hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 20:58:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,161 Commits 1,723 Branches 164 Tags
codeql-cli/v2.24.3
Commit Graph

86161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
REDMOND\brodes
95d4a541bc C++: Refactor leap year logic for UncheckedLeapYearAfterYearModification. Includes new logic for detecting leap year checks, new forms of leap year checks detected, and various heuristics to remove false postives. Move TimeConversionFunction into LeapYear.qll and refactored to separate conversion functions that are expected to be checked for failure from those that auto correct leap year dates if feb 29 is provided on a non-leap year. Increas the set of known TimeConversionFunctions. 2026-02-06 16:03:37 -05:00
REDMOND\brodes
6c171c804f C++: Add more tests for modified years with and without leap year checks (UncheckedLeapYearAfterYearModification). Switch to using 'postprocess' for unit tests. 2026-02-06 16:03:25 -05:00
Jon Janego
d0bd8459a1 Merge pull request #21291 from github/codeql-spark-run-21760759512 
Update changelog documentation site
 2026-02-06 12:28:56 -06:00
Jon Janego
1c43ceae95 Merge branch 'main' into codeql-spark-run-21760759512 2026-02-06 12:16:31 -06:00
Geoffrey White
a5aeadd31d Rust: Fix for neutral summaries. 2026-02-06 18:15:13 +00:00
Jon Janego
5bf2d9442e Fix formatting in changelog for Go path injection query 2026-02-06 12:14:03 -06:00
Jon Janego
c40d784a4d Update codeql-cli-2.23.1.rst 2026-02-06 12:13:34 -06:00
Jon Janego
bf6568b928 Fix formatting for Kotlin version support note 2026-02-06 12:12:55 -06:00
Jon Janego
79ad064a93 Fix formatting in Kotlin version support note 2026-02-06 12:12:16 -06:00
Jon Janego
552976d057 Update codeql-cli-2.19.1.rst 2026-02-06 12:11:49 -06:00
github-actions[bot]
353cd31ce6 update codeql documentation 2026-02-06 18:09:49 +00:00
Geoffrey White
08174d7ec9 Rust: Add test cases for summaries as well. 2026-02-06 18:05:54 +00:00
REDMOND\brodes
f6c302b68c Removing commented out test cases. 2026-02-06 11:28:48 -05:00
REDMOND\brodes
4f11913ee5 removing SSRFSink.qll 2026-02-06 11:23:58 -05:00
REDMOND\brodes
42f6e6a19c Fixing inefficiently passed variable in nested existential quantification. 2026-02-06 11:20:15 -05:00
REDMOND\brodes
97f19d03ad Updating test case expected alerts. 2026-02-06 11:20:13 -05:00
REDMOND\brodes
97ddab0724 Added support for new URIValidator in AntiSSRF library. Updated test caes to use postprocessing results. Currently results for partial ssrf still need work, it is flagging cases where the URL is fully controlled, but is sanitized. I'm not sure if this should be flagged yet. 2026-02-06 11:20:11 -05:00
REDMOND\brodes
27e19813be Removing an upstream change log, not needed for local fork update. 2026-02-06 11:20:10 -05:00
REDMOND\brodes
88adb05d4b Adjusting acryonym for SSRF for casing standards. 2026-02-06 11:20:08 -05:00
REDMOND\brodes
265922d2e5 Adding docs. 2026-02-06 11:20:01 -05:00
REDMOND\brodes
7db97799c1 Moved change log to correct location. 2026-02-06 11:19:22 -05:00
Ben Rodes
08b72d0a86 Update python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_azure_client.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-06 11:18:51 -05:00
Ben Rodes
46a2a249f9 Update python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_azure_client.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-06 11:18:49 -05:00
REDMOND\brodes
b8ba905253 Added change logs. 2026-02-06 11:18:23 -05:00
REDMOND\brodes
9912aaaf1a Adding azure sdk test cases and updated test expected file. 2026-02-06 11:18:16 -05:00
Paolo Tranquilli
48db24d184 Merge pull request #21287 from github/redsun82/fix-rust-deps-patching 
Bazel: fix Rust deps patching for semver build metadata
 2026-02-06 17:17:24 +01:00
REDMOND\brodes
8459eec239 Moving the SsrfSink concept into Concepts.qll, and renaming to HttpClientRequestFromModel as suggested in PR review. 2026-02-06 09:26:49 -05:00
Anders Fugmann
c5179e40c6 Kotlin: Add change note for supporting 2.3.10 2026-02-06 14:59:34 +01:00
github-actions[bot]
38830ddc5c Bazel: fix Rust deps patching for semver build metadata 
Handle crate versions containing `+` build metadata (e.g., `0.9.11+spec-1.1.0`).
Bazel repo names use `-` instead of `+`, so the generated labels need patching
to reference the correct repo name.

Also adds documentation for both patching issues handled by patch_defs.py.
 2026-02-06 14:58:34 +01:00
Anders Fugmann
d5827b5cca Kotlin: Support Kotlin 2.3.10 2026-02-06 14:54:08 +01:00
Michael Nebel
6c355a1bf8 C#: Update test expected output. 2026-02-06 14:38:27 +01:00
Michael Nebel
e550d4937c C#: Update parameter modifiers test to include lambda expression from the new test file. 2026-02-06 14:37:50 +01:00
Michael Nebel
62a6b5985d C#: Add test cases for lambda parameter modifiers. 2026-02-06 14:37:11 +01:00
Mathias Vorreiter Pedersen
2c05624088 Merge pull request #21280 from MathiasVP/make-getChildCount-more-robust 
C++: Make 'getChildCount' more robust by counting indices instead of elements
 2026-02-06 12:19:20 +00:00
Ben Rodes
ac1987f264 Update python/ql/lib/change-notes/2025-09-30-azure_ssrf_models.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-02-05 15:44:44 -05:00
Mathias Vorreiter Pedersen
d57a42a7f7 C++: Make 'getChildCount' more robust by counting indexes instead of 'TranslatedDeclarationEntry's. 2026-02-05 20:23:45 +00:00
Tom Hvitved
32aaac27ec Rust: Add type inference regression test 2026-02-05 17:29:42 +01:00
Tom Hvitved
2dc7576232 Rust: Rework call disambiguation logic 2026-02-05 17:29:40 +01:00
Geoffrey White
05a487ec3b Rust: Repair following merge. 2026-02-05 15:56:58 +00:00
Geoffrey White
c0a5c63e8e Merge branch 'main' into neutralmodels 2026-02-05 15:53:28 +00:00
Taus
5adc9f8ff0 Merge pull request #21274 from github/tausbn/python-fix-parsing-of-format-specifiers 
Python: Fix syntax error when `=` is used as a format fill character
 2026-02-05 16:37:42 +01:00
Michael Nebel
02e4a8b6f7 C#: Add change-note. 2026-02-05 15:52:43 +01:00
Michael Nebel
bd3e4d3d7e C#: Add MaD tests for extensions. 2026-02-05 15:38:29 +01:00
Michael Nebel
4b6a53b577 C#: Add extension data flow test. 2026-02-05 15:38:27 +01:00
Michael Nebel
6cbe000d51 C#: Add PrintAst test for extensions. 2026-02-05 15:38:25 +01:00
Michael Nebel
c040daab9c C#: Add extensions test. 2026-02-05 15:38:20 +01:00
Michael Nebel
849823eff6 C#: Add dispatch logic for calling extensions accessors as methods. 2026-02-05 15:38:16 +01:00
Michael Nebel
e831c80a23 C#: Replace extension parameter access with the corresponding synthetic parameter. 2026-02-05 15:38:14 +01:00
Michael Nebel
5e02a86542 C#: Add extension call classes. 2026-02-05 15:38:12 +01:00
Michael Nebel
b9f36f37b6 C#: Add extension callable and accessor classes. 2026-02-05 15:38:09 +01:00