hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

555 Commits

Author SHA1 Message Date
Geoffrey White
02cae30270 Merge branch 'main' into sharedsensitive 2023-05-31 12:57:33 +01:00
Geoffrey White
4a8320fafd Merge pull request #13287 from geoffw0/stringfp 
Swift: Fix some string length conflation false positives
 2023-05-30 08:57:48 +01:00
Geoffrey White
32c113bc38 Swift: Fix following merge with main. 2023-05-26 14:41:48 +01:00
Geoffrey White
68354c09bf Merge branch 'main' into sqlpathinject 2023-05-26 14:33:05 +01:00
Paolo Tranquilli
a6e21dac8f Merge pull request #13284 from github/redsun82/swift-remove-property-wrapper-inconsistencies 
Swift: remove some AST and CFG inconsistencies
 2023-05-26 12:22:56 +02:00
Geoffrey White
736f2871f9 Swift: Tweak private info regexps to restore 'account_no' results. 2023-05-26 08:43:32 +01:00
Geoffrey White
0e443da710 Swift: Remove id() categorization due to accuracy, and repair the old bank.?account case. 2023-05-25 21:51:27 +01:00
Mathias Vorreiter Pedersen
7361ad977a Merge pull request #13291 from geoffw0/correction 
Swift: Promote some Data models to DataProtocol
 2023-05-25 11:28:42 -07:00
Geoffrey White
3f3a5d39e5 Swift: Fix the SQL injection test. 2023-05-25 17:13:51 +01:00
Paolo Tranquilli
51f1a5dcc8 Swift: remove getOpaqueExpr from OpenExistentialExpr's children 2023-05-25 13:05:21 +02:00
Paolo Tranquilli
7b76aa34bd Swift: fix CFG inconsistency on TapExpr 2023-05-25 13:05:21 +02:00
Paolo Tranquilli
63fb0581c2 Swift: accept inconsistencies for now 2023-05-24 20:09:46 +02:00
Geoffrey White
d8cc8bd520 Swift: Fix indentation. 2023-05-24 18:43:48 +01:00
Jeroen Ketema
3a3d9bc505 Swift: Rewrite inline expectation tests to use the parameterized module 2023-05-24 11:38:22 +02:00
Geoffrey White
2c5202018d Swift: Add sinks. 2023-05-23 18:11:33 +01:00
Geoffrey White
8573b30239 Swift: Add test cases. 2023-05-23 17:29:51 +01:00
Geoffrey White
b6122d01fc Swift: Clean up the query somewhat. 2023-05-19 22:40:53 +01:00
Geoffrey White
2028b5ef95 Swift: Fix imprecise sinks. 2023-05-19 22:23:26 +01:00
Geoffrey White
19080333b9 Swift: Add a few test cases. 2023-05-19 22:18:34 +01:00
Geoffrey White
5019d3befa Swift: Update test annotations. 2023-05-15 18:23:48 +01:00
Geoffrey White
047494dc95 Swift: Bank account numbers are a credential now, I guess they don't need to be private data as well. 2023-05-15 18:22:55 +01:00
Geoffrey White
252b72b573 Swift: Add some special cases to preserve (for now) result quality. 2023-05-15 18:22:50 +01:00
Geoffrey White
245e8fbc92 Swift: Use SensitiveDataHeuristics.qll in SensitiveCredential. 2023-05-15 18:14:52 +01:00
Geoffrey White
a91c45049e Swift: Add some special cases to preserve (for now) result quality. 2023-05-15 18:06:33 +01:00
Geoffrey White
e2080c5d00 Swift: SensitiveDataHeuristics.qll expects function names without an (argument:list:). 2023-05-15 17:45:56 +01:00
Geoffrey White
35e2e5d785 Swift: Use SensitiveDataHeuristics.qll in regexpProbablySafe. 2023-05-15 17:44:54 +01:00
Geoffrey White
4781881a6a Swift: Improve mobile/phone number regexp. 2023-05-15 15:30:30 +01:00
Geoffrey White
a0cba8cb6b Swift: Address boolean value FPs. 2023-05-15 14:24:18 +01:00
Geoffrey White
27c8eb301e Swift: Fix URL-related FPs. 2023-05-15 14:08:43 +01:00
Geoffrey White
e59d7e0345 Swift: Remove assumption that 'username' is not sensitive (in the tests). 2023-05-15 13:58:44 +01:00
Geoffrey White
dba951111a Swift: Add more sensitive data test cases. 2023-05-15 13:58:44 +01:00
Geoffrey White
d7382053ca Merge branch 'main' into swifttodos 2023-05-09 10:06:45 +01:00
Geoffrey White
08b6755c55 Swift: Simplify hasActualResult. 2023-05-09 09:03:32 +01:00
Geoffrey White
e4382677c2 Merge branch 'main' into modernsec3 2023-05-05 13:07:01 +01:00
Geoffrey White
d92ecbb3cf Swift: Standardize on 'barrier' tover 'santerminology now we use ConfigSig dataflow. 2023-05-05 10:03:18 +01:00
Geoffrey White
9317174742 Swift: Improve the LibXML2 tests for XXE and remove the TODO comment. 2023-05-04 12:28:55 +01:00
Geoffrey White
a698f3fcb9 Merge branch 'main' into modernsec3 2023-05-02 17:35:08 +01:00
Geoffrey White
bb6aa11ce5 Swift: Additional test case. 2023-05-02 17:12:44 +01:00
Geoffrey White
ca50f1117e Swift: Hide locationless results in the inlineexpectations test (there's no way to make them expected). 2023-05-02 16:57:29 +01:00
Geoffrey White
664500d2e6 Swift: Fix member variable sinks in swift/hardcoded-key. 2023-05-02 11:26:21 +01:00
Geoffrey White
adbd2c467d Swift: Fix member variable sinks in swift/path-ionjection. 2023-05-02 11:26:20 +01:00
Anders Schack-Mulligen
9fe5462b1b Swift: Update more expected output. 2023-04-26 13:41:50 +02:00
Anders Schack-Mulligen
6b049cb37a Swift: Update expected output. 2023-04-26 13:15:39 +02:00
Geoffrey White
bfbd45a220 Swift: Fix CSV field sinks. 2023-04-20 18:14:34 +01:00
Geoffrey White
d317ad80e5 Swift: Convert to CSV sinks. 2023-04-20 17:53:00 +01:00
Geoffrey White
380bf21a38 Swift: Update InsecureTLSExtensions.ql sinks to not depend on AssignExpr. 2023-04-20 17:15:48 +01:00
Geoffrey White
c1a95d57bb Swift: Add some test cases. 2023-04-20 17:15:47 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
c7ea08aa73 Swift: Fix inline expectations. 2023-04-18 17:32:38 +01:00
Geoffrey White
619d572d50 Swift: Add RNCryptor hmacKey encryption-key sinks. 2023-04-14 14:58:15 +01:00