57419 Коммитов

Все ветки

Поиск

Автор	SHA1	Сообщение	Дата
Rasmus Wriedt Larsen	843f2681bb	Python: Apply suggestions from code review ... Co-authored-by: yoff <lerchedahl@gmail.com>	2023-08-18 10:09:45 +02:00
Rasmus Wriedt Larsen	4277be5819	Python: Add change-note	2023-08-17 10:46:36 +02:00
Rasmus Wriedt Larsen	ca93f4d223	Python: Accept `.expected` changes	2023-08-11 10:36:05 +02:00
Rasmus Wriedt Larsen	46af77c1af	Python: Include all assignments in data flow paths ... Like Ruby did in https://github.com/github/codeql/pull/12566	2023-08-10 11:45:29 +02:00
Rasmus Wriedt Larsen	9bd5694c3f	Python: Add tests of path-graph for dataflow/taint-tracking ... Although this is actually using taint-tracking (so we can use the += statement), I would personally forget to check under the dataflow/tainttracking folder to look for such a test, so I'm opting to keep it under the dataflow/ folder.	2023-08-10 11:44:17 +02:00
Michael B. Gale	01ff690d51	Merge pull request #13923 from github/mbg/go/bump-go-libraries	2023-08-09 11:36:35 +01:00
Mathias Vorreiter Pedersen	da66136ded	Merge pull request #13911 from MathiasVP/fix-taint-for-frontend-upgrade ... C++: Fix taint-flow in preparation for frontend upgrade	2023-08-09 11:30:07 +01:00
Rasmus Wriedt Larsen	c0dec21546	Merge pull request #13925 from RasmusWL/fixup-script ... Misc: Fixup `accept-expected-changes-from-ci.py`	2023-08-09 11:45:34 +02:00
Rasmus Wriedt Larsen	69aa099ed1	Misc: Fixup `accept-expected-changes-from-ci.py` ... I guess there has been a rename of the URL from `/jobs/` to `/job/`, since the script has been working previously.	2023-08-09 10:44:31 +02:00
Mathias Vorreiter Pedersen	499b6f35e5	C++: Also key SSA defs and uses by the base address.	2023-08-09 08:44:16 +01:00
Mathias Vorreiter Pedersen	e2feed78a0	C++: Generate SSA variables for all calls instead of just for calls to ... allocators.	2023-08-09 08:44:10 +01:00
Michael Nebel	560b876c01	Merge pull request #13891 from felickz/csharp-hardcoded-cred-identity-fp ... cs/hardcoded-credentials - Removes false positive matches on benign Microsoft.AspNetCore.Identity properties	2023-08-09 08:32:36 +02:00
Chad Bentz	fa23a45f9d	Merge branch 'main' into csharp-hardcoded-cred-identity-fp	2023-08-08 17:48:27 -04:00
Michael B. Gale	9da749ad77	Bump Go extractor dependencies	2023-08-08 22:23:47 +01:00
Mathias Vorreiter Pedersen	389294bded	Merge pull request #13920 from MathiasVP/fix-out-nodes ... C++: Remove unnecessary predicates	2023-08-08 20:11:36 +01:00
Geoffrey White	a1234d4235	Merge pull request #13905 from geoffw0/forceunwrap ... Swift: Flow through ForceValueExpr on LHS of assignment	2023-08-08 18:36:50 +01:00
Mathias Vorreiter Pedersen	2a1d5b7481	Merge branch 'main' into fix-out-nodes	2023-08-08 16:32:03 +01:00
Geoffrey White	2b0fcab182	Swift: Update test annotations following merge.	2023-08-08 16:06:52 +01:00
Geoffrey White	e9f0b535ea	Merge branch 'main' into forceunwrap	2023-08-08 16:03:31 +01:00
Anders Schack-Mulligen	0ca3f3308b	Merge pull request #13478 from aschackmull/java/varcapture ... Java: Add proper support for variable capture flow.	2023-08-08 16:22:56 +02:00
Anders Starcke Henriksen	7da6da1c93	Merge pull request #13852 from github/starcke/automodel-package-filter ... Add option to filter automodel queries	2023-08-08 14:59:00 +02:00
Anders Schack-Mulligen	1cd32722be	Java: More review fixes.	2023-08-08 14:32:48 +02:00
Mathias Vorreiter Pedersen	f4f5d43bcb	C++: `indirectReturnOutNodeOperand0` and `indirectReturnOutNodeInstruction0` ... were broken and for some reason only handled the case where calls mapped to raw indirect nodes :wat:. It turns out these predicates weren't actually needed anyway.	2023-08-08 13:23:10 +01:00
Alexandre Boulgakov	28863f39b0	Merge pull request #13917 from github/revert-13869-sashabu/swift-logging-compiler ... Revert "Swift: Route compiler diagnostics through our log."	2023-08-08 12:45:58 +01:00
Anders Schack-Mulligen	9d59f50340	Java: Review fixes.	2023-08-08 13:37:40 +02:00
AlexDenisov	75dad4764f	Revert "Swift: Route compiler diagnostics through our log."	2023-08-08 11:25:13 +02:00
Anders Schack-Mulligen	ab334f6c1b	Java: Always apply heuristic query regardless of existing models.	2023-08-08 10:01:43 +02:00
Anders Schack-Mulligen	cd22bb3505	Java: Add another test case.	2023-08-08 10:00:55 +02:00
Chad Bentz	d4b5a4d4f4	Merge branch 'main' into csharp-hardcoded-cred-identity-fp	2023-08-07 15:09:01 -04:00
Chad Bentz	7b33574b85	pull dependencies from Microsoft.AspNetCore.App	2023-08-07 18:45:16 +00:00
Geoffrey White	022a06659c	Merge pull request #13838 from rdmarsh2/rdmarsh2/swift/set-content ... Swift: add SetContent for data flow	2023-08-07 19:15:30 +01:00
Robert Marsh	eeaa361b12	Merge pull request #13907 from MathiasVP/cleanup-ssa-internals ... C++: Small cleanup of `SsaInternals`	2023-08-07 13:16:59 -04:00
Robert Marsh	07650af357	Swift: accept test for CollectionContent rename	2023-08-07 15:04:21 +00:00
Robert Marsh	146c50049c	Finish CollectionContent rename ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2023-08-07 10:26:40 -04:00
Mathias Vorreiter Pedersen	f2f4e1f882	C++: Add more QLDoc.	2023-08-07 15:22:46 +01:00
Mathias Vorreiter Pedersen	e9750af89f	Merge pull request #13783 from MathiasVP/type-bounds-for-new-range-analysis ... C++: Constant type-bounds in the new range analysis	2023-08-07 15:20:45 +01:00
Mathias Vorreiter Pedersen	291f1a189d	C++: Unify the two branches.	2023-08-07 14:23:35 +01:00
Michael Nebel	37a546253e	Merge pull request #13688 from michaelnebel/csharp/aspnetcore ... C#: Turn RuntimeVersion into a record type.	2023-08-07 15:20:21 +02:00
Jami	5862cd2378	Merge pull request #13889 from jcogs33/jcogs33/fix-some-models ... Java: remove duplicate models	2023-08-07 08:46:18 -04:00
Mathias Vorreiter Pedersen	467231e469	Merge pull request #13887 from jketema/float128x ... C++: Remove support for `_Float128x` which is not actually supported by gcc	2023-08-07 13:42:24 +01:00
Jeroen Ketema	073d170253	C++: Fix typo in change note	2023-08-07 14:30:35 +02:00
Jeroen Ketema	e795e1c387	C++: Add change note	2023-08-07 14:24:04 +02:00
Mathias Vorreiter Pedersen	6e6e118d4b	C++: Make the branches more identical.	2023-08-07 13:22:46 +01:00
Geoffrey White	dc98dec5b6	Swift: Change note.	2023-08-07 13:16:00 +01:00
Geoffrey White	ab3f3d03c5	Swift: Model taint into optionals via ForceValueExpr.	2023-08-07 13:11:29 +01:00
Michael Nebel	6bb9e6d122	C#: Address review comments.	2023-08-07 13:40:37 +02:00
Edward Minnix III	58d8a2d77f	Merge pull request #13899 from egregius313/egregius313/random-nextbytes-typo-fix ... Java: Fix typo in `StdlibRandomSource::getOutput`	2023-08-07 07:36:44 -04:00
Tom Hvitved	2126ab0dde	Merge pull request #13901 from hvitved/dataflow/refactor ... Data flow: Refactor shared library	2023-08-07 13:22:53 +02:00
Ian Lynagh	0d97c1c54a	Merge pull request #13837 from igfoo/igfoo/nullFunLabel ... Kotlin: Pass on a parentId and remove some redundant braces	2023-08-07 12:19:22 +01:00
Michael Nebel	e62ec888c0	Merge pull request #13506 from michaelnebel/java/threatmodels ... Java: Threat Models	2023-08-07 12:50:01 +02:00