hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 20:58:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,723 Branches 164 Tags
codeql-cli/v2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael B. Gale
f1f4ddb76c Add dependency on testify/assert 2026-01-25 15:20:06 +00:00
Michael B. Gale
fafc2ddc0b Add DiagnosticsWriter interface to abstract over diagnostics output implementation 2026-01-25 15:20:05 +00:00
Michael B. Gale
f837d90060 Improve go/autobuilder/package-not-found diagnostic message 2026-01-25 15:18:19 +00:00
Michael B. Gale
fdc5ae375b Add IsActionsWorkflow 2026-01-25 12:39:56 +00:00
Michael B. Gale
e250c711aa Add IsDynamicActionsWorkflow 2026-01-25 12:06:30 +00:00
Mathias Vorreiter Pedersen
cabcb83b2f Merge pull request #21212 from MathiasVP/fix-as-definition 
C++: Fix missing results for `Node.asDefinition`
 2026-01-23 19:39:22 +00:00
Jeroen Ketema
e36080061d Merge pull request #21162 from owen-mc/cpp/mad-barriers 
C++: Allow MaD barriers
 2026-01-23 18:14:01 +01:00
Mathias Vorreiter Pedersen
6c2a3a68b6 C++: Add change note. 2026-01-23 16:35:02 +00:00
Mathias Vorreiter Pedersen
a556152b9d C++: Fix asDefinition to not only work for SSA definitions. 2026-01-23 16:23:21 +00:00
Mathias Vorreiter Pedersen
e58a8330cd C++: Add test for asDefinition. 2026-01-23 16:22:39 +00:00
Chris Smowton
949fc3745a Merge pull request #21211 from smowton/smowton/fix/long-actions-expressions 
Actions: tolerate long `${{ ... }}` expressions
 2026-01-23 07:54:59 -08:00
Chris Smowton
a326ce34a8 change note 2026-01-23 15:47:17 +00:00
Chris Smowton
9018401722 Add test 2026-01-23 15:37:40 +00:00
Chris Smowton
6c2e0f7658 Move library tests into subdirectory 2026-01-23 15:35:25 +00:00
Chris Smowton
dc26a57548 Use posessive quantifier to avoid stack overflow on large ${{}} expressions 2026-01-23 15:35:24 +00:00
Owen Mansel-Chan
82e2afc93c Merge pull request #5 from jketema/cpp/mad-barriers 
C++: Add MySQL MaD taint and barrier models
 2026-01-23 15:06:32 +00:00
Jeroen Ketema
7ed1c0a2ee C++: Add change note 2026-01-23 14:15:29 +01:00
Jeroen Ketema
ecd247bf16 C++: Add MaD models for MySQL escaping 2026-01-23 14:15:27 +01:00
Jeroen Ketema
ad590f30c1 Merge branch 'main' into cpp/mad-barriers 2026-01-23 14:14:22 +01:00
Jeroen Ketema
075041f1ae Merge pull request #21209 from jketema/jketema/sql 
C++: Simplify `cpp/sql-injection` barrier
 2026-01-23 13:33:19 +01:00
Rasmus Wriedt Larsen
7e674f3227 Merge pull request #21160 from owen-mc/scripts/accept-ci-changes-more-robust 
Scripts: be more robust when parsing test logs
 2026-01-23 11:49:06 +01:00
Geoffrey White
573ab025b4 Merge pull request #21191 from geoffw0/addsub 
Rust: More test cases for add, sub etc
 2026-01-23 10:30:21 +00:00
Simon Friis Vindum
7bdf2ab9d2 Merge pull request #21210 from paldepind/rust/self-tests 
Rust: Add tests for `Self` constructors
 2026-01-23 11:27:58 +01:00
Simon Friis Vindum
8f6f7d0985 Rust: Fix typo 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-23 10:07:11 +01:00
Simon Friis Vindum
3d7049265f Rust: Add tests for Self constructors 2026-01-23 09:06:49 +01:00
Jeroen Ketema
ccd07b8a63 C++: Simplify cpp/sql-injection barrier 
SQL sanitizers will not likely also be sources, so using `isBarrierIn` here
does not make a lot of sense.

I ran with and without this change on MRVA and got identical results.
 2026-01-23 09:03:48 +01:00
yoff
55abc52c61 python: format file 2026-01-22 20:51:46 +01:00
Simon Friis Vindum
e40f896b17 Merge pull request #21205 from paldepind/shared/ti-boound-tm 
Rust: Change `getATypeParameterConstraint` to not require a `TypeMention`
 2026-01-22 19:08:53 +01:00
yoff
d05901ad3f python/javascript/ruby: mark internal predicates 2026-01-22 17:30:24 +01:00
yoff
7f00a7f67e Update python/ql/lib/semmle/python/security/dataflow/UrlRedirectCustomizations.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2026-01-22 17:30:24 +01:00
yoff
b08c972cc3 ruby: Add back sanitizer as MaD model 2026-01-22 17:30:24 +01:00
yoff
15980cb1da ruby: remove sanitizer to be replaced by MaD model 2026-01-22 17:30:24 +01:00
yoff
75bd4a7a12 javascript: add MaD model 
- consider if the model is in the right place
- consider if the barrier kind (sink kind) is the appropriate one
 2026-01-22 17:30:24 +01:00
yoff
da2f77d615 javascript: remove sanitizer to be replaced by model 2026-01-22 17:30:24 +01:00
yoff
3dbfb9fa4b python: add machinery for MaD barriers 
and reinstate previously removed barrier
now as a MaD row
 2026-01-22 17:30:24 +01:00
yoff
699ed50432 python: remove barrier that can be expressed in MaD 2026-01-22 17:30:24 +01:00
Geoffrey White
f484d95081 Merge remote-tracking branch 'upstream/main' into addsub 2026-01-22 16:03:42 +00:00
Simon Friis Vindum
ffaf1c0a24 Rust: Change getATypeParameterConstraint to not require a TypeMention 2026-01-22 14:54:24 +01:00
Tom Hvitved
201512525b Merge pull request #21203 from hvitved/ql4ql/use-nightly 
QL4QL: Use nightly CodeQL CLI
 2026-01-22 14:30:24 +01:00
Geoffrey White
b8581e89bf Rust: More affected tests. 2026-01-22 13:22:43 +00:00
Simon Friis Vindum
7d34f6e262 Merge pull request #21204 from paldepind/rust/assoc-tp-fix 
Rust: Remove mistakenly included inherited associated types
 2026-01-22 13:46:09 +01:00
Geoffrey White
67b52e29e0 Rust: Update other affected tests. 2026-01-22 12:29:21 +00:00
Geoffrey White
3d6765ba1c Rust: Clean up / fix some existing models. 2026-01-22 12:29:20 +00:00
Geoffrey White
fa9677d615 Rust: Add model variants for core::ops::bit on Wrapping. 2026-01-22 12:29:14 +00:00
Geoffrey White
9d645508ea Rust: Add model variants for core::ops:arith on Wrapping. 2026-01-22 10:46:15 +00:00
Simon Friis Vindum
114db99dca Rust: Remove mistakenly included inherited associated types 2026-01-22 11:44:26 +01:00
Tom Hvitved
8ce2618b7d Merge pull request #21151 from hvitved/rust/disable-universal-conds-by-default 
Type inference: Disable universal conditions by default
 2026-01-22 11:19:50 +01:00
Geoffrey White
e8ef58d381 Rust: Fix an issue with identifying sources and sinks in the test. 2026-01-22 09:58:58 +00:00
Geoffrey White
f8d0a0d509 Rust: Expand the Wrapping test some more. 2026-01-22 09:52:26 +00:00
Tom Hvitved
80d543ecae QL4QL: Use nightly CodeQL CLI 2026-01-22 10:14:05 +01:00