hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-18 07:53:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,693 Branches 160 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
c1df8a95cb JS: Overlay extraction support 2025-08-19 09:19:55 +02:00
Asger F
6872f51725 JS: Add metadata to dbscheme and stats 2025-08-19 09:19:54 +02:00
Tom Hvitved
60b2cf6638 Rust: Take transitive dependencies into account when computing canonical paths 2025-08-18 22:02:44 +02:00
Tom Hvitved
5a69845485 Rust: Elaborate QL doc 2025-08-18 21:31:37 +02:00
Geoffrey White
bf33d1b870 Rust: Make a couple of new imports private. 2025-08-18 18:51:33 +01:00
Geoffrey White
fdec780921 Rust: Accept consistency .expected changes. 2025-08-18 18:42:06 +01:00
Geoffrey White
402e901811 Merge branch 'main' into scinit 2025-08-18 18:35:03 +01:00
Chris Smowton
238cb9ca68 Merge pull request #20241 from github/post-release-prep/codeql-cli-2.22.4 
Post-release preparation for codeql-cli-2.22.4
 2025-08-18 17:34:58 +01:00
Mathias Vorreiter Pedersen
af00e46fc8 C++: Mark fprintf and friends as a partial write of the stream argument. 2025-08-18 18:15:14 +02:00
Mathias Vorreiter Pedersen
6a57da79de C++: Add a test with missing flow. 2025-08-18 18:12:52 +02:00
Mathias Vorreiter Pedersen
4551875e2e C++: Drive-by improvement: Use 'partialFlowFunc' since it is in scope anyway. 2025-08-18 18:10:35 +02:00
Paolo Tranquilli
a658fa168d Rust: refine upgrade script 2025-08-18 17:19:47 +02:00
Paolo Tranquilli
6266d6e7b0 Rust: add downgrade script 2025-08-18 17:12:05 +02:00
github-actions[bot]
42e3d31c49 Post-release preparation for codeql-cli-2.22.4 2025-08-18 14:42:42 +00:00
Chris Smowton
57378ec4e4 Merge pull request #20240 from github/release-prep/2.22.4 
Release preparation for version 2.22.4
codeql-cli/v2.22.4 		2025-08-18 15:09:03 +01:00
github-actions[bot]
90d29994c8 Release preparation for version 2.22.4 2025-08-18 14:06:09 +00:00
Paolo Tranquilli
3d2bd8fedb Merge branch 'main' into redsun82/cargo-upgrade-2 2025-08-18 15:55:15 +02:00
Paolo Tranquilli
4df479471f Rust: accept test changes 2025-08-18 15:55:06 +02:00
Tom Hvitved
f1ca0ecc3c Merge pull request #20233 from hvitved/rust/remove-tc 
Rust: Remove TC from `ImplTraitTypeRepr.isInReturnPos`
 2025-08-18 14:46:26 +02:00
Paolo Tranquilli
a8671452fc Rust: add upgrade script 2025-08-18 13:06:30 +02:00
Michael Nebel
4b0c725367 C#: Add change note. 2025-08-18 12:56:15 +02:00
Michael Nebel
7431ee8df9 C#: Update the barrier in HashWithoutSalt to avoid an FP. It worked by accident before as we didn't allow implicit element reads at sinks. 2025-08-18 12:56:13 +02:00
Michael Nebel
1d25a20c9c C#: Update the external flow test and expected test output. 2025-08-18 12:56:12 +02:00
Michael Nebel
abd0b2e2f9 C#: Update test expected output. 2025-08-18 12:56:10 +02:00
Michael Nebel
81751ea591 C#: Allow implicit reads from collections in argument nodes (sinks and additional flow steps) for default taint tracking configurations. 2025-08-18 12:56:09 +02:00
Michael Nebel
d8215a35c0 C#: Add example of failing taint flow for collections in sinks. 2025-08-18 12:56:07 +02:00
Ian Lynagh
fd020b52e4 Merge pull request #20232 from igfoo/igfoo/SloppyGlobal 
C++: SloppyGlobal: Don't alert on template instantiations, only the template
 2025-08-18 11:39:30 +01:00
Tom Hvitved
299ccb68f5 Merge pull request #20230 from hvitved/cfg/standard-tree-skip-non-tree-children 
Shared: Skip non-CFG children in `StandardTree`
 2025-08-18 12:13:31 +02:00
Geoffrey White
4eea4431b5 Merge pull request #20222 from geoffw0/pathbuf 
Rust: Add a type inference test case resembling PathBuf.canonicalize.
 2025-08-18 11:06:41 +01:00
Geoffrey White
e84135a6de Update rust/ql/src/queries/security/CWE-117/LogInjection.qhelp 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
 2025-08-18 10:34:43 +01:00
Geoffrey White
265c2e3603 Rust: Change note. 2025-08-18 10:29:14 +01:00
Anders Schack-Mulligen
877d397eb9 Merge pull request #20228 from 5idg5/java/data-extensions-change 
Add data extensions for remote tainted sources
 2025-08-18 11:26:38 +02:00
Geoffrey White
a9650e02ca Rust: Add a slightly simpler / more explicit test case. 2025-08-18 10:20:30 +01:00
Anders Schack-Mulligen
e17382d179 Guards: Cache nullGuard predicate. 2025-08-18 11:09:11 +02:00
Nora Dimitrijević
f1b55641e1 Merge pull request #20073 from d10c/d10c/diff-informed-phase-3-cpp 
C++: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:41:38 +02:00
Nora Dimitrijević
4199859eaa Merge pull request #20079 from d10c/d10c/diff-informed-phase-3-python 
Python: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:33:57 +02:00
Napalys Klicius
b19d1e0f57 Merge pull request #20151 from Napalys/js/command-line-libs 
JS: Enhance command injection detection for CLI argument parsing libraries
 2025-08-18 09:32:29 +02:00
Napalys Klicius
b2346183d6 Merge pull request #20148 from Napalys/js/reg-exp-env-variable-threat-model 
JS: Exclude environment variables from `js/regex-injection` query by default
 2025-08-18 09:32:15 +02:00
Paolo Tranquilli
7a95d5aaa6 Merge branch 'main' into redsun82/cargo-upgrade-2 2025-08-18 09:21:37 +02:00
Sid Gawri
d84e5319c3 changenote 2025-08-15 15:59:05 -04:00
Sid Gawri
e697e89171 Merge branch 'main' of https://github.com/5idg5/codeql into java/data-extensions-change 2025-08-15 15:50:12 -04:00
Nora Dimitrijević
bb9daa00c3 Merge pull request #20072 from d10c/d10c/diff-informed-phase-3-actions 
Actions: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-15 14:05:44 +02:00
Jeroen Ketema
84119baa50 Merge pull request #20223 from jketema/go-1.25-doc 
Go: Mention Go 1.25 as supported
 2025-08-15 13:47:40 +02:00
Tom Hvitved
b104535b32 Type inference: Rename some variables 2025-08-15 13:46:30 +02:00
Ian Lynagh
0870cc370b C++: Add a changenote for the change to cpp/short-global-name 2025-08-15 12:09:37 +01:00
Ian Lynagh
3157fcdf79 C++: Add some BAD annotations to SloppyGlobal test 2025-08-15 12:07:09 +01:00
Tom Hvitved
1af6ddd8e3 Rust: Remove TC from ImplTraitTypeRepr.isInReturnPos 2025-08-15 12:45:13 +02:00
Ian Lynagh
bfd4c41ed9 C++: SloppyGlobal: Accept test changes 
We no longer alert on template instantiations, just the template.
 2025-08-15 11:24:19 +01:00
Nora Dimitrijević
0512940c0c Merge pull request #20075 from d10c/d10c/diff-informed-phase-3-go 
Go: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-15 12:23:53 +02:00
Ian Lynagh
4b786061d6 C++: SloppyGlobal: Don't alert on template instantiations, only the template 2025-08-15 11:23:48 +01:00