hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-27 12:23:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,694 Branches 161 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys Klicius
a900f2cea4 Update javascript/ql/lib/change-notes/2025-03-03-regex-v.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-11 11:57:28 +01:00
Óscar San José
8b33dcd018 Merge branch 'main' into oscarsj/add-actions-analysis 2025-03-11 11:51:24 +01:00
Geoffrey White
a0f4fa28b2 Rust: hardcoded -> hard-coded. 2025-03-11 09:40:47 +00:00
Geoffrey White
5c394a9371 Correct modelgenerator exclusion for the security-experimental-selectors.yml suite helper. 2025-03-11 08:53:47 +00:00
Napalys Klicius
3191b2c6fc Update javascript/extractor/src/com/semmle/js/parser/RegExpParser.java 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-11 09:40:24 +01:00
Napalys Klicius
7c9edff33c Merge pull request #18964 from Napalys/js/mark_down_table 
JS: Refactor `markdown-table` library modeling
 2025-03-11 09:02:56 +01:00
Asger F
b583e52a87 Merge pull request #18962 from asgerf/js/local-type-indirection 
JS: Unfold local type aliases in getAnUnderlyingType
 2025-03-11 08:54:03 +01:00
Napalys
08c07f815f Improved documentation, removed union fram change note. 2025-03-11 08:30:17 +01:00
Napalys Klicius
1ad8b4677d Update javascript/ql/lib/change-notes/2025-03-10-js-refactor-markdown-table.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-11 08:07:49 +01:00
Remco Vermeulen
8f603251d7 Add missing dependency 
The query pack has suites that rely on the `codeql/suite-helpers` pack, but doesn't include it as a dependency.
This will cause error when resolving suites referring the Actions query pack.
 2025-03-10 18:31:01 -07:00
Jami Cogswell
41aeb874f1 Java: add change note 2025-03-10 18:56:13 -04:00
Jami Cogswell
76433a31f7 Java: generalize sanitizer and add tests 2025-03-10 18:56:01 -04:00
Jami Cogswell
ab3690f666 Java: initial sanitizer 2025-03-10 18:55:56 -04:00
Jami Cogswell
94080a6e47 Java: initial tests 2025-03-10 18:55:54 -04:00
Erik Krogh Kristensen
e6884cf705 Merge pull request #18959 from erik-krogh/faster-routing 
JS: ensure the result from getPathFromFork is unique (to avoid a blowup)
 2025-03-10 21:45:14 +01:00
Jaroslav Lobačevski
fa35d6c3ac Minor example workflow fix 2025-03-10 20:43:16 +00:00
REDMOND\brodes
f72efa638a Uncommenting out generic dataflow 2025-03-10 16:12:53 -04:00
REDMOND\brodes
c83cb533ce Adding an instantiation of the additional flow step class to automatically apply to generic dataflow. Flow step passthrough comes from the algorithm to getter flow passthroughs. 2025-03-10 15:56:01 -04:00
Asger F
73c0a93fc4 Merge pull request #18963 from asgerf/js/disable-tainted-nodes 
JS: Remove TaintedNodes.ql from default meta query suite
 2025-03-10 20:49:46 +01:00
Geoffrey White
e3beacbda2 Rust: Print models (temporary, to see how this differs on CI). 2025-03-10 19:38:36 +00:00
REDMOND\brodes
036035b6a2 Adding modeling for OpenSSL random number generation. 2025-03-10 15:04:19 -04:00
Napalys
4a365857f1 Added change note. 2025-03-10 19:40:41 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
REDMOND\brodes
fe52351aed Stubbing out hash operation node, borrowing from cipher operaiton node 2025-03-10 14:10:55 -04:00
Geoffrey White
7717f92ec6 Rust: Clean up the test (it turns out a nested UnusedVariable.qlref is not needed) and accept consistency check changes. 2025-03-10 17:59:19 +00:00
REDMOND\brodes
73368ea59a Adding hashes to openssl library import 2025-03-10 13:27:39 -04:00
Paolo Tranquilli
d1876251ee Merge pull request #18918 from github/redsun82/rust-tweak-qltest-logs 
Rust: tweak qltest logs
 2025-03-10 17:47:30 +01:00
REDMOND\brodes
0672027822 Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model. 2025-03-10 11:46:26 -04:00
REDMOND\brodes
451808616e Getting rid of commented out code. 2025-03-10 11:35:16 -04:00
REDMOND\brodes
bd07b8a4c7 Making getter flow through 'copy' more general (copy can appear in any part of the call name now. 2025-03-10 11:34:26 -04:00
REDMOND\brodes
6a4659fc7e Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5()) 2025-03-10 11:33:46 -04:00
REDMOND\brodes
3316d6135d Ctx flow comments. 2025-03-10 11:32:14 -04:00
Simon Friis Vindum
b48fd99913 Rust: Applying suggestions to documentation 2025-03-10 16:30:52 +01:00
Erik Krogh Kristensen
b945466b9f Merge pull request #18892 from asgerf/js/membership-regexp-test 
JS: Sharpen up EnumerationRegExp
 2025-03-10 16:21:54 +01:00
Asger F
4d02993efa JS: Remove TaintedNodes.ql from default meta query suite 2025-03-10 16:15:13 +01:00
Asger F
f7d2abf3e3 JS: Unfold local type aliases in getAnUnderlyingType 2025-03-10 16:09:16 +01:00
Asger F
91e9b23cf7 JS: Add test showing FN source 2025-03-10 16:08:55 +01:00
REDMOND\brodes
d99812a10d Adding GOSTHash to THashType. 2025-03-10 09:59:28 -04:00
Simon Friis Vindum
5c83644360 Rust: Use CWE 20 for regex injection query 2025-03-10 14:52:25 +01:00
Paolo Tranquilli
79e06153ed Merge pull request #18813 from github/redsun82/rust-turn-off-ra-resolution 
Rust: add flag to turn off extractor path resolution
 2025-03-10 14:52:07 +01:00
Asger F
08c9f6fa1e Merge pull request #18798 from erik-krogh/ts58 
JS: upgrade TypeScript to 5.8
 2025-03-10 14:48:03 +01:00
Simon Friis Vindum
0e965f7616 Rust: Accept changes 2025-03-10 14:39:37 +01:00
Michael Nebel
ca553bf1a2 Merge pull request #18932 from michaelnebel/csharp/ismatchingconstantunknowtype 
C#: Special handling of unknown types in `isMatchingConstant`.
 2025-03-10 14:37:27 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
d84368eb54 Merge pull request #18858 from Napalys/js/react-relay 
JS: React-relay support
 2025-03-10 14:33:23 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
6a47678b60 JS: Fix broken alert comment in HeterogenousComparison 2025-03-10 14:23:43 +01:00
Asger F
c88eac486a JS: Remove stray $ Alert comment inside a doc comment 2025-03-10 14:23:42 +01:00
Asger F
0df893e280 JS: Remove blank lines and add trailing newline 2025-03-10 14:23:40 +01:00
Asger F
6fe3a368eb JS: Remove blank line and add trailing newline to file 2025-03-10 14:23:39 +01:00