hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,258 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.3
Commit Graph

10661 Commits

Author SHA1 Message Date
erik-krogh
031a910989 add a JS implementation of RegexTreeViewSig 2022-11-15 17:14:38 +01:00
erik-krogh
4a2472a078 add hasLocationInfo predicate to regexp terms 2022-11-15 17:14:37 +01:00
erik-krogh
e928777cb7 add codeql/regex as a dependency 2022-11-15 17:14:37 +01:00
Mauro Baluda
8109a7b67a Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-15 16:27:21 +01:00
Mauro Baluda
e5e3bb3705 Generalize the server definition in plugin registration 2022-11-15 16:27:14 +01:00
Mauro Baluda
563a56af9d Update Hapi.qll 2022-11-15 15:46:34 +01:00
Asger F
dc440aaee6 Merge pull request #11255 from asgerf/js/dynamic-import-type-expr 
JS: Handle DynamicImport in the context of a type
 2022-11-15 13:31:08 +01:00
Stephan Brandauer
ec3578364e remove superfluous class in EndpointCharacteristics hierarchy 2022-11-15 10:17:38 +01:00
tiferet
9ecff0723c Fix non-ascii character in docs 2022-11-14 16:34:24 -08:00
tiferet
6b7612fed7 Fix import errors in DebugResultInclusion.ql 2022-11-14 15:33:46 -08:00
tiferet
b47723d607 Delete ExtractEndpointData. 
Also remove the associated test files.
 2022-11-14 14:57:59 -08:00
tiferet
9d7e7735d5 Extract training data: 
Implement the new query that selects data for training. For now we include clauses that implement logic that is identical to the old queries.

Include a temporary wrapper query that converts the resulting data into the format expected by the endpoint pipeline.

Move the small pieces of `ExtractEndpointData` that are still needed into `ExtractEndpointDataTraining.qll`.
 2022-11-14 14:33:08 -08:00
Mauro Baluda
3260c81397 Merge branch 'github:main' into main 2022-11-14 22:59:06 +01:00
Mauro Baluda
5ea03b1ded Update Hapi.qll 
Add `server` definitions in plugin registration and plugin dependency declaration
 2022-11-14 22:56:06 +01:00
Tiferet Gazit
855eddab80 Merge pull request #11174 from github/tiferet/non-sink-endpoint-characteristics 
Non-sink endpoint characteristics
 2022-11-14 09:37:25 -08:00
Asger F
2bcf9b86cf JS: Bump extractor version string 2022-11-14 15:09:50 +01:00
Asger F
5f18484fa9 JS: Change note 2022-11-14 15:09:30 +01:00
Asger F
b028d72d51 JS: Handle DynamicImport in the context of a type 2022-11-14 15:07:59 +01:00
Henry Mercer
afbd05d41a Merge branch 'main' into codeql-ci/atm/release-0.4.1 2022-11-11 13:19:35 +00:00
github-actions[bot]
b5b69e9357 JS: Bump version of ML-powered library and query packs to 0.4.2 2022-11-11 12:48:00 +00:00
github-actions[bot]
3e5e695325 JS: Bump patch version of ML-powered library and query packs 2022-11-11 12:36:19 +00:00
Mauro Baluda
25ac3499c2 Merge branch 'github:main' into main 2022-11-11 11:20:01 +01:00
Erik Krogh Kristensen
90382c4d1c Merge pull request #11178 from erik-krogh/passcode 
JS/RB/PY: Recognize `passcode` as sensitive
 2022-11-10 17:58:34 +01:00
Erik Krogh Kristensen
724a31b746 fix comment that wasn't updated in test 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-11-10 15:56:44 +01:00
erik-krogh
676327d9e4 Merge branch 'main' into erb 2022-11-10 15:39:58 +01:00
erik-krogh
012fb28e25 only extract .html.erb files instead of all .erb files 2022-11-10 15:38:51 +01:00
Mauro Baluda
53f1985e77 Merge branch 'github:main' into main 2022-11-10 13:27:20 +01:00
Michael Nebel
9c6875ec0f Merge pull request #10777 from michaelnebel/csharp/generatedataextensions 
C#: Generate data extension files
 2022-11-10 13:08:31 +01:00
Mauro Baluda
ee02265ac2 Add property params to RequestInputAccess 2022-11-10 12:24:39 +01:00
tiferet
dbcdc2209e Use names constants for confidence levels 2022-11-09 14:25:08 -08:00
tiferet
b6532fa9a0 Fix QLDoc style warning 2022-11-09 13:10:54 -08:00
tiferet
243980ef73 Documentation improvements 2022-11-09 13:04:16 -08:00
Tiferet Gazit
6cb01a210f Apply suggestions from code review 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-11-09 12:53:52 -08:00
Asger F
83291f378b Merge pull request #11157 from asgerf/js/yaml-locations 
JS: fix issue with zero-column yaml locations
 2022-11-09 15:57:54 +01:00
erik-krogh
ad7fc34efd extract .erb files as html 2022-11-09 12:43:19 +01:00
Erik Krogh Kristensen
c537c80ed6 Merge pull request #11095 from erik-krogh/exportRead 
JS: recognize more re-exported values as exported
 2022-11-09 12:39:41 +01:00
erik-krogh
23add8a72b recognize passcode as sensitive 2022-11-09 11:30:57 +01:00
erik-krogh
e0bcfe2afb add failing test 2022-11-09 11:30:31 +01:00
Erik Krogh Kristensen
138a16f0b3 use getImportedModuleNode() 
Co-authored-by: Asger F <asgerf@github.com>
 2022-11-09 09:53:23 +01:00
Asger F
694d987365 JS: Update test output 2022-11-09 09:36:03 +01:00
tiferet
ac14b6d685 Create EndpointCharacteristics to replace all existing NotASinkReasons and LikelyNotASinkReasons 2022-11-08 13:37:49 -08:00
tiferet
fadbdc1f63 Documentation improvements suggested by Andrew 2022-11-08 11:45:33 -08:00
Mauro Baluda
8e546e8496 Add req.url.origin to RequestInputAccess 2022-11-08 16:14:10 +01:00
Erik Krogh Kristensen
e01cbb2ffa Merge pull request #10378 from erik-krogh/aliasFlow 
JS: expand localFieldStep to use access-paths, and build access-paths in more cases
 2022-11-08 14:26:12 +01:00
Asger F
69f5879384 JS: Update TRAP test output 2022-11-08 13:02:26 +01:00
Asger F
44e94f6615 JS: Change note 2022-11-08 11:51:26 +01:00
Asger F
fef922e417 JS: Bump extractor version string 2022-11-08 11:44:40 +01:00
Asger F
92e8f059c8 JS: Avoid emitting column zero in yaml files 2022-11-08 11:38:26 +01:00
Mauro Baluda
8b33e6d175 Improved Hapi support 
- server defined by Glue
 2022-11-07 16:29:44 +01:00
Asger F
a887ff4f09 JS: Add test cases to include results with column-zero end locations 2022-11-07 15:13:25 +01:00