github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
61 816 коммитов 1 534 Ветки 130 Теги 471 MiB
Граф коммитов

61816 Коммитов

Автор SHA1 Сообщение Дата
Rasmus Lerchedahl Petersen e091ae84ab Merge branch 'main' of https://github.com/github/codeql into python/remove-ssa-nodes-from-dataflow-graph 2023-12-04 14:05:40 +01:00
Harry Maclean d630773575
Merge pull request #14627 from alexrford/rb/update_all_sink 
Ruby: refine `ActiveRecord` `update_all` as an SQL sink
 2023-12-04 13:02:14 +00:00
Chris Smowton 78e0f69d1e
Merge pull request #14988 from github/smowton/admin/report-more-files-extracted 
Java: report any extracted file as successfully extracted
 2023-12-04 12:48:12 +00:00
Chris Smowton 97266c252e
Remove mention of TSP 2023-12-04 12:36:04 +00:00
Michael Nebel 2fc7e51a5b C#: Only include source code (and not stubs) in the remote flow source test. 2023-12-04 13:10:10 +01:00
Shati Patel 6284781a9b
Update inconsistent CWE tags 
Most tags use the "external/cwe/cwe-xxx" format, except for these few queries. Updating them for consistency.
 2023-12-04 11:52:31 +00:00
Rasmus Wriedt Larsen 2fed0adde7
Merge pull request #8457 from RasmusWL/add-dataflow-consistency-query 
Python: Add dataflow consistency query
 2023-12-04 12:50:46 +01:00
Chris Smowton 6d5a493e2d
Add change note 2023-12-04 11:48:51 +00:00
Tom Hvitved 46531e653d C#: Deprecate `OnAppendCookieTrackingConfig` 2023-12-04 12:36:57 +01:00
Rasmus Wriedt Larsen 4dd3ea3798 Python: Update tests to new dataflow lib 
Avoids some deprecation warnings :)
 2023-12-04 12:36:57 +01:00
Anders Schack-Mulligen 67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00
Anders Schack-Mulligen fd920b8585 Java: Deprecate old data flow api. 2023-12-04 12:36:57 +01:00
Mathias Vorreiter Pedersen 359b15bb60 C++: Fix FP by special-casing compound assignments in 'asExprInternal'. 2023-12-04 11:29:51 +00:00
Tom Hvitved 4c8861a60f
Merge pull request #14832 from hvitved/csharp/callback-heuristics 
C#: Strengthen call-back heuristics by considering body-less methods
 2023-12-04 12:27:37 +01:00
Tom Hvitved 84cba21a6c C#: Add a few more `is (not) null` tests 2023-12-04 12:22:47 +01:00
Mathias Vorreiter Pedersen ce28c9b485 C++: Add more CWE-119 testcases with compound assignments instead of increments. 2023-12-04 11:22:16 +00:00
Michael Nebel e028c59a07
Merge pull request #14982 from michaelnebel/csharp/fixmissingpackageprinting 
C#: Fix problem with logging unused packages.
 2023-12-04 12:10:21 +01:00
Michael Nebel b9833fc97e C#: Updated expected test output. 2023-12-04 12:02:51 +01:00
Michael Nebel d160890aca C#: Re-factor to avoid multiple explicit casts. 2023-12-04 12:02:34 +01:00
Michael Nebel 6807fd1569 C#: Add some stubs, a testcase and update the expected output without based on main. 2023-12-04 11:53:09 +01:00
Mathias Vorreiter Pedersen 60204574b6
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:35:07 +00:00
Mathias Vorreiter Pedersen 1198d23b96
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:35:00 +00:00
Mathias Vorreiter Pedersen 5a12a0ad62
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:34:46 +00:00
Mathias Vorreiter Pedersen 09117d3869
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-04 10:34:32 +00:00
Tamas Vajk 6f82e63461 C#: Prefer assembly version over netcore version in conflict resolution 2023-12-04 11:08:33 +01:00
Tamás Vajk 44be7dfdd5
Merge pull request #14957 from tamasvajk/standalone/prefer-framework-assemblies 
C#: Prefer framework assemblies over arbitrary nuget equivalents
 2023-12-04 11:03:03 +01:00
Tom Hvitved 23d09ed7c6 Address review comment 2023-12-04 10:47:52 +01:00
Paolo Tranquilli d9ca9123e4
Merge pull request #14979 from github/criemen/prepare-bazel-upgrade 
Prepare for the bazel 7 upgrade.
 2023-12-04 10:24:51 +01:00
Tamas Vajk 31c1caf518 Code quality improvements 2023-12-04 10:20:55 +01:00
Mathias Vorreiter Pedersen 6c7e809187
Merge pull request #14961 from MathiasVP/unique-in-operand 
C++: Replace a `strictcount(...)` with `unique(...)`
 2023-12-04 09:13:58 +00:00
Jeroen Ketema 71347e4cf1
Merge pull request #14987 from jketema/unneeded-imports 
C++: Remove unneeded dataflow imports
 2023-12-04 09:15:23 +01:00
Chris Smowton ad713a7a93
Java: report any extracted file as successfully extracted 2023-12-01 22:35:00 +00:00
Jeroen Ketema b185efa9e4
C++: Remove unneeded dataflow imports 2023-12-01 21:11:22 +01:00
Sarita Iyer 05c67756ef fix beta note problem 2023-12-01 15:00:44 -05:00
Sarita Iyer 54daf8cacc
Apply suggestions from code review 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2023-12-01 12:06:43 -05:00
Sarita Iyer b5084ccf7f move beta ntoe 2023-12-01 11:59:57 -05:00
Sarita Iyer 6f87b1d622 test 2023-12-01 11:44:06 -05:00
Sarita Iyer 9e69e02d04 fix error 2023-12-01 11:32:13 -05:00
Sarita Iyer 2ab960428a Update customizing-library-models-for-java-and-kotlin.rst 2023-12-01 10:26:42 -05:00
Sarita Iyer d96d71384d Update customizing-library-models-for-java-and-kotlin.rst 2023-12-01 09:57:11 -05:00
Sarita Iyer 848293470a Update customizing-library-models-for-java-and-kotlin.rst 2023-12-01 09:41:03 -05:00
Michael Nebel aec070f918 C#: Fix problem with logging unused packages. The dependencies only contains the paths relative to the package directory. 2023-12-01 15:24:33 +01:00
Cornelius Riemenschneider 13acec135d Prepare for the bazel 7 upgrade. 2023-12-01 12:19:53 +01:00
james 7f3ff7f9a5 update threat models section 2023-12-01 11:19:00 +00:00
james fe126c450b threat model suggestions 2023-12-01 10:54:11 +00:00
Sarita Iyer e1b5530602
Merge branch 'main' into saritai/docs-update-12431 2023-11-30 17:40:25 -05:00
Sarita Iyer 2bea328a5b Update customizing-library-models-for-java-and-kotlin.rst 2023-11-30 17:39:55 -05:00
Sarita Iyer 849ec72728
Update customizing-library-models-for-java-and-kotlin.rst 2023-11-30 17:21:59 -05:00
Sarita Iyer 48e23e68c1 add info 2023-11-30 17:17:18 -05:00
Taus 4ef1fe49e3
Merge pull request #14918 from github/tausbn/python-support-tarslip-extraction-filters 
Python: Add support for extraction filters
 2023-11-30 22:55:09 +01:00