hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 04:56:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,714 Branches 162 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
48739da565 C#: Update expected test output. 2024-06-12 14:16:31 +02:00
Michael Nebel
91ebeee429 C#: Perceive field and property reads as additional flow steps in sink extrapolation. 2024-06-12 14:16:26 +02:00
Michael Nebel
5aee35256d C#: Add member flow example. 2024-06-12 14:16:22 +02:00
Michael Nebel
4b62cb64ed C#: Update expected test output. 2024-06-12 14:16:17 +02:00
Michael Nebel
0bbf131fdb C#: Add some compound sink examples. 2024-06-12 14:16:12 +02:00
Kasper Svendsen
7c2ee80bc3 Document builtin InternSets module 2024-06-12 13:56:48 +02:00
Tamas Vajk
e3cbf1479a Fix quality issue 2024-06-12 13:25:34 +02:00
Arthur Baars
4ee80653e2 Merge pull request #16471 from Sim4n6/ruby-UBV 
Ruby: Add some method calls as a Source
 2024-06-12 12:42:08 +02:00
Tamas Vajk
3551386a1a Simplify standalone extractor 2024-06-12 12:30:08 +02:00
Owen Mansel-Chan
6af1ed9d75 Merge pull request #16730 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-06-12 11:22:29 +01:00
Tamas Vajk
cdca607828 Rename Extractor to ExtractionContext 2024-06-12 11:43:19 +02:00
Alvaro Muñoz
c61e71f22d Update build.yml 2024-06-12 11:19:06 +02:00
Alvaro Muñoz
f8dd493a68 Update build.yml 2024-06-12 11:15:17 +02:00
Tamas Vajk
af2a78ea4d Reduce references to Extract class 2024-06-12 11:13:05 +02:00
Alvaro Muñoz
f068504c4f Bump qlpack versions 2024-06-12 10:07:36 +02:00
Alvaro Muñoz
95b5eff5d0 Merge pull request #41 from github/js_extractor 
Move from yaml to js extractor
 2024-06-12 10:05:16 +02:00
Alvaro Muñoz
e5eb85695d Update action to use javascript extractor 2024-06-12 10:04:50 +02:00
Alvaro Muñoz
e2fb677abb Remove DS_Store 2024-06-12 09:48:27 +02:00
Paolo Tranquilli
183a825841 Kotlin: expose kotlin version picker for internal packaging 2024-06-12 09:29:57 +02:00
Alvaro Muñoz
63fd73020c Update lock files 2024-06-12 08:54:01 +02:00
Alvaro Muñoz
df3d6131a8 Update lock files 2024-06-12 08:50:49 +02:00
github-actions[bot]
bbeebfae73 Add changed framework coverage reports 2024-06-12 00:17:31 +00:00
Joe Farebrother
f441c68f7e Merge pull request #16657 from joefarebrother/python-partial-ssrf-fp 
Python: Add additional sanitizers to SSRF
 2024-06-11 23:20:50 +01:00
Mauro Baluda
1db5e32e86 Extract SAP XSJS file types as Javascript 2024-06-11 23:53:41 +02:00
Mauro Baluda
45a48f360f Extract SAP XSJS file types as Javascript 2024-06-11 23:51:44 +02:00
Michael B. Gale
e9bd85e0ba Merge pull request #16704 from github/mbg/go/fix/build-scripts-running-more-than-once 2024-06-11 22:23:15 +01:00
Michael B. Gale
202d77d94f Merge pull request #16726 from github/mbg/go/log-one-line-for-stray-sources 
Go: Only log one line for stray .go files
 2024-06-11 22:16:21 +01:00
Alvaro Muñoz
ad1f35c86a Move from yaml to js extractor 2024-06-11 21:24:22 +02:00
Owen Mansel-Chan
24c9062b35 Merge pull request #16671 from owen-mc/go/mad-builtin-taint-models-try-2 
Go: Convert old-style models for built-ins to MaD
 2024-06-11 19:45:34 +01:00
Michael B. Gale
d8d1ae632c Merge branch 'mbg/go/fix/build-scripts-running-more-than-once' into mbg/go/fix/too-many-go-mod-files-initialised 2024-06-11 18:31:03 +01:00
Michael B. Gale
0f56e408f8 Merge branch 'main' into mbg/go/fix/build-scripts-running-more-than-once 2024-06-11 18:29:41 +01:00
Michael B. Gale
864d629a13 Go: Prevent go.mod files from being added to every directory with stray source files 2024-06-11 18:24:11 +01:00
Michael B. Gale
20b7def543 Go: Only log one line for stray .go files 2024-06-11 18:06:08 +01:00
Geoffrey White
cf4736c8f6 Merge pull request #16545 from geoffw0/salvage 
Swift: Salvage
 2024-06-11 17:51:17 +01:00
Mathias Vorreiter Pedersen
67b327a0f7 Merge pull request #16725 from MathiasVP/rc-3.14-mergeback 
Mergeback from `rc/3.14`
 2024-06-11 17:37:40 +01:00
Tony Torralba
a299afaf51 Merge pull request #16712 from mbaluda/main 
Java: Add `FileUtils` sinks to path injection
 2024-06-11 17:50:08 +02:00
Paolo Tranquilli
3d3652c63f Merge branch 'main' into redsun82/kotlin 2024-06-11 17:25:10 +02:00
Cornelius Riemenschneider
92957a63ad Add prefix feature to codeql_pack_group. 
Turns out we need this for our production targets.
 2024-06-11 17:22:35 +02:00
Mathias Vorreiter Pedersen
3351b9547d Merge branch 'rc/3.14' into rc-3.14-mergeback 2024-06-11 16:21:08 +01:00
Owen Mansel-Chan
2ae7fa4897 Tests: accept expected changes 2024-06-11 16:20:06 +01:00
Owen Mansel-Chan
6fd2ab7cef Tests: Accept model renumbering in edge provenance 2024-06-11 16:18:18 +01:00
Mathias Vorreiter Pedersen
b88a1b2d1e Merge pull request #16724 from MathiasVP/cache-asexpr 
C++: Cache `asExpr` (and `asIndirectExpr`) implementation predicates
 2024-06-11 16:17:29 +01:00
Owen Mansel-Chan
700604a1c2 Convert old-style models for built-ins to MaD 
These models are to cover the special cases where `append` can be used
with a second argument which is a string followed by `...`, and `copy`
can be used with a second argument which is a string. In this case the
taint is carried by the whole string, rather than in array elements.
 2024-06-11 16:16:45 +01:00
Joe Farebrother
93f10fcf14 Add sanitizers for compiled regexes 2024-06-11 15:44:16 +01:00
Mathias Vorreiter Pedersen
6a6978398a C++: Add file QLDoc. 2024-06-11 15:39:45 +01:00
Mathias Vorreiter Pedersen
333df03f64 C++: Cache more things. 2024-06-11 15:39:43 +01:00
Mauro Baluda
a464a8e48e @mbaluda 
Update provenance in test expectations
 2024-06-11 15:15:50 +02:00
Tamas Vajk
11faf08ed0 Remove specific standalone/tracing extractor state classes 2024-06-11 14:16:35 +02:00
Geoffrey White
214db5c20d Swift: Make CI more happy. 2024-06-11 12:49:58 +01:00
Cornelius Riemenschneider
3cf719cb39 pkg.bzl: Significantly restructure codeql_pack rule. 
This PR introduces a `codeql_pack_rule` that does the heavy lifting
of extracting arch- and common zip files for production dist building.
It also factors out the installer targets for individual packs,
as well as pack groups.

This changes the contract between the internal build system and the pack
definition significantly, which is why an accompanying internal PR is required.
No backwards compatibility layer is provided, as the PR as complex enough as-is.

The individual `codeql_pack` rules are now much simpler,
as they mostly stuff their inputs into a new `_CodeQLPackInfo` provider,
and let the installer and `codeql_pack_group` rules do the heavy lifting.
For working in the external repo with self-contained packs,
the per-pack installer targets are still available.
Internally, we'll only use the new `codeql_pack_group` targets
going forward, both for defining intree-dists and for building
the production zip files.
 2024-06-11 13:15:05 +02:00