hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 08:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,715 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
4de19b3ec9 Merge pull request #15039 from joefarebrother/csharp-razor-flow-page-models 
C#: Add flow steps from a PageModel to cshtml page.
 2024-01-19 10:07:25 +00:00
Tony Torralba
8d6aa281b9 Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 10:48:34 +01:00
Pierre
51a65f9794 Merge pull request #15376 from github/sitedocs/2.15.5-2 
Regenerate 2.16.0 changelog with fixed changenote
 2024-01-19 10:43:21 +01:00
Tony Torralba
9a0fb39382 Model StartWithContext 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:25:35 +01:00
Tony Torralba
d3a9a5ec3f Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:22:46 +01:00
Michael Nebel
24855ddc64 Merge pull request #15328 from michaelnebel/csharp/inlinearrays 
C# 12: Inline array support.
 2024-01-19 09:11:26 +01:00
Michael Nebel
cb53ca4e1f Merge pull request #15367 from michaelnebel/csharp/nullablesimpletypesanitizer 
C#: Consider nullable simple types as sanitizers.
 2024-01-19 09:09:36 +01:00
Aditya Sharad
a3c0425eb3 Merge pull request #15349 from github/remove-codeql-cli-docs 
Remove outdated CodeQL CLI docs
 2024-01-18 09:45:05 -08:00
Geoffrey White
963e0a730d C++: Fix some off-by-one mistakes in the test. 2024-01-18 17:38:32 +00:00
Pierre
4922b7fd11 Regenerate 2.16.0 changelog with fixed changenote 2024-01-18 18:08:50 +01:00
Tony Torralba
716c6cd519 Merge pull request #15375 from atorralba/atorralba/docs/amend-change-note 
Fix change note category for clarity
 2024-01-18 17:49:00 +01:00
Benjamin Rodes
833ef9d6d6 Further reorg of libraries and predicates to allow for more reusable and consistent libraries. 2024-01-18 11:17:24 -05:00
Tony Torralba
736df6fb05 Fix change note category for clarity 2024-01-18 17:09:34 +01:00
Geoffrey White
42571069bf C++: Autoformat. 2024-01-18 16:01:06 +00:00
Geoffrey White
017369c6f2 C++: Remove redundant import (identified by QL-for-QL). 2024-01-18 15:59:32 +00:00
Benjamin Rodes
967526b285 Separating out use after free logic into a library and a ql so the query can be expanded easily. 2024-01-18 10:59:17 -05:00
Benjamin Rodes
8bd682b3f2 Deallocation.qll formatting. 2024-01-18 10:49:23 -05:00
Benjamin Rodes
7e70b30772 Adding missing windows library free functions to deallocation set 2024-01-18 09:59:28 -05:00
Alex Ford
9536fb5cae Merge pull request #15372 from github/rb/docs-ruby-3-3 
Ruby: update supported version to 3.3
 2024-01-18 14:47:15 +00:00
Tony Torralba
1d7dbec719 Go: Add flow sources for AWS Lambda function handlers 2024-01-18 15:17:21 +01:00
Michael B. Gale
d8eef2716b Merge pull request #15360 from github/mbg/csharp/redefine-successfully-extracted-files 2024-01-18 14:09:20 +00:00
Geoffrey White
cc2b61186e C++: Document TReturnKind, NormalReturnKind and IndirectReturnKind better. 2024-01-18 13:24:57 +00:00
Geoffrey White
dd27ef7d3c C++: Add MAD source definitions for the new taint sources and update the (real) test. 2024-01-18 13:24:57 +00:00
Geoffrey White
833165f86c C++: Update the (synthetic) test. 2024-01-18 13:24:57 +00:00
Geoffrey White
c85262cfd0 C++: Add the shared MAD pack to CPP. 2024-01-18 13:24:57 +00:00
Geoffrey White
a8863e44db C++: Port implementation to CPP. 2024-01-18 13:24:57 +00:00
Geoffrey White
3aacc5ffde C++: Copy FlowSummaryImpl.qll from Swift. 2024-01-18 13:01:16 +00:00
Geoffrey White
fbf9545338 C++: Copy ExternalFlow.qll from Swift. 2024-01-18 13:01:16 +00:00
Geoffrey White
303882350b C++: Add some test cases for new (real) taint sources to be defined using models-as-data. 2024-01-18 13:01:16 +00:00
Geoffrey White
9611e4ce19 C++: Add tests for (synthetic) models-as-data sources and sinks. 2024-01-18 13:01:16 +00:00
Michael Nebel
43350b0664 C#: Add change note. 2024-01-18 13:55:18 +01:00
Rasmus Wriedt Larsen
f20d4e22fe Handle only exclude 2024-01-18 13:54:45 +01:00
Michael Nebel
9e9b5292f2 C#: Add change note. 2024-01-18 13:50:52 +01:00
Michael B. Gale
d0003ce7be C#: Rename query to ExtractedFiles 2024-01-18 12:47:11 +00:00
Michael Nebel
337ab611c9 C#: Update expected test output. 2024-01-18 12:53:48 +01:00
Michael Nebel
9460c91c8c C#: Also consider nullable simple types (and datetime) as simple type sanitizers. 2024-01-18 12:53:29 +01:00
Michael Nebel
559842071a C#: Add example of log forging alert for simple nullable types and updated expected test output. 2024-01-18 12:50:40 +01:00
Michael Nebel
f8f95e6a19 C#: Add models as data test for inline arrays. 2024-01-18 12:23:26 +01:00
Michael Nebel
1d88ca2388 C#: Add more InlineArray test cases. 2024-01-18 12:23:26 +01:00
Rasmus Wriedt Larsen
54c7c5e8be Tree sitter extractor: Proper handling of LGTM_INDEX_FILTERS 
If someone had used `LGTM_INDEX_FILTERS=exclude:**/*\ninclude:*.rb`
before, we would have mistakenly excluded all files :|
(LGTM_INDEX_FILTERS is a prioritized list where later matches take
priority over earlier ones)

This change is needed to support adding `exclude:**/*` as the first
filter if `paths` include a glob, which currently causes bad behavior in
the Python extractor. However, we can first introduce that change once
this PR has been merged.

I realize this change can cause more folders and files to be traversed
(since they are not just skipped with --exclude). We plan to make a
better long term fix which should bring back the previous performance.
 2024-01-18 11:44:31 +01:00
Michael Nebel
70e7c92774 C#: Also check the namespace of the InlineArrayAttribute. 2024-01-18 11:09:01 +01:00
Michael Nebel
674838e698 C#: Add flow test for inline arrays. 2024-01-18 11:09:01 +01:00
Michael Nebel
f14b3265ab C#: Move static methods in CollectionFlow as these impact result line numbers. 2024-01-18 11:09:00 +01:00
Michael Nebel
47505b3bfa C#: Add array access test for an inline array. 2024-01-18 11:09:00 +01:00
Michael Nebel
0453bb86e0 C#: Update test output of existing expressions tests. 2024-01-18 11:09:00 +01:00
Michael Nebel
ae52779cf6 C#: Add inline array test to expressions. 2024-01-18 11:09:00 +01:00
Michael Nebel
de831d188f C#: Add inline type array test. 2024-01-18 11:09:00 +01:00
Michael Nebel
8a97c8c28e C#: Add QL support for InlineArrayType. 2024-01-18 11:09:00 +01:00
Erik Krogh Kristensen
cda2ef4db5 Merge pull request #15364 from github/dependabot/cargo/ql/rayon-1.8.1 
Bump rayon from 1.8.0 to 1.8.1 in /ql
 2024-01-18 09:24:30 +01:00
dependabot[bot]
7b574bb07a Bump rayon from 1.8.0 to 1.8.1 in /ql 
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.8.0 to 1.8.1.
- [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/rayon-core-v1.8.0...rayon-core-v1.8.1)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-18 03:16:14 +00:00