hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-15 03:56:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,708 Branches 162 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
9fb657c4c4 Merge pull request #16781 from alexrford/rb/weak-sensitive-data-hashing 
Add `rb/weak-sensitive-data-hashing` query port
 2024-07-25 14:11:42 +01:00
Mathias Vorreiter Pedersen
4d3377b116 Merge branch 'main' into promote-unsigned-difference-expression-compared-zero-to-code-scanning 2024-07-25 14:00:05 +01:00
Jeroen Ketema
3e7a60c1a6 C++: Add additional test cases for explict and explicit(bool) specifiers 
Note that the `explict(bool)` specifiers currently do not end up in the
database.
 2024-07-25 14:41:44 +02:00
Anders Schack-Mulligen
c693f03462 Merge pull request #17070 from aschackmull/dataflow/pptype-refactor 
Dataflow: Replace `ppReprType` with `DataFlowType.toString`.
 2024-07-25 14:30:08 +02:00
Geoffrey White
245f43dd58 Merge pull request #17064 from geoffw0/swiftbobs 
Swift: Minor fixes
 2024-07-25 13:05:19 +01:00
Owen Mansel-Chan
a6cb511ed7 Convert XPath injection sinks to MaD 2024-07-25 12:56:06 +01:00
Owen Mansel-Chan
f3069c8fbb Improve XPath injection test (incl extra sinks) 
Currently the extra sinks are not detected. This will be fixed in the
next commit.
 2024-07-25 12:55:05 +01:00
Owen Mansel-Chan
78b66abad3 Convert existing credentials sinks to MaD 
I checked that the tests failed when I removed the classes and passed
again when I add the MaD models.
 2024-07-25 12:53:16 +01:00
Owen Mansel-Chan
93c9910e6f Convert go/request-forgery sinks to MaD 2024-07-25 12:53:15 +01:00
Owen Mansel-Chan
f7d681516a Allow MaD sinks for go/request-forgery 
Request forgery sinks which have `getRequest` different from the sink
itself cannot be modeled using models-as-data.
 2024-07-25 12:53:14 +01:00
Ian Lynagh
225d2915e5 Java/Kotlin: Add changenote for dropping SOURCE_ARCHIVE/TRAP_FOLDER 2024-07-25 12:48:55 +01:00
Ian Lynagh
e4b9335ce0 Kotlin: Remove support for deprecated SOURCE_ARCHIVE and TRAP_FOLDER 2024-07-25 12:46:13 +01:00
Mathias Vorreiter Pedersen
099c282277 C++: Move large function to its own file. 2024-07-25 12:11:09 +01:00
Anders Schack-Mulligen
7a48fe1102 Dataflow: Replace ppReprType with DataFlowType.toString. 2024-07-25 13:08:47 +02:00
Mathias Vorreiter Pedersen
c5da43e691 Merge pull request #16981 from MathiasVP/phi-escape-5-follow-up-2 
C++: Alias analysis follow-up to #16907
 2024-07-25 11:59:44 +01:00
Mathias Vorreiter Pedersen
34ad211900 C++: Add change note. 2024-07-25 10:50:28 +01:00
Mathias Vorreiter Pedersen
032ae9e1e7 Merge pull request #17034 from MathiasVP/more-alias-and-side-effect-models 
C++: Add more alias and side effect models
 2024-07-25 10:40:32 +01:00
Alvaro Muñoz
eaf034e8cb feat(config): Add pipx as poisonable step 2024-07-25 11:09:02 +02:00
Arthur Baars
8e7e7c0188 Update exepected output 2024-07-25 10:50:18 +02:00
Arthur Baars
9478139390 Java: buildless: proxy test with gradle 2024-07-25 08:34:11 +02:00
Arthur Baars
5a1adc51c1 Java: buildless: proxy test with maven 2024-07-25 08:32:48 +02:00
Arthur Baars
a35be08d18 Java: buildess proxy tests: add mitm_proxy.py 
A mock implementation of an https man-in-the-middle proxy
 2024-07-25 08:32:02 +02:00
Joe Farebrother
8f714c631f Code reveiw suggestions. correction in changenote + style in example 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-07-24 21:37:12 +01:00
Owen Mansel-Chan
5a39610ba7 Merge pull request #17053 from owen-mc/java/fix/regex-use-sink-kind 
Java: Add comments about use of sink kind `regex-use`
 2024-07-24 21:08:52 +01:00
Jami Cogswell
5854e88f63 Java: add change note 2024-07-24 16:00:38 -04:00
Geoffrey White
d77d7c533b Swift: Change note. 2024-07-24 18:25:06 +01:00
Geoffrey White
ecefa3e383 Swift: Fix a corrupted model. 2024-07-24 18:16:24 +01:00
Mathias Vorreiter Pedersen
3f5b4a81cf C++: Fix more inconsistencies. 2024-07-24 17:53:28 +01:00
Geoffrey White
44e33c7be7 Swift: Fill out the empty comment for SsaDefinitionNode (contents stolen from JS). 2024-07-24 17:51:12 +01:00
Calum Grant
d8cc92068a C++: Update attributes test output 2024-07-24 17:48:35 +01:00
Alvaro Muñoz
28cc06e136 Bump qlpack versions 2024-07-24 18:28:09 +02:00
Alvaro Muñoz
ba6ab04dfc feat(suite): Remove severity:warning queries from CodeScanning suite 2024-07-24 18:27:39 +02:00
Alvaro Muñoz
bb78bb6f57 refactor(queries): update severity level for workflow permissions 2024-07-24 18:27:00 +02:00
Mathias Vorreiter Pedersen
4a34dc125b C++: Expand the macro manually to work around an extractor bug. 2024-07-24 15:51:54 +01:00
Mathias Vorreiter Pedersen
b3bffb6826 Merge branch 'main' into phi-escape-5-follow-up-2 2024-07-24 15:22:40 +01:00
Mathias Vorreiter Pedersen
7ec3162583 C++: Sync identical files. 2024-07-24 15:20:00 +01:00
Mathias Vorreiter Pedersen
a5efe9fa09 C++: Respond to review comments. 2024-07-24 15:18:26 +01:00
Mathias Vorreiter Pedersen
90b25a6696 Merge pull request #17057 from MathiasVP/avoid-expensive-negation 
C++: Avoid expensive negation
 2024-07-24 15:09:52 +01:00
Alvaro Muñoz
da28f7dc0a feat(config): add asv to poisonable steps list 2024-07-24 15:56:47 +02:00
Mathias Vorreiter Pedersen
5e484e4006 C++: Accept test changes. 2024-07-24 14:29:42 +01:00
Mathias Vorreiter Pedersen
b1bea31720 C++: Speed up alias analysis. 2024-07-24 14:29:41 +01:00
Mathias Vorreiter Pedersen
28cff2ea20 C++: Add a testcase with many def/use pairs in alias analysis. 2024-07-24 13:46:31 +01:00
Florin Coada
1de91b4cd5 Update unified changelog for 2.17.6 and 2.18.0 2024-07-24 12:55:51 +01:00
Mathias Vorreiter Pedersen
ff60d9647f C++: Sync identical files. 2024-07-24 11:53:14 +01:00
Mathias Vorreiter Pedersen
ec134927d8 C++: Avoid expensive negation. 2024-07-24 11:53:11 +01:00
Anders Schack-Mulligen
9f79a39deb Merge pull request #17026 from Marcono1234/patch-1 
Java: Update `Annotation` predicate examples in language guide
 2024-07-24 12:43:50 +02:00
Mathias Vorreiter Pedersen
854a277ab5 Merge branch 'main' into more-alias-and-side-effect-models 2024-07-24 10:53:27 +01:00
Mathias Vorreiter Pedersen
b7542ee575 C++: Fix more inconsistencies (and delete unnecessary override). 2024-07-24 10:52:35 +01:00
Geoffrey White
eaf2949857 Merge pull request #17054 from geoffw0/scanf 
C++: Fix false positives in cpp/incorrectly-checked-scanf
 2024-07-24 10:51:25 +01:00
Geoffrey White
741a3289a1 Merge pull request #17055 from geoffw0/usefree 
C++: More tests for cpp/use-after-free
 2024-07-24 10:35:32 +01:00