hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-22 07:26:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,712 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
a499919239 Shared: More helpful QLDoc for simpleLocalFlowStep. 2024-02-29 17:13:40 +00:00
Paolo Tranquilli
6d90877c52 Merge pull request #15536 from github/redsun82/bazel-cmake 
Bazel/CMake: auto detect all `cc_binary`/`cc_test` targets
 2024-02-29 18:13:40 +01:00
Geoffrey White
f834768720 Shared: Improve QLDoc for forceHighPrecision. 2024-02-29 17:09:31 +00:00
Geoffrey White
9d2dc7a3cc Shared: Format. 2024-02-29 17:09:16 +00:00
Ed Minnix
f488f23a48 Add LocalFlowSource back to UncontrolledFormatString 2024-02-29 12:06:59 -05:00
Geoffrey White
88e3bc6865 Update shared/dataflow/codeql/dataflow/DataFlow.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-02-29 17:03:30 +00:00
Edward Minnix III
89bdb7f437 Remove discussion of local flow in change note 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-02-29 12:03:19 -05:00
Ed Minnix
86ceeebd89 Change handling of LocalSource in queries 
1. Change `LocalSource` to extend `DataFlow::Node`, thus removed from
   the definiton of `Source`
2. Add a private class `AddLocalSource` which extends `Source`. This
   allows us to currently preserve the inclusion of local sources, while
   making it easier to remove it in the future.
 2024-02-29 12:03:17 -05:00
Ed Minnix
3563c7ef03 Modify deprecated RemoteSource classes to extend DataFlow::Node directly. 
Since `ThreatModelFlowSource` contains `RemoteFlowSource` by default, we
can safely remove the `RemoteSource` from the default of the queries.
 2024-02-29 12:03:16 -05:00
Ed Minnix
e64826db1b Add threat-model configuration for UncontrolledFormatString test 2024-02-29 12:03:14 -05:00
Ed Minnix
af749e221b Remove commented out code 2024-02-29 12:03:13 -05:00
Ed Minnix
f237d2aeda Refactor to use ThreatModelFlowSource 2024-02-29 12:03:12 -05:00
Ed Minnix
5198f52351 Add references to changed queries in change note 2024-02-29 12:03:11 -05:00
Ed Minnix
22e8da2928 Update change note date 2024-02-29 12:03:09 -05:00
Ed Minnix
eb81946adc Change note changes to mention local sources as well 2024-02-29 12:03:08 -05:00
Ed Minnix
b4dabee770 Remove unnecessary flowsources.Remote imports 
Since `FlowSources` now re-exports `Remote`, these can be safely removed.
 2024-02-29 12:03:07 -05:00
Ed Minnix
434fa20646 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:05 -05:00
Ed Minnix
1086abca63 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:04 -05:00
Ed Minnix
b76795fd28 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:03 -05:00
Ed Minnix
fd3738b10e Refactor to using SourceNode::getSourceType 2024-02-29 12:03:01 -05:00
Ed Minnix
31d4d0ca57 Move getSourceType to SourceNode 2024-02-29 12:03:00 -05:00
Ed Minnix
75772664f2 Change note 2024-02-29 12:02:58 -05:00
Ed Minnix
f388a0f10c Deprecate direct uses of RemoteFlowSource and replace with ThreatModelFlowSource 2024-02-29 12:02:57 -05:00
Ed Minnix
bd0137a721 Deprecated direct use of RemoteFlowSource and use ThreatModelFlowSource instead 2024-02-29 12:02:55 -05:00
Chris Smowton
051d63a5a9 Merge pull request #15740 from smowton/smowton/feature/call-and-type-telemetry 
Java: add extraction quality telemetry; improve stringification of some erroneous expressions
 2024-02-29 16:51:51 +00:00
Tony Torralba
47bf556223 Merge pull request #15709 from atorralba/atorralba/java/enable-widget-taint-steps 
Java: Re-enable Widget.qll flow steps
 2024-02-29 17:33:05 +01:00
Owen Mansel-Chan
7b5f51b1e2 Change summary models to neutral models for javax.crypto.Cipher 2024-02-29 16:22:27 +00:00
Geoffrey White
445b82b4e1 Shared: Explain 'guard'. 2024-02-29 16:07:20 +00:00
Geoffrey White
70465b22c7 Shared: Remove @ annotations. 2024-02-29 16:00:43 +00:00
Geoffrey White
98289b52d6 Shared: Explain SsaPhiNode a bit more. 2024-02-29 15:45:43 +00:00
Geoffrey White
8151f3024d Shared: Pinch better doc for isEquality from a related Guards class in csharp. 2024-02-29 15:41:51 +00:00
Chris Smowton
ef9544cbef Adjust test expectations now signature type-accesses are named 2024-02-29 15:33:29 +00:00
Chris Smowton
903e4f59f0 Exclude error types from contradictory-type-check query 2024-02-29 14:59:46 +00:00
Chris Smowton
140c3189e3 Adjust test expectations 2024-02-29 14:59:46 +00:00
Chris Smowton
3bd0c3b2c2 Switch test to using a qlref to the real telemetry query 2024-02-29 14:59:46 +00:00
Chris Smowton
ef82ea7541 Add change note 2024-02-29 14:59:46 +00:00
Chris Smowton
551006c15e Make predicate private 2024-02-29 14:59:46 +00:00
Chris Smowton
ffa998eb4a Autoformat 2024-02-29 14:59:45 +00:00
Chris Smowton
b6507e795a Add test for a buildless project that doesn't compile cleanly 2024-02-29 14:59:45 +00:00
Chris Smowton
5d55265910 Add telemetry for untyped expressions and missing call targets 2024-02-29 14:59:45 +00:00
Chris Smowton
1fd459e8fc Improve stringification of some erroneous expressions 2024-02-29 14:59:45 +00:00
Alexander Eyers-Taylor
6c8105fd1c Merge pull request #15568 from github/alexet/kotlin-jdk-change 
Kotlin: Compile tests using the same jdk as the java tests.
 2024-02-29 14:48:03 +00:00
Paolo Tranquilli
0a137c7b02 Bazel/Cmake: share build options 2024-02-29 15:35:21 +01:00
Florin Coada
8d1965db59 match changelog to unified changelog 2024-02-29 14:33:14 +00:00
Florin Coada
cfdf163b40 Update changelog to match unified changelog 2024-02-29 14:32:57 +00:00
Paolo Tranquilli
81facd2fd6 Merge branch 'main' into redsun82/bazel-cmake 2024-02-29 14:28:00 +01:00
Mathias Vorreiter Pedersen
e620bfa9c6 Merge pull request #15761 from MathiasVP/fewer-variablenodes 
C++: Restrict `VariableNode`s to only be global-like variables
 2024-02-29 13:12:20 +00:00
Asger F
13e3a5158e JS: Fix qldoc 2024-02-29 13:59:25 +01:00
Alvaro Muñoz
e979f51956 Merge pull request #25 from GitHubSecurityLab/add_tests 
test: Add tests
 2024-02-29 13:47:57 +01:00
Alvaro Muñoz
6b11506abb test: Add tests 2024-02-29 13:23:59 +01:00