind (compiler warning). 2023-01-31 13:20:59 +01:00
Michael Nebel
3a4e5700e8 C#: Update project targets, workflows and other scripts to use .NET 7. 2023-01-31 13:20:59 +01:00
Michael Nebel
86e9bf2f81 Merge pull request #11996 from michaelnebel/csharp/refstructreffield 
C# 11: Extractor support for `ref` fields in `ref struct`.
 2023-01-31 13:08:57 +01:00
dependabot[bot]
423bab54d3 Bump num_cpus from 1.13.1 to 1.14.0 in /ql 
Bumps [num_cpus](https://github.com/seanmonstar/num_cpus) from 1.13.1 to 1.14.0.
- [Release notes](https://github.com/seanmonstar/num_cpus/releases)
- [Changelog](https://github.com/seanmonstar/num_cpus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/num_cpus/compare/v1.13.1...v1.14.0)

---
updated-dependencies:
- dependency-name: num_cpus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 12:05:11 +00:00
Erik Krogh Kristensen
38bcb2b727 Merge pull request #12039 from github/dependabot/cargo/ql/serde-1.0.152 
Bump serde from 1.0.140 to 1.0.152 in /ql
 2023-01-31 13:03:03 +01:00
dependabot[bot]
198b97ca8d Bump serde from 1.0.140 to 1.0.152 in /ql 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.140 to 1.0.152.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.140...v1.0.152)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 11:48:44 +00:00
Erik Krogh Kristensen
f2526d1784 Merge pull request #12040 from github/dependabot/cargo/ql/tree-sitter-0.20.9 
Bump tree-sitter from 0.20.8 to 0.20.9 in /ql
 2023-01-31 12:46:43 +01:00
Gulshan Singh
1a109cab4d Remove unicode characters 2023-01-31 03:38:03 -08:00
dependabot[bot]
807b715320 Bump tree-sitter from 0.20.8 to 0.20.9 in /ql 
Bumps [tree-sitter](https://github.com/tree-sitter/tree-sitter) from 0.20.8 to 0.20.9.
- [Release notes](https://github.com/tree-sitter/tree-sitter/releases)
- [Commits](https://github.com/tree-sitter/tree-sitter/commits)

---
updated-dependencies:
- dependency-name: tree-sitter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 11:27:40 +00:00
Erik Krogh Kristensen
34ca12e5d2 Merge pull request #12042 from erik-krogh/qlTools 
QL: update codeql-action in QL-for-QL
 2023-01-31 12:24:37 +01:00
Mathias Vorreiter Pedersen
1a27a069ac Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-01-31 11:15:42 +00:00
erik-krogh
94cec17505 bump codeql-action 2023-01-31 12:09:21 +01:00
erik-krogh
4436ec070e ensure the test is run when the workflow is updated 2023-01-31 12:09:21 +01:00
Geoffrey White
ee442e4d4b Merge pull request #11979 from geoffw0/modern1 
Swift: Modernize injection queries
 2023-01-31 10:54:35 +00:00
erik-krogh
0cefa98490 add missing word to the change-note 2023-01-31 11:53:17 +01:00
Mathias Vorreiter Pedersen
daf7d1b7e7 C++: Add more QLDoc. 2023-01-31 10:37:51 +00:00
Mathias Vorreiter Pedersen
7583fe2ad8 C++: Respond to PR reviews. 2023-01-31 10:31:02 +00:00
Tony Torralba
e9a46c926d Add taint for URLRequest fields 2023-01-31 11:15:45 +01:00
erik-krogh
95c19698c7 add change-note 2023-01-31 11:09:07 +01:00
Jeroen Ketema
24891c3f43 C++: Fix missing subpaths when displaying dataflow paths 2023-01-31 10:57:06 +01:00
erik-krogh
e5e8496084 fix QL-for-QL warnings 2023-01-31 10:55:27 +01:00
Arthur Baars
d944c2bd79 Ruby: address comments 2023-01-31 10:22:12 +01:00
Gulshan Singh
2f38d363ff Fix typo in dependsOnChild 2023-01-30 19:55:53 -08:00
Gulshan Singh
fb31570af3 Fix bitshift test 2023-01-30 19:55:53 -08:00
Gulshan Singh
1758e25207 Merge lshift/rshift range expressions into a single file and address PR comments 2023-01-30 19:55:53 -08:00
Gulshan Singh
051d36ee6a Add ConstantLShiftExprRange and ConstantRShiftExprRange classes 2023-01-30 19:55:53 -08:00
Gulshan Singh
5710289460 Add bitshift test 2023-01-30 19:55:53 -08:00
Nicky Mouha
5a4a63f8a9 Create IfStatementAdditionOverflow.ql 2023-01-30 18:52:35 -05:00
Harry Maclean
c99a096c9b Ruby: Update test fixtures 2023-01-31 11:27:19 +13:00
Harry Maclean
69ed00cdf1 Ruby: QL4QL fix 2023-01-31 11:06:32 +13:00
Mathias Vorreiter Pedersen
cd596403a0 Merge pull request #12031 from MathiasVP/ir-get-call-predicate 2023-01-30 21:23:02 +00:00
erik-krogh
c2e8206090 add more array taint steps that taint the entire array 2023-01-30 21:14:27 +01:00