hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 05:06:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
e6884cf705 Merge pull request #18959 from erik-krogh/faster-routing 
JS: ensure the result from getPathFromFork is unique (to avoid a blowup)
 2025-03-10 21:45:14 +01:00
Jaroslav Lobačevski
fa35d6c3ac Minor example workflow fix 2025-03-10 20:43:16 +00:00
REDMOND\brodes
f72efa638a Uncommenting out generic dataflow 2025-03-10 16:12:53 -04:00
REDMOND\brodes
c83cb533ce Adding an instantiation of the additional flow step class to automatically apply to generic dataflow. Flow step passthrough comes from the algorithm to getter flow passthroughs. 2025-03-10 15:56:01 -04:00
Asger F
73c0a93fc4 Merge pull request #18963 from asgerf/js/disable-tainted-nodes 
JS: Remove TaintedNodes.ql from default meta query suite
 2025-03-10 20:49:46 +01:00
Geoffrey White
e3beacbda2 Rust: Print models (temporary, to see how this differs on CI). 2025-03-10 19:38:36 +00:00
REDMOND\brodes
036035b6a2 Adding modeling for OpenSSL random number generation. 2025-03-10 15:04:19 -04:00
Napalys
4a365857f1 Added change note. 2025-03-10 19:40:41 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
REDMOND\brodes
fe52351aed Stubbing out hash operation node, borrowing from cipher operaiton node 2025-03-10 14:10:55 -04:00
Geoffrey White
7717f92ec6 Rust: Clean up the test (it turns out a nested UnusedVariable.qlref is not needed) and accept consistency check changes. 2025-03-10 17:59:19 +00:00
REDMOND\brodes
73368ea59a Adding hashes to openssl library import 2025-03-10 13:27:39 -04:00
Paolo Tranquilli
d1876251ee Merge pull request #18918 from github/redsun82/rust-tweak-qltest-logs 
Rust: tweak qltest logs
 2025-03-10 17:47:30 +01:00
REDMOND\brodes
0672027822 Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model. 2025-03-10 11:46:26 -04:00
REDMOND\brodes
451808616e Getting rid of commented out code. 2025-03-10 11:35:16 -04:00
REDMOND\brodes
bd07b8a4c7 Making getter flow through 'copy' more general (copy can appear in any part of the call name now. 2025-03-10 11:34:26 -04:00
REDMOND\brodes
6a4659fc7e Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5()) 2025-03-10 11:33:46 -04:00
REDMOND\brodes
3316d6135d Ctx flow comments. 2025-03-10 11:32:14 -04:00
Simon Friis Vindum
b48fd99913 Rust: Applying suggestions to documentation 2025-03-10 16:30:52 +01:00
Erik Krogh Kristensen
b945466b9f Merge pull request #18892 from asgerf/js/membership-regexp-test 
JS: Sharpen up EnumerationRegExp
 2025-03-10 16:21:54 +01:00
Asger F
4d02993efa JS: Remove TaintedNodes.ql from default meta query suite 2025-03-10 16:15:13 +01:00
Asger F
f7d2abf3e3 JS: Unfold local type aliases in getAnUnderlyingType 2025-03-10 16:09:16 +01:00
Asger F
91e9b23cf7 JS: Add test showing FN source 2025-03-10 16:08:55 +01:00
REDMOND\brodes
d99812a10d Adding GOSTHash to THashType. 2025-03-10 09:59:28 -04:00
Simon Friis Vindum
5c83644360 Rust: Use CWE 20 for regex injection query 2025-03-10 14:52:25 +01:00
Paolo Tranquilli
79e06153ed Merge pull request #18813 from github/redsun82/rust-turn-off-ra-resolution 
Rust: add flag to turn off extractor path resolution
 2025-03-10 14:52:07 +01:00
Asger F
08c9f6fa1e Merge pull request #18798 from erik-krogh/ts58 
JS: upgrade TypeScript to 5.8
 2025-03-10 14:48:03 +01:00
Simon Friis Vindum
0e965f7616 Rust: Accept changes 2025-03-10 14:39:37 +01:00
Michael Nebel
ca553bf1a2 Merge pull request #18932 from michaelnebel/csharp/ismatchingconstantunknowtype 
C#: Special handling of unknown types in `isMatchingConstant`.
 2025-03-10 14:37:27 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
d84368eb54 Merge pull request #18858 from Napalys/js/react-relay 
JS: React-relay support
 2025-03-10 14:33:23 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
6a47678b60 JS: Fix broken alert comment in HeterogenousComparison 2025-03-10 14:23:43 +01:00
Asger F
c88eac486a JS: Remove stray $ Alert comment inside a doc comment 2025-03-10 14:23:42 +01:00
Asger F
0df893e280 JS: Remove blank lines and add trailing newline 2025-03-10 14:23:40 +01:00
Asger F
6fe3a368eb JS: Remove blank line and add trailing newline to file 2025-03-10 14:23:39 +01:00
Asger F
b9dd594d69 JS: Remove blank lines 2025-03-10 14:23:38 +01:00
Asger F
f7532c09e6 JS: Remove blank line 2025-03-10 14:23:37 +01:00
Asger F
122f68e525 Update javascript/ql/test/query-tests/Security/CWE-400/ReDoS/polynomial-redos.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:22:22 +01:00
Asger F
8ee5b237e2 Update javascript/ql/test/query-tests/Security/CWE-730/server-crash.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:21:46 +01:00
Asger F
92dfdc8194 Update javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/UnsafeHtmlExpansion.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:33 +01:00
Asger F
21d42bcd21 Update javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/exception-xss.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:01 +01:00
Asger F
dad4838d3b Update javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tst.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:42 +01:00
Asger F
017f458534 Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:22 +01:00
Asger F
24c9b2ef9b Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:02 +01:00
Jami
ad63dd946c Apply suggestions from docs review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-10 09:01:04 -04:00
Napalys
9c8e0a5537 Applied changes from comments. 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 13:29:05 +01:00
Michael Nebel
21aa62c18c C#: Address review comments. 2025-03-10 13:28:20 +01:00
Simon Friis Vindum
344fea2128 Rust: Enable local threat models in tests and use active threat models for regex query 2025-03-10 13:23:20 +01:00
Michael Nebel
a16c2c80f7 C#: Add change-note. 2025-03-10 13:03:01 +01:00