hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 14:36:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,711 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
a756f14e77 C++: Only report implicit destructors if we need to translate them. 2024-04-04 14:41:23 +01:00
Paolo Tranquilli
5d6baea174 Kotlin: add aliases for default versions 2024-04-04 15:34:48 +02:00
Tamas Vajk
e42639852c C#: Move nuget related DependencyManager methods to separate file 2024-04-04 14:25:09 +02:00
Tom Hvitved
ce3b359813 Ruby: Fix CFG for nodes that may raise 2024-04-04 13:27:29 +02:00
Tom Hvitved
6d2d9654b5 Ruby: Add CFG test 2024-04-04 13:27:29 +02:00
Paolo Tranquilli
55ff7109fa Kotlin: support embeddable build in bazel 2024-04-04 12:53:14 +02:00
Mathias Vorreiter Pedersen
d4e2d37311 C++: Add a simple test that fails. 2024-04-04 11:29:25 +01:00
Mathias Vorreiter Pedersen
cf996f8600 C++: Accept test changes. 2024-04-04 11:28:33 +01:00
Robert Marsh
17e8c95e7f C++: suppress destructors on conditional temporaries 2024-04-04 11:28:10 +01:00
Mathias Vorreiter Pedersen
894d934de8 C++: Accept test changes. 2024-04-04 11:28:01 +01:00
Owen Mansel-Chan
7fc5265168 Misc small tidy-ups mostly suggested by linter 2024-04-04 10:51:22 +01:00
Owen Mansel-Chan
68321dd9ec Use nil for optional argument to packages.Visit 2024-04-04 10:51:13 +01:00
Owen Mansel-Chan
d9fe39d5ae Extractor: add comment about tw.Package.TypesInfo.Defs 2024-04-04 10:37:31 +01:00
Owen Mansel-Chan
720961787b Improve QLDoc for CaseClause 2024-04-04 10:37:25 +01:00
Jeroen Ketema
a8f27af6d8 Merge pull request #16119 from jketema/coroutine2 
C++: Add more missing variable declaration tests
 2024-04-04 11:35:52 +02:00
Robert Marsh
75c453fd30 C++: Unsuppress temporary destructors in IR 2024-04-04 10:29:59 +01:00
Paolo Tranquilli
5313288b8e LFS: do non-matching fetchinclude rather than explicit fetchexclude 2024-04-04 11:02:29 +02:00
Jeroen Ketema
70491c4a8d C++: Add more missing variable declaration tests 2024-04-04 10:54:09 +02:00
Tom Hvitved
c03b74545d Merge pull request #16115 from hvitved/dataflow/fix-bad-join 
Data flow: Fix bad join
 2024-04-04 10:51:22 +02:00
Paolo Tranquilli
47ff1c1ee6 Kotlin: working standalone extractor built with bazel 2024-04-04 10:23:26 +02:00
Jeroen Ketema
55d1f43239 C++: Update supported compiler versions based on frontend documentation 2024-04-04 10:18:56 +02:00
Tom Hvitved
79440f6734 Data flow: Fix bad join 
```
Evaluated relational algebra for predicate DataFlowImpl::Impl<PolynomialReDoSQuery::PolynomialReDoSFlow::C>::storeEx/5#34133ef9@0425e0m7 with tuple counts:
           2209132     ~1%    {6} r1 = SCAN `DataFlowImpl::Impl<PolynomialReDoSQuery::PolynomialReDoSFlow::C>::storeExUnrestricted/5#3a86a98e` OUTPUT In.1, In.0, In.1, In.2, In.3, In.4
        4338565685     ~1%    {6}    | JOIN WITH `DataFlowPublic::ContentSet.getAReadContent/0#dispred#e4acf74e_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.5
          34811200  ~1428%    {5}    | JOIN WITH `project#DataFlowImpl::Impl<PolynomialReDoSQuery::PolynomialReDoSFlow::C>::readSetEx/3#35ac556a` ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.5
                              return r1
```
 2024-04-04 10:02:02 +02:00
Tom Hvitved
c2f91a5ccf Merge pull request #16104 from hvitved/csharp/more-compiler-generated 
C#: Mark more expressions as compiler generated
 2024-04-04 09:09:16 +02:00
Tom Hvitved
fc02938687 Merge pull request #16088 from hvitved/csharp/library-property-store 
C#: Include all non-source-code properties in data flow
 2024-04-04 09:04:00 +02:00
Tamás Vajk
7beb73729d Merge pull request #16036 from tamasvajk/autobuilder/disposable 
C#: Properly dispose diagnostic writer objects
 2024-04-04 08:21:11 +02:00
Tom Hvitved
813f5b99e7 C#: Update PrintAST query 2024-04-03 20:03:02 +02:00
Tom Hvitved
d93d6585d9 C#: Mark more expressions as compiler generated 2024-04-03 20:03:02 +02:00
Tom Hvitved
c2d771b334 Ruby: Reduce alerts produced by MassAssignment.ql 2024-04-03 19:58:51 +02:00
Tom Hvitved
3c96bf6b22 Fix bad join 2024-04-03 19:41:37 +02:00
Erik Krogh Kristensen
35f61d9de4 Merge pull request #16107 from erik-krogh/fix-log-injection-typo 
RB: Tiny fixes to log-injection QHelp
 2024-04-03 18:29:37 +02:00
Paolo Tranquilli
c242466d31 Kotlin: first support for Kotlin extractor build 2024-04-03 16:30:57 +02:00
Alvaro Muñoz
ce5928c6ba Bump qlpack versions 2024-04-03 15:43:43 +02:00
Alvaro Muñoz
73878ed3cd Merge pull request #42 from GitHubSecurityLab/priv_workflows 
priv workflows
 2024-04-03 15:41:04 +02:00
Alvaro Muñoz
f7ddd8b769 Include problem queries in actions-all suite 2024-04-03 15:39:50 +02:00
Alvaro Muñoz
2988bc8885 Centralize isPrivileged decisions 2024-04-03 15:39:00 +02:00
Tom Hvitved
2d4cf55c87 Merge pull request #15985 from hvitved/ruby/phi-barrier-guards 
Ruby: Extend barrier guards to handle phi inputs
 2024-04-03 15:22:39 +02:00
Tom Hvitved
7871fb8ce6 Data flow: Block flow at expectsContents nodes in parameterValueFlow 2024-04-03 15:19:34 +02:00
Tom Hvitved
137594cf36 Ruby: Add regression test 2024-04-03 15:19:34 +02:00
Geoffrey White
a8742ea111 C++: PascalCase and US spelling fixes. 2024-04-03 14:17:55 +01:00
Owen Mansel-Chan
fe24710c96 Improve QLDoc of Entity.getDeclaration 2024-04-03 14:09:37 +01:00
Owen Mansel-Chan
c7f2e991ed Improve QLDoc for TypeAssertExpr 
Include information about the type assert `x.(type)` used in type switches.
 2024-04-03 13:59:04 +01:00
Owen Mansel-Chan
698debfa20 Extractor: explicitly deal with extracting x.(type) in type switches 2024-04-03 13:58:58 +01:00
Tamás Vajk
9be2b9cbdb Merge pull request #16108 from tamasvajk/cleanup/utils 
C#: Remove unused classes from `Util` project
 2024-04-03 14:24:58 +02:00
Tamás Vajk
362a109e04 Remove redundant implemented interface 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-04-03 14:23:36 +02:00
Tom Hvitved
8b78463f25 Merge pull request #16087 from hvitved/dataflow/store-step-exploration 
Data flow: Do not require stores to have matching reads in flow exploration
 2024-04-03 14:10:28 +02:00
Tom Hvitved
550e251d68 Data flow: Do not require stores to have matching reads in flow exploration 2024-04-03 13:28:24 +02:00
Tamas Vajk
75894d581c C#: Remove unused classes from Util project 2024-04-03 12:15:37 +02:00
Alvaro Muñoz
119c7b8158 Bump qlpack versions 2024-04-03 11:41:42 +02:00
Alvaro Muñoz
9c90db3f83 Merge pull request #41 from GitHubSecurityLab/env_injection 
New Artifact Poisoning and EnvVar Injection queries
 2024-04-03 11:39:56 +02:00
Tom Hvitved
1dc13cc169 Merge pull request #15923 from hvitved/shared-xml-impl 
Properly shared `XML.qll` implementation
 2024-04-03 11:39:50 +02:00