hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 06:54:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,680 Branches 158 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
d6af999c2d Merge pull request #17234 from github/felicitymay-patch-1 
Update CookieInjection.ql to remove period from @name
 2024-08-16 11:26:16 +02:00
Asger F
467256d465 JS: Add change note 2024-08-16 11:06:59 +02:00
Asger F
2d264052b3 JS: Treat browser message events as client-side sources 2024-08-16 11:02:12 +02:00
Rasmus Wriedt Larsen
25fc5f3803 Merge pull request #17209 from RasmusWL/threat-models-stdin 
ThreatModels: Add `stdin` kind
 2024-08-16 11:01:33 +02:00
Paolo Tranquilli
0e3c867cb9 Toy rust program listing definitions of a cargo project 2024-08-16 10:37:49 +02:00
Rasmus Wriedt Larsen
c3d8efc43d Merge branch 'main' into stdin3 2024-08-16 09:54:45 +02:00
Asger F
7dcdad066f Update javascript/ql/lib/semmle/javascript/frameworks/helmet/Helmet.qll 2024-08-16 09:44:53 +02:00
Anders Schack-Mulligen
ae013ba01a Merge pull request #17235 from aschackmull/dataflow/fix-missing-subpaths 
Dataflow: Fix missing subpaths due to type strengthening.
 2024-08-16 08:41:35 +02:00
Anders Schack-Mulligen
51c43a7440 Java: Accept expected changes. 2024-08-16 07:01:35 +02:00
Kristen Newbury
81787a159e Add QL docs to helmet model 2024-08-15 16:32:37 -04:00
Kristen Newbury
e84dda4fa6 Update JS helmet model structure 2024-08-15 16:08:48 -04:00
Anders Schack-Mulligen
86708c9ff8 Dataflow: Fix missing subpaths due to type strengthening. 2024-08-15 18:57:10 +02:00
Chris Smowton
0b56bf98f3 Java: add test for Apache Camel dead-code analysis 
This exercises code that detects Camel entry-points and marks them as live.
 2024-08-15 17:26:38 +01:00
Tom Hvitved
fb7b89f309 Merge pull request #17237 from aschackmull/java/fix-merge-conflict 
Java: Fix expected files following semantic merge conflict.
 2024-08-15 17:25:03 +02:00
Rasmus Wriedt Larsen
7a446231b6 C#: Accept benign test changes 2024-08-15 16:20:00 +02:00
Anders Schack-Mulligen
e77c3dfda1 Java: Fix expected files following https://github.com/github/codeql/pull/17233 and https://github.com/github/codeql/pull/17224. 2024-08-15 15:45:37 +02:00
Rasmus Wriedt Larsen
78770bcd1b Docs: Mention new stdin threat-model 2024-08-15 15:45:21 +02:00
Rasmus Wriedt Larsen
1e7eae58f4 Java: Add change-note 2024-08-15 15:45:20 +02:00
Rasmus Wriedt Larsen
ebafe65ac2 C#: Fixup test expectations from using stdin 2024-08-15 15:45:20 +02:00
Rasmus Wriedt Larsen
43b61dd2aa C#: Support stdin in LocalFlowSource 2024-08-15 15:45:20 +02:00
Rasmus Wriedt Larsen
fee38b3781 Java: Fixup test 2024-08-15 15:37:35 +02:00
Rasmus Wriedt Larsen
1e12c11adc Java: Model System.in as stdin threat-model 2024-08-15 15:37:35 +02:00
Rasmus Wriedt Larsen
7395223410 C#: Model System.Console reads as stdin threat-model 2024-08-15 15:36:28 +02:00
Rasmus Wriedt Larsen
157d0b7f37 ThreatModels: Add stdin kind 
None of the current local subgroups precisely captures stdin, so
although it's much like both commandargs and file, a separate kind seems
better.
 2024-08-15 15:36:28 +02:00
Anders Schack-Mulligen
7d61d9282c Merge pull request #17233 from aschackmull/dataflow/match-summarylabel 
Dataflow: Fix missing join on summaryLabel.
 2024-08-15 14:55:38 +02:00
Felicity Chapman
fcb2b5730f Update CookieInjection.ql to remove period 2024-08-15 13:17:13 +01:00
Anders Schack-Mulligen
6f23e8dcf3 Merge pull request #17224 from aschackmull/java/inlineflow-pathgraph 
Java: Add PathGraph to test output for default inline flow tests.
 2024-08-15 13:35:24 +02:00
Anders Schack-Mulligen
a85f8a2fbd Java/C#: Accept expected changes. 2024-08-15 13:24:31 +02:00
Paolo Tranquilli
f0de9f9276 Merge pull request #17232 from github/redsun82/kotlin 
Kotlin: fix wrapper on windows and use `os.execv` on POSIX
 2024-08-15 12:50:46 +02:00
Chris Smowton
3450e509fe Merge pull request #17228 from smowton/smowton/admin/missing-change-notes 
Java: add change notes for three recent buildless fixes
 2024-08-15 10:56:22 +01:00
Anders Schack-Mulligen
2c591f5420 Dataflow: Fix missing join on summaryLabel. 2024-08-15 11:05:08 +02:00
Michael Nebel
4b3cc5bd0e Merge pull request #17219 from michaelnebel/shared/neutralsourcesink 
C#/Java: Fix source- and sink callable provenance overlap.
 2024-08-15 11:02:18 +02:00
Anders Schack-Mulligen
fb1dfd4217 Java: Accept test changes. 2024-08-15 10:32:12 +02:00
Paolo Tranquilli
beba032ba5 Kotlin: fix wrapper on windows 2024-08-15 10:31:32 +02:00
Anders Schack-Mulligen
3cdc8d5eca Java: Add PathGraph to test output for default inline flow tests. 2024-08-15 10:17:31 +02:00
Michael Nebel
b16dc20bbd Merge pull request #17230 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-08-15 09:31:16 +02:00
github-actions[bot]
4c0f31d77b Add changed framework coverage reports 2024-08-15 00:18:12 +00:00
Chris Smowton
b4a42de7f4 Java: add change notes for three recent buildless fixes 2024-08-14 18:34:25 +01:00
Anders Schack-Mulligen
c1d03acd45 Merge pull request #17221 from aschackmull/dataflow/qltest-missing-subpath 
Dataflow: Add test highlighting missing subpath.
 2024-08-14 15:46:32 +02:00
Michael Nebel
27e9cb5384 Merge pull request #16872 from michaelnebel/csharp/updatedotnetmodels 
C#: Update .NET 8 Runtime models.
 2024-08-14 15:42:02 +02:00
Anders Schack-Mulligen
79dec723b0 Dataflow: Add test highlighting missing subpath. 2024-08-14 13:30:13 +02:00
Michael Nebel
c8d301ed43 C#: Add change note. 2024-08-14 13:13:29 +02:00
Michael Nebel
d5f8adbfee C#: Update test expected output. 2024-08-14 13:13:27 +02:00
Owen Mansel-Chan
0c525972a2 Merge pull request #17193 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-08-14 11:06:15 +01:00
Geoffrey White
7430fde8c6 C++: Avoid outputting a cartesian product in AliasedSSA's getOverlap. 2024-08-14 10:53:25 +01:00
Michael Nebel
4b0427c732 C#: Update .NET 8 runtime models. 2024-08-14 11:24:54 +02:00
Michael Nebel
35ec9db23a C#: Add some manual source neutrals. 2024-08-14 11:24:50 +02:00
Michael Nebel
094c98db5e C#: Update .NET 8 Runtime models. 2024-08-14 11:24:46 +02:00
Michael Nebel
3425efe421 Merge pull request #17208 from michaelnebel/csharp/prettyprintmodels 
C#: Pretty print models in tests.
 2024-08-14 11:23:01 +02:00
Owen Mansel-Chan
005ffd4f64 Merge branch 'main' into workflow/coverage/update 2024-08-14 09:45:17 +01:00