hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 16:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,654 Commits 1,692 Branches 160 Tags
codeql-cli/v2.24.1
Commit Graph

85654 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys Klicius
35c75c00ba JS: Add modeling for @gar/promisify 2025-09-15 16:58:11 +02:00
Napalys Klicius
312471e9db JS: Add modeling for @google-cloud/promisify 2025-09-15 16:55:27 +02:00
Napalys Klicius
d37425ae3e JS: Treat promisify(obj).member as obj.member 2025-09-15 16:51:19 +02:00
Ian Lynagh
5cf052dec1 Csharp: Fix typo in LeapYear qhelp 
Corrects "add/substract" to "add/subtract" in the UnsafeYearConstruction.qhelp
file to improve clarity.
 2025-09-15 15:44:11 +01:00
Napalys Klicius
22b61852a1 JS: Add modeling for thenify-all 2025-09-15 16:31:14 +02:00
Napalys Klicius
d6a14e63ba JS: Add test cases for promisification libraries. 2025-09-15 16:21:12 +02:00
Ian Lynagh
d0091e1b3c javascript: Fix spelling error in documentation 
Corrects the spelling of "occurrences" in the Incomplete Multi-Character
Sanitization documentation to improve clarity.
 2025-09-15 14:53:22 +01:00
copilot-swe-agent[bot]
e630bf86bd Implement Rust non-HTTPS URL query (CWE-319) 
Co-authored-by: geoffw0 <40627776+geoffw0@users.noreply.github.com>
 2025-09-15 11:44:05 +00:00
copilot-swe-agent[bot]
459f00ab41 Initial plan 2025-09-15 11:25:11 +00:00
Simon Friis Vindum
78389c8897 Merge pull request #20133 from paldepind/rust/type-inference-blanket-impl 
Rust: Support blanket implementations
 2025-09-15 12:46:41 +02:00
Simon Friis Vindum
af49301332 Merge pull request #20381 from paldepind/rust/request-forgery-query 
Rust: Add basic request forgery query
 2025-09-15 12:46:23 +02:00
Geoffrey White
00f644888c Merge pull request #20426 from geoffw0/cookie2 
Rust: cookie and biscotti crypto query sinks
 2025-09-15 11:07:46 +01:00
Anders Schack-Mulligen
acb4d9f681 Shared: Copy some qldoc from Guards.qll 2025-09-15 11:41:23 +02:00
Simon Friis Vindum
35438294d1 Rust: Remove condition that always holds 2025-09-15 10:58:27 +02:00
Anders Schack-Mulligen
be39c4c0cd Shared: Minor precision improvement. 2025-09-15 10:38:49 +02:00
Simon Friis Vindum
875c7da87c Rust: Improve comments in type inference 2025-09-15 10:37:38 +02:00
Anders Schack-Mulligen
b308c5438f Java: Add a change note, and a minor ql comment. 2025-09-15 10:14:26 +02:00
Simon Friis Vindum
50bdc658ba Rust: Apply documentation tweaks 2025-09-15 09:32:33 +02:00
Chad Bentz
5cfa6e83b3 Add support for route parameters(+ blocks), headers, and cookies in Grape API 2025-09-12 22:51:47 -04:00
Chad Bentz
3252bd39d2 Enhance Grape framework with additional data flow modeling and helper method support 2025-09-12 22:13:21 -04:00
Chad Bentz
738ab6fba7 Refactor Grape framework code for improved readability and consistency 2025-09-12 19:23:15 -04:00
Chad Bentz
d295acc3c3 Add initial support for Ruby Grape 2025-09-12 19:22:05 -04:00
Geoffrey White
989081ba4a Rust: Change note. 2025-09-12 18:12:59 +01:00
Geoffrey White
118ac07b71 Rust: Convert 'from' models into one generic one. 2025-09-12 18:05:30 +01:00
Geoffrey White
9f83b67a7c Rust: Model vec::from_elem. 2025-09-12 17:30:44 +01:00
Geoffrey White
e2d94127d6 Rust: Model vec::from. 2025-09-12 16:44:47 +01:00
Geoffrey White
5d3ea2f4d3 Rust: Add models for the cookie and biscotti crates. 2025-09-12 16:13:14 +01:00
Geoffrey White
2bb9e2f7be Rust: Add test cases for hardcoded cryptographic constants in cookies. 2025-09-12 15:42:56 +01:00
Simon Friis Vindum
e2e6fd0683 Rust: Address feedback from PR review 2025-09-12 16:10:58 +02:00
Simon Friis Vindum
19c529e87b Bazel: regenerate vendored cargo dependencies 2025-09-12 15:48:23 +02:00
Simon Friis Vindum
3cf1a16a13 Cargo: upgrade dependencies 2025-09-12 15:45:37 +02:00
Anders Schack-Mulligen
e302616135 Java: Accept qltest change. 2025-09-12 15:41:18 +02:00
Anders Schack-Mulligen
f9ffee010f Java: Minor nullness cleanup. 2025-09-12 15:41:17 +02:00
Anders Schack-Mulligen
2743fc0be1 Guards: Include ConditionalExpr in exprHasValue. 2025-09-12 15:41:17 +02:00
Anders Schack-Mulligen
e8f1ec68db Java: Accept guards test results. 2025-09-12 15:41:17 +02:00
Anders Schack-Mulligen
60d07cf30d Java: Clean up IntegerGuards.qll 2025-09-12 15:41:16 +02:00
Anders Schack-Mulligen
03321ff910 Java: Replace nullness implementation. 2025-09-12 15:41:16 +02:00
Anders Schack-Mulligen
4a8ffea0f6 Shared: Add control flow reachability lib. 2025-09-12 15:41:15 +02:00
Simon Friis Vindum
f48b643375 Bazel: regenerate vendored cargo dependencies 2025-09-12 15:38:18 +02:00
Simon Friis Vindum
12dcd751d3 Rust: Accept test changes 2025-09-12 15:34:09 +02:00
Simon Friis Vindum
29ba013580 Rust: Add support for resolving methods from blanket implementations 2025-09-12 15:34:04 +02:00
Chris Smowton
db5c58180e Change note 2025-09-12 14:32:12 +01:00
Chris Smowton
f5780ae369 Amend docstring 2025-09-12 14:32:10 +01:00
Chris Smowton
4fb133a43d Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access 2025-09-12 14:32:07 +01:00
Simon Friis Vindum
d10cdfb7f1 Rust: Move existing blanket implementation test 2025-09-12 15:31:42 +02:00
Simon Friis Vindum
69a1c7e1e8 Rust: Add tests with blanket implementation 2025-09-12 15:26:19 +02:00
Anders Schack-Mulligen
452bbf7289 Java: Add some more nullness tests. 2025-09-12 13:38:21 +02:00
Anders Schack-Mulligen
924a8eac5c Java: Improve precision of SuccessorType labels in CFG. 2025-09-12 13:38:21 +02:00
Anders Schack-Mulligen
1ebdcdfa8c Guards: Support integer ranges. 2025-09-12 13:38:20 +02:00
Anders Schack-Mulligen
db1f399067 Java: Preparatory Nullness refactor. 2025-09-12 13:38:20 +02:00