hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-17 15:33:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,654 Commits 1,692 Branches 160 Tags
codeql-cli/v2.24.1
Commit Graph

85654 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
500421d891 Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.28.0 to 0.29.0
- [Commits](https://github.com/golang/mod/compare/v0.28.0...v0.29.0)

Updates `golang.org/x/tools` from 0.37.0 to 0.38.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-13 03:14:48 +00:00
Tom Hvitved
2577452849 C#: Add neutral model for System.ComponentModel.PropertyDescriptor.GetValue 2025-10-12 09:06:54 +02:00
REDMOND\brodes
e76ced1513 Crypto: Updating weak asymmetric key gen to include key exchange. 2025-10-10 15:32:39 -04:00
REDMOND\brodes
d68f3cff8b Crypto: InsecureIVorNonceSource now ignored null to avoid being too noisy. 2025-10-10 14:51:16 -04:00
REDMOND\brodes
ffd191d0e1 Crypto: missing new endpoint to get the creating operation for a key if known. 2025-10-10 14:50:50 -04:00
REDMOND\brodes
36673659ad Crypto: Weak asymmetric key gen size fixes and test. 2025-10-10 14:49:35 -04:00
REDMOND\brodes
758759a304 Crypto: Reused nonce query updates and test updates to address false positives. 2025-10-10 12:25:31 -04:00
Geoffrey White
106bad2764 Rust: Add test cases for bad use of prepared statements as well. 2025-10-10 17:17:08 +01:00
Geoffrey White
c102ce41b7 Rust: Claim support for the two libraries. 2025-10-10 17:12:48 +01:00
Geoffrey White
859c1ef55d Rust: Change note. 2025-10-10 17:11:20 +01:00
Geoffrey White
f16742bf74 Rust: Add models. 2025-10-10 17:09:46 +01:00
Michael B. Gale
47632cdbd1 C#: Improve log messages in DotNetCliInvoker 2025-10-10 17:08:24 +01:00
Owen Mansel-Chan
944e116cc0 Add path query example to other lang data flow docs 2025-10-10 16:22:50 +01:00
Geoffrey White
f15a34f361 Rust: Add test cases for transactions as well. 2025-10-10 16:10:57 +01:00
Geoffrey White
883e00558a Rust: Add test cases for the mysql_async library. 2025-10-10 16:10:56 +01:00
Geoffrey White
ef93b364da Rust: Add test cases for the mysql library. 2025-10-10 15:05:21 +01:00
Owen Mansel-Chan
3c80690ba8 Fix link syntax 2025-10-10 13:58:19 +01:00
Michael Nebel
9ec0c9d5f2 C#: Add change note. 2025-10-10 14:06:45 +02:00
Michael Nebel
56ff0baba3 C#: Use * IDs for source locations. 2025-10-10 14:03:49 +02:00
Michael Nebel
ab9f78fee2 Merge pull request #20617 from michaelnebel/csharp/unboundlocations 
C#: Reduce location TRAP creation for Fields, Parameters, Constructors, Destructors and Operators.
 2025-10-10 13:47:57 +02:00
Tom Hvitved
d842107633 Merge pull request #20621 from hvitved/rust/static-target-addressable 
Rust: Include tuple structs/variants in `CallExprBase.getStaticTarget()`
 2025-10-10 13:00:28 +02:00
Michael Nebel
b8c3a28de3 C#: Add change note. 2025-10-10 11:47:19 +02:00
Owen Mansel-Chan
100463572b Add path query example to python data flow docs 2025-10-10 10:37:09 +01:00
Owen Mansel-Chan
2930e793f1 Fix mistakes in Go data flow examples in docs 2025-10-10 10:36:23 +01:00
Owen Mansel-Chan
87f32dc49f Merge pull request #20613 from owen-mc/go/sanitize-simpletypes-request-forgery 
Go: sanitize simple types in `go/request-forgery`
 2025-10-10 09:15:30 +01:00
Tom Hvitved
0fc2875527 Rust: Include tuple structs/variants in CallExprBase.getStaticTarget() 2025-10-10 09:48:08 +02:00
Owen Mansel-Chan
2c6af0cdb7 Merge pull request #20580 from owen-mc/codeowners-for-shared-libs-and-catchall 
Add code owners for `/shared/` and a catch-all
 2025-10-09 16:31:17 +01:00
Michael Nebel
e8fd843e52 C#: Update some tuple related tests. 2025-10-09 16:33:47 +02:00
Owen Mansel-Chan
11f20457e2 Fix team name 2025-10-09 14:15:07 +01:00
REDMOND\brodes
fba80870a6 Crypto: Example query reorg - moving queries of this PR into 'examples' subdirectories. 2025-10-09 09:03:00 -04:00
REDMOND\brodes
deb43735be Crypto: Minor fixes to WeakSymmetricCipher, change to a singular name for consistency. 2025-10-09 08:39:39 -04:00
yoff
5109babd92 java: add qldoc 
These interfaces were previously in a .ql file.
Also, use the XXAccess variants.
 2025-10-09 14:20:28 +02:00
REDMOND\brodes
3dedda4233 Merge branch 'santander-java-crypto-check' of https://github.com/bdrodes/codeql into santander-java-crypto-check 2025-10-09 08:18:04 -04:00
REDMOND\brodes
c6cc4fff51 Crypto: Minor fixes to WeakBlockModes, WeakHash to consider SHA3 ok, Added unknown hash. 2025-10-09 08:16:28 -04:00
Michael Nebel
89681a49e6 C#: Only extract the unbound locations for constructors, destructors and user defined operators and use this in the QL code. 2025-10-09 14:13:27 +02:00
Michael Nebel
02428fc467 C#: Add some location examples for constructors, destructors and operators. 2025-10-09 14:13:24 +02:00
Michael Nebel
051b83f036 C#: Only extract the unbound location for fields and parameters and use this location in the QL code. 2025-10-09 14:04:13 +02:00
Michael Nebel
f200c3ce85 C#: Add field location example. 2025-10-09 14:04:10 +02:00
Michael Nebel
b9eae31172 C#: Add parameter locations test. 2025-10-09 14:04:08 +02:00
Nicolas Will
fdba3acc4b Crypto: Fix QL-for-QL alert and auto-format 2025-10-09 13:59:51 +02:00
yoff
1ad239459f java: move shared code into Concurrency.qll 2025-10-09 13:36:35 +02:00
Owen Mansel-Chan
37151791b4 Add change notes 2025-10-09 12:26:32 +01:00
Owen Mansel-Chan
3cbce80d0b Add SimpleTypeSanitizer to go/request-forgery 2025-10-09 12:17:21 +01:00
Owen Mansel-Chan
7599fdd8fa Add request forgery test for numeric type 2025-10-09 12:17:19 +01:00
Owen Mansel-Chan
0c9cd09140 Make NumericOrBooleanSanitizer easier to access and rename it 2025-10-09 12:17:17 +01:00
yoff
f90e9dbb5e java: favour inline_late over inline 
This gives much greater control over the join-order
 2025-10-09 13:01:25 +02:00
yoff
26c1b2f143 java: adjust test expectations; new queries are enabled in extended 2025-10-09 12:29:42 +02:00
Idriss Riouak
f52e3dcb7f Merge pull request #20601 from github/idrissrio/java-localhost 
Java integration test: wait for test servers to come up before running test
 2025-10-09 10:57:11 +02:00
Geoffrey White
a7c166d161 Merge pull request #20599 from geoffw0/rust-ga-change-note 
Rust: Add change note for Rust GA.
 2025-10-09 08:51:44 +01:00
yoff
830f02af1f java: fixes from the CI bots 2025-10-09 09:37:31 +02:00