codeql

mirror of https://github.com/github/codeql.git synced 2026-03-27 01:38:22 +01:00

Author	SHA1	Message	Date
Robert Marsh	f791b0ebbf	C++: Model for smart pointer destructors	2024-02-13 01:00:46 +00:00
Robert Marsh	b6cf64cff3	C++: simplify TranslatedBlock::getLastChild	2024-02-13 00:46:53 +00:00
Robert Marsh	7d8872bb99	C++: Fix for multiple for-loop variables with destructors	2024-02-13 00:40:19 +00:00
Robert Marsh	6663420d39	C++: test for multiple for loop variables with destructors	2024-02-13 00:35:56 +00:00
Robert Marsh	b94c4a6e1b	C++: fix for destructor of while-loop condition	2024-02-13 00:13:22 +00:00
Robert Marsh	bac7e46b0f	C++: tests for destructors after a while-loop condition	2024-02-12 23:55:42 +00:00
Josh Soref	a128161746	Use `!cancelled` in qhelp-pr-preview workflow	2024-02-12 16:59:42 -05:00
Alvaro Muñoz	3c5358c381	Merge pull request #6 from GitHubSecurityLab/composite_actions feat: support for composite action's analysis	2024-02-12 22:57:31 +01:00
Alvaro Muñoz	e9707af38d	feat: support for composite action's analysis	2024-02-12 22:55:58 +01:00
Asger F	faefa056eb	Merge pull request #15507 from asgerf/shared/outbarrier-bugfix Shared: fix a bug in stateful outbarriers	2024-02-12 21:44:49 +01:00
Tom Hvitved	15cf695188	C#: Fix various bad joins	2024-02-12 19:49:53 +01:00
Tom Hvitved	90f3670f3d	C#: Remove all DB stats	2024-02-12 19:49:29 +01:00
Mathias Vorreiter Pedersen	a799399639	C++: Accept test changes.	2024-02-12 16:51:25 +00:00
Mathias Vorreiter Pedersen	70c7c1a5e7	C++: Add flow from the fill character to the output pointer.	2024-02-12 16:51:16 +00:00
Mathias Vorreiter Pedersen	8635b5d316	C++: Add test with missing flow.	2024-02-12 16:44:38 +00:00
Cornelius Riemenschneider	27ebebc24b	Python: Update BUILD.bazel files. This allows us to (later) build the whole python language pack with bazel.	2024-02-12 17:10:35 +01:00
Paolo Tranquilli	a944443d39	Merge branch 'main' into redsun82/bzlmod	2024-02-12 16:03:50 +01:00
Rasmus Wriedt Larsen	cbb9a64bbb	Merge pull request #15457 from RasmusWL/psycopg Python: Model the `psycopg` package	2024-02-12 15:59:16 +01:00
Paolo Tranquilli	c0eeb7a34e	Bazel: reference (and locally stub) internal module	2024-02-12 15:58:43 +01:00
Alvaro Muñoz	9030cb3df4	Merge pull request #5 from GitHubSecurityLab/env_context Implement support for env context	2024-02-12 15:48:37 +01:00
Alvaro Muñoz	99358c62e2	Extend CFG to reach env expressions	2024-02-12 15:47:27 +01:00
Alvaro Muñoz	70d1741177	Merge pull request #4 from GitHubSecurityLab/improve_mad Refactor MaD semantics	2024-02-12 15:46:50 +01:00
Benjamin Rodes	091416131b	Removing 'const' specifier filtering after discussions with the team. We will test if this causes undesirable cases in DCA and then choose which approach is best.	2024-02-12 09:38:00 -05:00
Harry Maclean	3d9f9afa77	Merge pull request #15566 from hmac/hmac-actioncontroller-regex Ruby: Fix ActionController path regex	2024-02-12 14:14:57 +00:00
Alvaro Muñoz	4b57cee300	Initial implementaion of env context support	2024-02-12 15:14:47 +01:00
Michael Nebel	68b920f330	C#: Update other tests expected output.	2024-02-12 15:09:36 +01:00
Harry Maclean	99497e5f3c	Merge pull request #15521 from hmac/hmac-ar-connection Ruby: Recognise more ActiveRecord connections	2024-02-12 14:06:50 +00:00
Tony Torralba	b6385f7938	Merge pull request #15533 from JLLeitschuh/patch-5 Reduce severity of `java/relative-path-command`	2024-02-12 15:04:05 +01:00
Joe Farebrother	3a4a841844	Add change note + update severity	2024-02-12 14:01:27 +00:00
Joe Farebrother	16a7d68780	Add documentation	2024-02-12 13:58:01 +00:00
Joe Farebrother	2eb93b7a3b	Add unit tests	2024-02-12 13:49:45 +00:00
Joe Farebrother	d8985f9f5b	Move tests for local auth to a folder	2024-02-12 13:49:45 +00:00
Joe Farebrother	c79a3eb6ae	Add query for insecure key generation	2024-02-12 13:49:44 +00:00
Joe Farebrother	75a2b9415c	Merge pull request #15481 from joefarebrother/android-local-auth Java: Add query for insecure local authentication	2024-02-12 13:48:53 +00:00
Tony Torralba	db2eb202ee	Merge pull request #15565 from atorralba/atorralba/java/open-redirect-sanitizer Java: Add extension point and default sanitizer to Open Redirect query	2024-02-12 14:42:52 +01:00
Ian Lynagh	931b27f76c	Merge pull request #15573 from igfoo/igfoo/k2-more Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected	2024-02-12 13:29:19 +00:00
Ian Lynagh	a7eac1100b	Merge pull request #15569 from igfoo/igfoo/kt2-accept Kotlin 2: Accept more location changes	2024-02-12 13:29:10 +00:00
Harry Maclean	5af58d24e0	Ruby: Recognise raw Erb output as XSS sink	2024-02-12 13:28:44 +00:00
Paolo Tranquilli	53539226a8	Bazel: use internal codeql module	2024-02-12 14:27:55 +01:00
Alvaro Muñoz	4f0b66ea03	Refactor MaD semantics	2024-02-12 13:47:44 +01:00
Michael Nebel	aed5080142	C#: Add primary constructor change note.	2024-02-12 13:27:40 +01:00
Michael Nebel	4083348b3e	C#: Add a primary constructor QL library test.	2024-02-12 13:27:39 +01:00
Michael Nebel	ff29679317	C#: Update expected test output.	2024-02-12 13:27:39 +01:00
Michael Nebel	42f4656667	C#: Data flow for primary constructors.	2024-02-12 13:27:39 +01:00
Michael Nebel	f5d4c49b16	C#: Add some more constructor dataflow tests.	2024-02-12 13:13:06 +01:00
Michael Nebel	86212b24ba	C#: Move constructor data flow tests to a separate folder.	2024-02-12 13:13:06 +01:00
Michael Nebel	afe3c5ea8d	C#: Re-arrange the code in constructor data flow test and update expected output.	2024-02-12 13:13:06 +01:00
Tamas Vajk	888f47c6c8	Remove `cil=false` extractor option from integration tests	2024-02-12 12:02:43 +01:00
Tamas Vajk	70b6ae6876	Add comments to nuget.config file restore	2024-02-12 11:59:19 +01:00
Asger F	8d3a19aaad	JS: Fix termination criteria Previously it was theoretically possible to create a cycle of preferred predecessors, since badness had higher precedence than depth. We now require the preferred predecessor to have lower depth. With this criteria we can remove the arbitray cap on badness.	2024-02-12 11:44:52 +01:00

... 423 424 425 426 427 ...

85368 Commits