hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-13 02:54:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,740 Branches 164 Tags
codeql-cli/v2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
f0755bfb5d Merge pull request #18601 from erik-krogh/del-deps-jan-2025 
All: delete outdated deprecations
 2025-01-28 13:31:41 +01:00
Geoffrey White
f2564c351f Rust: Changes to other tests - mostly MaD IDs :(. 2025-01-28 09:22:30 +00:00
Geoffrey White
6337f5a08b Merge pull request #18586 from geoffw0/floatguards 
C++: Test and (perhaps) fix an issue with guards on floating point comparisons.
 2025-01-28 09:05:13 +00:00
Asger F
16634e6dc9 Merge pull request #18540 from JarLob/bash 
Actions: Improve bash support
 2025-01-28 09:49:58 +01:00
Geoffrey White
dfd1865b96 Rust: Add some basic flow models. 2025-01-28 08:47:15 +00:00
Geoffrey White
9d42be8305 Rust: Alphabetize lang-core.model.yml. 2025-01-28 08:47:14 +00:00
Geoffrey White
c04d619a3c Rust: Add a couple of extra data flow test cases. 2025-01-28 08:47:13 +00:00
Geoffrey White
185a23b3c6 Rust: Allow implicit flow out of content at the test sinks, so that we see our results. 2025-01-28 08:43:06 +00:00
Geoffrey White
a1980d4d08 Rust: Make sources more accurate (Option / Result contents). 2025-01-28 08:43:05 +00:00
Geoffrey White
78d0c5c529 Merge pull request #18602 from geoffw0/reqwest2 
Rust: Additional models for Reqwest
 2025-01-28 08:40:38 +00:00
erik-krogh
c7fc164680 java: remove the 2 from SafeTransformerFactoryFlow, not that the previous naming conflict has been deleted 2025-01-28 09:13:59 +01:00
Nicolas Will
e027b0e9a0 WIP: add properties 2025-01-28 02:02:06 +01:00
Geoffrey White
fd9fb10bb9 Rust: Accept changes from fixing the ]. 2025-01-27 22:50:09 +00:00
Geoffrey White
494d8f2da0 Rust: Update MaD IDs for an unrelated test. :( 2025-01-27 22:22:41 +00:00
Geoffrey White
9d6a13cec2 Rust: Accept improved results for rust/sql-injection. Note that the lost annotations are only sources, not results, and I suspect will return when we have sufficient flow in these cases. 2025-01-27 22:22:38 +00:00
erik-krogh
a1afa20d4b add change-notes 2025-01-27 22:43:13 +01:00
erik-krogh
d46a2d4e80 ruby: delete the remainders of the old deprecated typetracking library 2025-01-27 22:38:07 +01:00
erik-krogh
90b403b40b py: delete the remainder of the deprecated TypeTracker libary 2025-01-27 22:17:18 +01:00
erik-krogh
e1b14cb0be ruby: delete now dead Ruby method 2025-01-27 22:17:13 +01:00
erik-krogh
0056e923ea js: revert the JS deprecations. The old dataflow library is not that old yet 2025-01-27 22:17:07 +01:00
erik-krogh
7b1b366d98 ruby: update ruby tests after deleting deprecated test predicates 2025-01-27 22:17:00 +01:00
erik-krogh
bd8ed1dc04 cpp: revert two cpp dataflow deprecations that take more work 2025-01-27 22:16:54 +01:00
erik-krogh
34f5f61a10 all: use my script to delete outdated deprecations 2025-01-27 22:16:48 +01:00
Geoffrey White
9ea9f3ae19 Update rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-01-27 21:09:21 +00:00
Geoffrey White
7cf872baad Rust: Adjust the tests to work around test processing of /. 2025-01-27 21:00:08 +00:00
Geoffrey White
23ac35e5ca Rust: Model more Reqwest methods (.await still doesn't work though). 2025-01-27 20:52:31 +00:00
Geoffrey White
9583a2a7d3 Rust: Additional test cases for reqwest sources. 2025-01-27 20:42:35 +00:00
Mathias Vorreiter Pedersen
4e44201ba8 C++: Remap calls to source functions to the summarized function. 2025-01-27 16:58:53 +00:00
Mathias Vorreiter Pedersen
98265dda7b Revert "C++: Don't generate dataflow nodes for instructions inside summarized callables." 
This reverts commit fc39df28b0.
 2025-01-27 16:58:46 +00:00
Jeroen Ketema
37b67dd9eb C++: Update stats file 2025-01-27 15:42:35 +01:00
Owen Mansel-Chan
9f3572d15a Reformat inline expectations (space after $) 2025-01-27 14:36:26 +00:00
Owen Mansel-Chan
05fb22e8ff Make test easier to understand 2025-01-27 14:10:19 +00:00
Jonas Jensen
e7f3e03c40 QL spec: Fix up pre-BigInt language 2025-01-27 14:50:41 +01:00
Jeroen Ketema
f49d8209e5 C++: Add upgrade and downgrade scripts 2025-01-27 13:32:00 +01:00
Tom Hvitved
253ccd1210 Merge pull request #14303 from hvitved/ruby/must-flow 
Ruby: Implement `localMustFlowStep `
 2025-01-27 12:51:29 +01:00
Mathias Vorreiter Pedersen
67a905141c Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-27 10:55:56 +00:00
Erik Krogh Kristensen
87ad09bcdf Merge pull request #18595 from erik-krogh/erik-krogh/clear-text-example 
JS: fix example in clear-text-logging qhelp to actually be bad
 2025-01-27 11:45:50 +01:00
Jeroen Ketema
a32cfdab9f C++: Support mixed typedefs and usings 2025-01-27 11:43:17 +01:00
Geoffrey White
67a746eff1 Update cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-27 10:41:50 +00:00
Geoffrey White
f32fd38f74 Merge pull request #18582 from geoffw0/logging 
Rust: Query for cleartext logging of sensitive information
 2025-01-27 10:37:17 +00:00
erik-krogh
37a1727043 fix example in clear-text-logging qhelp to actually be bad 2025-01-27 11:31:28 +01:00
Michael Nebel
98d6353f12 Java: Address review comments. 2025-01-27 11:21:44 +01:00
Owen Mansel-Chan
1bacb99410 Merge pull request #18585 from owen-mc/go/1.24-support-prep 
Go: 1.24 support - Tolerate type parameters on alias types
 2025-01-27 10:14:36 +00:00
Tom Hvitved
f75ecdb16e Merge pull request #18570 from hvitved/csharp/dotnet3-integration-test 
C#: Verify that downloaded .NET CLIs are executable
 2025-01-27 10:28:04 +01:00
Michael Nebel
c27b611c76 Java: Deprecate MyBatisMapperXML as it is only used by experimental queries. 2025-01-27 10:22:22 +01:00
Michael Nebel
999f1f21e2 Java: Accept expected test output. 2025-01-27 10:22:20 +01:00
Michael Nebel
b552c8aba9 Java: Add change-note. 2025-01-27 10:22:19 +01:00
Michael Nebel
cc48cec1c7 Java: Deprecate experimental model activation. 2025-01-27 10:22:17 +01:00
Michael Nebel
e3997f65ed Java: Deprecate experimental queries. 2025-01-27 10:22:16 +01:00
Michael Nebel
501f9859bd C#: Add change note. 2025-01-27 10:13:26 +01:00