github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
59 651 коммит 1 541 ветка 130 Теги 483 MiB
Граф коммитов

59651 Коммитов

Автор SHA1 Сообщение Дата
Ed Minnix ec84f072eb Sync ArithmeticTaintedLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix da933fb77a Sync ExternallyControlledFormatStringLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix f1886320e5 Sync ImproperValidationOfArrayIndexLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix 69531b9f7c Sync ResponseSplittingLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix ef282955fd Sync SqlTaintedLocalQuery with SqlInjectionQuery 2023-10-12 09:58:08 -04:00
Ed Minnix e4f567979a Sync XSS Local 2023-10-12 09:58:08 -04:00
Erik Krogh Kristensen 59c43c7904
Merge pull request #14410 from erik-krogh/bigger-compilation-cache 
use a bigger compilation cache in the compile-queries workflow
 2023-10-12 12:35:44 +02:00
Mathias Vorreiter Pedersen 02f73145d6
Merge pull request #14354 from geoffw0/conversions2 
Swift: Improve models for Numeric, RangeReplaceableCollection
 2023-10-12 11:13:50 +01:00
Michael B. Gale f6570710e7
Merge pull request #14441 from github/dependabot/go_modules/go/extractor/golang.org/x/tools-0.14.0 
Bump golang.org/x/tools from 0.13.0 to 0.14.0 in /go/extractor
 2023-10-12 10:19:34 +01:00
Owen Mansel-Chan 5fcdb9e112
Merge pull request #14442 from owen-mc/go/test-qldoc-coverage 
Fix module name
 2023-10-11 23:45:53 +01:00
Henry Mercer 1a370bfbbe
Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot] ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
Tamás Vajk a31f946d6f
Merge pull request #14436 from tamasvajk/void-type-value-type 
C#: Include the `void` type in value types
 2023-10-11 16:16:06 +02:00
Asger F 7780fe9472
Merge pull request #14435 from asgerf/ruby/port-synced-queries 
JS/Ruby: desync two queries and port the Ruby version to ConfigSig-style
 2023-10-11 15:50:58 +02:00
Owen Mansel-Chan b6bf4d04ff
Fix module name 2023-10-11 14:47:46 +01:00
dependabot[bot] 442a4fe9cf
Bump golang.org/x/tools from 0.13.0 to 0.14.0 in /go/extractor 
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.13.0 to 0.14.0.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 13:12:49 +00:00
Michael B. Gale 7a98afe6ec
Merge pull request #14439 from github/mbg/go/workspace-experiments 
Go: Move `go.mod` into `extractor` subdirectory
 2023-10-11 14:11:07 +01:00
Jean Helie a4eb3fd997
Merge pull request #14438 from github/jhelie/fix-automodel-extraction-queries 
Automodel: Fix automodel extraction queries
 2023-10-11 14:30:01 +02:00
Michael B. Gale 7d7d90e7e0
Update expected test output 2023-10-11 13:18:27 +01:00
Michael B. Gale 94b0bc1e35
Move `go.mod` into `extractor` directory 2023-10-11 13:10:20 +01:00
Jean Helie 6260768e6a
update query message to incoude extensibleType 2023-10-11 14:02:24 +02:00
Jean Helie c41676a21a
update query message to incoude extensibleType 2023-10-11 14:02:12 +02:00
Owen Mansel-Chan 477d8f8b9a
Merge pull request #14064 from amammad/amammad-go-NewFileSystemAccess 
Go: New File System Access Sinks
 2023-10-11 12:58:38 +01:00
Owen Mansel-Chan 96543b8337
Merge pull request #14075 from amammad/amammad-go-JWT 
Go: Improved JWT query, JWT decoding without verification
 2023-10-11 12:31:43 +01:00
Mathias Vorreiter Pedersen 02915582eb
Merge pull request #14432 from MathiasVP/select-the-right-node-for-flow-sources 
C++: Use fully converted instructions as the target of modelled functions
 2023-10-11 13:04:16 +02:00
Owen Mansel-Chan 8a3aa2c767
Fix formatting 2023-10-11 11:46:31 +01:00
Tamas Vajk 267fd23b26 C#: Include the `void` type in value types 2023-10-11 12:01:17 +02:00
Tamás Vajk 304d7a4395
Merge pull request #14429 from tamasvajk/relax-metadata_handle-keyset 
C#: Remove `keyset` from `metadata_handle` relation
 2023-10-11 12:00:11 +02:00
Erik Krogh Kristensen 85bb14f04f
Merge pull request #14405 from erik-krogh/tagCall 
JS: recognize tagged template literals as `DataFlow::CallNode`
 2023-10-11 11:25:34 +02:00
Mathias Vorreiter Pedersen d54ab640c7 Merge branch 'main' into select-the-right-node-for-flow-sources 2023-10-11 10:17:10 +01:00
Tamás Vajk aa7a667919
Merge pull request #14421 from tamasvajk/csharp/autobuilder-test 
C#: Add autobuilder test with global.json
 2023-10-11 10:35:53 +02:00
amammad 5e273238ca fix qldoc 2023-10-11 10:33:44 +02:00
Asger F 89bd00a4ec Ruby: port queries to ConfigSig-style 2023-10-11 10:06:19 +02:00
Asger F 6df919a917 JS/Ruby: remove sync between two queries 2023-10-11 10:06:11 +02:00
Rasmus Wriedt Larsen 68d00a829e
Merge pull request #14430 from RasmusWL/api-graph-import-star 
Python: Better allow `import *` to work with API graphs
 2023-10-11 10:03:46 +02:00
Erik Krogh Kristensen 6377e92067
Update javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-10-11 09:52:48 +02:00
Erik Krogh Kristensen e99b1598d1
Merge pull request #14433 from erik-krogh/delete-expected 
JS: delete an .expected file outside the test directories
 2023-10-11 09:44:04 +02:00
Tamás Vajk c587dbb72a
Merge pull request #14428 from tamasvajk/feature/deterministic-conflict-resolution 
C#: Make conflicting assembly selection deterministic in standalone
 2023-10-11 08:40:50 +02:00
amammad 4499048d8e better query quality thanks to owen 2023-10-10 23:41:45 +02:00
amammad 877605d31b change c to C for fixing the qhelp error :) 2023-10-10 23:35:05 +02:00
amammad b6968d9260 fix beego tests 2023-10-10 23:30:26 +02:00
amammad 8d6f985aea fix afero additional step and tests 2023-10-10 23:24:04 +02:00
amammad db9f74bc78 fix tests 2023-10-10 23:15:07 +02:00
amammad 82483a206e fix tests 2023-10-10 23:14:11 +02:00
amammad 38b0ed8176 fix issues according to codereview 2023-10-10 23:12:30 +02:00
erik-krogh ccd06c78b9
delete an .expected file outside the test directories 2023-10-10 21:35:19 +02:00
Mathias Vorreiter Pedersen f1cefc8900 Merge branch 'main' into select-the-right-node-for-flow-sources 2023-10-10 17:35:37 +01:00
Mathias Vorreiter Pedersen 496f190d70 C++: Accept test changes. 2023-10-10 16:45:31 +01:00
Mathias Vorreiter Pedersen 512c10ec59 C++: Use the fully converted expression when converting models to dataflow nodes. 2023-10-10 16:45:25 +01:00
Rasmus Wriedt Larsen ee75b104eb
Python: Add change-note 2023-10-10 17:45:11 +02:00