hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 02:13:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,693 Branches 161 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
9fe031d8eb Merge pull request #19594 from sylwia-budzynska/pandas-sqli 
Python: Add Pandas SQLi sinks
 2025-06-02 13:40:14 +02:00
Napalys Klicius
c981c4fe30 Update javascript/ql/lib/change-notes/2025-05-30-url-package-taint-step.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 13:34:47 +02:00
Tom Hvitved
bf39058573 Merge pull request #19611 from hvitved/rust/path-resolution-std-prelude 
Rust: Also take the `std` prelude into account when resolving paths
 2025-06-02 13:04:57 +02:00
Paolo Tranquilli
2561f3c081 Merge pull request #19585 from github/redsun82/rust-skip-unexpanded-in-libraries 
Rust: skip unexpanded stuff in library emission
 2025-06-02 12:10:37 +02:00
Napalys Klicius
298ef9ab12 Now able to track error handler registration via instance properties 2025-06-02 11:01:41 +02:00
Martin Costello
77a6a2d442 Fix user-facing casing of NuGet 
Fix user-facing strings to use "NuGet" instead of "Nuget" and "dotnet" instead of "Dotnet".
 2025-06-02 09:30:16 +01:00
Paolo Tranquilli
fa3fcf0f95 Rust: skip all token trees in library mode 2025-06-02 09:32:39 +02:00
Paolo Tranquilli
7be44d2fe8 Merge branch 'main' into redsun82/rust-skip-unexpanded-in-libraries 2025-06-02 09:27:56 +02:00
Arthur Baars
943dd8e70c update output 2025-05-30 22:56:06 +02:00
Arthur Baars
c44a7c3036 Rust: codegen 2025-05-30 22:56:04 +02:00
Arthur Baars
0c8e886821 Rust: fix QLdoc examples 2025-05-30 22:55:50 +02:00
Napalys Klicius
0b6a747737 Added change note 2025-05-30 18:33:59 +02:00
Napalys Klicius
b9b62fa1c1 JS: Add URL from url package constructor taint step for request forgery detection 2025-05-30 18:32:02 +02:00
Napalys Klicius
19cc3e335f JS: Add test case for RequestForgery with url wrapped via package URL 2025-05-30 18:26:47 +02:00
Napalys Klicius
f843cc02f6 Fix false positives in stream pipe analysis by improving error handler tracking via property access. 2025-05-30 18:08:04 +02:00
REDMOND\brodes
cf015d18f1 Crypto: Add openssl key agreement instances and consumers (KEM and KEY_EXCH). Fix for raw algorithm names in all current instances. Update constants to include key agreement algorithms, previously missing. Note added in model for the possibility of ESDH. 2025-05-30 11:29:34 -04:00
Mathias Vorreiter Pedersen
f6231a37e1 Merge pull request #19627 from MathiasVP/generalize-bulk-generation 
Bulk MAD generator: Support databases from DCA runs
 2025-05-30 14:46:36 +01:00
REDMOND\brodes
69e3a20e24 Crypto: Update crypto stubs location under 'crypto' and associate codeowners on any test/stubs/crypto. Minor fix to HashAlgorithmValueConsumer (remove library detector logic). 2025-05-30 09:35:33 -04:00
Mathias Vorreiter Pedersen
7cb9024cc6 Bulk generator: Flip default values for summaries, sources, and sinks. 2025-05-30 13:33:24 +01:00
Mathias Vorreiter Pedersen
0f30644afd Bulk generator: Snake case things. 2025-05-30 13:26:53 +01:00
Mathias Vorreiter Pedersen
3444c986ec Bulk generator: Fix field name. 2025-05-30 13:25:12 +01:00
Mathias Vorreiter Pedersen
bdf411afbc Bulk generator: Make 'database_results' a map to simplify away the explicit sorting. 2025-05-30 13:09:55 +01:00
Mathias Vorreiter Pedersen
cdd869a970 Bulk generator: Autoformat. 2025-05-30 12:49:12 +01:00
Mathias Vorreiter Pedersen
3ddca32705 Update misc/scripts/models-as-data/bulk_generate_mad.py 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-05-30 12:48:50 +01:00
Mathias Vorreiter Pedersen
7c2612a6a1 Bulk generator: Specify a path to the PAT instead of the PAT itself. 2025-05-30 12:47:07 +01:00
Mathias Vorreiter Pedersen
1228080914 Bulk generator: Specify 'language' in the config file. 2025-05-30 12:40:21 +01:00
Mathias Vorreiter Pedersen
fc165db8ac Bulk generator: Specify 'with-summaries', 'with-sources', and 'with-sinks' in the config file. 2025-05-30 12:40:20 +01:00
Mathias Vorreiter Pedersen
7121f5c57e Bulk generator: Use the 'Project' type throughout the file. 2025-05-30 12:08:42 +01:00
Arthur Baars
0157c16008 Rust: delete empty expected file 2025-05-30 12:57:45 +02:00
Mathias Vorreiter Pedersen
7c89d6d6dd Bulk generator: Rename 'get_destination_for_project' to 'get_mad_destination_for_project'. 2025-05-30 11:49:48 +01:00
Mathias Vorreiter Pedersen
5d79a8de89 Update misc/scripts/models-as-data/bulk_generate_mad.py 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-05-30 11:48:30 +01:00
Mathias Vorreiter Pedersen
b640474a61 Bulk generator: Remove 'Phase' part of log message. 2025-05-30 11:43:30 +01:00
Mathias Vorreiter Pedersen
566bf431d7 Bulk generator: Rename 'github' to 'get_json_from_github'. 2025-05-30 11:42:15 +01:00
Mathias Vorreiter Pedersen
7ecf8c8ea2 Bulk generator: Format file and add a note at the top of the file specifying the formatting requirements. 2025-05-30 11:40:55 +01:00
Joe Farebrother
73f2770acb Fix handling for some wrappers + add test case 2025-05-30 11:24:06 +01:00
Arthur Baars
f0db47b571 Rust: run codegen 2025-05-30 11:51:35 +02:00
Arthur Baars
0dd0f9a22a Rust: add missing AST nodes to annotations.py 2025-05-30 11:46:27 +02:00
Arthur Baars
460984bee5 Rust: add documentation for AST nodes 2025-05-30 11:46:17 +02:00
Mathias Vorreiter Pedersen
cb938701a1 Bulk generator: Rename file since it is no longer Rust specific. 2025-05-29 18:14:24 +01:00
Mathias Vorreiter Pedersen
5051790e24 Bulk generator: Add DCA support. 2025-05-29 18:14:22 +01:00
Mathias Vorreiter Pedersen
e721fc07aa Bulk generator: Prepare for adding DCA support. This commits just generalizes the existing functionality to be independent of Rust and instead depend on the configuration file and the command-line arguments. 2025-05-29 18:14:21 +01:00
Mathias Vorreiter Pedersen
6ff2bebbc2 Bulk generator: Add command-line arguments. 2025-05-29 18:14:19 +01:00
Mathias Vorreiter Pedersen
b87ba31c43 Bulk generator: Get rid of the hardcoded project list and move it into a configuration file. 2025-05-29 18:14:18 +01:00
Mathias Vorreiter Pedersen
40d937a2eb Bulk generator: Some imports we will need. 2025-05-29 18:14:16 +01:00
Mathias Vorreiter Pedersen
cb0b566588 C++: Put autogenerated models in the same folder structure as Rust. 2025-05-29 18:14:15 +01:00
Geoffrey White
49dabdb8a5 Rust: Accept consistency test failures. 2025-05-29 17:51:44 +01:00
Geoffrey White
10f894b9a1 Rust: Model more methods. 2025-05-29 16:45:25 +01:00
Geoffrey White
4d51a15cc4 Rust: Add model variants for when the qualifier is expressed as an arg (reference). We shouldn't need these. 2025-05-29 16:45:23 +01:00
Geoffrey White
84c72f68af Rust: Add models for read methods. 2025-05-29 16:45:22 +01:00
Geoffrey White
13f6de9924 Rust: Add source / basic basic models. 2025-05-29 16:45:21 +01:00