hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-08 16:44:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,732 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sim4n6
be3f59afab Replaced StringMethod() with a restrained String method calls 2023-05-20 12:17:33 +01:00
Sim4n6
d939f192d5 Deleted the UBV query change note. 2023-05-20 11:46:18 +01:00
Sim4n6
21e99d52c7 Fix a redundant import 2023-05-20 10:23:04 +01:00
Sim4n6
b8969707c5 Delete the vulnerability flow image from the QHelp file. 2023-05-20 10:21:38 +01:00
Sim4n6
16ce024429 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:13:23 +01:00
Sim4n6
8462b14b54 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:12:55 +01:00
Sim4n6
2a8645c447 Fix 'Singleton set literal' warning 2023-05-20 10:11:26 +01:00
Sim4n6
58be109a70 Moved UnicodeBypassValidation Customizations & Query.qll to src/experimental 2023-05-20 10:08:56 +01:00
Robert Marsh
bf07b0f97b C++: fix cxartesian product in constant off-by-one query 2023-05-19 18:32:09 -04:00
Geoffrey White
b6122d01fc Swift: Clean up the query somewhat. 2023-05-19 22:40:53 +01:00
Geoffrey White
2028b5ef95 Swift: Fix imprecise sinks. 2023-05-19 22:23:26 +01:00
Geoffrey White
19080333b9 Swift: Add a few test cases. 2023-05-19 22:18:34 +01:00
Mathias Vorreiter Pedersen
58f4b7696d Merge pull request #13223 from geoffw0/useasnominaltypedecl 
Swift: Use asNominalTypeDecl more.
 2023-05-19 16:53:28 +01:00
Tony Torralba
b58eb3a92c Java: Add TemplateEngine.createTemplate as a groovy injection sink 2023-05-19 17:45:47 +02:00
Mathias Vorreiter Pedersen
c15ebf83ee C++: Add testcase with FP (and also fix an incorrect test annotation). 2023-05-19 16:38:18 +01:00
Philip Ginsbach
999e7f96c7 Merge pull request #13222 from github/ginsbach/SignatureSyntax 
add syntax for signature definitions to QL specification
 2023-05-19 16:22:45 +01:00
Geoffrey White
881134a6f5 Swift: Add warning note to Decl.getMember. 2023-05-19 16:12:09 +01:00
Alexandre Boulgakov
f943502e41 Merge pull request #13224 from github/sashabu/tsp-empty-help-links 
Swift: Drop support for plaintext diagnostics (and `helpLinks`).
 2023-05-19 15:44:44 +01:00
Alexandre Boulgakov
b3e76d6052 Swift: Drop support for plaintext diagnostics (and helpLinks). 
The recommended option is Markdown diagnostics, and we have already migrated everything to emit them. The empty help link we're currently emitting everywhere is a bug.
 2023-05-19 15:16:02 +01:00
Alexandre Boulgakov
a1beaa6300 Merge pull request #13186 from github/redsun82/swift-diagnostics-wording 
Swift: reword TSP diagnostics after doc team review
 2023-05-19 15:15:46 +01:00
Geoffrey White
5ffde7a762 Update swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-05-19 14:55:39 +01:00
Alexandre Boulgakov
110b766770 Swift: Add a . to a test message to match the logging API change in this PR. 2023-05-19 14:46:12 +01:00
Philip Ginsbach
6957857773 add syntax for signature declarations to QL specification 2023-05-19 14:44:29 +01:00
Alexandre Boulgakov
1e9b849e93 Merge branch 'main' into redsun82/swift-diagnostics-wording 2023-05-19 14:43:01 +01:00
Alexandre Boulgakov
8f7279ee05 Swift: TSP message wording changes. 2023-05-19 14:39:57 +01:00
Alexandre Boulgakov
5bb2eb4155 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:37:18 +01:00
Alexandre Boulgakov
137b4a99ef Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:24 +01:00
Alexandre Boulgakov
ddcac20a94 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:14 +01:00
Alexandre Boulgakov
8a15af5614 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:04 +01:00
Geoffrey White
68bdd51dd3 Swift: Add QLDoc encouraging this pattern. 2023-05-19 14:35:08 +01:00
Geoffrey White
0d8aa825d9 Swift: Use asNominalType() more widely to include things declared in extensions. 2023-05-19 14:19:32 +01:00
Geoffrey White
ccbd041875 Swift: Use asNominalTypeDecl() to simplify models. 2023-05-19 14:04:49 +01:00
Mathias Vorreiter Pedersen
2206216dbb Merge pull request #13221 from geoffw0/filepath 
Swift: Taint model for FilePath
 2023-05-19 14:01:22 +01:00
Geoffrey White
c8dfc87dae Swift: getName -> getFullName. 2023-05-19 12:18:17 +01:00
Geoffrey White
13755ad5f5 Swift: Remove placeholder lines I had left in. 2023-05-19 11:42:00 +01:00
Tony Torralba
babf429c9a Merge pull request #13220 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-05-19 08:57:15 +02:00
github-actions[bot]
66f2579437 Add changed framework coverage reports 2023-05-19 00:15:25 +00:00
Geoffrey White
6dfad79972 Swift: Model FilePath. 2023-05-18 18:56:08 +01:00
Geoffrey White
371bcc55fa Swift: Consolidate and extend tests of taint flow through FilePath. 2023-05-18 18:01:38 +01:00
Alexandre Boulgakov
fa52c32564 Merge pull request #13170 from github/sashabu/internal-error-tsp 
Swift: Emit diagnostics on assertion/expectation violations.
 2023-05-18 17:19:43 +01:00
Mathias Vorreiter Pedersen
e0263a719e Merge pull request #13218 from MathiasVP/c18-to-c17 
C++: Replace `C18` with `C17` in documentation
 2023-05-18 16:42:15 +01:00
Mathias Vorreiter Pedersen
70b08a093c C++: Replace 'C18' with 'C17'. 2023-05-18 15:55:21 +01:00
Mathias Vorreiter Pedersen
8f7bb8b11f Merge pull request #13217 from MathiasVP/cleanup-overrun-write-product-flow 
C++: Small cleanup of `cpp/overrun-write`
 2023-05-18 13:59:44 +01:00
Tony Torralba
a8afa4785e Merge pull request #13140 from atorralba/atorralba/java/spring-jdbc-namedparam-models 
Java: Add SQLi sinks for Spring JDBC
 2023-05-18 14:49:28 +02:00
Mathias Vorreiter Pedersen
a77c62473e C++: Reduce code-duplication in 'cpp/overrun-write'. 2023-05-18 13:23:15 +01:00
Mathias Vorreiter Pedersen
8cf25ba421 Merge pull request #13191 from MathiasVP/fix-pointer-pointee-conflation 
C++: Fix pointer/pointee conflation
 2023-05-18 13:09:10 +01:00
Alvaro Muñoz
bf3fb09dfd Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-05-18 12:39:41 +02:00
Mathias Vorreiter Pedersen
2e734755fb Merge pull request #13215 from MathiasVP/update-qldoc-on-typemention 
C++: Update documentation for `TypeMention`
 2023-05-18 10:24:13 +01:00
Jeroen Ketema
34fdeb4e6b Merge pull request #13203 from jketema/deref-size 
C++: Use range analysis-based `hasSize` predicate in `cpp/invalid-pointer-deref`
 2023-05-18 11:03:09 +02:00
Geoffrey White
d26a86185f Swift: Codegen. 2023-05-18 09:43:13 +01:00