hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

1458 Commits

Author SHA1 Message Date
Mathew Payne
0e932574f4 Fix Ldap class name 2023-05-09 17:42:17 +01:00
Mathew Payne
e84657242c Fix names 2023-05-09 17:38:15 +01:00
Mathew Payne
632e487458 Add Command Injection support 2023-05-09 17:37:00 +01:00
Mathew Payne
8f39f028e6 feat: Additional models as data extensions 
- `logging`, `ldap`, and `url-redirect` sinks
 2023-05-09 17:31:51 +01:00
Kasper Svendsen
3041fdebba C#: Make implicit this receivers explicit 2023-05-09 15:34:59 +02:00
Michael Nebel
efa2bd8614 Apply suggestions from code review 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-05-08 16:19:00 +02:00
Michael Nebel
4dcfb4d8cb C#: Extend neutrals with a kind column and introduce validation. 2023-05-08 16:18:59 +02:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
Kasper Svendsen
4035b16ac1 Merge pull request #13008 from kaspersv/kaspersv/explicit-this-receivers-shared1 
Java, C#: Make implicit this receivers explicit
 2023-05-04 15:38:45 +02:00
Mathias Vorreiter Pedersen
77001a070b Merge branch 'main' into identity-consistency-check 2023-05-03 22:01:06 +01:00
Michael Nebel
e42bf2efd8 Merge pull request #12894 from michaelnebel/csharp/untrustedinput 
C#: Re-factor the UnsafeDeserializationQuery to use the new API.
 2023-05-03 20:12:44 +02:00
Michael Nebel
932ee0b877 C#: Delete unused deprecated abstract class. 2023-05-03 13:21:46 +02:00
Michael Nebel
5944b88334 C#: Re-factor the SafeConstructor classes to use the new API. 2023-05-03 13:09:35 +02:00
Michael Nebel
815602d3b5 C#: Re-factor some of the data flow configurations used by the UnsafeDeserializationQuery to use the new API. 2023-05-03 13:09:35 +02:00
Kasper Svendsen
e071a25653 Java, C#: Make implicit this receivers explicit 2023-05-03 13:09:00 +02:00
Kasper Svendsen
bfc48efdaa C#: Make implicit this receivers explicit 2023-05-03 10:48:00 +02:00
Anders Schack-Mulligen
ca09649679 Dataflow: Forward hasLocationInfo. 2023-05-02 10:48:32 +02:00
Anders Schack-Mulligen
5927bb2030 Dataflow: Replace "extends Node" with "instanceof Node". 2023-05-02 09:48:34 +02:00
Michael Nebel
a9cf6885d0 Merge pull request #12952 from michaelnebel/csharp/refactorcontentflow 
C#: Re-factor ContentFlow to a parameterised module and use the new API.
 2023-05-01 15:53:57 +02:00
Michael Nebel
36ea61c25e C#: Address review comments. 2023-05-01 10:38:39 +02:00
Mathias Vorreiter Pedersen
e506f638fc DataFlow: Sync identical files. 2023-04-27 18:40:33 +01:00
Anders Schack-Mulligen
71ae0909d8 Dataflow: Enforce type pruning in all forward stages. 2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen
9140cbefc0 Dataflow: Sync. 2023-04-27 14:55:23 +02:00
Michael Nebel
1b366fc87a C#: Re-factor ContentFlow into a parameterized module and use the new API. 2023-04-27 13:08:19 +02:00
Anders Schack-Mulligen
d681671356 Dataflow: Sync. 2023-04-26 14:45:07 +02:00
Joe Farebrother
a9d34458de Merge pull request #12658 from joefarebrother/csharp-sensitive-data 
C#: Add local filesystem writes as External Location sinks
 2023-04-25 10:14:48 +01:00
Joe Farebrother
0ebf529dc4 Add comment + use flowTo 2023-04-24 15:49:05 +01:00
Michael Nebel
8ade7247a1 Merge pull request #12885 from michaelnebel/mergepathgraph3 
Dataflow: Introduce param module for merging three path graphs.
 2023-04-24 12:49:28 +02:00
Joe Farebrother
9881fdfe27 Convert sources to MaD 2023-04-21 14:19:17 +01:00
Michael Nebel
0fdeeba46f C#: Re-refactor Xss to use the new API. 2023-04-20 18:38:15 +02:00
Michael Nebel
c71278ceb7 C#: Introduce parameterized module for merging three path graphs. 2023-04-20 11:29:34 +02:00
Michael Nebel
b3de105665 C#: Re-factor TypeNameTracking to use the new API. 2023-04-17 11:38:37 +02:00
Michael Nebel
ee7d15ac5d C#: Re-factor ExponentialRegexDataFlow to use the new API. 2023-04-17 11:38:37 +02:00
Michael Nebel
8d5ca53126 C#: Re-refactor another SettingsDataFlow to use the new API. 2023-04-17 11:38:37 +02:00
Michael Nebel
5b8544343b C#: Re-factor SettingsDataFlow to use the new API. 2023-04-17 11:38:36 +02:00
Michael Nebel
5ea6cea894 C#: Re-factor DapperCommandDefinitionMethodCallSqlExpr to use the new API. 2023-04-17 11:38:36 +02:00
Michael Nebel
a96ad600fc C#: Re-factor ZipSlip to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
3e4e75cee8 C#: Re-factor XPathInjection to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
e6be88b10e C#: Re-factor XmlEntityInjection to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
60544c6889 C#: Re-factor UrlRedirect to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
bdf1da340d C#: Re-factor TaintedPath to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
52bc43b22b Merge pull request #12595 from michaelnebel/enhanceprovenance 
Java/C# : Enhance provenance.
 2023-04-13 14:27:53 +02:00
Michael Nebel
3a316f17cc C#: Re-factor SqlInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
60a0917ced C#: Re-factor ResourceInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
80e8b6928d C#: Re-factor RegexInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
377b2d7515 C#: Re-factor ReDoS to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8d17a45dd0 C#: Re-factor MissingXmlValidation to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8e3bfda7be C#: Re-factor LogForging to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8284487407 C#: Explicitly add QL Doc for the LdapInjectionConfig predicates. 2023-04-13 10:08:40 +02:00
Michael Nebel
73cd7519a2 C#: Re-factor LdapInjection to use the new API. 2023-04-13 10:08:40 +02:00