hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 21:16:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,714 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
d548aef3e0 feat(queries): Add actions/download-artifact as a source of Artifact Poisoning 2024-07-31 16:31:15 +02:00
Owen Mansel-Chan
6280ed2a6b Merge pull request #13555 from am0o0/amammad-java-bombs 
Java: Decompression Bombs
 2024-07-31 14:55:28 +01:00
Geoffrey White
c172b946a1 C++: Change note. 2024-07-31 14:55:15 +01:00
Geoffrey White
4aea4c0323 C++: Simple fix. 2024-07-31 14:46:25 +01:00
Geoffrey White
c04428dedc C++: Add test cases for the memory freed queries. 2024-07-31 14:03:56 +01:00
Anders Schack-Mulligen
9724516c84 C#/Go/Java/Python/Ruby: Accept qltest .expected changes. 2024-07-31 14:45:10 +02:00
Anders Schack-Mulligen
af06763c42 Dataflow: Propagate provenance correctly for flow-through wrappers. 2024-07-31 14:37:13 +02:00
Jami
4fb29c4473 Merge branch 'main' into jcogs33/java/add-apache-ant-path-inj-sinks 2024-07-31 08:15:07 -04:00
Mathias Vorreiter Pedersen
61eda0df9d C++: Add change note. 2024-07-31 13:13:19 +01:00
Jami
05b0a3f41c Merge pull request #17093 from jcogs33/jcogs33/java/provenance-postprocess-qltest-remaining-lib-tests 
Java: Add support for post-process provenance pretty-printing in `.ql` library-tests
 2024-07-31 08:11:15 -04:00
Mathias Vorreiter Pedersen
fe575df325 C++: Mark constexpr if as unevalauted. 2024-07-31 13:09:12 +01:00
Mathias Vorreiter Pedersen
4e62dc81d2 C++: Add constexpr if testcase. 2024-07-31 13:08:49 +01:00
yoff
123dcc75d1 Merge pull request #16971 from RasmusWL/mad-dict-source 
Python: Add MaD support for DictionaryElement/DictionaryElementAny for sources
 2024-07-31 13:40:07 +02:00
Sylwia Budzynska
9bd00c9e1e Change Gradio rfs test to use shared rfs test module 2024-07-31 13:25:32 +02:00
Sylwia Budzynska
2a6ad00a2f Fix typo 2024-07-31 13:22:27 +02:00
Sylwia Budzynska
72e7b6c872 Update python/ql/lib/semmle/python/frameworks/Streamlit.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-07-31 13:20:01 +02:00
Owen Mansel-Chan
01c6dbaa27 Accept provenance numbering changes 2024-07-31 12:19:18 +01:00
Owen Mansel-Chan
8901b1fd14 Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer 
Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`
 2024-07-31 12:16:03 +01:00
Owen Mansel-Chan
59e22f6cd9 Merge pull request #17101 from owen-mc/java/dead-ref-types-junit-4-5 
Java: Fix FPs in `java/unused-reference-type` for JUnit 4-style tests
 2024-07-31 11:11:35 +01:00
Owen Mansel-Chan
e4cd29efc6 Fix missing go-jose package path 2024-07-31 11:09:53 +01:00
Cornelius Riemenschneider
d75da82528 Merge pull request #17102 from github/criemen/installer-ripunzip 
Bazel installer: Retry ripunzip step.
 2024-07-31 12:04:20 +02:00
Owen Mansel-Chan
f953249692 Merge pull request #17103 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-31 10:47:08 +01:00
Alvaro Muñoz
80d2bbdc9b Merge pull request #61 from github/missing_permissions 
fix(queries): Fix Missing Permissions query
 2024-07-31 11:45:54 +02:00
Alvaro Muñoz
ab8dd599b7 fix(queries): Fix Missing Permissions query 
If a job is only triggered by `workflow_call`, we dont report any issues
since they should be reported on the calling workflows
 2024-07-31 11:45:30 +02:00
Cornelius Riemenschneider
de47838c36 Remove unused exception class. 2024-07-31 11:31:11 +02:00
am0o0
d560c1ea0f fix formatting 2024-07-31 11:08:06 +02:00
Owen Mansel-Chan
f8e8b362ab Merge branch 'main' into workflow/coverage/update 2024-07-31 10:07:35 +01:00
am0o0
9110df6e80 Merge branch 'amammad-java-JWT' of https://github.com/am0o0/codeql into amammad-java-JWT 2024-07-31 11:04:24 +02:00
am0o0
c6814fcf47 merge duplicate module into a module file 2024-07-31 11:04:03 +02:00
am0o0
701e3d7e53 add same query but with local source support to comply with the CVE-2021-37580 2024-07-31 10:58:22 +02:00
Owen Mansel-Chan
3ece3ec50f Merge pull request #17092 from owen-mc/go/provenance-postprocess-qltest 
Go: Add support for provenance pretty-printing
 2024-07-31 09:54:28 +01:00
Cornelius Riemenschneider
1ce15ae2fd Fix exit code when ripunzip isn't called. 2024-07-31 08:09:53 +02:00
github-actions[bot]
d0c2b4a60f Add changed framework coverage reports 2024-07-31 00:15:22 +00:00
Edward Minnix III
bae0ea5599 Merge pull request #17042 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-30 20:04:23 -04:00
Cornelius Riemenschneider
fa6d61809e Fix hang for targets without ripunzip. 2024-07-31 00:38:50 +02:00
Jami
d04dc9afe0 Merge pull request #17087 from jcogs33/jcogs33/java/provenance-postprocess-qltest 
Java: Add support for provenance pretty-printing as a qltest postprocess step
 2024-07-30 16:55:26 -04:00
Jeroen Ketema
f986484813 Merge pull request #17098 from jketema/deduction 
C++: Update tests after extractor changes
 2024-07-30 21:08:40 +02:00
Alvaro Muñoz
8ffac2935e Bump qlpack versions 2024-07-30 18:22:20 +02:00
Cornelius Riemenschneider
674a5bb9b4 Bazel installer: Retry ripunzip step. 
Ripunzip is great, but occasionally bugs out due to a parallelism issue.
As we don't want this to fail CI, retry the entire ripunzip/installation step
up to 3 times.
We need to clean up the working directory as ripunzip doesn't support overwriting
files. I've not been able to test this with the original issue (it doesn't seem
to reproduce locally for me), but I injected another error and got 3 retries
of installation.
 2024-07-30 18:20:19 +02:00
Alvaro Muñoz
65ad387543 fix: Add printf as an equivalent to echo 2024-07-30 18:18:22 +02:00
Jami Cogswell
2db07bdbf3 Java: add missing models to experimental expected files 2024-07-30 12:13:18 -04:00
am0o0
40eef25133 use more specefic Classes instead of Call 2024-07-30 18:07:03 +02:00
Geoffrey White
3d6a889d24 Swift: Make use of CBC blockmode in examples and tests mode accurate. 2024-07-30 16:59:11 +01:00
am0o0
591b1b4f07 use $ SPURIOUS: instead of "this test gives a FP" 2024-07-30 17:53:23 +02:00
am0o0
f97b1039cd update test files, add one more additional flow step for inflate function, fix gzopen additional flow step thanks to @jketema 2024-07-30 17:49:34 +02:00
Sylwia Budzynska
81f3609c4b Formatting 2024-07-30 17:49:20 +02:00
Sylwia Budzynska
dfc51922ba Change regex 2024-07-30 17:39:34 +02:00
Sylwia Budzynska
ef2b225144 Fix PascalCase 2024-07-30 17:36:55 +02:00
Owen Mansel-Chan
1cb5f35c56 Add change note 2024-07-30 16:29:38 +01:00
Owen Mansel-Chan
cd0af0fc57 Ignore types with methods which have annotations 
The motivation is test classes in JUnit 4 and 5 are currently FPs for this. They have methods with `@Test`, so this should fix the FPs.
 2024-07-30 16:29:35 +01:00