Michael Nebel
63b06d50b0
C#: Delete ServiceStack 5.11.0 and related projects.
2022-08-09 13:08:34 +02:00
Michael Nebel
094dcf989e
C#: Update FlowSummaries test expected file (this is required since the .NET Runtime stubs have been updated).
2022-08-09 13:08:34 +02:00
Michael Nebel
d76b069bc5
C#: Manual changes to stubs to ensure compilation.
2022-08-09 13:08:34 +02:00
Michael Nebel
73b6697ea6
C#: Add ServiceStack 6.2.0 and friends.
2022-08-09 13:08:17 +02:00
Michael Nebel
b90a404658
Merge pull request #9636 from michaelnebel/csharp/sinkmodelcsv
...
C#: Convert Sinks to CSV format for SymmetricAlgorithm.
2022-08-09 09:05:12 +02:00
Tom Hvitved
dd465e739b
Code review suggestion
2022-08-09 07:46:27 +02:00
Tamas Vajk
36c913061c
C#: Fix dataflow for default constructors
2022-08-09 07:46:27 +02:00
Tamas Vajk
1a92fc90e0
C#: Add test to demonstrate missing dataflow for default constructors
2022-08-09 07:46:27 +02:00
Michael Nebel
6febbc5966
C#: Update .NET Core and ASP.NET Core.
2022-08-08 13:29:20 +02:00
Anders Schack-Mulligen
aa3655678e
Merge pull request #9823 from aschackmull/dataflow/stage-module
...
Dataflow: Replace stage duplication with parameterised modules.
2022-08-08 10:56:32 +02:00
Michael Nebel
cebd49af9d
Merge pull request #9968 from michaelnebel/csharp/aspreviewcomment
...
C#: Simplification of AspNetCoreRemoteFlowSourceMember.
2022-08-08 09:44:02 +02:00
Tom Hvitved
400071091c
C#: Also disable shared compilation in the tracer for dotnet msbuild
2022-08-05 14:17:16 +02:00
Anders Schack-Mulligen
3d47875b60
Dataflow: Generate shorter RA/DIL names.
2022-08-05 11:00:56 +02:00
Anders Schack-Mulligen
d3dcc3ce3a
Dataflow: Sync.
2022-08-05 11:00:56 +02:00
Michael Nebel
64e8660904
C#: Simplification of AspNetCoreRemoteFlowSourceMember.
2022-08-04 14:18:25 +02:00
Tom Hvitved
bc6a74b4dd
C#: Disable CLR tracer
...
Also remove old tracer configs, as we now use the Lua tracer.
2022-08-04 13:11:07 +02:00
Alex Ford
8e3548efb3
Merge branch 'main' into post-release-prep/codeql-cli-2.10.2
2022-08-02 20:29:26 +01:00
Michael Nebel
02165e8ee1
Merge pull request #9327 from michaelnebel/csharp/dotnetruntimerefresh
...
C#: Re-create summary models and include source and sink models as well.
2022-08-01 16:15:54 +02:00
Raul Garcia
5a7b6532a9
Updated to handle lambda statements (previously false negatives) + a couple of bug fixes.
2022-07-29 13:47:53 -07:00
github-actions[bot]
e8747d3176
Post-release preparation for codeql-cli-2.10.2
2022-07-28 20:00:09 +00:00
github-actions[bot]
212786ed91
Release preparation for version 2.10.2
2022-07-28 13:38:35 +00:00
Paolo Tranquilli
9b26921cb6
Control flow: add order disambuigation customization
2022-07-28 09:11:42 +02:00
Paolo Tranquilli
ebf650c0c0
Control Flow: add more ordering for edges
2022-07-27 15:01:17 +02:00
Raul Garcia
9b79668ed2
Addressing some of the feedback. Work still pending
2022-07-20 10:58:01 -07:00
Raul Garcia
7f725137e5
Addressing some of the feedback. Work pending.
2022-07-20 10:56:44 -07:00
Cornelius Riemenschneider
e9e5d948b3
C#: Implement proper dotnet build handling in the Lua tracing config.
...
For proper C# tracing, `dotnet build` needs the parameter
/p:UseSharedCompilation=false. However, we can't pass that to the other
subcommands of `dotnet`, therefore we need to figure out which subcommand
of `dotnet` is being invoked.
2022-07-20 10:11:36 +00:00
Asger F
b9bdee6651
Merge branch 'main' into post-release-prep/codeql-cli-2.10.1
2022-07-19 16:24:35 +02:00
Michael Nebel
6603024488
C#: Allow encryption- prefix for sinks in CsvValidation.
2022-07-18 14:32:31 +02:00
Michael Nebel
57ba0c4e5d
C#: Move sinks into System.Security.Cryptography framework code.
2022-07-18 14:28:49 +02:00
Michael Nebel
c91d49a0fe
C#: Add provenance column to CSV format for SymmetricAlgorithm.
2022-07-18 14:28:49 +02:00
Michael Nebel
66232a8054
C#: Fix typo.
2022-07-18 14:28:49 +02:00
Michael Nebel
a5b7e2a2e1
C#: Convert set Key of SymmetricAlgorithm to Csv sink.
2022-07-18 14:28:49 +02:00
Michael Nebel
032448041d
C#: Convert CreateSymmetricKey to CSV sink.
2022-07-18 14:28:49 +02:00
Michael Nebel
1d405dba14
C#: Collapse Sink classes.
2022-07-18 14:28:49 +02:00
Michael Nebel
383ad51682
C#: Use CSV format for CreateEncryptor and CreateDecryptor sinks.
2022-07-18 14:28:49 +02:00
Michael Nebel
e6e82ef56d
C#: Update test with Decrypt example.
2022-07-18 14:28:49 +02:00
Michael Nebel
52a9fb0de7
C#: Add test for decrypt.
2022-07-18 14:28:49 +02:00
github-actions[bot]
0ee476129a
Post-release preparation for codeql-cli-2.10.1
2022-07-14 14:38:49 +00:00
Erik Krogh Kristensen
85a652f3d1
remove a bunch of repeated words
2022-07-14 12:42:48 +02:00
github-actions[bot]
d1aa0d7dd3
Release preparation for version 2.10.1
2022-07-14 08:56:03 +00:00
Raul Garcia
0dbb03f732
Adding CVE information.
2022-07-12 21:49:19 -07:00
Raul Garcia
ac05577966
Making various changes based on the feedback. Pending: 2 non-trivial fixes for Java & Python.
2022-07-11 13:25:35 -07:00
Raul Garcia
5d89a5d164
Update csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql
...
Co-authored-by: Taus <tausbn@github.com >
2022-07-11 08:42:50 -07:00
Raul Garcia
156bc34cda
Update UnsafeUsageOfClientSideEncryptionVersion.qhelp
2022-07-11 08:41:05 -07:00
Raul Garcia
f8994d04d6
Clean up
2022-07-07 11:49:05 -07:00
Raul Garcia
97d9fd9846
Update security-validation-disabled.ql
2022-07-05 15:18:56 -07:00
Raul Garcia
56060e0610
Update csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.qhelp
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-07-05 13:57:28 -07:00
Raul Garcia
fcb01ef28d
Merge branch 'github:main' into Token_validation
2022-07-01 17:37:05 -07:00
Raul Garcia
62c28571c6
making changes based on feedback during PR
2022-07-01 17:35:02 -07:00
Raul Garcia
e43e5810cf
New queries to detect unsafe client side encryption in Azure Storage
2022-07-01 17:08:35 -07:00
