hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-01 05:08:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,723 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
1b9b6ae5b5 Merge pull request #14542 from github/esbena/proper-check-change-note 
Improve change note checking
 2023-10-20 11:47:53 +02:00
Ian Lynagh
a4ef183a2e Merge pull request #14529 from igfoo/igfoo/classid_fqname 
Kotlin: Don't convert back and forth between ClassId and FqName
 2023-10-20 10:28:25 +01:00
Tamas Vajk
36f1070b93 Adjust expected test files 2023-10-20 09:42:00 +02:00
Tamas Vajk
fc1fc05d16 C#: Rework .net framework reference removal 2023-10-20 09:22:14 +02:00
Jami Cogswell
ee4a9c3f8d CI: remove extraneous quotes that were causing 'get_previous_run_id' to always fail with a 'list index out of bounds' error 2023-10-19 19:23:14 -04:00
Jami Cogswell
6e29b70100 CI: update comment (if it exists) 2023-10-19 19:19:25 -04:00
Jami Cogswell
9263cfdf56 CI: save and upload comment id (if it exists) 2023-10-19 19:14:23 -04:00
Dave Bartolomeo
15e9838f16 Add a readme file 2023-10-19 17:27:21 -04:00
Dave Bartolomeo
fb1b41b649 Fix formatting 2023-10-19 17:20:38 -04:00
Dave Bartolomeo
c268163804 warnOnImplicitThis 2023-10-19 17:18:47 -04:00
Dave Bartolomeo
910b2a98f1 Merge remote-tracking branch 'origin/main' into dbartol/threat-models 2023-10-19 17:07:38 -04:00
Dave Bartolomeo
bd7de83aab Use extension packs for threat models 2023-10-19 17:07:26 -04:00
Dave Bartolomeo
07eb60d044 Merge pull request #14531 from github/post-release-prep/codeql-cli-2.15.1 
Post-release preparation for codeql-cli-2.15.1
 2023-10-19 13:32:33 -04:00
Dave Bartolomeo
712f7758cf Merge branch 'main' into post-release-prep/codeql-cli-2.15.1 2023-10-19 12:14:07 -04:00
Owen Mansel-Chan
e19ebf9ca8 Add external file scope 2023-10-19 16:48:38 +01:00
Owen Mansel-Chan
563805ff0c Fix nodeGetEnclosingCallable 
It wasn't updated when MkImplicitVarargsSlice was added as a branch of
TNode. This meant that it gave no result for `ImplicitVarargsSlice`s
in function calls used to initialise variables declared at file level.
 2023-10-19 16:48:37 +01:00
Owen Mansel-Chan
a3cecd178f Add consistency query 
This can be run on an existing database to check for any assumptions
of the data flow library which do not hold.
 2023-10-19 16:47:56 +01:00
Tamas Vajk
fbfafbfdd4 C#: Remove netstandard.library.ref from the references 2023-10-19 15:49:16 +02:00
Erik Krogh Kristensen
2a1ca637fd Merge pull request #14543 from erik-krogh/string-not-int 
move the documentation of codePointAt and codePointCount to the string type instead of the int type
 2023-10-19 14:39:10 +02:00
Peter Stöckli
09cf76a880 Ruby: additional unsafe deserialization sinks for ox, oj 2023-10-19 14:04:48 +02:00
erik-krogh
5cd732b3c6 move the documentation of codePointAt and codePointCount to the string type instead of the int type 2023-10-19 12:57:06 +02:00
Owen Mansel-Chan
67601b5312 Add DataFlowImplConsistency.qll for Go library 2023-10-19 11:43:00 +01:00
Mathias Vorreiter Pedersen
0ab159f803 Merge pull request #14135 from github/sashabu/frontend-update 
C++: Update for changes in frontend.
 2023-10-19 11:40:24 +01:00
Esben Sparre Andreasen
2c99e2f3d5 improve change note file name checks 2023-10-19 12:16:27 +02:00
Esben Sparre Andreasen
836bb6006c improve env var usage in check-change-note.yml 2023-10-19 12:05:29 +02:00
amammad
ee4d87bd96 remove hardcoded JWT secret-key query 2023-10-19 11:57:53 +02:00
amammad
8e0f52cebc remove noverification query 2023-10-19 11:57:06 +02:00
Mathias Vorreiter Pedersen
0bfa53cfd6 Merge pull request #14524 from MathiasVP/add-more-dataflow-documentation 
C++: Add more documentation about dataflow through indirections
 2023-10-19 10:32:12 +01:00
Mathias Vorreiter Pedersen
4feda50add Update docs/codeql/codeql-language-guides/advanced-dataflow-scenarios-cpp.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-10-19 11:00:42 +02:00
Mathias Vorreiter Pedersen
b5cbd909f7 Update docs/codeql/codeql-language-guides/advanced-dataflow-scenarios-cpp.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-10-19 11:00:33 +02:00
Mathias Vorreiter Pedersen
35702a9fdf Update docs/codeql/codeql-language-guides/advanced-dataflow-scenarios-cpp.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-10-19 11:00:18 +02:00
Jeroen Ketema
a972d0943a C++: Accept test changes after changes in IR generation 2023-10-19 10:45:14 +02:00
Jeroen Ketema
2a64552979 C++: Add support for C23/C++23 floating-point types 2023-10-19 10:45:14 +02:00
Jeroen Ketema
7e71d9e619 C++: Update expected test results after outputting less loads from the extractor 2023-10-19 10:45:14 +02:00
Jeroen Ketema
bec3e62771 C++: Update cpp/constant-array-overflow test results after frontend update 2023-10-19 10:45:14 +02:00
Jeroen Ketema
23c6027386 C++: Update expected test changes after frontend update 2023-10-19 10:45:13 +02:00
Jeroen Ketema
8b8a2726d4 C++: Accept semantic range analysis test changes due to extra loads in the IR 2023-10-19 10:45:13 +02:00
Jeroen Ketema
554087161b C++: Accept sign analysis test changes 
The IR now contains extra loads that need to be accounted for.
 2023-10-19 10:45:13 +02:00
Jeroen Ketema
5036135f01 C++: Fix IR generation for the comma operator 2023-10-19 10:45:13 +02:00
Jeroen Ketema
0fceecee6d C++: Fix extractor options for deprecated_with_msg test 
The previous extractor options no longer work, because the default assumed
compiler versions have changed in the frontend.
 2023-10-19 10:45:13 +02:00
Jeroen Ketema
e271c7e5e7 C++: Accept IR GVN test changes a CopyValue is now Load due to IR changes 2023-10-19 10:45:13 +02:00
Jeroen Ketema
91a98f3512 C++: Accept new dataflow IR inconsistencies 
These are due to additional loads being generated on fields, and should not
cause any problems. Ideally, we should tune the definition of
`TPostFieldUpdateNode` to make these go away.
 2023-10-19 10:45:13 +02:00
Jeroen Ketema
231e9ef098 C++: Accept PrintAST value category changes after frontend update 2023-10-19 10:45:13 +02:00
Jeroen Ketema
a6dae91215 C++: Accept IR test changes after value category updates 2023-10-19 10:45:12 +02:00
Jeroen Ketema
3202bcce70 C++: Handle ternary operators whose value category is a prvalue with a load 2023-10-19 10:45:12 +02:00
Jeroen Ketema
c60cb136bb C++: Do not generate loads for ParenthesisExprs 2023-10-19 10:45:12 +02:00
Jeroen Ketema
4339e18ed6 C++: Update IR generation for changes in frontend 2023-10-19 10:45:12 +02:00
Jaroslav Lobačevski
2b541b78ac fix CWE number 2023-10-19 09:36:25 +02:00
Tony Torralba
049ba54948 Merge pull request #14533 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-10-19 08:56:36 +02:00
Erik Krogh Kristensen
daca5121f6 Merge pull request #14540 from github/dependabot/cargo/ql/tracing-0.1.40 
Bump tracing from 0.1.39 to 0.1.40 in /ql
 2023-10-19 08:47:56 +02:00