hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-27 17:58:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,721 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
4591560692 Merge pull request #14544 from p-/p--oj-ox-unsafe-deser 
Ruby: additional unsafe deserialization sinks for ox and one for oj
 2024-01-30 19:28:32 +01:00
Geoffrey White
1b433c7af3 C++: Add QLDoc comments. 2024-01-30 17:54:28 +00:00
Ian Lynagh
2eb9b61412 Kotlin: Add a test for path transformers 2024-01-30 17:40:43 +00:00
Geoffrey White
c29d0b78ce C++: Add top of file doc comment. 2024-01-30 17:29:18 +00:00
Geoffrey White
8b2888c2de C++: Change note. 2024-01-30 17:24:05 +00:00
Joe Farebrother
8bd79908a6 Implement local auth query 2024-01-30 16:49:55 +00:00
Geoffrey White
4ae8a9a6c4 C++: Add PreprocBlock tests. 2024-01-30 16:47:35 +00:00
Peter Stöckli
fb075a9e88 Rename 2023-10-19-unsafe-deserialization-sinks.md to 2024-01-30-unsafe-deserialization-sinks.md 2024-01-30 17:31:33 +01:00
Henti Smith
612256b760 Updated dotnet to 8.0.101 
This is a corresponding PR to https://github.com/github/semmle-code/pull/48786
 2024-01-30 16:23:07 +00:00
Asger F
19ba9fed99 Handle externs 2024-01-30 17:13:02 +01:00
Asger F
1737ba1a6b JS: Add library for naming endpoints 2024-01-30 16:36:51 +01:00
Sid Shankar
f557110d9b Merge pull request #15465 from sidshank/sidshank/rename-file-name-for-extracted-files-diagnostic 
JS/TS/Python/Ruby: Renames diagnostic query files and tests
 2024-01-30 10:19:00 -05:00
Koen Vlaswinkel
0442631c68 Ruby: Only generate models for public methods 2024-01-30 16:07:34 +01:00
Rasmus Wriedt Larsen
c265c15f3f Merge pull request #15398 from RasmusWL/html-escape 
Python: Add `html.escape` as HTML sanitizer
 2024-01-30 16:06:01 +01:00
Koen Vlaswinkel
8aa3542d13 Merge pull request #15470 from github/koesie10/add-summary-neutral-ruby-supported 
Ruby: Correctly report supported status of summary and neutral models
 2024-01-30 15:46:45 +01:00
Peter Stöckli
1947dee46a Merge branch 'main' into p--oj-ox-unsafe-deser 2024-01-30 15:33:39 +01:00
Benjamin Rodes
1a044fbbde Merge branch '42-false-positive-cpp-uninitializedlocal' of https://github.com/microsoft/codeql into 42-false-positive-cpp-uninitializedlocal 2024-01-30 09:22:51 -05:00
Benjamin Rodes
f58f77de82 PR change suggestions. 2024-01-30 09:22:22 -05:00
Peter Stöckli
9596aebee3 Format: getValue now on one line 2024-01-30 15:22:16 +01:00
Ben Rodes
8c04bbfb57 Update cpp/ql/src/change-notes/2024-01-29-uninitialized-local-false-positive.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2024-01-30 09:19:49 -05:00
Peter Stöckli
3c8bc96ab5 replace occurence of AssignExprCfgNode for Oj as well 2024-01-30 15:17:37 +01:00
Peter Stöckli
e87effc18c Apply suggestions from code review 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2024-01-30 15:14:35 +01:00
Harry Maclean
e5ba8fe625 Merge pull request #15467 from hmac/hmac-and-barrier 
Ruby: Block flow from LHS of && expressions
 2024-01-30 14:02:39 +00:00
Koen Vlaswinkel
b32071999b Ruby: Correctly report supported status of summary and neutral models 2024-01-30 15:00:13 +01:00
Tony Torralba
e2bf9ea2eb Consider File.exists() et al a path-injection sink 2024-01-30 14:51:36 +01:00
Geoffrey White
af17ae236f C++: Autoformat. 2024-01-30 13:47:11 +00:00
Geoffrey White
310c78d1e7 C++: Add PreprocBlock.qll library. 2024-01-30 13:47:07 +00:00
Asger F
6cfdd7aec4 JS: Add InlineExpectationsTest 2024-01-30 13:20:57 +01:00
Asger F
8930ce74af JS: Do not view packages as nested in a private package 2024-01-30 13:20:57 +01:00
Asger F
2d8d11fa78 JS: Restrict type-only exports in API graphs 2024-01-30 13:20:57 +01:00
Asger F
0e0fb0e52d JS: Remove API graph edge causing ambiguity 2024-01-30 13:20:56 +01:00
Asger F
e441dd472b JS: Expose hasBothNamedAndDefaultExports() 2024-01-30 13:20:55 +01:00
Mathias Vorreiter Pedersen
e2ae4a699c C++: Add change note. 2024-01-30 11:44:46 +00:00
Mathias Vorreiter Pedersen
33e37536df C++: Accept test changes. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
1dfd32ee5c C++: Model function calls throwing exceptions. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
eb94203f04 C++: Add an 'EdgeKind' column to 'getExceptionSuccessorInstruction'. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
8bb17a7127 C++: Add an 'EdgeKind' column to 'getInitializationSuccessor'. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
4fb20e14f5 C++: Add an 'EdgeKind' column to 'getChildTrueSuccessor' and 'getChildFalseSuccessor'. 2024-01-30 11:32:47 +00:00
Mathias Vorreiter Pedersen
10ae793de5 C++: Add an 'EdgeKind' column to 'getFirstInstruction'. 2024-01-30 11:31:41 +00:00
Mathias Vorreiter Pedersen
d2e8b88b24 C++: Add an 'EdgeKind' column to 'getChildSuccessor'. 2024-01-30 11:26:46 +00:00
Rasmus Wriedt Larsen
c70b32f7eb Python: Require quote escaping for html.escape 2024-01-30 12:17:01 +01:00
Harry Maclean
f230e618a3 Ruby: Update tests 2024-01-30 09:43:56 +00:00
Michael Nebel
41cca4711b Merge pull request #15426 from michaelnebel/csharp/collectionexpressions 
C# 12: Support for collection expressions.
 2024-01-30 10:39:39 +01:00
Mathias Vorreiter Pedersen
78d5d9a7ab Merge pull request #15448 from microsoft/false_positive_cpp_incorrect_string_type_conversion 
cpp/incorrect-string-type-conversion false positive fixes
 2024-01-30 09:37:01 +00:00
Mathias Vorreiter Pedersen
56e44f9b3c Merge pull request #15458 from MathiasVP/dataflow-node-deduplication 
C++: Fix more `asExpr` duplication
 2024-01-30 09:34:57 +00:00
Mathias Vorreiter Pedersen
436a9ce604 Merge pull request #15460 from MathiasVP/fix-scanf-fp-2 
C++: Fix another FP in `cpp/incorrectly-checked-scanf`
 2024-01-30 09:32:32 +00:00
Tom Hvitved
503d2f7b95 Ruby: Rework mayBenefitFromCallContext 2024-01-30 09:57:29 +01:00
Harry Maclean
75b13da4e4 Ruby: Block flow from LHS of && expressions 
The only values that can flow from the LHS of an && expression are
`false` and `nil`, neither of which seem relevant for any of our
queries.
 2024-01-30 08:53:32 +00:00
Joe Farebrother
460ffc89b2 Add additional test cases 2024-01-29 22:43:28 +00:00
Sid Shankar
b1d7a635f5 Renames diagnostic query files and tests 
This commit renames the files relating to the diagnostic query that produces information on the number of files extracted. The files have been renamed from "SuccessfullExtractedFiles.*" to "ExtractedFiles.*". All related tests and test files have been renamed too.

The `@tags` and `@id` attributes of the queries have been left untouched, consistent with the `@tags` and `@id` for similar queries in other languages.
 2024-01-29 20:19:20 +00:00