github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
59 946 коммитов 1 542 Ветки 132 Теги 495 MiB
Граф коммитов

59946 Коммитов

Автор SHA1 Сообщение Дата
Geoffrey White 9f683b8630 Swift: Remove duplicate results. 2023-10-12 17:38:58 +01:00
Geoffrey White cf7f355fc4 Swift: Additional test cases. 2023-10-12 17:11:56 +01:00
Ed Minnix 31c04b50f7 Change note 2023-10-12 09:58:09 -04:00
Ed Minnix 4eeaf84133 Sync NumericCastTaintedQuery 2023-10-12 09:58:08 -04:00
Ed Minnix ec84f072eb Sync ArithmeticTaintedLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix da933fb77a Sync ExternallyControlledFormatStringLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix f1886320e5 Sync ImproperValidationOfArrayIndexLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix 69531b9f7c Sync ResponseSplittingLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix ef282955fd Sync SqlTaintedLocalQuery with SqlInjectionQuery 2023-10-12 09:58:08 -04:00
Ed Minnix e4f567979a Sync XSS Local 2023-10-12 09:58:08 -04:00
Mathias Vorreiter Pedersen 64fa6c8bbd C++: Remove the hacky flow state since this is no longer needed after #13717. 2023-10-12 13:58:36 +01:00
Geoffrey White 5c0085880f Swift: Change note. 2023-10-12 13:24:10 +01:00
Geoffrey White e2a8569940 Swift: Clean up indentation. 2023-10-12 13:05:20 +01:00
Geoffrey White 8f852f2e7d Swift: Turn sink models into flow summary models, where appropriate. 2023-10-12 12:57:05 +01:00
erik-krogh fa1e8ee426
add getACodepoint to the shared Strings library, and use it in NfaUtils 2023-10-12 13:38:19 +02:00
erik-krogh 822ba2ae59
add documentation for the new string methods in `ql-language-specification.rst` 2023-10-12 13:38:19 +02:00
erik-krogh 116025c569
use the new codePointAt and codePointCount methods instead of regex hacks 2023-10-12 13:38:19 +02:00
Arthur Baars a4d0ef6350 Add changenote 2023-10-12 13:04:00 +02:00
Arthur Baars a9a21aa313 Rename DynamicImportExpr::getImport{Attributes => Options} 2023-10-12 13:00:39 +02:00
Arthur Baars 1f4fcf1f31 Rename test files 2023-10-12 13:00:39 +02:00
Arthur Baars a1c1f7b910 Add tests for deprecated 'assert' syntax 2023-10-12 13:00:39 +02:00
Arthur Baars f38d2e1b89 Replace 'assert' with 'with' in QL test files 2023-10-12 13:00:39 +02:00
Arthur Baars c28004f2a6 Rename 'getImportAssertion()' to 'getImportAttributes()' in QL library 2023-10-12 13:00:39 +02:00
Arthur Baars 07172da1bc Add tests for deprecated 'assert' syntax 2023-10-12 12:51:13 +02:00
Arthur Baars f7b02c01dd Rename getAssertion() to getAttributes() in the extractor 2023-10-12 12:51:13 +02:00
Arthur Baars 1d9ee5da3c Rename 'assertions' to 'attributes' in JS extractor 2023-10-12 12:49:25 +02:00
Erik Krogh Kristensen 59c43c7904
Merge pull request #14410 from erik-krogh/bigger-compilation-cache 
use a bigger compilation cache in the compile-queries workflow
 2023-10-12 12:35:44 +02:00
Mathias Vorreiter Pedersen 782ecd77b7 C++: Add change notes. 2023-10-12 11:15:41 +01:00
Mathias Vorreiter Pedersen 02f73145d6
Merge pull request #14354 from geoffw0/conversions2 
Swift: Improve models for Numeric, RangeReplaceableCollection
 2023-10-12 11:13:50 +01:00
Michael B. Gale 75900f05c9
Go: group golang.org dependencies 2023-10-12 10:55:45 +01:00
Michael B. Gale 114a875f3d
Go: re-add Dependabot allow list 2023-10-12 10:55:31 +01:00
Arthur Baars b936e91fe9 Support JS import attributes (previously import assertions) 2023-10-12 11:43:42 +02:00
Mathias Vorreiter Pedersen 6865ce56bc C++: Add an abstract class that can be used to extend 'viableCallable'. 2023-10-12 10:35:36 +01:00
Michael B. Gale f6570710e7
Merge pull request #14441 from github/dependabot/go_modules/go/extractor/golang.org/x/tools-0.14.0 
Bump golang.org/x/tools from 0.13.0 to 0.14.0 in /go/extractor
 2023-10-12 10:19:34 +01:00
Tamas Vajk 3b4ea27caf Be more explicit about expected assembly loading exceptions 2023-10-12 11:10:30 +02:00
Tamas Vajk 09c1c715a3 Filter analyzer assemblies from nuget packages 2023-10-12 11:10:30 +02:00
Geoffrey White 7916bd39b4 Swift: Generalize 'write' models. 2023-10-12 09:21:33 +01:00
Geoffrey White 09974b5176 Swift: Extend sink models. 2023-10-12 09:17:04 +01:00
Tamas Vajk 8a0dc31ab0 Revert "Add source generators to framework stubs" 
This reverts commit 2e8a91efda.
 2023-10-12 09:35:08 +02:00
Tamas Vajk 2e8a91efda Add source generators to framework stubs 2023-10-12 08:51:06 +02:00
Tamas Vajk 534ea3ecac Adjust stub generator test to fix the nuget package version 2023-10-12 08:50:32 +02:00
Owen Mansel-Chan 5fcdb9e112
Merge pull request #14442 from owen-mc/go/test-qldoc-coverage 
Fix module name
 2023-10-11 23:45:53 +01:00
Owen Mansel-Chan 286271340e
Merge branch 'main' into go/automated-mad-coverage-report 2023-10-11 21:31:25 +01:00
Tamas Vajk e82076d558 Lock SDK version in standalone test 2023-10-11 22:28:47 +02:00
Owen Mansel-Chan e300440a8b
Delete redundant import 2023-10-11 21:28:31 +01:00
Owen Mansel-Chan dfcdb4ace8
Update CSV to MaD in description for java and C# 2023-10-11 21:09:59 +01:00
Eric Bickle ee2d8f84de
Merge branch 'main' into fix/thread-resource-arithmetic 2023-10-11 13:09:57 -07:00
Owen Mansel-Chan e5e9c33005
Generated reports 2023-10-11 21:09:55 +01:00
Owen Mansel-Chan 06a600c7fb
Set up automated coverage reports for Go 
Copied from https://github.com/github/codeql/pull/6148
 2023-10-11 21:09:54 +01:00
Eric Bickle f018d83951 Merge branch 'fix/thread-resource-arithmetic' of https://github.com/ebickle/codeql into fix/thread-resource-arithmetic 2023-10-11 13:09:39 -07:00