hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 02:01:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,690 Branches 160 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
a85b2093d6 Merge pull request #7969 from github/doc-remove-filter-queries 
Docs: remove mention of 'filter queries'
 2022-02-11 12:48:34 +01:00
github-actions[bot]
21bf29353f Post-release preparation for codeql-cli-2.8.1 2022-02-11 11:07:31 +00:00
Taus
327e0dad72 Merge pull request #7674 from erik-krogh/dbTypeInNonLib 
QL: Use of db-type outside language core.
 2022-02-11 12:00:14 +01:00
Arthur Baars
47eb96d223 Docs: remove mention of 'filter queries' 2022-02-11 11:45:34 +01:00
Erik Krogh Kristensen
5a39708cf7 move TLabel to the Impl module and cache it 2022-02-11 10:54:45 +01:00
Erik Krogh Kristensen
36e02ae9ac Merge pull request #7912 from erik-krogh/moarApi 
JS: convert more type-trackers to API-graphs
 2022-02-11 10:32:45 +01:00
Erik Krogh Kristensen
daa96cc218 change some docstrings based on review, and make fields private 2022-02-11 10:25:54 +01:00
Tom Hvitved
0f60401919 Merge pull request #2513 from hvitved/csharp/null-maybe-capture 
C#: Remove FPs from `cs/dereferenced-value-may-be-null`
 2022-02-11 10:21:15 +01:00
Erik Krogh Kristensen
6ae4652ce9 make the Impl module private again 2022-02-11 10:17:24 +01:00
Arthur Baars
74ed89409c Merge pull request #7948 from github/release-prep/2.8.1 
Release preparation for version 2.8.1
codeql-cli/v2.8.1 		2022-02-11 10:13:34 +01:00
Erik Krogh Kristensen
3791b159fb Merge pull request #7892 from erik-krogh/nanSan 
JS: Add a `isNaN` sanitizer, and use it in queries that already had a typeof check
 2022-02-11 10:13:06 +01:00
Erik Krogh Kristensen
2ffd79d451 Merge pull request #7921 from erik-krogh/snapdragon 
JS: add model for the snapdragon library
 2022-02-11 10:10:55 +01:00
Arthur Baars
58a2597c3a C++: move change note lines to correct query pack 2022-02-11 09:52:36 +01:00
Tom Hvitved
987b11c362 Merge pull request #7926 from hvitved/csharp/brotli 
C#: Use Brotli instead of Gzip
 2022-02-11 09:29:04 +01:00
Tamás Vajk
c5d917eb72 Improve formatting of 0.0.9 release notes 2022-02-11 09:19:43 +01:00
Esben Sparre Andreasen
a4447ce372 Update javascript/ql/lib/semmle/javascript/frameworks/Snapdragon.qll 2022-02-11 08:20:02 +01:00
luchua-bc
12c53baba4 Simplify the query 2022-02-11 01:05:06 +00:00
Harry Maclean
017183e7f3 Merge pull request #7919 from github/hmac/open-uri 
Ruby: recognise additional form for OpenURI
 2022-02-11 14:03:26 +13:00
Andrew Eisenberg
cba9e0b267 Fix paths in check-change-note 
Library pack changes were being ignored.
 2022-02-10 14:36:23 -08:00
github-actions[bot]
f25fc70b7c Release preparation for version 2.8.1 2022-02-10 22:08:24 +00:00
Andrew Eisenberg
9441ea940c Workflows: Augment workflow to ensure failure with invalid change notes 2022-02-10 13:52:54 -08:00
Erik Krogh Kristensen
f41bc64e30 add change-note 2022-02-10 22:41:35 +01:00
Arthur Baars
c9f898745c Merge pull request #7943 from github/aibaars/cpp-move-note 
C++: move change note
 2022-02-10 22:32:31 +01:00
Arthur Baars
6cba49abe3 C++: move change note 2022-02-10 22:13:54 +01:00
Arthur Baars
1fb3cbfeee Merge pull request #7940 from github/aibaars/js-move-note 
Javascript: move change note
 2022-02-10 21:20:06 +01:00
Arthur Baars
61ba896343 Javascript: move change note 2022-02-10 20:58:49 +01:00
Robert Marsh
dbe4770c7d C++: add initial insufficient key size query 2022-02-10 14:53:40 -05:00
Tom Hvitved
2b2196d638 Merge pull request #7927 from github/hvitved-patch-1 
Add C# 10 and .NET 6 to `versions-compilers.rst`
 2022-02-10 20:43:33 +01:00
Erik Krogh Kristensen
eb56a5aef3 support more patterns that recognize valid numbers 2022-02-10 19:50:35 +01:00
Artem Smotrakov
0ba229a64b Apply suggestions from code review (typos/formatting) 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-02-10 18:37:12 +00:00
Alex Ford
d55ba2542a Ruby: fix an alert 2022-02-10 18:35:22 +00:00
Geoffrey White
85d03fdbfd C++: Change note. 2022-02-10 18:05:41 +00:00
Erik Krogh Kristensen
02ed1ca392 add missing qldoc 2022-02-10 18:06:53 +01:00
yoff
a2532a86ea Merge pull request #7894 from tausbn/python-normalise-prefixes 
Python: Normalise string prefixes
 2022-02-10 17:57:11 +01:00
Erik Krogh Kristensen
9739929795 convert the ruby ApiGraphs to use IPA labels 2022-02-10 17:54:19 +01:00
Alex Ford
bc53570a25 Ruby: fewer mappings from dataflow nodes to ast nodes 2022-02-10 15:58:31 +00:00
Alex Ford
7c1bd9a533 Ruby: add a test case for cleartext logging that uses NonCleartextPasswordFlow 2022-02-10 15:50:56 +00:00
Alex Ford
83a3808bbe Ruby: avoid marking mutator methods as being safe (i.e. not returning sensitive data) 2022-02-10 15:50:56 +00:00
Alex Ford
b46e4ccd71 Ruby: drop SanitizerIn from ClearTextLoggingQuery 2022-02-10 15:50:56 +00:00
Alex Ford
7b4af39315 Ruby: track masked variables potentially containing sensitive data more accurately 2022-02-10 15:50:56 +00:00
Alex Ford
59ab384825 Ruby: rb/clear-text-logging-sensitive-data - match on CFG nodes rather than AST nodes 2022-02-10 15:50:56 +00:00
Jonathan Leitschuh
eee521e6ce Fix test failure for TempDirLocalInformationDisclosure 2022-02-10 10:40:40 -05:00
Tom Hvitved
a3d631f2df Add C# 10 and .NET 6 to versions-compilers.rst 2022-02-10 15:45:00 +01:00
Tom Hvitved
1c66444a61 C#: Use Brotli instead of Gzip 2022-02-10 14:30:24 +01:00
Felicity Chapman
efed21b99a Merge pull request #7885 from Marcono1234/marcono1234/extractor-doc-improvements 
Fix and improve Extractor options documentation formatting
 2022-02-10 12:59:45 +00:00
CodeQL CI
9ebbd9efa1 Merge pull request #7591 from asgerf/js/mysql-sinks 
Approved by esbena
 2022-02-10 12:50:36 +00:00
Felicity Chapman
5ec1fc11f9 Apply suggestions from code review 2022-02-10 12:41:37 +00:00
CodeQL CI
a57ee019c2 Merge pull request #7819 from asgerf/asgerf/ruby-def-nodes 
Approved by hvitved
 2022-02-10 12:37:34 +00:00
Taus Brock-Nannestad
be323bafaf Merge remote-tracking branch 'upstream/main' into python-normalise-prefixes 2022-02-10 12:55:49 +01:00
CodeQL CI
1a91a79b5b Merge pull request #5841 from erik-krogh/libCode 
Approved by esbena, ethanpalm
 2022-02-10 11:36:45 +00:00