hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 00:31:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,687 Branches 159 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
102540072e Shared: remove documentation prone to falling out of date 2022-03-16 13:32:55 +01:00
Nick Rolfe
f6681f30c6 Merge pull request #8399 from github/nickrolfe/simple_symbol_constant_value 
Ruby: implement getComponent(n) for simple and hash-key symbols
 2022-03-16 12:10:39 +00:00
Asger Feldthaus
2ca45ef9f9 Ruby: support BlockArgument in identifying access path 2022-03-16 12:51:14 +01:00
Nick Rolfe
94ce578ea4 Ruby: implement getComponent(n) for simple and hash-key symbols 2022-03-16 11:43:46 +00:00
Asger Feldthaus
c9355095e3 Ruby: Use Receiver instead of Argument[-1] in ActiveStorage 2022-03-16 12:37:21 +01:00
Asger Feldthaus
71f195d1e0 Ruby: add test for Receiver in summary 2022-03-16 12:37:21 +01:00
Arthur Baars
6b323eeda8 Update expected output 2022-03-16 12:34:03 +01:00
Arthur Baars
ab93b3784b Merge remote-tracking branch 'upstream/main' into incomplete-hostname 2022-03-16 12:31:12 +01:00
Arthur Baars
852f05bfb7 Address comment 2022-03-16 12:26:39 +01:00
Nick Rolfe
76918238f0 Ruby: test ExprCfgNode::getConstantValue() 2022-03-16 11:21:57 +00:00
Asger Feldthaus
f140c13261 JS: Sync ApiGraphModels.qll and update accordingly 2022-03-16 12:04:41 +01:00
Asger Feldthaus
2b02a173c1 Ruby: canonicalize callables based on package;type;path instead of input;output;kind 2022-03-16 12:04:41 +01:00
Asger Feldthaus
d8b4bc81ff JS: Rename EntryPoint.getNode -> getANode 2022-03-16 12:04:39 +01:00
Erik Krogh Kristensen
f53df255b9 Merge pull request #8459 from erik-krogh/addSeverities 
JS: add missing @security-severity to JS queries
 2022-03-16 12:03:19 +01:00
Nick Rolfe
82ef2a12f6 Merge pull request #8164 from github/nickrolfe/escape_sequences 
Ruby: interpret string escape sequences in getConstantValue()
 2022-03-16 10:45:39 +00:00
Chris Smowton
b11340c829 Change note tense and detail level 2022-03-16 10:34:25 +00:00
Nick Rolfe
1a850028e7 Ruby: update date in changenote filename 2022-03-16 10:32:43 +00:00
Erik Krogh Kristensen
cd9d61c1fc Merge pull request #8450 from erik-krogh/importAs 
disallow lowercase import-as aliases
 2022-03-16 11:32:37 +01:00
Jeroen Ketema
37293141ee Merge pull request #8428 from jketema/noreturn 
C++: Handle C11 _Noreturn in DefaultOptions
 2022-03-16 11:23:23 +01:00
Asger Feldthaus
33ca55770c Ruby: EntryPoint.getNode -> getANode 2022-03-16 11:02:26 +01:00
Asger Feldthaus
ecf7073bf1 Shared: codeql -> ql in code blocks 2022-03-16 11:00:24 +01:00
Erik Krogh Kristensen
d47b0a68e7 exclude tests from ql/missing-security-metadata 2022-03-16 10:40:45 +01:00
Erik Krogh Kristensen
2442beaf9a add missing severities to JS queries 2022-03-16 10:40:34 +01:00
Jeroen Ketema
d51cbe2525 C++: Update IR tests for handling of bitwise copy with explicit source 2022-03-15 23:22:37 +01:00
Jeroen Ketema
8be02b164c C++: Add IR tests exposing incorrect translation due to unhandled bitwise copy 
These tests are in addition to exisiting tests involving default copy
constructors, which suffer from the same problem, i.e., the extractor not
handling bitwise copies.
 2022-03-15 23:22:37 +01:00
Jeroen Ketema
2894bb0933 C++: Use correct change note file name format 2022-03-15 23:21:14 +01:00
Jeroen Ketema
638b2cac04 C++: Add change note on _Noreturn/noreturn in C11 2022-03-15 23:21:14 +01:00
Jeroen Ketema
1a1c34e1be C++: Handle C11 _Noreturn in DefaultOptions 2022-03-15 23:21:14 +01:00
Erik Krogh Kristensen
b45f56ac08 Merge pull request #8431 from erik-krogh/deadCode 
Delete dead code
 2022-03-15 20:09:06 +01:00
Jonathan Leitschuh
09cc8ee09e Add tests for StandardSystemProperty 2022-03-15 12:37:42 -04:00
Mathias Vorreiter Pedersen
57922f56ee Merge pull request #8424 from ihsinme/ihsinme-patch-fix077 
Detection reduction on request
 2022-03-15 16:17:47 +00:00
Mathias Vorreiter Pedersen
05758181bb Merge pull request #7884 from rdmarsh2/rdmarsh2/template-implicit-copy-constructor 
C++: fix hasImplicitCopyConstructor for templates
 2022-03-15 15:32:05 +00:00
Anna Railton
a08246a2a7 Merge pull request #8448 from github/annarailton-patch-1 
Add docstring to `ExtractEndpointMapping.ql`
 2022-03-15 14:54:45 +00:00
Erik Krogh Kristensen
b0fc958b32 simplify imports 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-03-15 15:10:04 +01:00
Erik Krogh Kristensen
57db7633c8 C#: make csharp import private 2022-03-15 14:59:06 +01:00
Erik Krogh Kristensen
89af50f6d5 rename all lower-case import-as statements 2022-03-15 14:40:38 +01:00
Erik Krogh Kristensen
54582438a1 QL: recognize the names defined by import as statements 2022-03-15 14:29:33 +01:00
Anna Railton
739d94e8f9 Add docstring to ExtractEndpointMapping.ql 2022-03-15 12:50:51 +00:00
Erik Krogh Kristensen
3067231b1a Merge pull request #8253 from erik-krogh/domWrite 
JS: merge hasDominatingWrite and hasDominatingAssignment
 2022-03-15 13:37:00 +01:00
Erik Krogh Kristensen
154d0171d3 Merge pull request #8438 from erik-krogh/apiDisable 
JS: add some API-nodes to js/disabling-certificate-validation
 2022-03-15 12:56:59 +01:00
Chris Smowton
451661dd20 Improve guard class names 2022-03-15 11:46:54 +00:00
Mathias Vorreiter Pedersen
9f014be7c7 Merge pull request #8447 from MathiasVP/add-missing-security-severity 
C++: Add missing `security-severity` tags
 2022-03-15 11:29:28 +00:00
Joe Farebrother
8acd8ea01f Merge pull request #8446 from joefarebrother/sensitive-logging 
Java: Add security severity to sensitive logging query
 2022-03-15 11:17:46 +00:00
Jeroen Ketema
157a36bc4f Use node variable in all disjuncts 2022-03-15 11:55:35 +01:00
Jeroen Ketema
9a0e94f389 Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard 2022-03-15 11:55:34 +01:00
Mathias Vorreiter Pedersen
7337ebd569 C++: Add missing 'security-severity' tags. 2022-03-15 10:54:36 +00:00
Mathias Vorreiter Pedersen
9642e59349 Merge pull request #8382 from MathiasVP/use-taint-configuration-in-three-more-queries 
C++: Use a `TaintTracking::Configuration` in three more queries
 2022-03-15 10:43:05 +00:00
Joe Farebrother
e4a16cc700 Add security severity 2022-03-15 10:42:41 +00:00
Tony Torralba
6d5414281e Merge pull request #8437 from atorralba/atorralba/missing-security-severity-query 
Added MissingSecurityMetadata query
 2022-03-15 11:42:41 +01:00
Henry Mercer
f38b498eed Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore 
JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries
 2022-03-15 10:04:30 +00:00