hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 10:24:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,684 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
eb08a508c9 Bump actions/labeler from 4 to 5 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4 to 5.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:07 +00:00
dependabot[bot]
4d68beffe0 Bump actions/setup-dotnet from 3 to 4 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3 to 4.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:03 +00:00
github-actions[bot]
48c15035b9 Add changed framework coverage reports 2023-12-05 00:16:34 +00:00
Robert Marsh
e9507b98ef Swift: remove spurious stats file 2023-12-04 21:30:12 +00:00
Geoffrey White
a5dd4a4e2a Swift: More tests of keys as sensitive data. 2023-12-04 19:05:15 +00:00
Alex Eyers-Taylor
7706ac9f10 CPP: Fix changenote location 2023-12-04 18:50:25 +00:00
Alexander Eyers-Taylor
2e92689810 CPP: Apply suggestions from code review of incorrect scanf check 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-04 18:32:03 +00:00
Mathias Vorreiter Pedersen
6dd941ee20 Merge pull request #14996 from jketema/toctou-test 
C++: Fix `chmod` prototype in toctou test and additional test
 2023-12-04 17:42:52 +00:00
Owen Mansel-Chan
570538b4ec Merge pull request #14938 from owen-mc/go/improve-test-unhandled-close-writable-handle 
Go: improve test unhandled close writable handle
 2023-12-04 16:56:09 +00:00
Jeroen Ketema
7f1bd499ce C++: Add test annotation 2023-12-04 17:53:08 +01:00
Mathias Vorreiter Pedersen
d9d36ff213 C++: Fix Code Scanning errors. 2023-12-04 16:53:03 +00:00
Rasmus Lerchedahl Petersen
9e1c818db6 Python: address review comments 2023-12-04 17:49:26 +01:00
Ian Lynagh
1aa1698f44 Kotlin: Accept some location changes in test-kotlin2/library-tests/vararg 2023-12-04 16:44:38 +00:00
yoff
f5c176bd12 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2023-12-04 17:41:00 +01:00
Mathias Vorreiter Pedersen
03b77dbf2a C++: Make 'node.asExpr()' behave as 'node.asDefinition()' in void contexts. 2023-12-04 16:38:13 +00:00
Jami
651653998c Merge pull request #14913 from jcogs33/jcogs33/unsafe-url-forward_path-inj-related_cve-2019-3799 
Java: add Spring models
 2023-12-04 10:18:50 -05:00
Jeroen Ketema
3e2397a3d1 C++: Fix chmod prototype in toctou test and additional test 2023-12-04 16:15:44 +01:00
Sarita Iyer
5a4ea7781e Merge pull request #14976 from github/saritai/docs-update-12431 
Document threat models
 2023-12-04 10:10:00 -05:00
Sarita Iyer
c4b6f44dff fix punctuation 2023-12-04 09:47:09 -05:00
Tamas Vajk
267125a65e Adjust comment on OrderAssemblyInfosByPreference method 2023-12-04 15:21:30 +01:00
Sarita Iyer
52a0a8333f Update customizing-library-models-for-java-and-kotlin.rst 2023-12-04 09:21:22 -05:00
Sarita Iyer
5bf93d096b Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-12-04 09:13:33 -05:00
Rasmus Wriedt Larsen
c952f6a648 Python: Update rest of tests to new dataflow lib 
I had missed these originally, since I had just fixed the ones that were
highlighted in the actions logs, thinking they had covered everything :(
 2023-12-04 14:49:40 +01:00
Tamas Vajk
db22478a47 Fix expected test files 2023-12-04 14:39:20 +01:00
Tony Torralba
649dc9d1d4 Merge pull request #14993 from github/shati-patel/fix-cwe-tags 
Update inconsistent CWE tags
 2023-12-04 14:30:32 +01:00
Rasmus Lerchedahl Petersen
e091ae84ab Merge branch 'main' of https://github.com/github/codeql into python/remove-ssa-nodes-from-dataflow-graph 2023-12-04 14:05:40 +01:00
Harry Maclean
d630773575 Merge pull request #14627 from alexrford/rb/update_all_sink 
Ruby: refine `ActiveRecord` `update_all` as an SQL sink
 2023-12-04 13:02:14 +00:00
Chris Smowton
78e0f69d1e Merge pull request #14988 from github/smowton/admin/report-more-files-extracted 
Java: report any extracted file as successfully extracted
 2023-12-04 12:48:12 +00:00
Chris Smowton
97266c252e Remove mention of TSP 2023-12-04 12:36:04 +00:00
Alex Eyers-Taylor
f3f53570a4 CPP: Fix metadata and add a change-note. 2023-12-04 12:19:31 +00:00
Michael Nebel
2fc7e51a5b C#: Only include source code (and not stubs) in the remote flow source test. 2023-12-04 13:10:10 +01:00
Shati Patel
6284781a9b Update inconsistent CWE tags 
Most tags use the "external/cwe/cwe-xxx" format, except for these few queries. Updating them for consistency.
 2023-12-04 11:52:31 +00:00
Rasmus Wriedt Larsen
2fed0adde7 Merge pull request #8457 from RasmusWL/add-dataflow-consistency-query 
Python: Add dataflow consistency query
 2023-12-04 12:50:46 +01:00
Chris Smowton
6d5a493e2d Add change note 2023-12-04 11:48:51 +00:00
Tom Hvitved
46531e653d C#: Deprecate OnAppendCookieTrackingConfig 2023-12-04 12:36:57 +01:00
Rasmus Wriedt Larsen
4dd3ea3798 Python: Update tests to new dataflow lib 
Avoids some deprecation warnings :)
 2023-12-04 12:36:57 +01:00
Anders Schack-Mulligen
67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00
Anders Schack-Mulligen
fd920b8585 Java: Deprecate old data flow api. 2023-12-04 12:36:57 +01:00
Mathias Vorreiter Pedersen
359b15bb60 C++: Fix FP by special-casing compound assignments in 'asExprInternal'. 2023-12-04 11:29:51 +00:00
Tom Hvitved
4c8861a60f Merge pull request #14832 from hvitved/csharp/callback-heuristics 
C#: Strengthen call-back heuristics by considering body-less methods
 2023-12-04 12:27:37 +01:00
Tom Hvitved
84cba21a6c C#: Add a few more is (not) null tests 2023-12-04 12:22:47 +01:00
Mathias Vorreiter Pedersen
ce28c9b485 C++: Add more CWE-119 testcases with compound assignments instead of increments. 2023-12-04 11:22:16 +00:00
Michael Nebel
e028c59a07 Merge pull request #14982 from michaelnebel/csharp/fixmissingpackageprinting 
C#: Fix problem with logging unused packages.
 2023-12-04 12:10:21 +01:00
Michael Nebel
b9833fc97e C#: Updated expected test output. 2023-12-04 12:02:51 +01:00
Michael Nebel
d160890aca C#: Re-factor to avoid multiple explicit casts. 2023-12-04 12:02:34 +01:00
Michael Nebel
6807fd1569 C#: Add some stubs, a testcase and update the expected output without based on main. 2023-12-04 11:53:09 +01:00
Mathias Vorreiter Pedersen
60204574b6 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:35:07 +00:00
Mathias Vorreiter Pedersen
1198d23b96 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:35:00 +00:00
Mathias Vorreiter Pedersen
5a12a0ad62 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:34:46 +00:00
Mathias Vorreiter Pedersen
09117d3869 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:34:32 +00:00