github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
47 348 коммитов 1 541 ветка 130 Теги 483 MiB
Граф коммитов

47348 Коммитов

Автор SHA1 Сообщение Дата
Geoffrey White a5a459fe0a Swift: Update swift/unsafe-js-eval to include local flow sources. 2022-11-28 10:11:44 +00:00
Chris Smowton 5a0cce2a18
Merge pull request #11430 from erik-krogh/go-go 
GO: get the Go CI to go fast!
 2022-11-26 11:47:04 +00:00
erik-krogh 2b0ecec0c8
only run other-os on non-ql changes 2022-11-26 10:43:33 +01:00
erik-krogh dcfa0b38c1
use a non-xl mac runner because the XL runners keep queing 2022-11-26 10:43:33 +01:00
erik-krogh 2b996f11cc
use query compilation cache 2022-11-26 10:43:33 +01:00
erik-krogh 1e732ad4d7
use XL workers, and update the windows runner 2022-11-26 10:43:33 +01:00
erik-krogh d7763f236f
use more threads for codeql test 2022-11-26 10:43:33 +01:00
erik-krogh b6034b4935
delete language specific format check 2022-11-26 10:43:30 +01:00
Chris Smowton fb1f22144d
Merge pull request #11352 from smowton/smowton/admin/kotlin-tests-1.7.20 
Kotlin: bump default CI version to 1.7.20
 2022-11-25 21:05:10 +00:00
Chris Smowton 0879f02db6 Adapt custom_plugin test to Kotlin 1.7.20 2022-11-25 17:54:53 +00:00
Jeroen Ketema 53b86fd53b
Merge pull request #11428 from jketema/default-taint-tests 
C++: Add more tests that exercise the default taint barrier implementation
 2022-11-25 12:13:18 +01:00
Chris Smowton 180c3cee44 Accept integration test changes caused by variable location changes 2022-11-25 10:54:50 +00:00
Chris Smowton 32847c125a Accept more test changes due to variable locations changing 
There is also one non-location change: kotlin.Byte (and likely other primitives) now have real equals and toString overrides, which matches their native source and documentation; before they appeared to have fake overrides.
 2022-11-25 10:47:48 +00:00
Alex Ford 8362caa9d9
Merge pull request #11417 from alexrford/ruby/activesupport-json_escape 
Ruby: model ActiveSupport `json_escape` flow
 2022-11-25 10:46:34 +00:00
Chris Smowton 8ec681e61c Kotlin: bump default CI version to 1.7.20 
A bunch of test expectations change because 7f531d8426 means that we now see (a) local variable declarations with source locations covering only their identifier, not the whole statement, and (b) more SYNTHETIC_OFFSET values for the parts of a destructuring assignment
or initialiser, which show up as file.kt:0:0:0:0 in DbLocation form.
 2022-11-25 10:19:26 +00:00
Jeroen Ketema 4607f5990e
C++: Add more tests that exercise the default taint barrier implementation 2022-11-25 10:19:45 +01:00
Alexander Eyers-Taylor 3c7f7511be
Merge pull request #11418 from alexet/alexet/mockito-class-rename 
Java: Add new Mockito runner class location.
 2022-11-24 17:49:31 +00:00
alexet e24e3bf13f Java: Add new Mockito runner class location. 2022-11-24 16:43:57 +00:00
Henry Mercer df3dc6fadc
Merge pull request #11414 from github/codeql-ci/atm/release-0.4.2 
JS: Bump version numbers of ML-powered packs after 0.4.2 release
 2022-11-24 16:07:28 +00:00
Alex Ford e6446e501c Ruby: fix docs failure 2022-11-24 15:37:03 +00:00
Alex Ford 893c8763bb Ruby: model ActiveSupport json_escape flow 2022-11-24 15:33:08 +00:00
Edoardo Pirovano 9071acea01
Merge pull request #11416 from github/edoardo/mergeback-3.8 
Merge `rc/3.8` into `main`
 2022-11-24 15:05:28 +00:00
Erik Krogh Kristensen 03737543d4
Merge pull request #11403 from erik-krogh/additional 
ReDoS: add missing additional keywords
 2022-11-24 15:53:51 +01:00
Edoardo Pirovano 8eeba92a47
Merge pull request #11415 from github/edoardo/mergeback-2.11.4 
Merge `codeql-cli-2.11.4` into `rc/3.8`
 2022-11-24 14:42:36 +00:00
Henry Mercer 56e5f01ce0 Merge branch 'main' into codeql-ci/atm/release-0.4.2 2022-11-24 14:41:49 +00:00
github-actions[bot] 78d49e44b1 JS: Bump version of ML-powered library and query packs to 0.4.3 2022-11-24 14:22:14 +00:00
github-actions[bot] 8d96bfe973 JS: Bump patch version of ML-powered library and query packs 2022-11-24 14:18:13 +00:00
Tony Torralba adf905d838
Merge pull request #11368 from ka1n4t/main 
Java: Add binding between annotation and sink-param in MyBatis SQL Injection query
 2022-11-24 14:34:57 +01:00
Tony Torralba 1d57663343
Merge pull request #11345 from atorralba/atorralba/swift/data-models 
Swift: Add taint models for the Data class
 2022-11-24 14:23:41 +01:00
Geoffrey White 32442a33de
Merge pull request #11270 from geoffw0/optionals2 
Swift: Dataflow through ?? and ? :
 2022-11-24 13:20:54 +00:00
Ian Lynagh 184c903ec7
Merge pull request #11401 from igfoo/igfoo/unused 
Kotlin: Remove an unused argument
 2022-11-24 12:47:50 +00:00
Ian Lynagh 501ea31c25
Merge pull request #11404 from igfoo/igfoo/build_refactor 
Kotlin build system: Refactor jar-finder
 2022-11-24 12:47:34 +00:00
Anders Schack-Mulligen f2897f5bfc
Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority 
Java: Adjust the prioritisation between MaD and source dispatch.
 2022-11-24 13:10:48 +01:00
Tony Torralba e4e5291511 Fix more test expectations after rebase 2022-11-24 13:03:12 +01:00
Erik Krogh Kristensen 6464135800
Merge pull request #11409 from erik-krogh/cache-more 
Ruby: cache the compiled extractor in the build tests
 2022-11-24 12:42:33 +01:00
Tony Torralba fc7c66dab2 Remove now unnecessary additional taint step in UnsafeJsEval 2022-11-24 12:35:52 +01:00
Tony Torralba e67b72d954 Update test expectations 2022-11-24 12:35:51 +01:00
Tony Torralba 25354d2dd8 Apply code review suggestions 2022-11-24 12:35:51 +01:00
Tony Torralba 6a8b9fde78 Add data flowsources test 2022-11-24 12:35:51 +01:00
Tony Torralba d6b14a1395 Update test expectations 2022-11-24 12:35:50 +01:00
Tony Torralba 2284127650 Add MaD rows for the Data class 2022-11-24 12:35:50 +01:00
Tony Torralba 4bbc1dc734 Update test expectations 2022-11-24 12:34:48 +01:00
Tony Torralba cac6e946ab
Merge pull request #11411 from atorralba/atorralba/swift/fix-nsdata-test 
Swift: Fix expectation in NSData tests
 2022-11-24 12:34:28 +01:00
Ben Ahmady 7f5df4fc0e
Merge pull request #11384 from github/subatoi/codeql-cli-2.11.4 
Adds Kotlin (beta) content
 2022-11-24 11:33:46 +00:00
Geoffrey White c6835cd270 Swift: Update .generated.list. 2022-11-24 11:16:56 +00:00
Tony Torralba 4f8ef13cd8 Fix expectation in NSData tests 2022-11-24 12:13:46 +01:00
Tony Torralba 04450c5173
Merge pull request #11378 from atorralba/atorralba/swift/nsdata-models 
Swift: Add models for NSData and NSMutableData
 2022-11-24 11:19:14 +01:00
Tony Torralba 17218fa663 Formatting 2022-11-24 11:14:16 +01:00
Ben Ahmady 42259ef8d1
Update docs/codeql/reusables/kotlin-java-differences.rst 2022-11-24 10:10:42 +00:00
Tony Torralba 443d0f50c1
Apply suggestions from code review 2022-11-24 11:10:07 +01:00