hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 15:06:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,712 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
4085c8ec8f Merge pull request #15866 from hvitved/ruby/orm-tracking-ap-limit 
Ruby: Lower access path limit to 1 for `OrmTracking`
 2024-03-13 10:57:09 +01:00
Harry Maclean
806f42ef72 Ruby: Update change note 2024-03-13 09:54:17 +00:00
Asger F
e640154048 JS: Be backwards compatible with AdditionalBarrierGuardNode 
I've confirmed that the 'legacyBarrier' predicate does not occur in the DIL
 2024-03-13 10:54:02 +01:00
Harry Maclean
dd5eb982ec Merge pull request #15524 from hmac/hmac-process-spawn 
Ruby: Add some more command injection sinks
 2024-03-13 09:53:10 +00:00
Tony Torralba
2fd2b4c874 Merge pull request #15891 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-03-13 09:51:22 +01:00
Asger F
14e75be510 JS: Expand comments and synthetic node name in ForOfLoops 2024-03-13 09:27:00 +01:00
Asger F
e66f27cfe3 JS: Move hasWildcardReplaceRegExp to a shared place 2024-03-13 09:19:26 +01:00
Asger F
4043bc13ab JS: Explicit mark comment as a TODO 2024-03-13 09:19:03 +01:00
Asger F
858c79e395 JS: Add plain taint step through Promise.all() 2024-03-13 08:57:42 +01:00
Asger F
13a8e0fbf0 JS: Add failing test for Promise.all() 2024-03-13 08:54:06 +01:00
github-actions[bot]
cff2cdb9e4 Add changed framework coverage reports 2024-03-13 00:15:53 +00:00
Edward Minnix III
c190dd21db Merge pull request #15877 from egregius313/egregius313/csharp/mad/sources/windows-registry 
C#: Add source models for values from the Windows registry
 2024-03-12 16:41:42 -04:00
Edward Minnix III
d54489931c Merge pull request #15869 from egregius313/egregius313/java/fix/parcelfiledescriptor-open-sink 
Java: Add path-injection sink for `ParcelFileDescriptor::open`
 2024-03-12 16:39:20 -04:00
Asger F
2c1aa08f79 JS: Rename Strings2 -> Strings 2024-03-12 21:18:14 +01:00
Asger F
478dd25f3e JS: Rename Sets2 -> Sets 2024-03-12 21:17:29 +01:00
Asger F
433489478d JS: Rename Promise2 -> Promise 2024-03-12 21:16:43 +01:00
Asger F
e2f3565227 JS: Rename Maps2 -> Maps 2024-03-12 21:14:29 +01:00
intrigus-lgtm
f70a39e72f [cpp-docs] Fix 404 link in guards library doc. 2024-03-12 19:59:26 +01:00
Erik Krogh Kristensen
863e3f79e5 Merge pull request #15731 from erik-krogh/java-url 
Java: More sanitizers for request-forgery
 2024-03-12 19:31:52 +01:00
Geoffrey White
cbacd51337 C++: Make Argument[-1] refer to *this rather than this. 2024-03-12 17:51:43 +00:00
Geoffrey White
22d5e9bbfb C++: Add test cases involving pointer qualifiers. 2024-03-12 17:47:11 +00:00
Ian Lynagh
0e94aa0eb5 Kotlin 2: Accept more changes in the exprs test 2024-03-12 16:42:37 +00:00
Ian Lynagh
8d1ee10981 Merge pull request #15876 from igfoo/igfoo/buildless-java-complete 
Java: Accept test changes
 2024-03-12 16:12:58 +00:00
Tamás Vajk
be2ce17376 Merge pull request #15881 from tamasvajk/buildless/fix-fallback 
C#: Deduplicate not yet restored package names
 2024-03-12 16:08:16 +01:00
Mathias Vorreiter Pedersen
ab6e2f9364 C++: Accept test regression. 2024-03-12 15:04:49 +00:00
erik-krogh
f613823047 add explicit QLDoc that any method named "contains" is matched 2024-03-12 15:25:27 +01:00
Geoffrey White
900c8b71d8 C++: Complete the SummaryCall class. 2024-03-12 14:23:00 +00:00
erik-krogh
35aae0a981 move changenote to src/ 2024-03-12 15:22:57 +01:00
Erik Krogh Kristensen
b53ae77c56 expand change-note 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-03-12 15:22:17 +01:00
Mathias Vorreiter Pedersen
51f5740707 C++: Exclude functions that aren't declared inside the source root. This fixes performance on ImageMagick. 2024-03-12 14:20:16 +00:00
Mathias Vorreiter Pedersen
6a563c161e C++: Simplify the definition of 'isNonConst'. On ImageMagick I get the same exact sources before and after. 2024-03-12 14:20:09 +00:00
Mathias Vorreiter Pedersen
179a7d500e C++: Handle 'wchar_t' types that may be defined as unsigned short in C. This brings back SAMATE results. 2024-03-12 14:19:48 +00:00
erik-krogh
f2d6640003 fix ambiguous import. It could refer both to a module or a file 2024-03-12 15:15:50 +01:00
Asger F
b3fad7a8dc JS: Rename Iterators2 -> Iterators 2024-03-12 15:12:07 +01:00
Asger F
5aafd33cec JS: Rename Arrays2 -> Arrays 2024-03-12 15:11:29 +01:00
erik-krogh
c1fd7a6190 autoformat 2024-03-12 15:09:45 +01:00
Asger F
76e0445af0 JS: Be consistent about caching in PreCallGraphStep 2024-03-12 15:08:59 +01:00
Geoffrey White
a27949cffa C++: Set certain = true in storeStepImpl. 2024-03-12 14:08:20 +00:00
Tamas Vajk
b07b0762f2 Adjust based on code review feedback 2024-03-12 15:07:58 +01:00
erik-krogh
74876ff49b add change-note 2024-03-12 15:07:36 +01:00
erik-krogh
52f71e4553 small fixes based on review 2024-03-12 15:07:29 +01:00
Ian Lynagh
c2aa334465 Java: Accept test changes 2024-03-12 14:03:02 +00:00
Asger F
28fc8ba0c1 JS: Remove EmptyType 2024-03-12 14:59:04 +01:00
Tom Hvitved
695e728ed5 Ruby: Lower access path limit to 1 for OrmTracking 2024-03-12 14:58:29 +01:00
Tom Hvitved
dddba3228b Merge pull request #15867 from hvitved/dataflow/ap-limit 
Data flow: Add `ConfigSig::accessPathLimit`
 2024-03-12 14:57:51 +01:00
Asger F
f94aa2ceec Update javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowNode.qll 2024-03-12 14:41:11 +01:00
erik-krogh
6be0ed1dc3 narrow the version specifier used for TypeScript 2024-03-12 13:42:58 +01:00
Tom Hvitved
d7790faece Address review comments 2024-03-12 13:34:55 +01:00
erik-krogh
95a5ec7f27 add test that the new Object.groupBy method has a type 2024-03-12 13:22:11 +01:00
Owen Mansel-Chan
33c17313b4 Add test for not extracting values for intermediate string concatenations 2024-03-12 11:59:10 +00:00