hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
f542956f66 JS: Add internal extension of PackageJson class 2025-04-29 13:07:19 +02:00
Asger F
bb91df8145 JS: Add helper for doing path resolution with JS rules 2025-04-29 13:07:18 +02:00
Asger F
59e1cbcc7b JS: Add tsconfig class 2025-04-29 13:07:16 +02:00
Asger F
ef32a036b1 JS: Extract from methods from PathString into a non-abstract base class 
The new class 'FilePath' has bindingset[this] so one just has to cast a string to that type and you can use its methods.
 2025-04-29 13:07:15 +02:00
Asger F
17aa5220a6 JS: Add some helpers 2025-04-29 13:07:14 +02:00
Asger F
565cb434fc JS: Add test 2025-04-29 13:07:10 +02:00
Napalys Klicius
c8ee8dce98 Add test cases to verify correct call graph resolution with various JavaScript inheritance patterns 2025-04-29 13:04:07 +02:00
Asger F
359525b65a JS: Extract more tsconfig.json patterns 2025-04-29 12:46:49 +02:00
Asger F
8c0b0c4800 JS: Ensure json files are extracted properly in tests 2025-04-29 12:46:20 +02:00
Napalys Klicius
0a9a7911c2 Fixed issue where method calls weren't properly resolved when inheritance was implemented via prototype manipulation instead of ES6 class syntax. 2025-04-29 12:39:44 +02:00
Napalys Klicius
a015003bda Updated test case to resolve reflected calls 2025-04-29 12:37:03 +02:00
Napalys Klicius
4fbf8ca5cf Added test cases with inheritance 2025-04-29 12:36:30 +02:00
Michael Nebel
89fd9a4dd5 C#/Java/Rust: Change the tag for the model generator debugging queries. 2025-04-29 12:02:37 +02:00
Michael Nebel
e5d296180b Merge pull request #19396 from michaelnebel/csharp/equality-on-floats 
C#: Add `cs/equality-on-floats` to the Code Quality suite.
 2025-04-29 11:47:18 +02:00
Mathias Vorreiter Pedersen
daf953fabe Merge pull request #19404 from MathiasVP/cleanup-PropagateFlowConfig 
Shared: Use `isSink/1` in `PropagateFlowConfig`
 2025-04-29 10:30:01 +01:00
Nick Rolfe
d784473dcd Merge pull request #19400 from github/nickrolfe/rb-qhelp-tweak 
Fix spelling/wording in qhelp for `rb/uninitialized-local-variable`
 2025-04-29 09:43:58 +01:00
Tamás Vajk
1694050f37 Merge pull request #19390 from tamasvajk/test/cpp-python-query-suites 
Add query suite inclusion tests for cpp, python
 2025-04-29 10:26:40 +02:00
Asger F
ec9d15bb79 JS: Make shared Folder module visible 2025-04-29 09:42:25 +02:00
Asger F
2ce01bfb9a Add Folder::Resolve as a generalisation of Folder::Append 2025-04-29 09:42:23 +02:00
Asger F
eb059969e3 Move getAChildContainer one scope up 2025-04-29 09:42:22 +02:00
Asger F
6e64a22579 Merge pull request #19393 from asgerf/js/json-extractor-trailing-commas2 
JS: Tolerate trailing commas in JSON objects
 2025-04-29 09:40:38 +02:00
Tamás Vajk
e73031c688 Update cpp/ql/integration-tests/query-suite/not_included_in_qls.expected 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2025-04-29 08:45:02 +02:00
Tamas Vajk
a408e216ae Add query suite inclusion tests for cpp, python 2025-04-29 08:45:01 +02:00
Jeroen Ketema
966b7463ee Merge pull request #19397 from jketema/use-after-free 
C++: Add use-after-free FP tests
 2025-04-29 08:32:44 +02:00
REDMOND\brodes
ac798f2bc6 Cipher Algorithm Slices 2025-04-28 16:03:41 -04:00
REDMOND\brodes
ac3675bdac Typo fix 2025-04-28 16:00:41 -04:00
REDMOND\brodes
219476cee0 Adding KDF iteration count inventory filters. 2025-04-28 15:47:58 -04:00
REDMOND\brodes
ce3eabf05a Updating model to support slicing. 2025-04-28 14:56:28 -04:00
REDMOND\brodes
5a8bffac11 Removing old asymmetric algorithm slice 2025-04-28 14:56:08 -04:00
REDMOND\brodes
1fd7643ab3 Adding example slicing queries. 2025-04-28 14:54:38 -04:00
Mathias Vorreiter Pedersen
b91a2cc159 Shared: Use 'isSink/1' in 'PropagateFlowConfig'. 2025-04-28 17:36:37 +01:00
REDMOND\brodes
7b7ed61beb Adding an asymmetric algorithm slice. 2025-04-28 11:34:32 -04:00
REDMOND\brodes
fdd09a4dbf Adding a new means for determining if there is nonce reuse. 2025-04-28 11:34:16 -04:00
REDMOND\brodes
28ccc83346 Adding a means to distinguish asymmetric algorithms. 2025-04-28 11:33:37 -04:00
Nick Rolfe
50f7ee1158 Merge pull request #19401 from github/post-release-prep/codeql-cli-2.21.2 
Post-release preparation for codeql-cli-2.21.2
 2025-04-28 16:16:21 +01:00
github-actions[bot]
2e0699ab2b Post-release preparation for codeql-cli-2.21.2 2025-04-28 14:03:28 +00:00
Nick Rolfe
69bc12dd4f Fix spelling/wording in qhelp for rb/uninitialized-local-variable 2025-04-28 14:41:21 +01:00
Napalys Klicius
ee3a3bd9f5 Add support for prototype methods in class instance member resolution 2025-04-28 15:17:26 +02:00
Napalys Klicius
4705d30bac Add call graph tests for prototype methods injected on class 2025-04-28 15:12:24 +02:00
Nick Rolfe
a46f8fb0d9 Merge pull request #19398 from github/nickrolfe/rm-erroneous-query 
Java: Remove erroneously-committed query
 2025-04-28 14:06:52 +01:00
Napalys Klicius
c57172121e Update Nodes.qll 
Applied suggestions

Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-04-28 14:58:51 +02:00
Nick Rolfe
e3f33f192f Remove erroneously-committed query 2025-04-28 13:55:34 +01:00
Napalys Klicius
8b53f8f2a6 Fix, prevent addHook return values from being treated as XSS sinks 2025-04-28 14:22:51 +02:00
Napalys Klicius
b4c98b40a5 Merge pull request #19364 from Napalys/js/aws_creds 
JS: Improved modeling of `aws-sdk`
 2025-04-28 14:18:03 +02:00
Jeroen Ketema
0bb0b5c587 C++: Add use-after-free FP tests 2025-04-28 14:13:14 +02:00
Napalys Klicius
73309fb9dd Updated modeling of aws-sdk with MaD 2025-04-28 14:00:12 +02:00
Napalys Klicius
654177daa7 Fixed naming acronyms to be PascalCase 2025-04-28 14:00:12 +02:00
Napalys Klicius
f7f9fb823a Updated takesConfigurationObject with API graphs 2025-04-28 14:00:12 +02:00
Napalys Klicius
42d5b80e81 Added support for AWS.Credentials hardcoded credentials 2025-04-28 14:00:12 +02:00
Napalys Klicius
f69037c176 Added ability to detect direct write to global AWS.config 2025-04-28 14:00:12 +02:00