hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 02:08:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,723 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
167a8f0e4a Merge pull request #15459 from michaelnebel/csharp/spansummaries 
C#: Add summaries for Span<T> and ReadOnlySpan<T>.
 2024-02-07 08:54:19 +01:00
Tamás Vajk
54c9135936 Merge pull request #15518 from tamasvajk/feature/telemetry-dependency-manager 
C#: Extract dependency restore telemetry data
 2024-02-07 08:14:01 +01:00
dependabot[bot]
565426940c Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.14.0 to 0.15.0
- [Commits](https://github.com/golang/mod/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-07 03:32:07 +00:00
Robert Marsh
5653c3f972 C++: Update IR test expectations for named destructors 2024-02-06 21:04:52 +00:00
Jonathan Leitschuh
1484a169d7 Reduce severity of java/relative-path-command 
Significantly reduces the severity of `java/relative-path-command` from 9.8 to 5.4

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
 2024-02-06 15:43:19 -05:00
Mathias Vorreiter Pedersen
3b43f848c9 Merge pull request #15529 from MathiasVP/delete-get-interval-updated-by-chi 2024-02-06 19:55:24 +00:00
Henry Mercer
e71f0fc1ba Add supported build modes to extractor metadata 2024-02-06 19:51:13 +00:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
Benjamin Rodes
80bf38d8cc Initial working draft of non-const source refactor. 2024-02-06 14:20:01 -05:00
Geoffrey White
f6b412e1c9 C++: Use hasQualifiedName. 2024-02-06 17:48:42 +00:00
Benjamin Rodes
5e5fea8ef3 Merge branch '50-model-gettext-family-of-string-operations' into 51-2cppnon-constant-format-alter-not-const-source 2024-02-06 12:47:08 -05:00
Geoffrey White
d1e040e27c C++: Bug fix for subclasses. 2024-02-06 17:45:14 +00:00
Mathias Vorreiter Pedersen
b68824a337 C#: Sync identical files. 2024-02-06 17:41:11 +00:00
Mathias Vorreiter Pedersen
7948911415 C++: Delete dead code. 2024-02-06 17:38:22 +00:00
Geoffrey White
a9b2876b71 C++: Delete commented out code. 2024-02-06 17:34:15 +00:00
Geoffrey White
66d8943c08 C++: Minor bug fix. 2024-02-06 17:20:14 +00:00
Erik Krogh Kristensen
43f1189615 Merge pull request #15526 from github/erik-krogh/fix-jndi-typo 
Java: fix typo in JndiInjection.qhelp
 2024-02-06 17:39:25 +01:00
Geoffrey White
25200b47ea C++: Implement the namespace field. 2024-02-06 16:35:48 +00:00
Geoffrey White
a5527903e9 C++: Fix some mistakes in the MAD definitions for the tests. 2024-02-06 16:34:07 +00:00
Mathias Vorreiter Pedersen
f7fe84adb4 C++: Add change note. 2024-02-06 16:23:59 +00:00
Mathias Vorreiter Pedersen
21b9b3b87f C++: Accept test changes. 2024-02-06 16:15:22 +00:00
Mathias Vorreiter Pedersen
359b6e14c6 C++: Block flow out of 'swap'. 2024-02-06 16:15:21 +00:00
Mathias Vorreiter Pedersen
e539aca337 C++: Add an interface for blocking flow out of functions that reach a certain argument. 2024-02-06 16:15:21 +00:00
Robert Marsh
40e06b7877 C++: suppress destructor calls on delete in IR generation 
This avoids an issue with duplicated qualifiers that was causing broken control flow
 2024-02-06 14:55:00 +00:00
Dave Bartolomeo
c4c8cd6b34 Merge pull request #15522 from github/release-prep/2.16.2 
Release preparation for version 2.16.2
 2024-02-06 06:21:14 -08:00
Erik Krogh Kristensen
879d882fa4 Java: fix typo in JndiInjection.qhelp 2024-02-06 15:17:30 +01:00
Benjamin Rodes
fc509c2cbe Added additional gettext variant test. 2024-02-06 09:17:10 -05:00
Ben Rodes
0023291903 Update cpp/ql/src/change-notes/2024-02-05-gettext-dataflows.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2024-02-06 09:12:25 -05:00
Michael Nebel
2e4786c2ab C#: Update flow summaries expected output test. 2024-02-06 14:06:07 +01:00
Michael Nebel
31b0da7639 C#: Update models for Except and DefaultIfEmpty. 2024-02-06 14:00:59 +01:00
Max Schaefer
705a377060 Address review comments. 2024-02-06 12:54:29 +00:00
Tamás Vajk
681c37d5fc Code quality improvement 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-02-06 13:49:08 +01:00
Geoffrey White
7514037464 C++: Add test cases for MAD sources, sinks and summaries in namespaces. 2024-02-06 12:12:28 +00:00
Mathias Vorreiter Pedersen
33cefabe27 Update cpp/ql/src/CHANGELOG.md 2024-02-06 11:05:22 +00:00
Mathias Vorreiter Pedersen
6c1e3b1ba6 Update cpp/ql/src/change-notes/released/0.9.4.md 2024-02-06 11:02:15 +00:00
Michael Nebel
b41758fb39 C#: Update summaries for Enumerable.DefaultIfEmpty to target elements in the return value. 2024-02-06 11:24:02 +01:00
Koen Vlaswinkel
8361efca4d Merge pull request #15503 from github/koesie10/ruby-access-paths 
Ruby: Add query for access paths in model editor
 2024-02-06 10:12:26 +01:00
Erik Krogh Kristensen
cec124c0be Merge pull request #15480 from ockers/ockers/certification_not_certificate 
False positive in SensitiveDataHeuristics - exclude certification from maybeCertificate() regex
 2024-02-06 09:40:25 +01:00
erik-krogh
94b7bda3dc exclude tagged template literals from js/superfluous-trailing-arguments 2024-02-06 09:36:30 +01:00
erik-krogh
4e176236e7 add a definition of user 2024-02-06 09:21:35 +01:00
erik-krogh
44fe34a37d use the correct string type in the tainted-path examples 2024-02-06 09:20:27 +01:00
Tamas Vajk
e4a4e3af39 Update DB stats 2024-02-06 08:18:27 +01:00
Jim Ockers
01e8109b71 Merge branch 'main' into ockers/certification_not_certificate 2024-02-05 13:42:00 -08:00
Robert Marsh
8013c2a074 C++: QLDoc and naming updates for implicit destructors in IR 2024-02-05 19:14:56 +00:00
Robert Marsh
bbabf1dfcc C++: add test for constructors in C++17 decl-in-if 2024-02-05 18:41:18 +00:00
Benjamin Rodes
256554df06 Added change log 2024-02-05 13:04:16 -05:00
Benjamin Rodes
5b2d15265f gettext variant dataflow tests 2024-02-05 13:01:51 -05:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Alvaro Muñoz
0398fbd0d7 Refactor AST layer 2024-02-05 18:04:37 +01:00
Harry Maclean
f792b58421 Ruby: Recognise more ActiveRecord connections 2024-02-05 16:45:59 +00:00