hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-18 13:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,714 Branches 162 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
11da42b049 Merge pull request #16134 from hvitved/csharp/autobuild-buildless-process-indirection 
C#: Avoid process creation indirection in auto-builder
 2024-05-23 09:25:58 +02:00
Tom Hvitved
f517c00658 Merge pull request #16559 from hvitved/csharp/callable-always-returns-true 
C#: Simplify logic in `JsonWebTokenHandlerLib.qll`
 2024-05-23 09:25:19 +02:00
Owen Mansel-Chan
0cc868c742 Merge branch 'main' into workflow/coverage/update 2024-05-23 07:49:02 +01:00
Tony Torralba
d202355b07 Merge pull request #16553 from atorralba/atorralba/java/xxe-qhelp-reword 
Java: Reword recommendation section of XXE query
 2024-05-23 08:48:29 +02:00
erik-krogh
c80f48b23a Merge branch 'main' into amammad-js-CodeInjection_execa 2024-05-23 08:02:22 +02:00
github-actions[bot]
0f2d0c098f Add changed framework coverage reports 2024-05-23 00:16:44 +00:00
Alvaro Muñoz
16a7522807 Improve Untrusted checkout queries 2024-05-22 23:24:17 +02:00
Joe Farebrother
2db1fbc713 Merge branch 'main' into python-flask-session-interface 2024-05-22 21:48:01 +01:00
Tom Hvitved
621de2b977 C#: Avoid process creation indirection in auto-builder 2024-05-22 20:05:16 +02:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Alvaro Muñoz
33ae3b1625 minor updates 2024-05-22 18:53:39 +02:00
Mathias Vorreiter Pedersen
3f66b635a4 Merge pull request #16562 from aschackmull/dataflow/update-qltest-expected 
Dataflow: Fix qltests following https://github.com/github/codeql/pull/16511
 2024-05-22 16:16:04 +01:00
Mathias Vorreiter Pedersen
1978922d9e Merge pull request #16563 from MathiasVP/avoid-cp 
C++: Avoid a CP in `cpp/alloca-in-loop`
 2024-05-22 15:58:46 +01:00
Mathias Vorreiter Pedersen
769d9317c7 C++: Avoid a CP between 'getExpr(node)' and 'this' in 'LoopWithAlloca'. 2024-05-22 15:15:40 +01:00
Mathias Vorreiter Pedersen
1a0d66b339 Merge pull request #16557 from MathiasVP/fix-unique-pointer-query-fp 
C++: Fix `cpp/use-of-unique-pointer-after-lifetime-ends` FP
 2024-05-22 15:09:54 +01:00
Anders Schack-Mulligen
987d5712b8 Python: Accept qltest .expected file changes. 2024-05-22 15:43:49 +02:00
Anders Schack-Mulligen
15a7c3faeb Java: Accept qltest .expected file changes. 2024-05-22 15:42:40 +02:00
Anders Schack-Mulligen
a650499a9c Java: Accept qltest .expected file changes (interesting). 2024-05-22 15:42:12 +02:00
Anders Schack-Mulligen
f931c8d836 Go: Accept qltest .expected file changes. 2024-05-22 15:39:47 +02:00
Anders Schack-Mulligen
8db9187698 Go: Accept qltest .expected file changes (interesting). 2024-05-22 15:38:01 +02:00
Anders Schack-Mulligen
e7f24318cd C++: Accept qltest .expected file changes. 2024-05-22 15:36:30 +02:00
Anders Schack-Mulligen
f977a4206a C++: Accept qltest .expected file changes (interesting). 2024-05-22 15:35:28 +02:00
Joe Farebrother
8ff0cb614b Apply review suggestion - Update change note 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-05-22 14:26:41 +01:00
Michael Nebel
2449074f3d C#: Remove the DataFlowSummarizedCallable as this narrowing is now handled in the adapter. 2024-05-22 15:11:41 +02:00
Mathias Vorreiter Pedersen
9907f0f827 C++: Exclude a cast to any integral type. 2024-05-22 13:42:07 +01:00
Tom Hvitved
39019b3b62 C#: Simplify logic in JsonWebTokenHandlerLib.qll 2024-05-22 14:24:32 +02:00
Anders Schack-Mulligen
bbebdfea8d Merge pull request #16511 from aschackmull/dataflow/configuration-provenance 
Dataflow: Add provenance for configuration-specific steps.
 2024-05-22 14:07:10 +02:00
Anders Schack-Mulligen
de5c69d0a1 Merge pull request #16551 from aschackmull/java/model-fixes 
Java: Revise some jdk time-related models
 2024-05-22 14:05:23 +02:00
Mathias Vorreiter Pedersen
09357e15b4 Merge pull request #16533 from MathiasVP/better-negation-guards-in-c 
C++: Make `IRGuardCondition` handle `p` in `if(p)` and `if(!p)` better in C programs
 2024-05-22 13:02:06 +01:00
Tom Hvitved
a992b67d97 Merge pull request #16556 from hvitved/dataflow/simplify 
Data flow: Remove two redundant conjuncts
 2024-05-22 13:58:04 +02:00
Tamás Vajk
c9f468578d Merge pull request #16521 from tamasvajk/impr/refactor-common-csproj-prop 
C#: Refactor common msbuild properties
 2024-05-22 13:38:31 +02:00
Mathias Vorreiter Pedersen
00a940fd58 Merge pull request #16524 from catenacyber/deref-null-result 
Adds another rule for null deref
 2024-05-22 12:37:39 +01:00
Mathias Vorreiter Pedersen
4b02f88089 C++: Add change note. 2024-05-22 12:37:08 +01:00
Mathias Vorreiter Pedersen
af81698fa8 C++: Fix FP and accept test changes. 2024-05-22 12:34:09 +01:00
Mathias Vorreiter Pedersen
91f860ba4f C++: Add 'cpp/use-of-unique-pointer-after-lifetime-ends' FP. 2024-05-22 12:33:34 +01:00
Paolo Tranquilli
eab940c45d Merge branch 'main' into redsun82/kotlin 2024-05-22 13:30:23 +02:00
Alex Ford
8119a27540 Merge pull request #16185 from alexrford/rb/conditions-arr0 
Ruby: ActiveRecord - refine `conditions` argument as an SQLi sink
 2024-05-22 12:19:10 +01:00
Michael Nebel
e4319db18d C#: Filter out unwanted summaries at the root. 2024-05-22 12:53:55 +02:00
Tom Hvitved
a006c29a00 Merge pull request #16481 from hvitved/treesitter/bump2 
Tree-sitter: Bump to 0.22.6
 2024-05-22 12:53:14 +02:00
Tom Hvitved
70cf16597b Data flow: Remove two redundant conjuncts 2024-05-22 12:45:11 +02:00
Anders Schack-Mulligen
a078dcf1f2 Merge pull request #16550 from aschackmull/java/zipslip-number-sanitizer 
Java: Improve sanitizer for java/zipslip
 2024-05-22 12:43:44 +02:00
Mathias Vorreiter Pedersen
eda815789b Update cpp/ql/src/experimental/Likely Bugs/DerefNullResult.ql 2024-05-22 11:21:04 +01:00
Cornelius Riemenschneider
24a14badbb Bazel: Remove some kwargs.pop invocations. 2024-05-22 12:09:18 +02:00
Cornelius Riemenschneider
09f60e3e45 C#: Address C# code comments. 2024-05-22 12:09:12 +02:00
Tony Torralba
5ec3335b07 Java: Reword recommendation section of XXE query 2024-05-22 11:34:19 +02:00
Anders Schack-Mulligen
a74cf6501a Java: update qltest expected files. 2024-05-22 11:13:06 +02:00
Alvaro Muñoz
367531a659 Bump qlpack versions 2024-05-22 11:08:22 +02:00
Alvaro Muñoz
4d28d6aa7c Improve toctou queries 2024-05-22 11:07:52 +02:00
Michael Nebel
84e412fe36 Merge pull request #16477 from michaelnebel/csharp/madinlinetest 
C#: Inline expectation for model generator test.
 2024-05-22 11:05:23 +02:00
Anders Schack-Mulligen
ba97c3623a Java: Change most java.time.* df-generated taint models to neutrals. 2024-05-22 10:29:54 +02:00