Harry Maclean
|
f7fc2e0b00
|
Ruby: Fix StringSubstitutionCall charpred
Some missing parens meant this class targeted way more things than
intended.
|
2024-05-01 16:14:58 +01:00 |
|
Michael B. Gale
|
397e641f2f
|
Merge pull request #16375 from github/mbg/go/allow-version-suffixes
Go: Allow version suffixes
|
2024-05-01 15:41:54 +01:00 |
|
Michael B. Gale
|
00cbfaf40e
|
Go: Allow version suffixes
|
2024-05-01 15:00:45 +01:00 |
|
Michael Nebel
|
42653b5fec
|
Java: Add change note about local query removal.
|
2024-05-01 13:07:22 +02:00 |
|
Michael Nebel
|
58bbfe694f
|
Java: Deprecate the content of ExecTaintedLocalQuery as this is unused.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
d9c7401ea2
|
Java: Deprecate the local content of UrlRedirectLocalQuery and remove the local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
ed7538d0b9
|
Java: Deprecate the local content of TaintedPathQuery and remove the local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
5b89bd23c7
|
Java: Deprecate the content of SqlTaintedLocalQuery and remove the local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
b68abab12a
|
Java: Deprecate the content of ResponseSplittingLocalQuery and remove local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
d05c5e3d94
|
Java: Deprecate the content of NumericCastTaintedLocalQuery, remove the local query variant and update the non-local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
301a6cc191
|
Java: Deprecate the content of ImproperValidationOrArray and remove local query variants.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
acd0fa4b7b
|
Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
85a4dd0325
|
Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant.
|
2024-05-01 13:07:20 +02:00 |
|
Mathias Vorreiter Pedersen
|
dc4604f5a5
|
Merge pull request #16367 from MathiasVP/better-documentation-for-iterator-to-expired-container
C++: Improve documentation for `cpp/iterator-to-expired-container`
|
2024-05-01 11:56:27 +01:00 |
|
Mathias Vorreiter Pedersen
|
40b6e1624f
|
Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2024-05-01 11:41:23 +01:00 |
|
Mathias Vorreiter Pedersen
|
22e843abc6
|
Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2024-05-01 11:41:16 +01:00 |
|
Jeroen Ketema
|
3c70a2d7df
|
C++: Update test results after extractor changes
|
2024-05-01 12:30:38 +02:00 |
|
Jeroen Ketema
|
541effb8cb
|
Merge pull request #16369 from jketema/destructors-init-stmt
C++: Update IR tests after better handling of init statements in the extractor
|
2024-05-01 10:47:03 +02:00 |
|
Anders Schack-Mulligen
|
248ffa15a2
|
Merge pull request #16318 from aschackmull/dataflow/doublyboundedfasttc
Dataflow: Use doublyBoundedFastTC.
|
2024-05-01 09:48:23 +02:00 |
|
Michael Nebel
|
072f19008a
|
Java: Deprecate the content of ArithmeticTaintedLocalQuery and remove the arithmetic tainted local query variant.
|
2024-05-01 08:59:51 +02:00 |
|
Michael Nebel
|
93988e5834
|
Java: Deprecate the content of XxeLocalQuery and remove the Xxe local query variant.
|
2024-05-01 08:59:50 +02:00 |
|
Michael Nebel
|
e0c2a43780
|
Java: Deprecate the content of XssLocalQuery and remove the Xss local query variant.
|
2024-05-01 08:59:50 +02:00 |
|
Jeroen Ketema
|
5843326b5c
|
C++: Update IR tests after better handling of init statements in the extractor
|
2024-04-30 21:12:30 +02:00 |
|
Mathias Vorreiter Pedersen
|
3a2b0a2feb
|
Merge pull request #16366 from MathiasVP/fix-ir-for-destructors-in-switch
C++: Fix IR destructor calls on `JumpStmt`s
|
2024-04-30 18:26:54 +01:00 |
|
Joe Farebrother
|
fd55713006
|
add changenote
|
2024-04-30 18:17:18 +01:00 |
|
Joe Farebrother
|
c6372d5822
|
Fix qldoc and remove PotentialViewCallable class
|
2024-04-30 18:13:06 +01:00 |
|
Mathias Vorreiter Pedersen
|
07dd6d5c8d
|
C++: Align 'break' statements.
|
2024-04-30 16:40:23 +01:00 |
|
Mathias Vorreiter Pedersen
|
708d12624f
|
C++: Update documentation on 'cpp/iterator-to-expired-container'.
|
2024-04-30 16:32:32 +01:00 |
|
Mathias Vorreiter Pedersen
|
3eddd3114f
|
C++: Accept test changes.
|
2024-04-30 16:14:30 +01:00 |
|
Mathias Vorreiter Pedersen
|
61ce7252e6
|
C++: Update the alert message in 'cpp/iterator-to-expired-container'.
|
2024-04-30 16:12:54 +01:00 |
|
Mathias Vorreiter Pedersen
|
b86aeb68ae
|
Merge pull request #16364 from MathiasVP/ir-guards-with-boolean
C++: Support `IRGuard`s with no implicit boolean conversion
|
2024-04-30 16:07:32 +01:00 |
|
Mathias Vorreiter Pedersen
|
cf025e1924
|
C++: Accept test changes.
|
2024-04-30 15:47:53 +01:00 |
|
Mathias Vorreiter Pedersen
|
a200ced2d6
|
C++: Fix IR generation for jump statements.
|
2024-04-30 15:46:46 +01:00 |
|
Mathias Vorreiter Pedersen
|
c04e59611b
|
Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental
C++: Promote `cpp/iterator-to-expired-container` out of experimental
|
2024-04-30 15:45:56 +01:00 |
|
Mathias Vorreiter Pedersen
|
c5a87c95d8
|
C++: Add tests that incorrectly call destructors twice.
|
2024-04-30 15:39:00 +01:00 |
|
Joe Farebrother
|
4f22b91e73
|
Add tests for cases not yet supported
|
2024-04-30 15:20:09 +01:00 |
|
Henry Mercer
|
797f675285
|
Merge pull request #16365 from github/post-release-prep/codeql-cli-2.17.2
Post-release preparation for codeql-cli-2.17.2
|
2024-04-30 14:51:01 +01:00 |
|
Mathias Vorreiter Pedersen
|
c32c810ae7
|
C++: Add a test with a 'short' type.
|
2024-04-30 14:48:21 +01:00 |
|
Mathias Vorreiter Pedersen
|
32fe084630
|
Update cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
|
2024-04-30 14:42:30 +01:00 |
|
Joe Farebrother
|
ba054bd428
|
Manually specify subclasses for redirect models
|
2024-04-30 14:33:46 +01:00 |
|
Ian Lynagh
|
0715c4ac5a
|
Merge pull request #16341 from igfoo/igfoo/ODASA_BUILD_ERROR_DIR
Java: Remove support for deprecated ODASA_BUILD_ERROR_DIR env var
|
2024-04-30 13:18:51 +01:00 |
|
github-actions[bot]
|
99928b82ed
|
Post-release preparation for codeql-cli-2.17.2
|
2024-04-30 12:15:35 +00:00 |
|
Rasmus Wriedt Larsen
|
377c6b4cc8
|
Merge pull request #12557 from felickz/patch-1
add security-severity score to code scanning query list
|
2024-04-30 13:48:22 +02:00 |
|
Mathias Vorreiter Pedersen
|
2939c89f7a
|
C++: Accept test changes.
|
2024-04-30 12:04:42 +01:00 |
|
Mathias Vorreiter Pedersen
|
bb6cc92728
|
C++: Support guards without implicit boolean conversions.
|
2024-04-30 12:04:35 +01:00 |
|
Mathias Vorreiter Pedersen
|
d736426529
|
C++: Support guards without implicit boolean conversions.
|
2024-04-30 11:45:58 +01:00 |
|
Mathias Vorreiter Pedersen
|
806d42852c
|
C++: Add test in C file with pointer type guard.
|
2024-04-30 11:33:22 +01:00 |
|
Henry Mercer
|
8e251ee54f
|
Merge pull request #16363 from github/release-prep/2.17.2
Release preparation for version 2.17.2
codeql-cli/v2.17.2
|
2024-04-30 11:29:06 +01:00 |
|
github-actions[bot]
|
5228d94d42
|
Release preparation for version 2.17.2
|
2024-04-30 10:25:51 +00:00 |
|
Alvaro Muñoz
|
9843f375ee
|
ignore runtime info for pull_request triggered workflows
|
2024-04-30 12:20:53 +02:00 |
|