hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,734 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.4
Commit Graph

8276 Commits

Author SHA1 Message Date
Joe Farebrother
eb2f5898bd Fix typos 2023-09-15 16:39:51 +01:00
Joe Farebrother
68ad5b7c00 Restrict logic for checking for id parameters on index expressions for performance 2023-09-15 16:35:29 +01:00
Tamas Vajk
c34fef1eb6 Adjust integration tests after path changes and generating file with global usings 2023-09-15 13:35:25 +02:00
Joe Farebrother
6d704be7d2 Rewrite checks for index expressions in terms of dataflow 2023-09-15 10:25:27 +01:00
Joe Farebrother
a2dce6be14 Check for authorize attributes in more namespaces and on overridden methods 2023-09-15 10:25:27 +01:00
Joe Farebrother
6a95ed64ff Add test cases for authorization from attributes 2023-09-15 10:25:27 +01:00
Joe Farebrother
ac45050545 Add checks for authorization attributes 2023-09-15 10:25:27 +01:00
Joe Farebrother
0a27da08d6 Minor changes from review suggestions to shared logic between this and missing access control 
Use case insensitive regex, factor out page load to improve possible bad joins make needsAuth not a member predicate
 2023-09-15 10:25:27 +01:00
Joe Farebrother
a022893f0f Add additional example to qhelp + additional resource 2023-09-15 10:25:27 +01:00
Joe Farebrother
86abd338e5 Update test options 2023-09-15 10:25:26 +01:00
Joe Farebrother
9f25c71ca6 Apply minor reveiw suggstions 2023-09-15 10:25:26 +01:00
Joe Farebrother
4967fe0b77 Add change note + update query ID 2023-09-15 10:25:26 +01:00
Joe Farebrother
3e6750ba4c Add documentation 2023-09-15 10:25:26 +01:00
Joe Farebrother
f8b1b38438 Update alert message and make user checks more precise 2023-09-15 10:25:26 +01:00
Joe Farebrother
009a7bfc87 Add MVC tests 2023-09-15 10:25:26 +01:00
Joe Farebrother
20d42dfd7d Add tests for webforms case 2023-09-15 10:25:26 +01:00
Joe Farebrother
2edd73eb60 Fix typos in filepath + metadata, add severity 2023-09-15 10:25:26 +01:00
Joe Farebrother
251f875304 Fix filenme typo 2023-09-15 10:25:26 +01:00
Joe Farebrother
5d1289672b Add IDOR query 2023-09-15 10:25:26 +01:00
Joe Farebrother
a510a7b4c0 Add insecure direct object reference definitions and factor out those from missing access control 2023-09-15 10:25:26 +01:00
Tamas Vajk
d725bd9169 C#: Generate source file with implicit usings in Standalone 2023-09-15 10:52:57 +02:00
Michael Nebel
e577fb68bd C#: Add integration test for dotnet dotnet. 2023-09-14 14:59:49 +02:00
Michael Nebel
8768b9e3dd C#: Fix tracer issue with dotnet dotnet. 2023-09-14 14:49:57 +02:00
Michael Nebel
b9acf1a4ee Merge pull request #14111 from michaelnebel/csharp/reduceprojectrestore 
C#: Avoid explicitly restoring projects in solution files.
 2023-09-14 10:06:49 +02:00
Michael Nebel
84ec823ac0 C#: Add some explanatory comments about parallel restore. 2023-09-13 16:07:47 +02:00
Anders Schack-Mulligen
1750d00fbe C#: Add localMustFlowStep 2023-09-13 15:43:46 +02:00
Dave Bartolomeo
edf6a80c3b Merge pull request #14185 from michaelnebel/csharp/quotinghotfixrc 
C#: Quoting hotfix.
 2023-09-13 09:34:05 -04:00
Michael Nebel
0127b779b5 C#: Address review comments. 2023-09-13 13:31:58 +02:00
Koen Vlaswinkel
585fb9db7e C#: Add VS Code model editor queries 2023-09-13 13:12:55 +02:00
Tom Hvitved
53302117a1 C#: Implement missingArgumentCallExclude and multipleArgumentCallExclude 2023-09-12 20:05:11 +02:00
Tom Hvitved
c13a8e41ad Data flow: Add more consistency checks 2023-09-12 20:05:05 +02:00
Tom Hvitved
49d57653dc Merge pull request #14170 from hvitved/csharp/cil-arg-exclude 
C#: Exclude CIL arguments from `ArgumentNode` when they are compiled from source
 2023-09-12 13:44:29 +02:00
Michael Nebel
7bcaa49f5a C#: Add integration test with quoted arguments. 2023-09-12 10:33:39 +02:00
Michael Nebel
6fe9b70c92 C#: Poor mans quoting of arguments on windows. 2023-09-12 10:33:21 +02:00
Michael Nebel
6bfaa90fe4 C#: Avoid explicitly restoring the projects in the restored solution files. 2023-09-11 13:30:28 +02:00
Michael Nebel
d4a1c297aa C#: Quote arguments containing whitespaces on windows in the tracer. 2023-09-11 11:18:27 +02:00
Michael Nebel
8475464fbe C#: Cleanup hotfix version of quoting. 2023-09-11 11:18:27 +02:00
Michael Nebel
1b90216c98 Merge pull request #14172 from michaelnebel/csharp/poormansquoting 
C#: Poor mans quoting.
 2023-09-11 08:57:44 +02:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
Michael Nebel
11987d3ebf C#: Add integration test with quoted arguments. 2023-09-08 15:09:24 +02:00
Michael Nebel
9691100138 C#: Poor mans quoting of arguments on windows. 2023-09-08 15:09:24 +02:00
Tom Hvitved
ecbf2d8b13 C#: Exclude CIL arguments from ArgumentNode when they are compiled from source 2023-09-08 14:14:06 +02:00
Tom Hvitved
e6a6a7931b Revert "C#: Bump all dependencies" 2023-09-08 11:19:00 +02:00
Tom Hvitved
9b8948bc2e C#: Remove test explorer recommendations (superseded by C# dev kit) 2023-09-08 10:47:52 +02:00
Tom Hvitved
f720528368 Merge pull request #14149 from hvitved/csharp/extract-gen-no-trap-stack 
C#: Clear TRAP stack when calling `PopulateGenerics`
 2023-09-08 10:37:07 +02:00
Michael B. Gale
38892bb51b Merge pull request #13999 from github/mbg/csharp/standalone/dotnet-version 
C# Standalone: Install .NET SDK specified in `global.json`
 2023-09-07 11:30:53 +01:00
Michael B. Gale
ccbc6f446a Use git ls-files to find DLLs to index 2023-09-06 22:17:08 +01:00
Tom Hvitved
718e491800 C#: Clear TRAP stack when calling PopulateGenerics 2023-09-06 21:12:01 +02:00
Tom Hvitved
6e0ff56788 Revert "C#: Bump all dependencies" 2023-09-06 16:23:38 +02:00
Michael Nebel
a8e427ffe1 Merge pull request #14097 from michaelnebel/csharp/extractorerrormessages 
C#: Update extractor_messages relation schema.
 2023-09-06 14:01:36 +02:00