hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,712 Branches 163 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
c378d6a661 Merge pull request #16027 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-04-02 14:08:09 +02:00
Tom Hvitved
368a500d93 C#: Neutralize some System.Diagnostics generated models 2024-04-02 13:58:55 +02:00
Felicity Chapman
75eee04f3e Merge pull request #15890 from intrigus-lgtm/patch-9 
[cpp-docs] Fix 404 link in guards library doc.
 2024-04-02 12:49:03 +01:00
Rasmus Wriedt Larsen
8707a63edb Python: Add comments around storeStepCommon 2024-04-02 13:26:26 +02:00
Rasmus Wriedt Larsen
20202aba90 Python: Deprecate AttributeName 2024-04-02 13:21:46 +02:00
Ian Lynagh
e610573411 Merge pull request #16078 from igfoo/igfoo/exprs_changes 
Kotlin 2: Accept more changes
 2024-04-02 12:19:17 +01:00
Ian Lynagh
e5999f76b0 Merge pull request #16079 from igfoo/igfoo/del 
Kotlin 2: Accept some more location changes
 2024-04-02 12:18:58 +01:00
Alvaro Muñoz
2a1226c37a Add workflow_dispatch to the triggers for artifact poisoning 2024-04-02 12:54:42 +02:00
Harry Maclean
409f46ef7b Merge pull request #14308 from hmac/hmac-rb-csrf-not-enabled 
Ruby: Add a query for CSRF protection not enabled
 2024-04-02 11:30:36 +01:00
Jeroen Ketema
3c8c45872e Merge pull request #16060 from jketema/qual-fix 
C++: Output destructor calls for delete expressions
 2024-04-02 11:49:51 +02:00
Henry Mercer
9409d7fdca Merge pull request #16066 from github/henrymercer/ql-run-diagnostics 
QL: Run diagnostics and summary metrics in code scanning
 2024-04-02 10:45:50 +01:00
Mathias Vorreiter Pedersen
352e7de07d C++: Accept test changes. 2024-04-02 10:43:10 +01:00
Jeroen Ketema
01183800a6 C++: Fix formatting 2024-04-02 11:38:19 +02:00
Jeroen Ketema
9190bf25ce C++: Add example to QLDoc 2024-04-02 11:35:43 +02:00
Rasmus Wriedt Larsen
f33222c83b JS: Add change-note 2024-04-02 11:10:53 +02:00
Mathias Vorreiter Pedersen
bd0ddec630 C++: Fix join order in 'cpp/double-free'. 2024-04-02 09:59:53 +01:00
Jeroen Ketema
a5d4fad806 C++: Output destructor calls for delete expressions 2024-04-02 10:32:03 +02:00
Tom Hvitved
a8dac17aec Merge pull request #16016 from hvitved/csharp/remove-lgtm-autobuilder-options 
C#: Remove support for legacy LGTM options in autobuilder
 2024-04-02 10:03:10 +02:00
Erik Krogh Kristensen
332c1e3b8a Merge pull request #16026 from erik-krogh/htmlSafeSan 
RB: Add barrier guard for `.html_safe?` to the XSS queries
 2024-04-02 07:54:19 +02:00
Erik Krogh Kristensen
0fd89549da Merge pull request #16033 from github/dependabot/cargo/ql/regex-1.10.4 
Bump regex from 1.10.3 to 1.10.4 in /ql
 2024-04-02 07:52:17 +02:00
Erik Krogh Kristensen
58bf0b709f Merge pull request #16077 from github/dependabot/cargo/ql/chrono-0.4.37 
Bump chrono from 0.4.35 to 0.4.37 in /ql
 2024-04-02 07:51:49 +02:00
github-actions[bot]
55987d9c1f Add changed framework coverage reports 2024-04-02 00:16:19 +00:00
Alvaro Muñoz
152d29da38 Add Artifact poisoning and Env Injection queries 2024-04-01 18:53:37 +02:00
Chuan-kai Lin
0bc9318400 Merge pull request #16086 from github/post-release-prep/codeql-cli-2.17.0 
Post-release preparation for codeql-cli-2.17.0
 2024-04-01 08:41:39 -07:00
github-actions[bot]
8e61c6625b Post-release preparation for codeql-cli-2.17.0 2024-04-01 15:27:42 +00:00
Chuan-kai Lin
6475034b09 Merge pull request #16085 from github/release-prep/2.17.0 
Release preparation for version 2.17.0
 2024-04-01 06:53:52 -07:00
github-actions[bot]
ec97d9a304 Release preparation for version 2.17.0 2024-04-01 13:46:57 +00:00
Owen Mansel-Chan
fdafaa2ff4 Change note: update numbers of models added 2024-04-01 14:04:01 +01:00
Owen Mansel-Chan
e3fb40a842 Adjust change note 2024-04-01 14:03:53 +01:00
Owen Mansel-Chan
a5979e209a Add change note 2024-04-01 14:03:47 +01:00
Owen Mansel-Chan
fa614df3f4 Tests fixed by model for CharBuffer.wrap(char[]) 2024-04-01 14:03:42 +01:00
Owen Mansel-Chan
2d24fe011b Accept that lots of sinks are now summaries as well 2024-04-01 14:03:36 +01:00
Owen Mansel-Chan
9067a337b0 Test fixed by model for BasicAttributes(String, Object) 2024-04-01 14:03:30 +01:00
Owen Mansel-Chan
776c9d9eb2 Accept changes to top jdk apis test 2024-04-01 14:03:23 +01:00
Owen Mansel-Chan
52e6ea30e7 Accept more capture summary models 
This line is added because `FileOutputStream`'s constructor is now modeled as propagating taint, not just as a sink.
| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated |
 2024-04-01 14:03:00 +01:00
Owen Mansel-Chan
919436efbb Remove df-gen models we have deliberately modeled 
Manual models always take precedence over generated models, so there is
no point in keeping the generated models.

These manual models were deliberately written to take precedence over
the corresponding df-gen models.
 2024-04-01 13:59:36 +01:00
Alvaro Muñoz
c7b3148af6 Merge pull request #39 from GitHubSecurityLab/new_sources 
feat(sources): New sources
 2024-04-01 10:56:45 +02:00
Alvaro Muñoz
cc16318a90 Make new trilom source compliant with new sources 2024-04-01 10:56:03 +02:00
Alvaro Muñoz
ee81a87428 resolve conflicts 2024-04-01 10:54:02 +02:00
Alvaro Muñoz
9807cf87d5 resolve conflicts 2024-04-01 10:52:46 +02:00
Alvaro Muñoz
bdfd46111f Only triggered on non-pull_request events 2024-04-01 10:51:26 +02:00
Jami
d889e3cf98 Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion 
Java: Promote Unsafe URL Forward query from experimental
 2024-03-29 16:34:06 -04:00
Geoffrey White
fa26b55452 C++: Add models-as-data models for ZMQ networking library + wiring. 2024-03-28 21:50:07 +00:00
Geoffrey White
16f9ad06ef C++: Add a test for ZMQ network library sources as well. 2024-03-28 21:50:07 +00:00
Geoffrey White
891f05c5ae C++: Add a test for simple sinks involving ZMQ networking library. 2024-03-28 21:50:07 +00:00
Geoffrey White
5618001c3f C++: More QLDoc refinement. 2024-03-28 21:50:07 +00:00
Jami
2f8c4df309 docs wording updates 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-03-28 16:15:05 -04:00
James Fletcher
5b1cae5fc2 Merge pull request #16076 from github/jf205-patch-1 
Make customizing-library-models-for-javascript.rst visible to search and the docs TOC
 2024-03-28 17:05:32 +00:00
Calum Grant
ef2e2e4067 Merge pull request #16071 from github/calumgrant/cpp-analysis 
Add C++ analysis in separate workflow
 2024-03-28 17:53:53 +01:00
Ian Lynagh
3acdc73f22 Kotlin 2: Accept some more location changes 2024-03-28 16:15:37 +00:00