hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-19 05:56:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,716 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
8979bac4d8 Update shared/ssa/codeql/ssa/Ssa.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2024-07-10 10:55:13 +02:00
Tamas Vajk
ccf56a21c2 C#: Order files in buildless extraction 2024-07-10 10:53:53 +02:00
Tom Hvitved
7928d751d1 Address review comment 2024-07-10 09:52:09 +02:00
aegilops
01ec7c22df Fixed test 2024-07-09 19:19:06 +01:00
am0o0
dd4bce8e30 finilize tests 2024-07-09 19:48:58 +02:00
am0o0
7a5838f1a2 MethodAccess => MethodCall 2024-07-09 19:43:22 +02:00
am0o0
e87d2fe922 remove redundent imports 2024-07-09 19:41:06 +02:00
aegilops
0aab2aef3b Formatting of QLL 2024-07-09 18:16:37 +01:00
aegilops
dae2aeb7d3 QLDoc 2024-07-09 18:16:02 +01:00
Mathias Vorreiter Pedersen
81593ece5a Merge pull request #16935 from MathiasVP/iterator-to-expired-container-fp-5 
C++: Add `cpp/iterator-to-expired-container` FP
 2024-07-09 17:07:19 +01:00
aegilops
86afd54a9b Moved new query to 'experimental' 
Moved lists of domains to data extensions, including adding those to the overall qlpack.yml

Expanded scope of new query to further domains operated by the untrusted owners of polyfill.io
 2024-07-09 16:38:01 +01:00
Alvaro Muñoz
8231261ccf New poisonable steps 2024-07-09 17:28:04 +02:00
Rasmus Wriedt Larsen
60d1dc8af8 Python: Bump extractor version 2024-07-09 14:15:52 +02:00
Rasmus Wriedt Larsen
6b3625e24e Python: Handle diagnostics writing for BuiltinModuleExtractable 2024-07-09 14:15:52 +02:00
Rasmus Wriedt Larsen
c1da2c1d2f Python: Gracefully handle exceptions in diagnostics writing 2024-07-09 14:15:51 +02:00
Rasmus Wriedt Larsen
a8b976b389 Python: Always log errors before writing diagnostics 
So we have the info in the logs if the diagnostics processing fails
 2024-07-09 13:47:53 +02:00
Tom Hvitved
d41eae6fc3 SSA: Add data-flow integration layer 2024-07-09 12:49:22 +02:00
Mathias Vorreiter Pedersen
48edb77300 C++: Add 'cpp/iterator-to-expired-container' FP. 2024-07-09 11:24:18 +01:00
Mathias Vorreiter Pedersen
6359388cea Merge pull request #16915 from MathiasVP/fix-iterator-to-expired-container-fp-4 
C++: Fix `cpp/iterator-to-expired-container` FPs
 2024-07-09 11:23:46 +01:00
Owen Mansel-Chan
d4bfab4735 Accept minor copy-editing suggestions. 2024-07-09 07:00:01 +01:00
Mathias Vorreiter Pedersen
39ad4d4a89 Merge pull request #16930 from MathiasVP/promote-unsafe-strncat-to-code-scanning 2024-07-08 21:51:57 +01:00
Alvaro Muñoz
59fd8530a3 Bump qlpack versions 2024-07-08 22:39:58 +02:00
Alvaro Muñoz
a368b797fd fix(checks): Add repository control checks 2024-07-08 22:39:22 +02:00
Alvaro Muñoz
ee265c4879 fix(models): Slash-command-action 
Do not consider slash-command-action command-arguments as a remote flow source if it requires write or admin permissions
 2024-07-08 22:38:53 +02:00
Alvaro Muñoz
a2af3c654b Account for all npm and pnpm subcommands 
Exclude args such as `npm -v`
 2024-07-08 20:46:29 +02:00
Mathias Vorreiter Pedersen
2c5f007687 Merge pull request #16929 from MathiasVP/add-unsafe-strncat-fp 2024-07-08 18:54:58 +01:00
Cornelius Riemenschneider
f87e680185 Merge pull request #16928 from github/criemen/install-remove 
Install script: Windows-compatible cleanup path.
 2024-07-08 17:53:18 +02:00
Owen Mansel-Chan
496e76c1c5 Merge pull request #16931 from owen-mc/go/fix/clear-sanitizer 
Go: fix `clear` sanitizer
 2024-07-08 16:52:37 +01:00
Cornelius Riemenschneider
16660ab1df address review 2024-07-08 17:37:33 +02:00
Cornelius Riemenschneider
8df2e4952c address review 2024-07-08 17:27:17 +02:00
Owen Mansel-Chan
a774aacfa8 Add change note 2024-07-08 16:09:17 +01:00
Mathias Vorreiter Pedersen
9cfd06c761 C++: Increase the precision of 'cpp/unsafe-strncat' to high. 2024-07-08 16:06:58 +01:00
Owen Mansel-Chan
68929d1f73 Fix definition of ClearSanitizer 2024-07-08 16:05:17 +01:00
Owen Mansel-Chan
eec2aa82a6 Add failing tests for ClearSanitizer 2024-07-08 16:05:04 +01:00
Mathias Vorreiter Pedersen
962c73da16 C++: Promote 'cpp/unsafe-strncat' to Code Scanning. 2024-07-08 16:02:29 +01:00
Angela P Wen
80bd361607 Merge pull request #16926 from github/post-release-prep/codeql-cli-2.18.0 
Post-release preparation for codeql-cli-2.18.0
 2024-07-08 16:51:16 +02:00
Owen Mansel-Chan
b83147fa44 Add links on threat models to change note 2024-07-08 15:39:27 +01:00
Owen Mansel-Chan
8241d0b7ef Update QLDoc for ReverseDnsUserInput 2024-07-08 15:33:39 +01:00
Owen Mansel-Chan
07a25a233d Update threat model documentation 2024-07-08 15:32:47 +01:00
Cornelius Riemenschneider
bb78536804 Install script: Windows-compatible cleanup path. 
Windows might need some retrying around deleting
the target directory.
 2024-07-08 16:21:29 +02:00
Owen Mansel-Chan
64432215a9 Make "reverse-dns" pass validation 2024-07-08 15:16:14 +01:00
Owen Mansel-Chan
8526510783 Add ungrouped threat models to threat-model-grouping.model.yml 2024-07-08 15:15:40 +01:00
Mathias Vorreiter Pedersen
d5d04f2f4c C++: Add a 'cpp/unsafe-strncat' FP. 2024-07-08 15:13:00 +01:00
Geoffrey White
8818f63ca7 C++: Add some practical details to the examples. 2024-07-08 14:32:05 +01:00
Geoffrey White
80af5b7725 C++: Add a third example for cpp/world-writable-file-creation. 2024-07-08 14:32:04 +01:00
Geoffrey White
4f0d725acd C++: Add a 'good' example as well. 2024-07-08 14:32:03 +01:00
Geoffrey White
d52210d565 C++: Improve the example for cpp/return-stack-allocated-memory. 2024-07-08 14:32:01 +01:00
Geoffrey White
3c70583aa2 C++: Add close calls to examples for cpp/toctou-race-condition. 2024-07-08 14:32:00 +01:00
Geoffrey White
0288499801 C++: Rephrase the alert message for cpp/wrong-type-format-argument to be less prescriptive. 2024-07-08 14:31:59 +01:00
github-actions[bot]
ae3aba061b Post-release preparation for codeql-cli-2.18.0 2024-07-08 13:30:13 +00:00