hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,712 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
3e9602854a Merge pull request #16063 from MathiasVP/taint-inheriting-content-for-cpp 
C++: Add `TaintInheritingContent`
 2024-03-26 17:28:52 +00:00
Mathias Vorreiter Pedersen
3bfaab9182 C++: Remove debugging conjunct. 2024-03-26 17:01:06 +00:00
Mathias Vorreiter Pedersen
6a8c592900 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/FlowSteps.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-03-26 16:59:18 +00:00
Mathias Vorreiter Pedersen
d610d721a4 C++: Add file QLDoc. 2024-03-26 16:47:39 +00:00
Mathias Vorreiter Pedersen
e3744c435a C++: Add change note. 2024-03-26 16:44:16 +00:00
Mathias Vorreiter Pedersen
ec3d041c8d C++: Accept test changes. 2024-03-26 16:40:18 +00:00
Mathias Vorreiter Pedersen
bd2ecd3346 C++: Add test. 2024-03-26 16:38:28 +00:00
Mathias Vorreiter Pedersen
2075716df7 C++: Add 'TaintInheritingContent'. 2024-03-26 16:37:22 +00:00
Tony Torralba
d786ea90a4 Java: Add more neutrals 
Adds more neutral models to help the model generator ignore certain callables.

Also improves the precision of certain URL models by using synthetic fields so that the parts of a URL are tainted separately.
 2024-03-26 17:31:11 +01:00
Rasmus Wriedt Larsen
df463e51c1 JS: Extractor: Fix experimental flag value for NodeJSDetectorTests 2024-03-26 17:02:47 +01:00
Rasmus Wriedt Larsen
60944a9bcb JS: Accept new trap files 
As I see it, these all seem to have invalid code initially anyway, but
this is definitely something a JS expert should review :)
 2024-03-26 17:01:57 +01:00
Rasmus Wriedt Larsen
1d51d182ec JS: Extractor: Explain how to make replaceExpectedOutput work now with bazel 2024-03-26 17:01:57 +01:00
Rasmus Wriedt Larsen
04a0740ccb JS: Extractor: More robust ES2015 checking 
Created shared AbstractDetector to not duplicate all the tedious logic
;)

I took inspiration from the tests in  `javascript/extractor/tests/esnext/input/dynamic-import.js`
 2024-03-26 17:01:57 +01:00
Rasmus Wriedt Larsen
cd84500c56 JS: Extractor: Separate base detector logic into own file 
Should hopefully make it easier to review these changes to have it split into its' own commit :)
 2024-03-26 17:01:57 +01:00
Henry Mercer
2de62dfcdd Merge pull request #16058 from github/henrymercer/merge-back-rc-3.13 
Merge `rc/3.13` back to `main`
 2024-03-26 14:57:31 +00:00
Ian Lynagh
c5604c97bd Kotlin 2: Accept more location changes 2024-03-26 14:10:28 +00:00
Henry Mercer
0646744928 Merge branch 'main' into henrymercer/merge-back-rc-3.13 2024-03-26 12:59:12 +00:00
Michael B. Gale
cf9e2dcea1 Merge pull request #16056 from github/mbg/go/changenote-for-dependency-improvement 
Go: Add changenote for `CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO` change
 2024-03-26 12:50:19 +00:00
Henry Mercer
f89109df7c Merge pull request #16048 from github/post-release-prep/codeql-cli-2.16.6 
Post-release preparation for codeql-cli-2.16.6
 2024-03-26 12:23:11 +00:00
Geoffrey White
8fbbc2b6d8 C++: Improve QLDoc. 2024-03-26 11:21:25 +00:00
Max Schaefer
d7258f76d3 Go: Improve QHelp for go/unvalidated-url-redirection. 
The example showed a different (and better) fix from what the help claimed, but the suggestion also had a subtle bug that I fixed at the same time.
 2024-03-26 10:57:36 +00:00
Michael B. Gale
f84609dbc4 Go: Add changenote for CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO change 2024-03-26 10:51:57 +00:00
Tamás Vajk
0c5ea975a4 Merge pull request #16021 from tamasvajk/feature/add-buildless-telemetry 
C#: Add high level diagnostic messages for buildless extraction (star…
 2024-03-26 11:03:20 +01:00
Asger F
22b56a4a40 JS: More implied receiver steps 2024-03-26 10:23:08 +01:00
Asger F
f2939bd05b JS: Add test case 2024-03-26 10:23:08 +01:00
Asger F
f8641dd82d JS: Fix use of deprecated alias 2024-03-26 09:39:39 +01:00
Asger F
a0b49b23f5 JS: Add UseServer and UseClient directives 2024-03-26 09:39:39 +01:00
Asger F
1d22e65851 JS: Move Directive subclasses into Directive module 2024-03-26 09:39:37 +01:00
Dave Bartolomeo
a950de36a0 Merge pull request #16050 from github/dbartol/more-test-fixes 
Remove unused data extension in test
 2024-03-25 20:50:09 -04:00
Dave Bartolomeo
c11b8f9d51 Remove unused data extension in test 2024-03-25 19:14:54 -04:00
Max Schaefer
ff23f572d0 Merge pull request #16038 from github/max-schaefer/string-break-qhelp 
Go: Improve QHelp for `go/unsafe-quoting`.
 2024-03-25 20:10:02 +00:00
Max Schaefer
5bc710b406 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2024-03-25 19:48:56 +00:00
Dave Bartolomeo
98bf5269a0 Merge pull request #16040 from github/dbartol/qltest-model 
Use correct model pack name in qltest data extension
 2024-03-25 15:29:16 -04:00
Chris Smowton
f5ebd3d501 Merge pull request #16047 from github/smowton/admin/update-java-supported-version 
Update Java version supported to 22
 2024-03-25 18:42:35 +00:00
Geoffrey White
ce52cbb428 C++: Disambiguate *n1..n2 doc. 2024-03-25 18:22:28 +00:00
github-actions[bot]
f67b5f9158 Post-release preparation for codeql-cli-2.16.6 2024-03-25 18:17:15 +00:00
Geoffrey White
76780d74d9 C++: Unify four implementations of repeatStars. Note that the recursive approach is faster for very large strings (well over 100 stars), while the concat approach appears to be faster for short strings and does not require an upper bound. 2024-03-25 18:10:21 +00:00
Geoffrey White
95db7aa776 C++: Clean up argument / parameter position logic. 2024-03-25 18:10:21 +00:00
Chris Smowton
757b9bb5fa Update Java version supported to 22 2024-03-25 18:01:30 +00:00
Chris Smowton
6fc99e3ad6 Merge pull request #16023 from smowton/smowton/feature/jdk22-support 
Java: support Java 22 language features
 2024-03-25 17:58:50 +00:00
Geoffrey White
58737b1d7e C++: We *could* support .Argument with no index, but I'm not convinced we can do so efficiently, so lets not. 2024-03-25 17:08:15 +00:00
Geoffrey White
0a33a6e79b C++: Another test case - Arguments with no specified index. 2024-03-25 17:00:46 +00:00
Henry Mercer
3d82318839 Merge pull request #16045 from github/release-prep/2.16.6 
Release preparation for version 2.16.6
codeql-cli/v2.16.6 		2024-03-25 16:59:13 +00:00
github-actions[bot]
71ab804274 Release preparation for version 2.16.6 2024-03-25 16:58:08 +00:00
Geoffrey White
cf35fd4dee C++: Improve ExternalFlow.qll doc. 2024-03-25 16:52:09 +00:00
Geoffrey White
cdafb26423 C++: Fix test failures. 2024-03-25 16:51:36 +00:00
Chris Smowton
dcebcc35b6 Rename getPatternAtIndex 2024-03-25 16:36:38 +00:00
Chris Smowton
568bddc4a9 Add test cases for cases falling directly out of switch blocks 2024-03-25 16:31:40 +00:00
Chris Smowton
17193ac11b Distinguish record patterns that do or don't declare identifiers 2024-03-25 16:31:40 +00:00
Chris Smowton
a4401963f5 Use getAPattern 2024-03-25 16:31:39 +00:00