hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-19 22:16:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,715 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
921afb71e2 Update cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-06-25 10:03:53 +01:00
Owen Mansel-Chan
890da5377e Merge pull request #16819 from owen-mc/go/remove-dataflowtype-optimizer-bug-workaround 
Go: Make DataFlowType a singleton (remove workaround)
 2024-06-25 10:03:08 +01:00
Asger F
551743e000 Shared: add location for 'this' CaptureContainer 
Only has an effect for debugging purposes
 2024-06-25 10:34:28 +02:00
Mathias Vorreiter Pedersen
982f845be7 C++: Accept test changes. 2024-06-25 09:31:00 +01:00
Asger F
bd3fccd1a8 JS: Update test output with provenance column 2024-06-25 10:30:56 +02:00
Mathias Vorreiter Pedersen
bb8b0d0bf5 C++: Use the unary version of 'comparesEq' to handle both disjuncts. 2024-06-25 09:30:53 +01:00
Asger F
20df5adbaa JS: Bugfix in DeduplicatePathGraph 
This was introduced after a quick fix to handle the addition of
provenance.
 2024-06-25 10:30:14 +02:00
Chris Smowton
5608e0141c Adjust and tolerate variability in test expectations 2024-06-25 09:02:58 +01:00
Tom Hvitved
25daaf9d47 Ruby: Add change note 2024-06-25 10:00:01 +02:00
Asger F
f43a189f06 JS: Make CaptureNode.toString() more explicit 2024-06-25 09:56:39 +02:00
GitHub Security Lab
795232e040 Merge pull request #47 from github/poisonable_config 
Move configuration to MaD files
 2024-06-25 09:48:06 +02:00
Alvaro Muñoz
fc8173239e Move configuration to MaD files 2024-06-25 09:47:43 +02:00
Jeroen Ketema
285ed3630b C++: Update expected test results 2024-06-25 09:16:05 +02:00
github-actions[bot]
fd385736e6 Post-release preparation for codeql-cli-2.17.6 2024-06-25 06:39:45 +00:00
Joe Farebrother
0901b3d0a6 Add change note 2024-06-24 21:43:09 +01:00
Owen Mansel-Chan
8458bde51e Add comment that "reverse-dns" is an ungrouped threat model 2024-06-24 21:23:52 +01:00
Owen Mansel-Chan
9e25279cb8 Change category in change note to "majorAnalysis" 2024-06-24 21:23:51 +01:00
Owen Mansel-Chan
162245fb9a Fix unrelated test using reverse DNS as source 2024-06-24 21:23:50 +01:00
Owen Mansel-Chan
059ef42f41 Add change note 2024-06-24 21:23:49 +01:00
Owen Mansel-Chan
878867205e Fix taintsources test 2024-06-24 21:23:47 +01:00
Owen Mansel-Chan
91db2b6c9c Make new threat model kind "reverse-dns" 2024-06-24 21:23:46 +01:00
Joe Farebrother
d0f735ac28 Update tests for restframework 2024-06-24 20:52:09 +01:00
Arthur Baars
0508d4fa33 Merge pull request #16821 from github/release-prep/2.17.6 
Release preparation for version 2.17.6
codeql-cli/v2.17.6 		2024-06-24 21:17:34 +02:00
Dave Bartolomeo
1e46e431e8 Merge pull request #16823 from smowton/smowton/admin/maven-transfer-failure-test-expectations 
Java: Adjust and tolerate variability in test expectations
 2024-06-24 13:54:25 -04:00
Joe Farebrother
c404f00a9b Add additional header write models for aiohttp and tornado + added qldoc 2024-06-24 17:27:25 +01:00
Joe Farebrother
79c0ed6074 Add additional fastapi mheader write models 2024-06-24 17:27:21 +01:00
Joe Farebrother
5ced5c010c Add django header writes 2024-06-24 17:27:15 +01:00
Joe Farebrother
7704801e47 Change fastapi raw cookie header models to header write models 2024-06-24 17:27:12 +01:00
Joe Farebrother
a0201e9c4f Update tests for new cookie write from headers 2024-06-24 17:27:06 +01:00
Joe Farebrother
6b8080a5b3 Update concept tests for header writes 2024-06-24 17:27:02 +01:00
Joe Farebrother
d11f58f768 Add cookie header write concept from experimental. 2024-06-24 17:26:56 +01:00
Joe Farebrother
b71ba7c30f Move Header Write derrived concepts to Concepts 2024-06-24 17:26:51 +01:00
Paolo Tranquilli
d2a00fa773 Merge pull request #16822 from github/redsun82/nodejs-mirror 
Bazel: add `nodejs` mirror
 2024-06-24 17:59:08 +02:00
Chris Smowton
351b908f62 Adjust and tolerate variability in test expectations 2024-06-24 16:38:18 +01:00
Paolo Tranquilli
0669186713 Bazel: remove unneeded upstream rules_nodejs patch 2024-06-24 17:09:40 +02:00
Paolo Tranquilli
a02cf07833 Bazel: add nodejs mirror 
This patches `rules_nodejs` with the contents of
https://github.com/bazelbuild/rules_nodejs/pull/3763
in order to allow specifying a mirror for nodejs, as nodejs.org has
hit us with intermittent downtimes.
 2024-06-24 16:59:25 +02:00
Mathias Vorreiter Pedersen
5b1b60cc92 Merge pull request #16797 from MathiasVP/yml-for-allocation-and-deallocation 
C++: Add extensible predicates to `Allocation` and `Deallocation`
 2024-06-24 15:34:27 +01:00
github-actions[bot]
e32a587078 Release preparation for version 2.17.6 2024-06-24 14:33:10 +00:00
Anders Schack-Mulligen
25d520a7f1 Merge pull request #16785 from aschackmull/dataflow/stage3-notypes 
Dataflow: Replace stage 3 type pruning with flow-insensitive type pruning.
 2024-06-24 15:21:37 +02:00
Mathias Vorreiter Pedersen
36d59cef7e C++: Add 'bsl::free' as a deallocation function model. 2024-06-24 13:56:44 +01:00
Mathias Vorreiter Pedersen
82ed1ee671 Update cpp/ql/lib/change-notes/2024-06-20-extensible-allocation-deallocation.md 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-06-24 13:50:24 +01:00
Owen Mansel-Chan
d8df38c683 Make DataFlowType a singleton (remove workaround) 2024-06-24 13:43:10 +01:00
Mathias Vorreiter Pedersen
19b6d24bc2 Merge pull request #16816 from MathiasVP/fix-valuenumber-imports 
C++: Fix value numbering imports
 2024-06-24 13:37:38 +01:00
Anders Schack-Mulligen
fdf6e30888 Dataflow: Handle non-trivial type systems with stores into a top type. 2024-06-24 13:35:50 +02:00
Anders Schack-Mulligen
a26132e818 Dataflow: Replace stage 3 type pruning with flow-insensitive type pruning. 2024-06-24 13:35:50 +02:00
Anders Schack-Mulligen
3ede3af6f2 C#: Fix join-order. 2024-06-24 13:35:49 +02:00
Anders Schack-Mulligen
8c23e21073 Dataflow: Cache compatibleTypes. 2024-06-24 13:35:48 +02:00
Anders Schack-Mulligen
06a7e3f3ee Dataflow: Cache typeStrongerThan. 2024-06-24 13:35:48 +02:00
Anders Schack-Mulligen
bd99f32a4b Dataflow: Check types on ParamReturnNode. 2024-06-24 13:35:47 +02:00
Michael Nebel
24685a07c0 Java: Update model generator test expected output. 2024-06-24 13:07:42 +02:00