hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 15:04:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,680 Branches 158 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
9f6a5d9e13 Swift: Fix typo in example. 2024-08-01 11:52:05 +01:00
Geoffrey White
61eb5cd55c Swift: Put a barrier on the qualifiers as well. 2024-08-01 11:49:10 +01:00
Geoffrey White
0c3e8ced4b Swift: Make append methods and string interpolation barriers for swift/constant-salt. 2024-08-01 11:49:09 +01:00
Geoffrey White
2543f3ecfb Swift: Make + a barrier for swift/constant-salt. 2024-08-01 11:49:08 +01:00
Geoffrey White
c8438c38f2 Swift: Tests for string appending with swift/constant-salt. 2024-08-01 11:49:07 +01:00
Geoffrey White
69c18f9cd2 Swift: Use in swift/constant-salt so that the source node is clickable + visible to autofix. 2024-08-01 11:49:06 +01:00
Geoffrey White
b944d47f58 Swift: Fix the example for swift/constant-salt. 2024-08-01 11:49:05 +01:00
Owen Mansel-Chan
d5dc95f1e6 Update frameworks.csv 2024-08-01 11:03:50 +01:00
Alvaro Muñoz
def170425a Bump qlpack versions 2024-08-01 11:43:48 +02:00
Alvaro Muñoz
e043cf3a54 Merge branch 'master' of https://github.com/github/codeql-actions 2024-08-01 11:38:55 +02:00
Alvaro Muñoz
c9b7340718 Bump qlpack versions 2024-08-01 11:38:46 +02:00
Alvaro Muñoz
5006b81565 Merge pull request #65 from github/query/vulnerable_versions 
feat(queries): Improve Use Of Vulnerable Actions query
 2024-08-01 11:37:24 +02:00
Alvaro Muñoz
6cfec0d245 feat(queries): Improve Use Of Vulnerable Actions query 
Move all info to a MaD config file so its easier to mantain
Add other vulnerable actions
 2024-08-01 11:37:00 +02:00
Anders Schack-Mulligen
377301a55a Merge pull request #17108 from aschackmull/dataflow/flowthrough-provenance 
Dataflow: Propagate provenance correctly for flow-through wrappers.
 2024-08-01 09:35:56 +02:00
Owen Mansel-Chan
97c9207595 Merge pull request #17104 from owen-mc/go/add-extra-go-jose-package-path 
Go: Fix missing `go-jose` package path
 2024-08-01 00:14:46 +01:00
Alvaro Muñoz
a05dd49b74 Merge pull request #64 from github/query/path_traversal 
query/path traversal
 2024-07-31 23:14:48 +02:00
Alvaro Muñoz
5f1884aa32 feat(queries): Add new queries to report path traversal via artifact poisoning 2024-07-31 23:03:34 +02:00
Alvaro Muñoz
483f6229ff refactor: Create abstract class for known vulnerable actions 2024-07-31 23:02:52 +02:00
Alvaro Muñoz
4334524ac4 Merge pull request #63 from github/cwe_1395 
feat(queries): Add query to report vulnerable 3rd party actions
 2024-07-31 18:30:27 +02:00
Alvaro Muñoz
2b55d79c93 feat(queries): Add query to report vulnerable 3rd party actions 2024-07-31 18:29:17 +02:00
yoff
251036c6b4 Merge pull request #17080 from sylwia-budzynska/streamlit 
Python: Add Streamlit models
 2024-07-31 18:20:11 +02:00
Jami
f9f57e9122 Merge pull request #17023 from jcogs33/jcogs33/java/add-apache-ant-path-inj-sinks 
Java: add apache-ant `Property` path injection sinks
 2024-07-31 11:04:13 -04:00
Geoffrey White
20672acb74 Merge pull request #17110 from geoffw0/memfree 
C++: Improve cpp/memory-may-not-be-freed
 2024-07-31 15:59:42 +01:00
Mathias Vorreiter Pedersen
06a4f907ef Merge pull request #17109 from MathiasVP/constexpr-if-unevaluated 
C++: Mark `constexpr if` as unevaluated
 2024-07-31 15:34:29 +01:00
Alvaro Muñoz
a69fa5cb83 Merge pull request #62 from github/actions_download_artifact 
feat(queries): Add actions/download-artifact as a source of Artifact Poisoning
 2024-07-31 16:31:54 +02:00
Alvaro Muñoz
d548aef3e0 feat(queries): Add actions/download-artifact as a source of Artifact Poisoning 2024-07-31 16:31:15 +02:00
Owen Mansel-Chan
6280ed2a6b Merge pull request #13555 from am0o0/amammad-java-bombs 
Java: Decompression Bombs
 2024-07-31 14:55:28 +01:00
Geoffrey White
c172b946a1 C++: Change note. 2024-07-31 14:55:15 +01:00
Geoffrey White
4aea4c0323 C++: Simple fix. 2024-07-31 14:46:25 +01:00
Geoffrey White
c04428dedc C++: Add test cases for the memory freed queries. 2024-07-31 14:03:56 +01:00
Anders Schack-Mulligen
9724516c84 C#/Go/Java/Python/Ruby: Accept qltest .expected changes. 2024-07-31 14:45:10 +02:00
Anders Schack-Mulligen
af06763c42 Dataflow: Propagate provenance correctly for flow-through wrappers. 2024-07-31 14:37:13 +02:00
Jami
4fb29c4473 Merge branch 'main' into jcogs33/java/add-apache-ant-path-inj-sinks 2024-07-31 08:15:07 -04:00
Mathias Vorreiter Pedersen
61eda0df9d C++: Add change note. 2024-07-31 13:13:19 +01:00
Jami
05b0a3f41c Merge pull request #17093 from jcogs33/jcogs33/java/provenance-postprocess-qltest-remaining-lib-tests 
Java: Add support for post-process provenance pretty-printing in `.ql` library-tests
 2024-07-31 08:11:15 -04:00
Mathias Vorreiter Pedersen
fe575df325 C++: Mark constexpr if as unevalauted. 2024-07-31 13:09:12 +01:00
Mathias Vorreiter Pedersen
4e62dc81d2 C++: Add constexpr if testcase. 2024-07-31 13:08:49 +01:00
yoff
123dcc75d1 Merge pull request #16971 from RasmusWL/mad-dict-source 
Python: Add MaD support for DictionaryElement/DictionaryElementAny for sources
 2024-07-31 13:40:07 +02:00
Sylwia Budzynska
9bd00c9e1e Change Gradio rfs test to use shared rfs test module 2024-07-31 13:25:32 +02:00
Sylwia Budzynska
2a6ad00a2f Fix typo 2024-07-31 13:22:27 +02:00
Sylwia Budzynska
72e7b6c872 Update python/ql/lib/semmle/python/frameworks/Streamlit.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-07-31 13:20:01 +02:00
Owen Mansel-Chan
01c6dbaa27 Accept provenance numbering changes 2024-07-31 12:19:18 +01:00
Owen Mansel-Chan
8901b1fd14 Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer 
Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`
 2024-07-31 12:16:03 +01:00
Owen Mansel-Chan
59e22f6cd9 Merge pull request #17101 from owen-mc/java/dead-ref-types-junit-4-5 
Java: Fix FPs in `java/unused-reference-type` for JUnit 4-style tests
 2024-07-31 11:11:35 +01:00
Owen Mansel-Chan
e4cd29efc6 Fix missing go-jose package path 2024-07-31 11:09:53 +01:00
Cornelius Riemenschneider
d75da82528 Merge pull request #17102 from github/criemen/installer-ripunzip 
Bazel installer: Retry ripunzip step.
 2024-07-31 12:04:20 +02:00
Owen Mansel-Chan
f953249692 Merge pull request #17103 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-31 10:47:08 +01:00
Alvaro Muñoz
80d2bbdc9b Merge pull request #61 from github/missing_permissions 
fix(queries): Fix Missing Permissions query
 2024-07-31 11:45:54 +02:00
Alvaro Muñoz
ab8dd599b7 fix(queries): Fix Missing Permissions query 
If a job is only triggered by `workflow_call`, we dont report any issues
since they should be reported on the calling workflows
 2024-07-31 11:45:30 +02:00
Cornelius Riemenschneider
de47838c36 Remove unused exception class. 2024-07-31 11:31:11 +02:00