hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-16 20:46:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,714 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
287857c5db Merge pull request #17301 from michaelnebel/shared/contentflowbadjoin 
Shared: Fix bad join in content flow.
 2024-08-27 10:17:04 +02:00
Paolo Tranquilli
b79be718e1 Merge pull request #17306 from github/redsun82/bazel-lfs 
Bazel: fix logging bug in `git_lfs_probe.py`
 2024-08-27 09:42:39 +02:00
Anders Schack-Mulligen
b3fa4f3d9e Merge pull request #17289 from aschackmull/dataflow/summaryctx 
Dataflow: Simplify using a SummaryCtx type.
 2024-08-27 09:32:43 +02:00
Paolo Tranquilli
0738e01e7e Bazel: fix logging bug in git_lfs_probe.py 
The case of an `HTTPError` was printed to stdout (and therefore globbed
by bazel).

While I'm at it, I also introduced a timeout to `urlopen` and improved
the `no endpoints found` error message.
 2024-08-27 09:12:37 +02:00
Kevin Stubbings
c60f459530 Grammar 2024-08-26 23:57:19 -07:00
Asger F
2adaf0f935 Merge pull request #17261 from asgerf/jss/dynamic-import-step 
JS: Port step for dynamic imports
 2024-08-27 08:27:16 +02:00
Kevin Stubbings
812abea0de change-notes 2024-08-26 22:25:00 -07:00
Kevin Stubbings
0420d25c13 refactor 2024-08-26 22:09:24 -07:00
Kevin Stubbings
1db7865d49 Corrections 2024-08-26 22:06:12 -07:00
Kevin Stubbings
8bf8893307 Add support for vulnerable CORS middlewares 2024-08-26 21:30:48 -07:00
Andrew Eisenberg
d19102c399 Separate into two groups 2024-08-26 14:38:32 -07:00
Michael Nebel
e81fdc951a Merge pull request #17246 from michaelnebel/modelgendebug 
C#/Java: Add some model generator summary debugging queries.
 2024-08-26 16:13:03 +02:00
Michael Nebel
77bfe39ca7 Shared: Address review comments. 2024-08-26 15:24:56 +02:00
Michael Nebel
4381bae5d1 Shared: Fix bad join. 2024-08-26 15:24:54 +02:00
Asger F
47c519fc0a JS: Add test for flow through dynamic imports 2024-08-26 15:15:49 +02:00
Anders Schack-Mulligen
d8c8bcd386 Dataflow: Tweak qldoc. 2024-08-26 15:12:37 +02:00
Anders Schack-Mulligen
cbb58d0041 Dataflow: Add a getLocation rootdef. 2024-08-26 15:05:30 +02:00
Michael Nebel
34d83a6b0d C#/Java: Address review comments. 2024-08-26 15:02:27 +02:00
Asger F
4b8ae2a4f3 Merge branch 'main' into js/shared-dataflow-merge-main 2024-08-26 12:43:16 +02:00
Simon Friis Vindum
d9dbcdba34 C++: Fix imports 2024-08-26 12:42:44 +02:00
Asger F
4e3440aad0 Merge pull request #17275 from asgerf/cpp/taint-test-case-false-negative 
C++: Reveal false negative in test case
 2024-08-26 12:36:03 +02:00
Asger F
16c2cf24b3 C++: use inline annotation for missing flow 2024-08-26 11:53:31 +02:00
Asger F
592e2eafb6 Merge pull request #17262 from asgerf/shared/implicit-read 
Shared: restrict flow after using implicit read
 2024-08-26 11:48:50 +02:00
Tom Hvitved
e5d626f907 Data flow: Only recompute local big step in stage 6 2024-08-26 09:58:29 +02:00
Simon Friis Vindum
128053e214 C++: Add basic modeling of functions that don't throw 2024-08-26 09:37:44 +02:00
Tom Hvitved
c92c96fa78 Data flow: Compute local big step relation per stage 2024-08-26 09:15:27 +02:00
Chris Smowton
92910f961a Merge pull request #17296 from smowton/smowton/admin/revert-mad-sink-conversion 
Go: Revert problematic conversion from QL-specified sink nodes to models-as-data; add change note for one correct but undocumented fix
 2024-08-25 15:10:49 +01:00
Chris Smowton
7cb67a50be Add change note for ioutil fix 2024-08-24 17:49:26 +01:00
Chris Smowton
a832730a11 Revert "Convert squirrel sql-injection sinks to MaD (non-existent methods removed)" 
This reverts commit 06f86dd22f.
 2024-08-24 17:44:40 +01:00
Chris Smowton
ab88b9b136 Revert "Upgrade and convert gorqlite sql-injection sinks to MaD" 
This reverts commit ce0cb12c29.
 2024-08-24 17:43:15 +01:00
Chris Smowton
8fc3b00fb9 Revert "Convert gogf/gf sql-injection sinks to MaD" 
This reverts commit db559f75b6.
 2024-08-24 17:43:12 +01:00
Chris Smowton
e7f788ae35 Revert "Convert sqlx sql-injection sinks to MaD" 
This reverts commit 7ad63fc3e6.
 2024-08-24 17:43:09 +01:00
Chris Smowton
4e6d7fcb29 Revert "Convert Gorm sql-injection sinks to MaD" 
This reverts commit ba310417a8.
 2024-08-24 17:43:06 +01:00
Chris Smowton
d8a2c08f12 Revert "Convert Xorm sql-injection sinks to MaD" 
This reverts commit 3b2b7d7d1c.
 2024-08-24 17:43:03 +01:00
Chris Smowton
59bb142e8b Revert "Convert Bun sql-injection sinks to MaD" 
This reverts commit 3eb5b2669b.
 2024-08-24 17:43:00 +01:00
Chris Smowton
ec59492866 Revert "Convert Beego orm sql-injection sinks to MaD" 
This reverts commit ad213579a1.
 2024-08-24 17:42:57 +01:00
Chris Smowton
fa07f16bcc Revert "Convert database/sql sql-injection sinks to MaD" 
This reverts commit 501bb3eb56.
 2024-08-24 17:42:55 +01:00
Chris Smowton
b3326babba Revert "Convert database/sql/driver sql-injection sinks to MaD" 
This reverts commit 652dd88c36.
 2024-08-24 17:42:52 +01:00
Chris Smowton
c33568b602 Revert "Convert mongodb nosql-injection sinks to MaD" 
This reverts commit ec9d88b364.
 2024-08-24 17:42:49 +01:00
Chris Smowton
437df5c2a5 Revert "Convert gocb nosql-injection sinks to MaD" 
This reverts commit 2d2afb17ad.
 2024-08-24 17:42:45 +01:00
Chris Smowton
a6e3b913d0 Revert "Convert logging sinks to use MaD" 
This reverts commit fa472f5e18.
 2024-08-24 17:39:24 +01:00
Chris Smowton
686f47af98 Revert "Fix typo in package path" 
This reverts commit 6f5a045437.
 2024-08-24 17:34:34 +01:00
Paolo Tranquilli
c4c8c9ddc1 Merge pull request #17291 from github/criemen/ripunzip 
Make ripunzip installer accessible from outside this repo.
 2024-08-23 20:14:44 +02:00
Alvaro Muñoz
0cabcf8ec7 Merge pull request #76 from github/pwntester-patch-1 
Update ArgumentInjectionCritical.md
 2024-08-23 17:40:48 +02:00
Alvaro Muñoz
293dd1a32b Update ArgumentInjectionCritical.md 2024-08-23 17:40:25 +02:00
Cornelius Riemenschneider
3ac8108c4a Address review. 2024-08-23 17:26:05 +02:00
Ian Lynagh
6a7d8b5301 Kotlin: Restrict some TrapWriter types to DiagnosticTrapWriter 
We never use the greater generality, so this makes it easier to see
what's happening.
 2024-08-23 15:41:21 +01:00
Ian Lynagh
7d500cf58c Kotlin: Remove a redundant 'open' 2024-08-23 15:08:10 +01:00
Tom Hvitved
b6f1024114 Merge pull request #17290 from hvitved/csharp/revert-hotfix 
Revert "C#: Add support for flow through side-effects on static fields"
 2024-08-23 15:00:00 +02:00
Tamás Vajk
d710c1e89d Merge pull request #17287 from tamasvajk/message-count-telemetry 
C#: Add aggregated compiler and extractor message counts to extractio…
 2024-08-23 14:41:27 +02:00