Owen Mansel-Chan
1926ffd450
Convert XSS tests to use inline expectations
2025-05-01 15:39:19 +01:00
Owen Mansel-Chan
1530ac123c
Update path in qlref and update test results
2025-05-01 15:39:17 +01:00
Owen Mansel-Chan
5bce70f78c
Move files out of experimental (no changes)
2025-05-01 15:39:15 +01:00
yoff
d7e6e1dd66
Merge pull request #19432 from yoff/python/model-http-server-header-write
...
python: model `send_header` from `http.server`
2025-05-01 15:34:05 +02:00
Geoffrey White
e263116452
Rust: Model std::net and tokio::net.
2025-05-01 14:25:44 +01:00
Asger F
a44bdf3be2
JS: Generate summaries from summaryModel, and only generate steps as a fallback
2025-05-01 15:22:47 +02:00
Asger F
0fc1ae272e
DataFlow: expose from FlowSummaries whether a summary is supported
2025-05-01 15:22:12 +02:00
Arthur Baars
8e8efedb42
Rust: adjust integration tests and expected output
2025-05-01 15:20:36 +02:00
Taus
481adcea0a
Merge pull request #18449 from github/tausbn/misc-add-script-for-calculating-mrva-totals
...
Misc: Add script for calculating totals for a MRVA run
2025-05-01 15:17:19 +02:00
Asger F
ca5f8b0c1d
JS: Move some code into ModelsAsData.qll
2025-05-01 15:17:07 +02:00
Owen Mansel-Chan
e0549483fd
Merge pull request #19429 from owen-mc/fix-cwe-tags-missing-leading-zero
...
Fix cwe tags to include leading zero
2025-05-01 14:09:54 +01:00
Arthur Baars
53b2e9708c
Rust: extract declarations of builtin types
2025-05-01 14:27:21 +02:00
Napalys Klicius
da7c0931b8
Added hdbcli to be part of supported-framework as well as change note
2025-05-01 14:18:08 +02:00
Napalys Klicius
e1fc0ca051
Added implementation hdbcli as part of PEP249::PEP249ModuleApiNode
2025-05-01 14:18:02 +02:00
Geoffrey White
038b8b5344
Rust: Add a missing model for std::io.
2025-05-01 13:04:18 +01:00
Geoffrey White
3104dba09e
Rust: Fix some shortcomings in our models of Reqwest.
2025-05-01 13:04:17 +01:00
Geoffrey White
f4ae211019
Rust: Add models for tokio (fs).
2025-05-01 13:04:16 +01:00
Geoffrey White
7439b0c504
Rust: Add models for tokio (io).
2025-05-01 13:04:15 +01:00
Geoffrey White
627496df09
Rust: Add source tests for tokio (fs).
2025-05-01 13:04:13 +01:00
Geoffrey White
b2339ef0d9
Rust: Add some alternative sinks.
2025-05-01 13:04:12 +01:00
Geoffrey White
950812b463
Rust: Add further source tests for tcp streams.
2025-05-01 13:04:06 +01:00
Napalys Klicius
0325f368fe
Added test case for hdbcli
2025-05-01 13:57:14 +02:00
Nick Rolfe
817237ce54
Merge pull request #19441 from github/nickrolfe/mergeback-2.21.2
...
Merge back 2.21.2 release branch
2025-05-01 11:55:29 +01:00
Simon Friis Vindum
a545361a55
Rust: Accept test changes
2025-05-01 12:36:01 +02:00
Napalys Klicius
6ba0dc20a3
Merge pull request #19439 from Napalys/js/fastify-all
...
JS: Modeling of `fastify`
2025-05-01 12:11:52 +02:00
Simon Friis Vindum
ecead2cafd
Rust: Workaround for method existing both as source and as dependency
2025-05-01 12:00:18 +02:00
Simon Friis Vindum
3ee89899d9
Rust: Handle inherent implementations shadowing trait implementations
2025-05-01 12:00:17 +02:00
Simon Friis Vindum
4513106a35
Rust: Add type inference test for inherent implementation shadowing trait implementation
2025-05-01 12:00:13 +02:00
Simon Friis Vindum
e45b5c557d
Rust: Implement type inference support for non-universal impl blocks
2025-05-01 11:59:15 +02:00
Simon Friis Vindum
22407cad44
Rust: Add type inference test for non-universal impl blocks
2025-05-01 11:58:09 +02:00
Owen Mansel-Chan
0863c87572
Add change notes
2025-05-01 10:33:24 +01:00
Napalys Klicius
68a9dd9f9e
Address comments
2025-05-01 11:19:41 +02:00
Napalys Klicius
c7d764f666
Brought back FunctionStyleClass marked as deprecated
2025-05-01 11:16:04 +02:00
Napalys Klicius
d4b5ef6a66
Refactor process.env handling in CleartextLogging and IndirectCommandInjection modules to use ThreatModelSource
2025-05-01 11:14:15 +02:00
Napalys Klicius
33d8ffa83e
Added test cases for shelljs.env
2025-05-01 11:11:29 +02:00
Napalys Klicius
602500e280
Added change note
2025-05-01 11:09:56 +02:00
Napalys Klicius
40d176a770
Added model for shelljs.env
2025-05-01 11:09:47 +02:00
Tom Hvitved
423e2dac91
Rust: Strenghten the modeling of the Clone trait
2025-05-01 10:54:52 +02:00
Simon Friis Vindum
499d224c2b
Rust: Update generated models for core and std
2025-05-01 10:54:05 +02:00
Tom Hvitved
1770f568a2
Merge pull request #19367 from hvitved/rust/type-inference-try-expr
...
Rust: Type inference for `?` expressions
2025-05-01 10:27:49 +02:00
Nick Rolfe
20f7781d9f
Merge pull request #19437 from adityasharad/docs/fix/2.21.0-escaping
...
Docs: Fix escaping in 2.21.0 changelog
2025-05-01 09:27:41 +01:00
Nick Rolfe
005a27bff9
Merge pull request #19436 from adityasharad/actions/ga-change-note
...
Actions: Retroactively add GA changenote
2025-05-01 09:21:15 +01:00
Napalys Klicius
9bab59363c
Fix class instance method detection in constructor receiver
2025-05-01 09:14:39 +02:00
Napalys Klicius
7430d0e5e0
Added failing test with method as field
2025-05-01 09:14:37 +02:00
Napalys Klicius
c0917434eb
Removed code duplication
2025-05-01 09:14:36 +02:00
Napalys Klicius
fc7520e9e7
Added change note
2025-05-01 09:14:34 +02:00
Simon Friis Vindum
bab84d03d1
Merge pull request #19419 from paldepind/rust-precise-implicit-deref-borrow
...
Rust: Use type inference to insert implicit borrows and derefs
2025-05-01 08:41:37 +02:00
Aditya Sharad
36199b3f06
Docs: Fix escaping in 2.21.0 changelog
...
These break when the RST is processed.
Escape the backslashes and consistently add
inline code blocks.
2025-04-30 16:40:36 -07:00
Aditya Sharad
6285c2e502
Actions: Retroactively add GA changenote
...
This was manually added in the docs site at the time of 2.21.1 release and GA.
Include the change note in the relevant places so it remains
in future docs updates:
- codeql/actions-queries@0.5.4
- codeql/actions-all@0.4.7
- 2.21.1 changelog
2025-04-30 16:24:22 -07:00
Mathias Vorreiter Pedersen
d8eafbb9e2
C++: Fixup queries and accept test changes.
2025-04-30 20:34:35 +01:00
