hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-18 13:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,714 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
45ba0c3319 Merge pull request #16907 from MathiasVP/phi-escape-5 
C++: Add a new `MemoryLocation` to represent sets of `Allocation`s
 2024-07-17 15:44:04 +01:00
Geoffrey White
7029de5989 Swift: Attempt to speed up evaluation of the private information regex for Swift. 2024-07-17 15:43:30 +01:00
Mathias Vorreiter Pedersen
8a3a3fa263 C++: Sync identical files. 2024-07-17 14:39:08 +01:00
Mathias Vorreiter Pedersen
d5ccb2e396 C++: Add a large QLDoc with example to 'getInstructionSuccessor'. 2024-07-17 14:39:02 +01:00
Michael B. Gale
784a07353e Merge pull request #16916 from github/dependabot/go_modules/go/extractor/extractor-dependencies-5727fbca95 
Bump the extractor-dependencies group across 1 directory with 2 updates
 2024-07-17 13:40:16 +01:00
dependabot[bot]
3641dfebff Bump the extractor-dependencies group across 1 directory with 2 updates 
Bumps the extractor-dependencies group with 2 updates in the /go/extractor directory: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.15.0 to 0.19.0
- [Commits](https://github.com/golang/mod/compare/v0.15.0...v0.19.0)

Updates `golang.org/x/tools` from 0.18.0 to 0.23.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.18.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-17 11:46:01 +00:00
Paolo Tranquilli
bf69c76829 Merge pull request #16987 from github/redsun82/go 
Go/Bazel: use gazelle `go_deps` instead of a vendor directory
 2024-07-17 13:44:23 +02:00
Owen Mansel-Chan
d109b1e20d Accept model numbering changes in tests 2024-07-17 12:37:23 +01:00
Owen Mansel-Chan
6b52cd4957 Do not use "request" threat model kind 
It is not supported yet.
 2024-07-17 12:12:00 +01:00
Owen Mansel-Chan
cfdd48711b Convert Fasthttp::RequestHeader::RemoteFlowSource to MaD 2024-07-17 12:11:59 +01:00
Owen Mansel-Chan
abeca3d9f9 Convert Fasthttp::RequestCtx::RemoteFlowSource to MaD 2024-07-17 12:11:58 +01:00
Owen Mansel-Chan
729069e3d9 Convert Fasthttp::Request::RemoteFlowSource to MaD 2024-07-17 12:11:57 +01:00
Owen Mansel-Chan
c3169d258f Convert Fasthttp::Args::RemoteFlowSource to MaD 2024-07-17 12:11:57 +01:00
Owen Mansel-Chan
5a00b5ec96 Convert Fasthttp::URI::RemoteFlowSource to MaD 2024-07-17 12:11:56 +01:00
Owen Mansel-Chan
f33927457f Adapt test to work better for MaD 
In MaD, `Argument[n]` corresponds to the post-update node of the
argument, which in the old version of the test will be the definition of
`dstReader` for the tests for `ReadBody`, `ReadLimitBody`,
`ContinueReadBodyStream`, `ContinueReadBody`.
 2024-07-17 12:11:55 +01:00
Owen Mansel-Chan
a8a4a201bd Merge pull request #16992 from owen-mc/go/mad/use-package-grouping 
Go: use package grouping in existing models-as-data models
 2024-07-17 12:08:26 +01:00
Mathias Vorreiter Pedersen
5f70c44270 C++: Add change note. 2024-07-17 11:44:38 +01:00
Mathias Vorreiter Pedersen
9dd43d8e6f C++: Promote 'cpp/unsigned-difference-expression-compared-zero' to Code Scanning. 2024-07-17 11:44:37 +01:00
Mathias Vorreiter Pedersen
dc32806f3f Merge pull request #16988 from MathiasVP/unsigned-difference-compares-eq-zero-fp-fixes 
C++: Fix FPs in `cpp/unsigned-difference-expression-compared-zero`
 2024-07-17 11:39:17 +01:00
Owen Mansel-Chan
238c6ccb2e Merge pull request #17003 from owen-mc/go/update-library-coverage-frameworks 
Go: Add frameworks to frameworks.csv
 2024-07-17 11:26:11 +01:00
Owen Mansel-Chan
f67026f2ad Accept model numbering changes in tests 2024-07-17 11:02:28 +01:00
Owen Mansel-Chan
4c3220ea9d Use package grouping in models for gocb 2024-07-17 10:36:38 +01:00
Owen Mansel-Chan
4b2075bfb1 Split models for separate protobuf packages into separate files 2024-07-17 10:36:37 +01:00
Owen Mansel-Chan
aa0749e4ba Use package grouping for go-jose/jwt models 2024-07-17 10:36:37 +01:00
Owen Mansel-Chan
8a5a9418c7 Add frameworks to frameworks.csv 2024-07-17 10:20:44 +01:00
Owen Mansel-Chan
e6c7e1a0bc Merge pull request #16990 from owen-mc/go/change-string-prefix-check 
Go: Change string prefix check
 2024-07-17 09:57:45 +01:00
Tom
f09010e79c Update NetHttp.qll 2024-07-17 16:39:11 +08:00
Owen Mansel-Chan
12fe998a4e Merge pull request #16986 from owen-mc/go/mad-sources-revel-nethttp 
Go: Convert Revel and net/http sources to MaD
 2024-07-16 22:13:50 +01:00
Jami
39f0288e09 Merge pull request #16964 from jcogs33/jcogs33/add-toByteArray-summaries 
Java: add `IOUtils.toByteArray` summaries
 2024-07-16 17:03:30 -04:00
Owen Mansel-Chan
e2356d9820 Merge pull request #16914 from owen-mc/java/android-app-detection 
Java: Improve Android app detection
 2024-07-16 21:52:43 +01:00
Owen Mansel-Chan
fc6b17ad64 Test: accept model numbers changing 2024-07-16 21:36:12 +01:00
Mathias Vorreiter Pedersen
dbe0fceea6 C++: Sync identical files. 2024-07-16 17:42:39 +01:00
Mathias Vorreiter Pedersen
083b9b77c9 C++: Delete redundant conjuncts. 2024-07-16 17:42:31 +01:00
Jami Cogswell
f90df85722 Java: update provenance numbers in tests again 2024-07-16 11:55:46 -04:00
Owen Mansel-Chan
535b4ea986 Convert net/http UserControlledRequestField sources to MaD 2024-07-16 16:53:02 +01:00
Owen Mansel-Chan
873fd6646b Convert Revel::UserControlledRequestMethod sources to MaD 2024-07-16 16:53:01 +01:00
Owen Mansel-Chan
034f2d4221 Convert Revel field read sources to MaD 2024-07-16 16:53:01 +01:00
Owen Mansel-Chan
2da1de7b13 Use packageGrouping in Revel models 2024-07-16 16:53:00 +01:00
Joe Farebrother
070d67816d Remove experimental version 2024-07-16 16:50:10 +01:00
Joe Farebrother
8d93c3a852 Move to cwe-20 2024-07-16 16:50:08 +01:00
Joe Farebrother
e885f1f8c4 Add documentation 2024-07-16 16:50:05 +01:00
Joe Farebrother
983bdb92a1 Add test cases + remove redundant import 2024-07-16 16:50:00 +01:00
Joe Farebrother
123214cb2b Promoto cookie injection query 2024-07-16 16:49:56 +01:00
Ian Lynagh
bf4a202cbd Merge pull request #16932 from igfoo/igfoo/kotlin-2.0.20 
Kotlin: Add 2.0.20 support
 2024-07-16 16:38:30 +01:00
Mathias Vorreiter Pedersen
9504e0f119 C++: Accept test changes. 2024-07-16 16:24:00 +01:00
Mathias Vorreiter Pedersen
8894fba17a C++: Sync identical files. 2024-07-16 16:19:04 +01:00
Mathias Vorreiter Pedersen
950d70ffed C++: Replace 'InitializeGroup' with 'UninitializedGroup'. 2024-07-16 16:16:50 +01:00
Owen Mansel-Chan
8647f69720 Change string prefix check 
This avoids putting all the prefixes in the string pool.
 2024-07-16 15:56:28 +01:00
Owen Mansel-Chan
0793c589f7 Merge pull request #16963 from owen-mc/go/mad-sources/go-restful-gin-mux 
Go: Convert go-restful, Gin and Mux sources to MaD
 2024-07-16 15:50:49 +01:00
Jami
a73170df49 Merge branch 'main' into jcogs33/add-toByteArray-summaries 2024-07-16 10:46:36 -04:00