codeql

mirror of https://github.com/github/codeql.git synced 2026-03-19 14:06:50 +01:00

Author	SHA1	Message	Date
Michael Nebel	64ac52e918	C#: Only lift summary models in the model generator.	2024-06-27 09:54:00 +02:00
Asger F	c52a4b0621	JS: Provide RenderSummarizedCallable	2024-06-27 09:44:45 +02:00
Asger F	e53c0cdce7	Fix unknown Parameter/Argument decoding	2024-06-27 09:39:06 +02:00
Tamas Vajk	0c34b4535a	C#: Change `string.Format` calls to interpolated strings	2024-06-27 09:20:50 +02:00
Asger F	2473274681	JS: Benign test output changes	2024-06-27 09:06:45 +02:00
Tamás Vajk	4a98436884	Merge pull request #16855 from tamasvajk/fix/integration-test C#: Fix integration test expected file	2024-06-27 08:52:05 +02:00
Tamas Vajk	6b6d705b4f	C#: Fix integration test expected file	2024-06-27 08:14:37 +02:00
Jami	901245ae3d	Merge branch 'main' into jcogs33/unsafe-url-forward-promotion-resource-and-file-methods	2024-06-26 21:57:07 -04:00
github-actions[bot]	0a8c9da0ac	Add changed framework coverage reports	2024-06-27 00:17:25 +00:00
Alvaro Muñoz	4aba07074c	Bump qlpack versionsi	2024-06-26 19:45:13 +02:00
Alvaro Muñoz	76b115deb0	Dedup Cache poisoning and Untrusted checkout	2024-06-26 19:44:44 +02:00
Alvaro Muñoz	878317ab6b	Bump qlpack versions	2024-06-26 19:18:10 +02:00
Alvaro Muñoz	5cd292e23e	Make Untrusted Checkout and CachePoisoning rules path-problems	2024-06-26 19:17:37 +02:00
Chris Smowton	f2cbf08d15	Adjust test expectations	2024-06-26 17:37:48 +01:00
Alvaro Muñoz	e6311966c8	Take explicit permission into account for privilege calculation	2024-06-26 16:17:07 +02:00
Mathias Vorreiter Pedersen	e845204ec9	C++: Add tests of internal MaD predicates and accept test changes.	2024-06-26 14:10:31 +01:00
Mathias Vorreiter Pedersen	d38ce61e03	C++: Mention in the QLDoc that you cannot instantiate templates in the signature string.	2024-06-26 13:54:28 +01:00
Owen Mansel-Chan	272132a09a	Merge pull request #16799 from owen-mc/go/mad/match-all-package-versions Go: Make models-as-data package column match any version without "$ANYVERSION"	2024-06-26 13:46:49 +01:00
Asger F	af7b4e3063	Accept flow difference due to added test cases New library gets FN for spread arguments in a call to splice(), which was added to the old version in this PR: https://github.com/github/codeql/pull/16739	2024-06-26 13:52:27 +02:00
Asger F	53efb5837b	JS: Update some tests with provenance columns Only includes the changes that purely contain the new provenance columns	2024-06-26 13:51:44 +02:00
Asger F	88edc06517	Avoid bad join in compatibleTypesCached This is identical to the code in Ruby and seems to prevent a bad join ordering in a cached version of this predicate in DataFlowCommon	2024-06-26 13:51:41 +02:00
Asger F	fc7c2c5b17	Remove unused code	2024-06-26 13:51:40 +02:00
Asger F	e67e89dd70	Implement decodeUnknownArgument/ParameterPosition	2024-06-26 13:51:39 +02:00
Asger F	3bebd709b3	Handle AnyMemberDeep and ArrayElementDeep in encodeContent	2024-06-26 13:51:38 +02:00
Asger F	6c0c67dce4	Implement encodeWith/WithoutContent	2024-06-26 13:51:37 +02:00
Asger F	b0ea81276b	Implement encodeReturn	2024-06-26 13:51:36 +02:00
Asger F	5811a3c5a6	Port getMadStringFromContentSet -> encodeContent	2024-06-26 13:51:35 +02:00
Asger F	8c4e5e8876	Boilerplate implementation of default predicates from FlowSummaryImpl.qll	2024-06-26 13:51:34 +02:00
Rasmus Lerchedahl Petersen	a3076f4f72	Python: fix test expectations, add missing sanitizer	2024-06-26 13:27:32 +02:00
Anders Schack-Mulligen	9d8ee99c1c	Merge pull request #16806 from aschackmull/dataflow/debug-stages Dataflow: Add path-problem view of intermediate stages for debug purposes.	2024-06-26 12:53:12 +02:00
Michael Nebel	e1f65d1f8b	Merge pull request #16836 from michaelnebel/csharp/bestlocation C#: Be more consistent when picking between locations.	2024-06-26 12:46:50 +02:00
am0o0	361ad6be6a	use abstract class for decompression flow steps	2024-06-26 12:45:31 +02:00
aegilops	f22778960b	Fixed expected test results for Helmet query	2024-06-26 11:31:57 +01:00
Cornelius Riemenschneider	c4cc30fb7a	Merge pull request #16839 from github/criemen/bazel-721 Bump to bazel 7.2.1.	2024-06-26 11:26:19 +02:00
Paolo Tranquilli	53a7d823ec	Merge pull request #16841 from github/redsun82/kotlin Kotlin: exclude `KotlinExtractorDbScheme.kt` generated by hand	2024-06-26 11:18:44 +02:00
Tamás Vajk	81f4786643	Merge pull request #16832 from tamasvajk/feature/update-dependencies C#: Update (some) nuget dependencies	2024-06-26 11:12:26 +02:00
Michael Nebel	e258d9fa74	C#: Use the first best location from the list of locations.	2024-06-26 11:04:38 +02:00
Rasmus Lerchedahl Petersen	b261145f43	Python: fix compilation	2024-06-26 10:46:38 +02:00
Joe Farebrother	6538d22d3f	Fix tornado model of httheaders.add.	2024-06-26 09:21:53 +01:00
Paolo Tranquilli	a52a412c24	Kotlin: exclude `KotlinExtractorDbScheme.kt` generated by hand	2024-06-26 09:05:09 +02:00
Owen Mansel-Chan	a30b34c4bd	Used "fixed-version:" prefix in a test	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	418a56d385	Replace "$THISVERSION" suffix with "fixed-version:" prefix	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	081f32141c	Accept review suggestion fixing a comment Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	d4e8e4c943	Add QLDoc for `majorVersionSuffixRegex`	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	46d0c6ff9c	Use lookahead in regex to not match e.g. "/v2foo"	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	c8a3bedf44	Move major version suffix regex into one place	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	cb2ccef5fa	Refactor suffix check	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	c045e77d61	Fix QLDoc for `interpretPackage`	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	7d11fc2c7d	Fix bug in regex I accidentally included a `$` at the end, so it only matched a major version suffix at the end of the package path.	2024-06-26 05:01:09 +01:00
Owen Mansel-Chan	a9afbfa993	Document version matching and "$THISVERSION"	2024-06-26 05:01:09 +01:00

... 325 326 327 328 329 ...

85368 Commits