github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
48 342 коммитов 1 541 ветка 130 Теги 483 MiB
Граф коммитов

48342 Коммитов

Автор SHA1 Сообщение Дата
Paolo Tranquilli 45c0c7fe6c Merge branch 'main' into redsun82/swift-open-redirection 2022-12-14 18:26:16 +01:00
Jami 33955ee4ab
Merge pull request #11623 from jcogs33/jcogs33/exclude-funcexpr-from-dataflowtargetapi 
Java/C#: exclude `FunctionalExpr`s from `DataFlowTargetApi`
 2022-12-14 12:22:50 -05:00
Owen Mansel-Chan 8703da9db6
Merge pull request #11698 from owen-mc/go/fix-test-to-do-what-it-says 
Fix test to use `hasQualifiedName/2`
 2022-12-14 17:11:58 +00:00
Owen Mansel-Chan 6ef677b606
Fix test to use hasQualifiedName/2 2022-12-14 15:20:02 +00:00
Asger F a92acf5218
Merge pull request #11689 from asgerf/js/missing-csrf-qhelp 
JS: Update MissingCsrfMiddleware after 'csurf' deprecation
 2022-12-14 15:50:32 +01:00
Owen Mansel-Chan 38369a72dc
Merge pull request #11696 from github/smowton-patch-1 
go: fix bug in zip-slip example fix
 2022-12-14 14:31:58 +00:00
Chris Smowton 5799287a2b
go: fix bug in zip-slip example fix 2022-12-14 13:51:32 +00:00
Jami b248b44983
Merge pull request #11668 from jcogs33/jcogs33/update-isjdkinternal 
Java: update `isJdkInternal`
 2022-12-14 08:33:18 -05:00
Erik Krogh Kristensen 7615668f92
Merge pull request #11662 from erik-krogh/c-useInstanceOf 
Swift/C++: Use instanceof in more places
 2022-12-14 14:30:21 +01:00
Jami f61b817751
Merge pull request #11631 from jcogs33/jcogs33/update-externalapi-charpredicate 
Java/C#: add `isUninteresting` to `ExternalApi` characteristic predicate
 2022-12-14 08:25:02 -05:00
Owen Mansel-Chan 0b849a319b
Merge pull request #11587 from owen-mc/go/remove-error-expr-from-dbscheme 
Go: Remove @errorexpr from the dbscheme (use @badexpr)
 2022-12-14 13:15:04 +00:00
Anders Schack-Mulligen 598b4c38b7
Merge pull request #11619 from aschackmull/java/typetrack-lambda 
Java: Switch DispatchFlow to typetracking.
 2022-12-14 14:08:29 +01:00
Tom Hvitved 25b2d11368
Merge pull request #11635 from hvitved/dataflow/approx-content 
Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3
 2022-12-14 12:56:50 +01:00
Asger F b63c658e3b JS: recognize tiny-csrf 2022-12-14 12:30:15 +01:00
Asger F 162419138d JS: Replace csurf -> lusca.csrf from example and qhelp 2022-12-14 12:30:15 +01:00
Owen Mansel-Chan 3c6f466e78
Include downgrade scripts in extractor pack 2022-12-14 10:46:20 +00:00
Owen Mansel-Chan 14e6f9fee2
Remove @errorexpr from the dbscheme (use @badexpr) 2022-12-14 10:46:19 +00:00
Henry Mercer 6023a1225c
Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4 
JS: Bump version numbers of ML-powered packs after 0.4.4 release
 2022-12-14 10:27:00 +00:00
Tamás Vajk a6d227d52e
Merge pull request #11599 from igfoo/igfoo/diags 
Java/Kotlin: Update the diagnostic severity documentation
 2022-12-14 10:13:30 +01:00
Michael Nebel 54701f539e
Merge pull request #11683 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-12-14 09:41:23 +01:00
Paolo Tranquilli a80e9206c8
Merge pull request #11639 from github/alexdenisov/switch-to-bootstrapped-swift 
Swift: switch to bootstrapped Swift compiler
 2022-12-14 09:04:19 +01:00
github-actions[bot] d905bed92f Add changed framework coverage reports 2022-12-14 00:17:01 +00:00
Jami Cogswell c956589945 Java: remove dot before percent 2022-12-13 17:46:20 -05:00
Jami Cogswell dee251e5d6 Java: update isJdkInternal 2022-12-13 17:46:20 -05:00
Jami 11bd35661c
Merge branch 'main' into jcogs33/exclude-funcexpr-from-dataflowtargetapi 2022-12-13 17:10:39 -05:00
Erik Krogh Kristensen 8a89849476
Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Tamás Vajk 8e500ec0f3
Merge pull request #11675 from tamasvajk/kotlin-error-expr-consistency 
Kotlin: Report CFG dead end consistency issues on `ErrorExpr`
 2022-12-13 20:22:47 +01:00
Edward Minnix III a85de2b5f4
Merge pull request #10865 from egregius313/egregius313/android-activity-alias 
Java: Add library support for activity-alias elements in AndroidManifest.qll
 2022-12-13 11:52:01 -05:00
Jami Cogswell a889cc4f65 Java/C#: remove isTestLibrary 2022-12-13 10:34:04 -05:00
Jami 9b0163ce22
Merge pull request #11624 from jcogs33/jcogs33/exclude-paramless-constructors-from-dataflowtargetapi 
Java/C#: exclude parameterless constructors from `DataFlowTargetApi`
 2022-12-13 10:05:57 -05:00
Jami Cogswell 91c1ec3be6 C#: exclude AnonymousFunctionExpr from DataFlowTargetApi 2022-12-13 09:54:05 -05:00
Jami Cogswell 1c06378a53 Java: exclude FunctionalExprs from DataFlowTargetApi 2022-12-13 09:54:05 -05:00
Tamas Vajk 5cc2868857 Kotlin: Report CFG dead end consistency issues on `ErrorExpr` 2022-12-13 15:51:33 +01:00
Anders Schack-Mulligen a29e529690 Shared: Add missing qldoc. 2022-12-13 15:49:30 +01:00
Asger F bfe9ee3ead
Merge pull request #11672 from asgerf/js/extensions 
JS: Add data extension sinks
 2022-12-13 15:34:11 +01:00
Henry Mercer 423374a7b8
Merge branch 'main' into codeql-ci/atm/release-0.4.4 2022-12-13 14:26:21 +00:00
github-actions[bot] 745823ca60 JS: Bump version of ML-powered library and query packs to 0.4.5 2022-12-13 13:32:52 +00:00
github-actions[bot] ea13925a92 JS: Bump patch version of ML-powered library and query packs 2022-12-13 13:28:09 +00:00
Alex Denisov ee94849528 Swift: switch to bootstrapped Swift compiler 2022-12-13 13:59:13 +01:00
Asger F 6b15839221 JS: Add tests for the examples used in the docs 2022-12-13 11:33:12 +01:00
Asger F ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
Michael Nebel b8ef961498
Merge pull request #9415 from JarLob/sockets 
Add TCP and UDP socket client taint sources
 2022-12-13 10:39:33 +01:00
Tom Hvitved 39fea378b8 Python: Update expected test output 2022-12-13 09:53:01 +01:00
Tom Hvitved cfcb3a60ba C++: Update expected test output 2022-12-13 09:53:01 +01:00
Tom Hvitved da6a42980f Swift: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 24b1da4d02 Python: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 2a28953e41 Java: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 4d2436dd82 Go: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved 64eb0cc941 C#: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00
Tom Hvitved bc58cbec8c C++: Implement `ContentApprox` 2022-12-13 09:53:01 +01:00