hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 14:46:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,673 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
aegilops
6fb201372b Update changelog note to remove new source 2025-01-06 16:51:59 +00:00
aegilops
e414b8c5be Remove @Input() decorated members as remote sources, in favour of a later Threat Model 2025-01-06 16:51:35 +00:00
Paolo Tranquilli
370af8ac18 Swift: fix CodeQL analysis workflow 2025-01-06 17:12:37 +01:00
aegilops
8dac00aa83 Change from getParameter() to getArgument() 2025-01-06 15:43:47 +00:00
Mathias Vorreiter Pedersen
d935e9fb0f C++: Also resolve typedefs nested inside arrays. 2025-01-06 14:50:37 +00:00
Mathias Vorreiter Pedersen
fdc305298d C++: Add testcase with missing MaD support for resolving typedefs inside arrays. 2025-01-06 14:46:55 +00:00
Chris Smowton
d0eab598b1 Change note 2025-01-06 14:44:12 +00:00
Chris Smowton
5c2df36786 Exclude classes with a writeReplace method from serializability checks 2025-01-06 14:42:44 +00:00
Mathias Vorreiter Pedersen
493e75728c Merge pull request #18386 from MathiasVP/more-robust-param-name-matching 
C++: Resolve `typedef`s when matching MaD parameters
 2025-01-06 14:40:17 +00:00
Geoffrey White
9d178ab8d6 Rust: Fix the failing integration tests. 2025-01-06 14:05:02 +00:00
Geoffrey White
f93aac07c2 Rust: Correct / clarify some QLDoc. 2025-01-06 13:50:41 +00:00
Asger F
0cdda87161 JS: Restrict AP length in prototype-polluting function 2025-01-06 14:33:41 +01:00
Mathias Vorreiter Pedersen
99ad184f57 Update cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-01-06 13:32:11 +00:00
Mathias Vorreiter Pedersen
75a3b6b613 Update cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-01-06 13:32:04 +00:00
Mathias Vorreiter Pedersen
f3085fc865 Update cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-01-06 13:30:59 +00:00
Mathias Vorreiter Pedersen
bfd18bc3e3 Update cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-01-06 13:30:50 +00:00
Asger F
7ccb476b1b JS: Restrict AP length in ExceptionXss 2025-01-06 14:28:58 +01:00
Asger F
23d7420cec JS: Hide default exceptional return node 2025-01-06 14:27:20 +01:00
Geoffrey White
e1e980c2e8 Rust: Add sensitive data to summary queries. 2025-01-06 13:26:27 +00:00
Geoffrey White
821eb4f3e6 Rust: Add sensitive data library. 2025-01-06 13:26:26 +00:00
Geoffrey White
c77bf2b4eb Rust: Add a test for sensitive data. 2025-01-06 13:26:25 +00:00
Simon Friis Vindum
7248fb70c3 Merge pull request #18394 from paldepind/rust-format 
Rust: Value flow and taint flow through formatting strings
 2025-01-06 13:55:04 +01:00
Jeroen Ketema
01a7a5323b Merge pull request #18360 from github/jketema/template-parameters-3 
C++: Support arguments and instantiations of template template parameters
 2025-01-06 13:41:45 +01:00
Ian Lynagh
c5ebc19a28 Java: Clarify supported langauge features 2025-01-06 12:31:46 +00:00
Jeroen Ketema
0942945fa1 Update cpp/ql/lib/semmle/code/cpp/TemplateParameter.qll 
Co-authored-by: Calum Grant <42069085+calumgrant@users.noreply.github.com>
 2025-01-06 13:30:43 +01:00
Tom Hvitved
1b31c90d26 Implement FlowSummaryImpl stubs 2025-01-06 13:26:51 +01:00
Tom Hvitved
8f6ae6274d Rust: Add support for MaD sources and sinks with access paths 2025-01-06 13:26:49 +01:00
Tom Hvitved
37212cc43f Ruby: Add change note 2025-01-06 13:26:13 +01:00
Tom Hvitved
978a816f11 Ruby: Track types in data flow 2025-01-06 13:26:10 +01:00
Tom Hvitved
06ba814929 Data flow: Prune parameter-self flow in stage 1 2025-01-06 13:23:03 +01:00
Asger F
e2af19b946 JS: Restrict "get" step to Map objects 2025-01-06 13:17:32 +01:00
Simon Friis Vindum
c55b256d47 Rust: Remove accidentally commited expected files 2025-01-06 12:01:03 +01:00
Paolo Tranquilli
2e1e46c866 Merge pull request #18352 from github/redsun82/rust-codeql-config 
Rust: extend `paths-ignore` to all `rust/ql`
 2025-01-06 11:53:33 +01:00
Tamas Vajk
31dbadcbeb Add change note 2025-01-06 11:41:11 +01:00
Tamas Vajk
c9fab0b071 C#: Change source generated razor file paths to be relative to csproj 2025-01-06 11:10:28 +01:00
Asger F
4c9f406e34 JS: Exclude some sinks in UnvalidatedDynamicMethodCall 2025-01-06 10:32:11 +01:00
Paolo Tranquilli
10d8aa454b Merge branch 'main' into redsun82/rust-mute-warnings-in-uncompiled-blocks 2025-01-06 10:01:57 +01:00
Ed Minnix
c02430607a Add post-processing to StoredXss.qlref test 2025-01-03 13:26:29 -05:00
aegilops
aba8be2902 Changelog for Angular source/sink update 2025-01-03 17:07:35 +00:00
aegilops
7128700003 Simplified AngularInputUse class 2025-01-03 17:02:55 +00:00
aegilops
4891c1e5fe Added QLdoc and simplified QL in source class 2025-01-03 16:50:47 +00:00
aegilops
4773917876 Formatting 2025-01-03 16:43:00 +00:00
Paul Hodgkinson
a23f4ee007 Merge branch 'main' into angular-sources-sinks 2025-01-03 16:38:48 +00:00
aegilops
0f64822356 New remote source - reading from an @Input() decorated class member 2025-01-03 16:34:15 +00:00
aegilops
09e4c78b0f New XSS sink - writing to innerHTML using the Angular Renderer2 API 2025-01-03 16:33:42 +00:00
Ian Lynagh
78b277b46f Java/Kotlin: Add a changenote for CODEQL_PATH_TRANSFORMER support. 2025-01-03 16:02:36 +00:00
Ian Lynagh
dedb0cb11f Kotlin: Support CODEQL_PATH_TRANSFORMER 2025-01-03 16:02:36 +00:00
Simon Friis Vindum
5c64a8c948 Rust: Accept expected changes and fix other CI complaints 2025-01-03 16:38:11 +01:00
Michael Nebel
caaf29115c C#: Add change note. 2025-01-03 16:27:03 +01:00
Michael Nebel
ff32a382b0 C#: Update test expected output. 2025-01-03 16:27:02 +01:00