github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
47 348 коммитов 1 541 ветка 130 Теги 483 MiB
Граф коммитов

47348 Коммитов

Автор SHA1 Сообщение Дата
Ben Ahmady c06b8a68e5
Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:08:00 +00:00
Ben Ahmady c663da5be6
Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:07:03 +00:00
Ben Ahmady 4bd7e24b5f
Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:06:57 +00:00
Ben Ahmady 605c7113a2
Update docs/codeql/reusables/kotlin-java-differences.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:06:48 +00:00
Ben Ahmady e2240abc78
Update docs/codeql/codeql-language-guides/codeql-for-java.rst 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-23 10:06:34 +00:00
Nick Rolfe e16bdc4d07 Ruby/QL: only create dbscheme case-splits for columns on defining tables 2022-11-23 10:00:08 +00:00
Geoffrey White 556d68aeed
Update swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-11-23 09:17:18 +00:00
Paolo Tranquilli 545c2f67e9
Merge pull request #11382 from github/alexdenisov/swift-relax-file-archiving 
Swift: do not abort if cannot archive a source file
 2022-11-23 06:56:26 +01:00
Paolo Tranquilli d345cec339
Merge pull request #11381 from github/alexdenisov/swift-fix-remapping-regression 
Swift: fix remapping bug
 2022-11-23 06:56:05 +01:00
ka1n4t d113fb23c8 Add test case for PR-11368 2022-11-23 11:05:58 +08:00
Tom Hvitved 4ad7d2d822 C#: Also include extractor unit tests in `csharp-qltest.yml` 2022-11-22 19:55:38 +01:00
Ben Ahmady 24c413fbf9 Adds Kotlin (beta) content 2022-11-22 18:33:24 +00:00
Geoffrey White 7d45ca6293 Merge branch 'main' into optionals2 2022-11-22 17:35:27 +00:00
Alex Denisov 8f02463411 Swift: fix remapping bug 
This issue has slipped during a recent refactoring:
https://github.com/github/codeql/pull/10987/files#diff-c5ab26a06a93c4507a834859a6a56878d5bfe16c4d7cbac4afc4f081d46f461aL63-R64
 2022-11-22 17:25:07 +01:00
Alex Denisov a2ac1384cb Swift: do not abort if cannot archive a source file 2022-11-22 17:18:40 +01:00
Tony Torralba 92ee0aa7ae
Merge pull request #11367 from atorralba/atorralba/java/add-bitwise-implicit-intents 
Java: Consider taint through bitwise operations on PendingIntent flags
 2022-11-22 17:08:52 +01:00
Tony Torralba 2e1a78e1bf Add models for NSData and NSMutableData 2022-11-22 15:48:58 +01:00
Rasmus Wriedt Larsen 5866af413f
Merge pull request #11347 from tausbn/python-clean-up-import-resolution 
Python: Add change note for module resolution
 2022-11-22 15:28:38 +01:00
Rasmus Wriedt Larsen 04a68f8d52
Merge pull request #11372 from RasmusWL/getpass 
Python: Model `getpass.getpass` as source of passwords
 2022-11-22 14:49:04 +01:00
Rasmus Wriedt Larsen b281cc88ff
Merge pull request #11208 from RasmusWL/call-graph-tests 
Python: Test improvements in preparation for new call-graph PR
 2022-11-22 14:31:09 +01:00
Rasmus Wriedt Larsen 9195b73d84
Python: Model `getpass.getpass` as source of passwords 2022-11-22 14:11:52 +01:00
Rasmus Wriedt Larsen 80e71b202a
Python: Cleartext queires: Remove flow from getpass.py 2022-11-22 14:08:00 +01:00
Rasmus Wriedt Larsen 9342e3ba76
Python: Enable new test 
But look at all those elements from getpass.py implementation :(
 2022-11-22 13:59:59 +01:00
Rasmus Wriedt Larsen e01df3ea7c
Python: Prepare for new test 
.expected line changes 😠
 2022-11-22 13:52:50 +01:00
Taus 18be30d177
Python: Apply suggestion from review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-11-22 13:46:45 +01:00
Rasmus Wriedt Larsen 1b30cf8eca
Merge branch 'main' into call-graph-tests 2022-11-22 13:39:27 +01:00
Erik Krogh Kristensen 158ea26dd1
Merge pull request #11362 from erik-krogh/read-only-cache 
CI: use read-only-cache when running on a PR
 2022-11-22 13:04:34 +01:00
Erik Krogh Kristensen f67219965e
Merge pull request #11082 from erik-krogh/shellArr 
JS: treat arrays that gets executed with shell:true as a sink for `js/shell-command-constructed-from-input`
 2022-11-22 13:03:50 +01:00
Erik Krogh Kristensen b2267c0e49
Merge pull request #11343 from erik-krogh/redundantAssignment 
QL: add redundant-assignment query
 2022-11-22 13:03:14 +01:00
Erik Krogh Kristensen 06386b2cdd
Merge pull request #11072 from erik-krogh/slicing 
JS: poly-redos: don't sanitize calls through substring calls that just remove the start
 2022-11-22 13:02:09 +01:00
Tony Torralba 1667fbad88 Add change note 2022-11-22 11:48:21 +01:00
Tony Torralba 43f4dd8bc4 Consider taint through bitwise operations on PendingIntent flags 2022-11-22 11:39:30 +01:00
Tom Hvitved ed841aee30
Merge pull request #11329 from hvitved/csharp/qltest-ci 
C#: Add workflow for running QL tests
 2022-11-22 11:36:16 +01:00
ka1n4t ce2ba21240 Add binding between annotation and sink-param 2022-11-22 18:32:14 +08:00
Rasmus Wriedt Larsen 84faf49bf0
Python: Add tests for compound arguments field flow 2022-11-22 11:29:00 +01:00
Rasmus Wriedt Larsen d876acde4c
Python: Fix SINK/SINK_F usage for crosstalk tests 
As discussed in PR review
https://github.com/github/codeql/pull/11208#discussion_r1022473421
 2022-11-22 11:29:00 +01:00
Anders Peter Fugmann d799466e9d
Merge pull request #11338 from andersfugmann/update_swift_codeowners 
Swift: set @github/codeql-swift as owner
 2022-11-22 11:24:19 +01:00
Erik Krogh Kristensen ef270232dc
Merge pull request #11358 from erik-krogh/rubyDelPacks 
Ruby: delete the target/packs folder in the `compile-queries` job
 2022-11-22 10:56:52 +01:00
Geoffrey White 949cfb758d Merge branch 'main' into alamofire2 2022-11-22 09:29:53 +00:00
erik-krogh 10c602d9fb
CI: use read-only-cache when running on a PR 2022-11-22 10:20:09 +01:00
Anders Schack-Mulligen 15aa8b62b8
Merge pull request #11359 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-11-22 09:47:38 +01:00
Tom Hvitved 313767539a C#: Add workflow for running QL tests 2022-11-22 09:32:44 +01:00
github-actions[bot] e70eb3a3ee Add changed framework coverage reports 2022-11-22 00:19:21 +00:00
erik-krogh 29055f7709
delete packs 2022-11-22 00:12:33 +01:00
Jami 8a73675483
Merge pull request #11070 from jcogs33/java-regex-injection 
Java: Promote regex injection query from experimental
 2022-11-21 15:04:26 -05:00
Mathias Vorreiter Pedersen c2ac60fc34
Merge pull request #11311 from MathiasVP/repair-mustflow 
C++: Repair `MustFlow` library for use-use flow
 2022-11-21 19:13:10 +00:00
Jami Cogswell 9e2ec9d12f apply docs review suggestion 2022-11-21 13:39:46 -05:00
Edoardo Pirovano 6c33ddcd47
Merge pull request #11349 from github/edoardo/2.11.4-mergeback 
Merge `rc/3.8` into `main`
 2022-11-21 18:08:27 +00:00
Erik Krogh Kristensen af367a5fdf
Merge pull request #11348 from erik-krogh/cache-full-extractor 
Ruby: cache the entire extractor
 2022-11-21 18:06:32 +01:00
erik-krogh 76ceb49841
re-introduce the paths requirements in the ruby workflows 2022-11-21 17:55:57 +01:00