hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 12:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,689 Branches 160 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chuan-kai Lin
396d2de6e7 Document pragma[assume_small_delta] 2023-01-30 11:42:57 -08:00
intrigus-lgtm
f23d517236 Fix errorneous slash 
The additional slash causes the request to fail.
Compare `gh api /repos/openjdk/jdk/code-scanning/codeql/databases/` (fails) with:
```
gh api /repos/openjdk/jdk/code-scanning/codeql/databases/
{
  "message": "Not Found",
  "documentation_url": "https://docs.github.com/rest"
}
gh: Not Found (HTTP 404)
```
While `gh api /repos/openjdk/jdk/code-scanning/codeql/databases` (works).
 2023-01-30 20:26:40 +01:00
Mathias Vorreiter Pedersen
a01a4734ed C++/C#: Sync identical files. 2023-01-30 17:32:53 +00:00
Mathias Vorreiter Pedersen
3a1a9a771c C++: Add a 'getCall' predicate to 'ArgumentOperand'. 2023-01-30 17:31:52 +00:00
Mathias Vorreiter Pedersen
f90007ae71 C++: Make our iterator models public. 2023-01-30 17:23:52 +00:00
erik-krogh
962465f77a add array-taint-steps to unsafe-shell-command-construction 2023-01-30 16:56:03 +01:00
Mathias Vorreiter Pedersen
be359a32c0 Merge pull request #11976 from MathiasVP/fewer-uses-2 
C++: Don't count every conversion as a use
 2023-01-30 15:51:12 +00:00
erik-krogh
a4c42aa14b more custom array steps from unsafe-code-construction to a utility predicate 2023-01-30 16:46:13 +01:00
erik-krogh
31743afa87 add change-note 2023-01-30 16:34:23 +01:00
erik-krogh
e01002368f add query detecting validators that use badly anchored regular expressions on library/remote input 2023-01-30 16:34:20 +01:00
Jami
7f6efae7dc Merge pull request #12008 from jcogs33/jcogs33/update-queryproducer-package 
Java: update package for `QueryProducer` sinks
 2023-01-30 10:27:58 -05:00
Alexander Eyers-Taylor
89d835b9ec Merge pull request #11988 from github/alexet/force-java-11 
Use Java 11 for some integration tests
 2023-01-30 15:19:00 +00:00
Nora Dimitrijević
fb88372c0f Merge pull request #11862 from d10c/swift/rename-iterabledeclcontext 2023-01-30 16:03:49 +01:00
AlexDenisov
48434f4be3 Merge pull request #12025 from github/alexdenisov/ignore-sandbox-exec 
Swift: ignore sandbox-exec
 2023-01-30 15:59:19 +01:00
erik-krogh
02da718786 add code-injection sink for node-pty 2023-01-30 15:14:25 +01:00
Alex Denisov
b71c5e6c4b Swift: ignore sandbox-exec 2023-01-30 15:10:30 +01:00
Mathias Vorreiter Pedersen
22202afbf5 Merge pull request #12007 from MathiasVP/fix-is-chi-before-iterator-use 
C++: Add missing condition to `isChiBeforeIteratorUse`
 2023-01-30 14:01:39 +00:00
Erik Krogh Kristensen
862948f1cc Merge pull request #12014 from erik-krogh/axios 
JS: add support for axios used as a global variable
 2023-01-30 14:55:49 +01:00
Ian Lynagh
25e703e562 Merge pull request #11579 from igfoo/igfoo/only_lockless 
Kotlin: Remove legacy trap-locking support
 2023-01-30 13:44:31 +00:00
Michael Nebel
115a0a4318 C#: Add change note. 2023-01-30 14:28:35 +01:00
Michael Nebel
b25414fe93 C#: Add DB upgrade and downgrade scripts. 2023-01-30 14:28:35 +01:00
Michael Nebel
ff546c1497 C#: Add test cases for ref fields. 2023-01-30 14:28:35 +01:00
Michael Nebel
2be090bb91 C#: Add predicate isRef to the CIL Field class. 2023-01-30 14:28:35 +01:00
Michael Nebel
db047c2c4a C#: Extract CIL fields using their underlying types for a reference type field and annotate the field as a reference type. 2023-01-30 14:28:35 +01:00
Michael Nebel
812bc20812 C#: Add CIL fields as entities that can carry type annotations. 2023-01-30 14:28:35 +01:00
Michael Nebel
23acd5c255 C#: Small re-factor of the Modifier class. 2023-01-30 14:28:34 +01:00
Michael Nebel
3a4ec90ae9 C#: Extraction of ref modifier for fields. 2023-01-30 14:28:34 +01:00
Erik Krogh Kristensen
e46960e0cf Merge pull request #12022 from github/dependabot/cargo/ql/regex-1.7.1 
Bump regex from 1.6.0 to 1.7.1 in /ql
 2023-01-30 13:11:54 +01:00
dependabot[bot]
e3afb1640a Bump regex from 1.6.0 to 1.7.1 in /ql 
Bumps [regex](https://github.com/rust-lang/regex) from 1.6.0 to 1.7.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.6.0...1.7.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 11:19:30 +00:00
Erik Krogh Kristensen
8198bbf893 Merge pull request #12019 from github/dependabot/cargo/ql/serde_json-1.0.91 
Bump serde_json from 1.0.82 to 1.0.91 in /ql
 2023-01-30 12:16:49 +01:00
Nora Dimitrijević
9346f4d760 Swift: fix failing tests 2023-01-30 11:39:06 +01:00
dependabot[bot]
f430e83fca Bump serde_json from 1.0.82 to 1.0.91 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.82 to 1.0.91.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.91)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 10:36:14 +00:00
Erik Krogh Kristensen
f647910e0c Merge pull request #12018 from erik-krogh/qlDependabot 
QL: fixup the dependabot config for QL-for-QL
 2023-01-30 11:35:05 +01:00
Erik Krogh Kristensen
78683e4e8a Merge pull request #11879 from erik-krogh/rbRegConcept 
RB: add a RegexExecution concept, and use it for better regexp tracking
 2023-01-30 11:33:09 +01:00
erik-krogh
40a576b775 fixup the dependabot config for QL-for-QL 2023-01-30 11:22:17 +01:00
erik-krogh
f04a9cb523 Merge branch 'main' into rbRegConcept 2023-01-30 11:05:40 +01:00
Erik Krogh Kristensen
3508a4b799 Merge pull request #12016 from erik-krogh/newEntity 
QL: support the NewEntity module in QL-for-QL
 2023-01-30 11:01:11 +01:00
Arthur Baars
907ebb723e Merge branch 'main' into json-log 2023-01-30 10:49:42 +01:00
erik-krogh
54c4c23b46 support the NewEntity module in QL-for-QL 2023-01-30 10:34:06 +01:00
Mathias Vorreiter Pedersen
7cc7675cdc C++: Accept query changes. These are just deduplications. 2023-01-30 09:26:14 +00:00
Mathias Vorreiter Pedersen
6a8c570915 Merge pull request #12009 from MathiasVP/fix-fwd-flow-read-join 
DataFlow: Fix join in `fwdFlowRead`
 2023-01-30 09:23:43 +00:00
Mathias Vorreiter Pedersen
1b45c5f96a C++: Accept test changes. 2023-01-30 09:13:42 +00:00
Mathias Vorreiter Pedersen
9de8d5c501 C++: Reduce the number of uses by excluding conversions. 2023-01-30 09:13:42 +00:00
Mathias Vorreiter Pedersen
7ecc3466cf C++: Add another column to 'conversionFlow'. 2023-01-30 09:13:42 +00:00
Harry Maclean
f7cdd430a2 Ruby: Small fix 2023-01-30 21:55:19 +13:00
Harry Maclean
7778524e08 Ruby: Refactor 2023-01-30 21:52:59 +13:00
Rasmus Wriedt Larsen
c7e552b343 Python: Fix grammar in qldoc 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-01-30 09:45:45 +01:00
Rasmus Wriedt Larsen
a1c2f4c138 Python: Small rewrite of **kwargs getParameter logic 2023-01-30 09:42:43 +01:00
Harry Maclean
5e9210fcea Ruby: use getAnAncestor 2023-01-30 21:21:38 +13:00
Harry Maclean
708e303c01 Ruby: Model except: with a const argument 2023-01-30 21:17:31 +13:00