hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-25 17:06:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,717 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
7af6496a71 C++: Add change note. 2023-12-14 17:13:23 +00:00
Robert Marsh
3738e19db6 Swift: fix compilation failures outside CFG code 2023-12-14 16:39:51 +00:00
Geoffrey White
10b4c98e80 Swift: Move password sources to be reported by the new query. 2023-12-14 16:09:47 +00:00
Geoffrey White
5faa25fc6c Swift: Make passwords their own sensitive data type. 2023-12-14 16:09:47 +00:00
Geoffrey White
b5a45c64ff Swift: Define barriers, additional flow steps and sinks. 2023-12-14 16:09:47 +00:00
Geoffrey White
e5bf929cdb Swift: Split off WeakPasswordHashingExtensions.qll as we normally do. 2023-12-14 16:09:46 +00:00
Geoffrey White
db1508d108 Swift: Trivial changes - query ID / metadata, imports. 2023-12-14 16:09:46 +00:00
Geoffrey White
9774c3cb4f Swift: Copy WeakPasswordHashing query from csharp. 2023-12-14 16:09:45 +00:00
Geoffrey White
be7d0acfea Swift: Minor fixes for the existing weak sensitive data hashing query (naming consistency, remove unused import). 2023-12-14 16:09:45 +00:00
amammad
4d9aad92a1 remove a duplicate test 2023-12-14 17:08:18 +01:00
Mathias Vorreiter Pedersen
04ca36f9b0 Merge pull request #15106 from geoffw0/revrevtest 
Swift: Revert:Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query"
 2023-12-14 15:56:46 +00:00
Mathias Vorreiter Pedersen
61e30b9ff8 C++: Accept more test changes. 2023-12-14 15:25:29 +00:00
Michael Nebel
82784b4364 C#: Add a script for generating stubs for all packages needed for testing. 2023-12-14 16:11:17 +01:00
Geoffrey White
7e6ff7c826 Swift: Disable the part of the test that triggers an extraction issue. 2023-12-14 15:04:48 +00:00
Mathias Vorreiter Pedersen
368f438754 C++: Add more QLDoc. 2023-12-14 14:49:48 +00:00
Geoffrey White
3193ceb3f9 Merge pull request #15052 from geoffw0/pointermodels 
Swift: Expand models for UnsafePointer and friends
 2023-12-14 14:46:48 +00:00
Mathias Vorreiter Pedersen
0c100eb122 C++: Accept test changes. 2023-12-14 14:44:58 +00:00
Mathias Vorreiter Pedersen
8a52565395 C++: Improve 'toString' on the most common dataflow nodes. 2023-12-14 14:44:42 +00:00
amammad
d84333dad8 added *ReadBody* Methods as UntrustedFlowSource 2023-12-14 15:31:09 +01:00
Anders Schack-Mulligen
7623432c76 Java: Remove/deprecate FlowStateString-based extension points. 2023-12-14 15:15:58 +01:00
Owen Mansel-Chan
9cb0bb2fc9 Merge pull request #15034 from github/dependabot/github_actions/actions/setup-go-5 
Bump actions/setup-go from 4 to 5
 2023-12-14 14:14:03 +00:00
Anders Schack-Mulligen
8ef4821f63 Python: Remove references to FlowStateString. 2023-12-14 15:05:33 +01:00
Anders Schack-Mulligen
a1068ce2f9 Dataflow: deprecate references 2023-12-14 15:05:33 +01:00
Anders Schack-Mulligen
07ad770437 Dataflow: Deprecate FlowStateString. 2023-12-14 15:05:33 +01:00
Geoffrey White
987cdff862 Revert "Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query"" 
This reverts commit a478980e48.
 2023-12-14 13:56:35 +00:00
erik-krogh
0db788bb10 use direct string comparison instead, that doesn't crash on invalid values 2023-12-14 14:50:17 +01:00
erik-krogh
5e91b2f5bc fix the parsing of boolean environment variables in the TypeScript extractor 2023-12-14 14:40:10 +01:00
Rasmus Wriedt Larsen
36b635fb70 Python: Remove @tags meta from internal debug queries 
These queries were great when evaluating coverage of the new call-graph compared with the old.

However, they are not useful to run as part of our DCA experiments.
 2023-12-14 14:39:32 +01:00
Geoffrey White
36d0148aa1 Swift: Comment out lines that don't extract correctly right now. 2023-12-14 13:27:05 +00:00
Erik Krogh Kristensen
063f69c10e Merge pull request #15072 from erik-krogh/ts-various 
JS: Various TypeScript extraction fixes.
 2023-12-14 14:17:42 +01:00
Koen Vlaswinkel
7c141b9239 Merge pull request #15089 from github/koesie10/csharp-model-editor-generics 
C#: Fix names of generic types/methods in model editor queries
 2023-12-14 14:17:14 +01:00
Michael Nebel
3d012cd35f C#: Move the generator class to a helper file. 2023-12-14 14:11:59 +01:00
Michael Nebel
8343ce0754 C#: Re-factor the make_stubs_nuget script to more easily allow multiple nuget references. 2023-12-14 14:11:59 +01:00
Yunus AYDIN
ac3cb7f6c4 update camelcase 2023-12-14 15:29:28 +03:00
Yunus AYDIN
a17c704f46 update expected file 2023-12-14 15:27:27 +03:00
Tom Hvitved
6fc9e6193a Add change note 2023-12-14 13:25:21 +01:00
Tom Hvitved
84aa9f17a0 Python/Ruby: Use SummaryTypeTracker from typetracking pack 2023-12-14 13:25:18 +01:00
Tom Hvitved
1e24de7e83 Copy SummaryTypeTracker.qll to typetracking pack 2023-12-14 13:22:48 +01:00
Tom Hvitved
3b1146bf98 Python: Adopt shared type tracking library 2023-12-14 13:22:44 +01:00
erik-krogh
72e99b5b9d rename extractor environment variable to CODEQL_EXTRACTOR_JAVASCRIPT_OPTION_SKIP_TYPES 2023-12-14 12:52:49 +01:00
Tom Hvitved
4776e9ccd2 Type tracking: Allow for a non-standard flowsTo predicate 2023-12-14 12:36:09 +01:00
Tom Hvitved
c8b4a215bc Merge pull request #14573 from hvitved/flow-summary-impl-param 
Move `FlowSummaryImpl.qll` to `dataflow` pack
 2023-12-14 12:24:15 +01:00
Rasmus Lerchedahl Petersen
0b6d47b8bc Python: update to new API 
update is in a comment, so compilation
never failed in CI.
 2023-12-14 11:56:05 +01:00
Rasmus Lerchedahl Petersen
2a5736e73d Python: add consistency exception 
this must have been lost in my
clean-up rebase.
 2023-12-14 11:50:09 +01:00
Tom Hvitved
8f0e0b6559 Merge pull request #15090 from hvitved/inline-flow-test-get-arg-string 
InlineFlowTest: Allow for custom `getArgString`
 2023-12-14 10:53:55 +01:00
Tamás Vajk
3487f9d143 Merge pull request #15070 from tamasvajk/standalone/exclusions 
C#: Remove unneeded options and add support for `paths/paths-ignore` in standalone
 2023-12-14 10:41:53 +01:00
Rasmus Lerchedahl Petersen
479d81fb75 Python: fix nonlocal captured variables 
This depends on the extractor fix
 2023-12-14 10:37:27 +01:00
Rasmus Lerchedahl Petersen
38e03216f6 Python: allow CaptureArgumentNodes as multiple arguemnts 
These are the labmda self references. This is similar to
how `BlockParameterArgumentNode` is excluded for Ruby.

It is important that we restrict `call` in this logic.
Otherwise, we get a cartesian product and the consistency
check runs for a very long time...
 2023-12-14 10:32:29 +01:00
Tom Hvitved
7da10e0013 Merge pull request #15095 from hvitved/dataflow/boolean-class 
Data flow: Use `Boolean` class
 2023-12-14 10:29:52 +01:00
Rasmus Lerchedahl Petersen
f32d5e422d Python: typo 2023-12-14 10:28:26 +01:00