github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
60 272 коммитов 1 541 ветка 130 Теги 480 MiB
Граф коммитов

60272 Коммитов

Автор SHA1 Сообщение Дата
Tamás Vajk 81b3ff2bb8
Merge pull request #14545 from tamasvajk/standalone/remove-netstandard.library.ref 
C#: Handle `netstandard` references in standalone extraction
 2023-10-31 11:32:42 +01:00
Chris Smowton 79e1aa0498
Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
Mathias Vorreiter Pedersen 66f4eccc30
Merge pull request #14632 from MathiasVP/share-ipa-numbering-for-indirect-nodes 
C++: Share IPA numbering for indirect nodes
 2023-10-31 11:20:41 +01:00
Tom Hvitved 435b7df764
Merge pull request #14607 from hvitved/csharp/type-ref-dedup 
C#: Only use `getTypeRef` when there is not already a type available
 2023-10-30 19:52:58 +01:00
github-actions[bot] 2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Mathias Vorreiter Pedersen 91d224eea5
Merge pull request #14623 from alexet/dataflow-fps 
CPP: Add dataflow FP with output arguments
 2023-10-30 14:30:51 +00:00
Alexander Eyers-Taylor b8d45ae927
Update cpp/ql/test/library-tests/dataflow/dataflow-tests/flowOut.cpp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-10-30 14:04:45 +00:00
Ian Lynagh e2ef0dc71d
Merge pull request #14621 from igfoo/igfoo/getFileClassFqName_IrField 
Kotlin: Fix getFileClassFqName for IrField
 2023-10-30 13:54:08 +00:00
Ian Lynagh d46442245b
Merge pull request #14518 from igfoo/igfoo/trap_files 
Kotlin: Log when we start and finish writing to TRAP files
 2023-10-30 13:53:04 +00:00
Harry Maclean dc9f171ee6
Merge pull request #14631 from hmac/hmac-dynamic-neutral-model 
JS/Ruby/Python: Add neutralModel extensible predicate
 2023-10-30 12:50:09 +00:00
Mathias Vorreiter Pedersen b4958e7d58 C++: Accept path changes. 2023-10-30 12:44:30 +00:00
Mathias Vorreiter Pedersen a077b70d66 C++: Accept test changes. 2023-10-30 11:54:24 +00:00
Mathias Vorreiter Pedersen 535d1e2565 C++: Define indirect instructions (and operands) using a 'Node0Impl' column instead of an instruction (or operand). 2023-10-30 11:54:24 +00:00
Harry Maclean 083be305e1 Shared: Add neutralModel extensible predicate 
The neutralModel extensible predicate already exists in Java and C#, so
this change brings the dynamic languages more in line with static
languages. The Model Editor uses this predicate to mark endpoints as
"not interesting" from a data flow perspective.
 2023-10-30 11:31:57 +00:00
Harry Maclean 38ecde0cc1 Shared: Include data extensions in workspace 
This change allows codeql to see data extensions stored in the .github
directory inside the codeql repo. This is useful when using the CodeQL
Model Editor whilst working inside the codeql repo.
 2023-10-30 11:31:56 +00:00
Chris Smowton 78fcbd07d6
Merge pull request #14630 from github/release-prep/2.15.2 
Release preparation for version 2.15.2
 2023-10-30 11:26:32 +00:00
Mathias Vorreiter Pedersen 3a9ffe189e
Merge pull request #14567 from github/redsun82/swift-case-variables 
Swift: clean up `VarDecl`, `NamedPattern` and `SwitchStmt` interactions
 2023-10-30 11:23:38 +00:00
github-actions[bot] 4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Mathias Vorreiter Pedersen 9e2f0b5ed0 Merge branch 'main' into redsun82/swift-case-variables 2023-10-30 10:14:45 +00:00
Mathias Vorreiter Pedersen c4521a30aa
Merge pull request #14113 from geoffw0/implicitflow 
Swift: Flow through OpenExistentialExpr
 2023-10-30 10:08:29 +00:00
Mathias Vorreiter Pedersen 4e08ba6820
Merge pull request #14618 from geoffw0/qldoc 
Swift: QLDoc and test for getCanonicalType
 2023-10-30 10:06:26 +00:00
Tamás Vajk b9c89750b9
Merge pull request #14493 from tamasvajk/fix/params-attribute-argument 
C#: Fix params attribute argument extraction
 2023-10-30 10:50:02 +01:00
Mathias Vorreiter Pedersen 342b3d7733
Merge pull request #14619 from MathiasVP/fix-strtol-model 
C++: Fix `strtol` model
 2023-10-30 09:41:23 +00:00
Geoffrey White 1929dead39 Merge branch 'main' into implicitflow 2023-10-27 23:35:54 +01:00
Owen Mansel-Chan c1ecd5a0da
Merge pull request #14608 from Kwstubbs/golang-cookie-reflectedxss-sanitizer 
Go: GoAdd Cookie Sanitizer to Reflected XSS
 2023-10-27 21:47:39 +01:00
Kevin Stubbings 57cbacb495 test.go change 2023-10-27 12:07:51 -07:00
Kevin Stubbings ce0104799a Fix minor issues 2023-10-27 11:42:22 -07:00
Alex Eyers-Taylor 60f3598da9 CPP: Add dataflow FP with output arguments 2023-10-27 19:07:10 +01:00
Ian Lynagh e25c0498d4 Kotlin: Fix getFileClassFqName for IrField 2023-10-27 18:00:33 +01:00
Geoffrey White 8937e0b313 Swift: == -> = 2023-10-27 17:18:09 +01:00
Alex Ford cb1cd5ed2a
Merge pull request #14560 from alexrford/rb/modgen 
Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries
 2023-10-27 16:43:42 +01:00
Mathias Vorreiter Pedersen 28eb2caacb Swift: Accept test changes. 2023-10-27 16:30:01 +01:00
Mathias Vorreiter Pedersen 33494fe9e1 C++: Extend the taint model and accept test changes. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen e4683449cb C++: Add failing test. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen 8bf8888c24 C++: Simplify 'parameterNeverEscapes' and add a comment. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen 6538a7645d Swift: Add up and downgrade scripts. 2023-10-27 15:55:12 +01:00
Mathias Vorreiter Pedersen 6062fbb475
Merge pull request #14383 from geoffw0/nsstringregex 
Swift: Add regular expression evaluation models for StringProtocol and NSString methods
 2023-10-27 15:49:23 +01:00
Mathias Vorreiter Pedersen 572cec2c55 C++: Accept test changes. 2023-10-27 15:00:25 +01:00
Mathias Vorreiter Pedersen 43e8b900bf C++: Fix 'strtol' model. 2023-10-27 14:59:11 +01:00
Geoffrey White 2a552d9721 Swift: Address QL-for-QL warning. 2023-10-27 14:56:19 +01:00
Mathias Vorreiter Pedersen d6b6c432d9 C++: Add test with incorrect IR due to wrong model. 2023-10-27 14:53:06 +01:00
Owen Mansel-Chan d534c93ff1
Merge pull request #14606 from owen-mc/go/incorrect-integer-conversion-fixes 
Go: Two fixes to upper bound checks in "incorrect integer conversion" query
 2023-10-27 14:50:11 +01:00
Alex Ford f6ac63b259 Ruby: modgen - use FeatureEqualSourceSinkCallContext feature rather than late filtering for method context 2023-10-27 14:48:50 +01:00
Geoffrey White 12201d2e8e Swift: Codegen. 2023-10-27 14:37:06 +01:00
Geoffrey White 6ad5c9542b Swift: Add getCanonicalType to the NominalType test as well. 2023-10-27 14:37:06 +01:00
Dave Bartolomeo b18a6d5e0b
Merge pull request #14582 from github/dbartol/threat-models-2 
Java: Threat model implementation with priorities.
 2023-10-27 09:33:53 -04:00
Geoffrey White ce471105e2 Swift: QLDoc getCanonicalType. 2023-10-27 14:23:51 +01:00
Mathias Vorreiter Pedersen 4aed638066
Merge pull request #14577 from MathiasVP/capture-flow-swift 
Swift: Add variable-capture flow
 2023-10-27 14:09:04 +01:00
Erik Krogh Kristensen c1a1ebfb60
Merge pull request #14616 from erik-krogh/identity-severity 
JS: lower the severity of js/identity-replacement to medium
 2023-10-27 14:27:05 +02:00
Anders Schack-Mulligen e9cb272396
Merge pull request #14615 from aschackmull/dataflow/stage-alias 
Dataflow: simplify using stage aliases.
 2023-10-27 14:17:30 +02:00