codeql

mirror of https://github.com/github/codeql.git synced 2026-03-20 06:26:47 +01:00

Author	SHA1	Message	Date
Tom Hvitved	a8758c0160	Ruby: Handle element references with blocks	2024-06-21 12:04:55 +02:00
Tom Hvitved	d7ce2be040	Ruby: Up/downgrade scripts	2024-06-21 12:04:53 +02:00
Rasmus Lerchedahl Petersen	280a9b4408	Python: Support Model Editor	2024-06-21 11:47:51 +02:00
Tom Hvitved	dff3ce2a9f	Merge pull request #16794 from hvitved/ruby/sinatra-flow Ruby: Rework `Sinatra.FilterJumpStep`	2024-06-21 11:38:10 +02:00
Tom Hvitved	21c9f33419	Ruby: Bump `tree-sitter-ruby`	2024-06-21 10:17:59 +02:00
Mathias Vorreiter Pedersen	c357cc9f08	C++: Add change note.	2024-06-21 08:54:12 +01:00
Mathias Vorreiter Pedersen	69490c62cd	C++: Add qlpack dependency.	2024-06-21 08:54:10 +01:00
Mathias Vorreiter Pedersen	6bf22bda58	C++: Replace allocation models with models from extensible predicates.	2024-06-21 08:54:09 +01:00
Alvaro Muñoz	06918b0492	Remove custom scan action	2024-06-21 09:19:37 +02:00
Tom Hvitved	8ea4f85de3	Ruby: Rework `Sinatra.FilterJumpStep`	2024-06-21 08:57:59 +02:00
Tom Hvitved	95c764eff6	Fix Sinatra test to properly output pathgraph	2024-06-21 08:57:19 +02:00
Erik Krogh Kristensen	db768960f4	Merge pull request #15060 from am0o0/amammad-js-envinjection JS: Env Injection query	2024-06-20 21:27:21 +02:00
Erik Krogh Kristensen	555d7e5958	Merge pull request #14293 from am0o0/amammad-js-CodeInjection_dynamic_import JS: Dynamic import as code injection sink	2024-06-20 21:19:57 +02:00
erik-krogh	0de4fd8430	add test for the better type-narrowing in TS 5.5	2024-06-20 20:55:44 +02:00
erik-krogh	9966be6975	update to the stable release of TypeScript 5.5	2024-06-20 20:47:43 +02:00
erik-krogh	b936f725b5	update to 5.5.1-rc	2024-06-20 20:43:01 +02:00
erik-krogh	a691ec01b3	add test for the inferred type predicates in TS5.5	2024-06-20 20:42:59 +02:00
erik-krogh	5336a1a251	upgrade TypeScript to 5.5-beta	2024-06-20 20:42:57 +02:00
Erik Krogh Kristensen	60ed51781e	Merge pull request #16790 from github/max-schaefer-patch-1 JavaScript: Fix CodeQL alert in extractor	2024-06-20 20:20:00 +02:00
Erik Krogh Kristensen	e84028d01e	Merge pull request #14088 from am0o0/amammad-js-JWT JS: decoding JWT without signature verification	2024-06-20 20:13:40 +02:00
Mathias Vorreiter Pedersen	d308178781	C++: Add extensible predicate for allocation.	2024-06-20 16:26:52 +01:00
Mathias Vorreiter Pedersen	ce5ab4c4b7	C++: Add qlpack dependency.	2024-06-20 16:26:50 +01:00
Mathias Vorreiter Pedersen	3457551264	C++: Replace deallocation models with models from extensible predicates.	2024-06-20 16:26:49 +01:00
Jeroen Ketema	0e04a59c08	Merge pull request #16795 from jketema/test-cleanup C++: Remove unneeded options from tests	2024-06-20 16:24:07 +02:00
Mathias Vorreiter Pedersen	e5c20b13cf	C++: Add extensible predicate for deallocation.	2024-06-20 14:51:09 +01:00
Jeroen Ketema	4c4c15b425	C++: Remove unneeded options from tests	2024-06-20 14:21:34 +02:00
Owen Mansel-Chan	aa35bd771b	Fix bug removing "vendor/" from package paths	2024-06-20 13:18:21 +01:00
Asger F	a36e39359f	Merge pull request #16739 from RasmusWL/js-array-steps JS: Allow many Array steps to be used in type-tracking	2024-06-20 11:39:46 +02:00
Rasmus Lerchedahl Petersen	a7386b6670	Python: include new documentation	2024-06-20 11:25:25 +02:00
Rasmus Lerchedahl Petersen	f0e68887d4	Python: autoformat	2024-06-20 10:59:39 +02:00
yoff	b4fdf3c342	Apply suggestions from code review Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2024-06-20 10:57:54 +02:00
Rasmus Wriedt Larsen	596102d3fb	Update javascript/ql/lib/change-notes/2024-06-14-type-tracking-array-steps.md Co-authored-by: Asger F <asgerf@github.com>	2024-06-20 10:07:49 +02:00
Alvaro Muñoz	1e4df62a39	Merge pull request #45 from github/change_packages Move from githubsecuritylab packages to github	2024-06-20 09:51:17 +02:00
Alvaro Muñoz	4619128c11	Move from githubsecuritylab packages to github	2024-06-20 09:50:36 +02:00
Owen Mansel-Chan	754fd8e84c	Drop leading . from `getQualifiedName` for built-in functions So it will be "panic" instead of ".panic".	2024-06-19 22:04:21 +01:00
Owen Mansel-Chan	68a661f3c7	Write out whole function names	2024-06-19 21:58:31 +01:00
Owen Mansel-Chan	b79711b17e	Move deprecated notice to top of comment	2024-06-19 21:58:28 +01:00
aegilops	1ecd72727d	Renamed README to CUSTOMIZING, removed details from qhelp and referenced md doc instead	2024-06-19 17:59:43 +01:00
aegilops	a07639f4f6	Set severity to 7.0, in line with other configuration queries	2024-06-19 17:43:41 +01:00
aegilops	26f1b36736	Fixed formatting	2024-06-19 17:41:58 +01:00
aegilops	252c9e9416	Added data extension to set defaults, updated help, added README to explain customization	2024-06-19 17:27:17 +01:00
Max Schaefer	2be171746b	JavaScript: Fix CodeQL alert in extractor This doesn't make a difference in practice because we only run the method on arrays of even length, but we might as well fix it.	2024-06-19 17:13:01 +01:00
Rasmus Lerchedahl Petersen	5cb37f5c4c	python: Document MaD format - add a few tests reflecting the documentation - make the mentioned sink-kinds have an effect on relevant queries	2024-06-19 17:00:15 +02:00
Mathias Vorreiter Pedersen	901fac4282	C++: Support 'Element' content in flow summaries.	2024-06-19 13:40:06 +01:00
Mathias Vorreiter Pedersen	013ee9c15e	C++: Add support for 'Element' content in dataflow.	2024-06-19 13:39:39 +01:00
Mathias Vorreiter Pedersen	c158f8054e	C++: Get rid of all the 'StdContainer' taint models.	2024-06-19 13:36:19 +01:00
Michael Nebel	aa962f9b03	Java: Update expected output of model generation.	2024-06-19 14:10:59 +02:00
Michael Nebel	1185e28ea2	Java: Add some spurious source and sink model generation examples.	2024-06-19 14:10:56 +02:00
Michael Nebel	ed3f1e40db	Java: Sync changes and make dummy language specific implementation.	2024-06-19 14:10:54 +02:00
Michael Nebel	99907471b2	C#: Update model generator expected output.	2024-06-19 14:10:52 +02:00

... 329 330 331 332 333 ...

85368 Commits