hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-29 19:58:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,723 Branches 164 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael B. Gale
f186b93c93 Add dependabot configuration for Go dependencies 2023-10-09 15:14:17 +01:00
Robert Marsh
8af727734e Merge pull request #13909 from rdmarsh2/rdmarsh2/swift/for-in 
Swift: dataflow for `for-in` loops
 2023-10-09 10:00:27 -04:00
Michael B. Gale
ebd640da04 Merge pull request #14391 from github/mbg/go/update-newer-go-version-needed 
Go: Fix version detection and test for `newer-go-version-needed`
 2023-10-09 14:47:37 +01:00
Erik Krogh Kristensen
625e889c62 Merge pull request #14339 from erik-krogh/range-printing 
JS/PY/RB/Java: escape unicode chars in overly-large-range
 2023-10-09 14:22:38 +02:00
Geoffrey White
57e32b47b7 Merge pull request #14386 from geoffw0/swiftperf 
Swift: defaultImplicitTaintRead performance improvement
 2023-10-09 13:07:11 +01:00
Geoffrey White
62b0ebf2fe Merge pull request #14407 from geoffw0/grdbsinks 
Swift: Add sinks for the GRDB database library to swift/hardcoded-key
 2023-10-09 12:58:17 +01:00
erik-krogh
e1b2f81f43 Revert "update doc example to not use isBarrierGuard" 
This reverts commit 28f8c1cc11.
 2023-10-09 13:29:41 +02:00
erik-krogh
ef63d9dd47 use a bigger compilation cache in the compile-queries workflow 2023-10-09 13:21:37 +02:00
Michael Nebel
cf3a62d201 Java: Address review comments. 2023-10-09 13:06:59 +02:00
Anders Schack-Mulligen
4a0ab4a050 Merge pull request #14402 from Marcono1234/marcono1234/MemberRefExpr-getReceiverExpr 
Java: Add predicate `MemberRefExpr::getReceiverExpr`
 2023-10-09 13:01:36 +02:00
Anders Schack-Mulligen
8c6a1be070 Merge pull request #14401 from Marcono1234/marcono1234/ClassInstanceExpr-type-argument-doc 
Java: Adjust `ClassInstanceExpr` type argument predicates docs
 2023-10-09 13:01:18 +02:00
Robert
e38ba27a65 Merge pull request #14408 from github/robertbrignull/telemetryLevel-docs 
Update about-telemetry-in-codeql-for-visual-studio-code.rst to mention telemtry.telemetryLevel
 2023-10-09 11:38:33 +01:00
Robert
ada331588f Update about-telemetry-in-codeql-for-visual-studio-code.rst to mention telemtry.telemetryLevel 2023-10-09 11:04:52 +01:00
Jeroen Ketema
f7bd801e00 Merge pull request #11716 from jketema/rewrite-cgi-xss 
C++: Rewrite `cpp/cgi-xss` to not use default taint tracking
 2023-10-09 11:26:14 +02:00
Mathias Vorreiter Pedersen
a1d417d8b6 Merge pull request #14385 from alexet/ir-debug-perf 
CPP: Improve performance of IR debugging
 2023-10-09 11:21:03 +02:00
Tony Torralba
0258dd4fed Merge pull request #14379 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-10-09 10:06:22 +02:00
erik-krogh
a7ab9fd93b add change-notes 2023-10-09 09:43:06 +02:00
erik-krogh
f48b47c656 JavaScript: add import that populate the shared abstract classes 2023-10-09 09:14:55 +02:00
erik-krogh
57c757c0a6 Ruby: delete outdated deprecation in test code 2023-10-09 09:14:55 +02:00
erik-krogh
194f918c0b Python: delete various outdated deprecations 2023-10-09 09:14:55 +02:00
erik-krogh
c2942b37a7 JS: delete various outdated deprecations 2023-10-09 09:14:55 +02:00
erik-krogh
e0fefce2a3 Ruby: delete various deprecated predicates 2023-10-09 09:14:54 +02:00
erik-krogh
e3e8f3d7c4 Java: delete various outdated deprecations 2023-10-09 09:14:54 +02:00
erik-krogh
689eda4dae CPP: delete the deprecated AnalysedString class 2023-10-09 09:14:54 +02:00
erik-krogh
1c9f59e491 Python:delete deprecated files modelling web frameworks 2023-10-09 09:14:54 +02:00
erik-krogh
0d992a3d1f delete old deprecated aliases of various regex libraries 2023-10-09 09:14:54 +02:00
erik-krogh
28f8c1cc11 update doc example to not use isBarrierGuard 2023-10-09 09:14:51 +02:00
github-actions[bot]
7c332a31a8 Add changed framework coverage reports 2023-10-09 00:16:19 +00:00
amammad
ad2631202d fix comments 2023-10-08 21:32:04 +02:00
amammad
6c8cc79b4d v1 2023-10-08 21:24:54 +02:00
amammad
3f41a42c38 remove unused classes 2023-10-08 11:08:05 +02:00
amammad
15671682c5 remove unused flowLable, update path query alert message 2023-10-08 11:06:13 +02:00
amammad
00b6e1f0b0 fix tests 2023-10-08 11:03:19 +02:00
amammad
41e7b91d78 fix flowLabels 2023-10-08 11:00:07 +02:00
Geoffrey White
8a7325268a Swift: Change note. 2023-10-07 23:19:24 +01:00
Geoffrey White
c492b5f2dd Swift: Model sinks. 2023-10-07 23:19:09 +01:00
Geoffrey White
8bf6fd67d1 Swift: Add a test for GRDB hardcoded key sinks. 2023-10-07 23:07:32 +01:00
erik-krogh
4bc4e0845d delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses 2023-10-07 21:48:49 +02:00
erik-krogh
d261cec3cd add change-note 2023-10-07 15:41:08 +02:00
Marcono1234
f3e5045259 Java: Add predicate MemberRefExpr::getReceiverExpr 2023-10-07 14:53:07 +02:00
erik-krogh
56e9eda2b9 fix performance by caching getArgument 2023-10-07 13:06:45 +02:00
amammad
6789273ab1 remove a test predicate 2023-10-07 12:05:44 +02:00
amammad
aff6f00450 comments improvement,separate module file, fix tests 2023-10-07 12:02:39 +02:00
Marcono1234
b8f6877aba Merge branch 'main' into patch-1 2023-10-07 03:46:12 +02:00
Marcono1234
2c0dcd3a2d Java: Adjust ClassInstanceExpr type argument predicates docs 
The type arguments which these predicates have as result are for the
type of the created instance.

Previously the documentation said "provided to the constructor", which
is misleading / incorrect. Type arguments provided to the constructor
are specified directly after the `new` keyword:
```
class C {
    <T> C() {
    }
}

new <String> C();
```

And those are not part of the results of these predicates.
 2023-10-07 03:43:58 +02:00
Eric Bickle
4dca396106 Add change notes for ThreadResourceAbuse ArithExpr fix 2023-10-06 14:31:37 -07:00
Eric Bickle
000c1f7ec8 Java: Flow taint through ArithExpr for ThreadResourceAbuse 
Ensure that tainted values flow through arithmetic operations when
checking for ThreadResourceAbuse vulnerabilities.

For example, multiplying 'number of seconds' by 1000 as an input
to Thread.Sleep, which accepts milliseconds, is a common scenario.
 2023-10-06 14:24:37 -07:00
amammad
13577f71d6 fix tests, add more comments 2023-10-06 22:34:31 +02:00
Robert Marsh
30a9656ebb Swift: change note for autoclosure cfg 2023-10-06 20:19:35 +00:00
Robert Marsh
cb749bd973 Swift: CFG for normal autoclosure exprs 2023-10-06 20:14:49 +00:00