hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,267 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.1
Commit Graph

8535 Commits

Author SHA1 Message Date
Koen Vlaswinkel
4693f72d5f C#: Rename CallableMethod to Endpoint 2023-09-18 15:30:38 +02:00
Koen Vlaswinkel
f468b2a3d1 C#: Add tests for generic interfaces/classes/methods 2023-09-18 14:58:20 +02:00
Koen Vlaswinkel
8472b84cad C#: Remove unnecessary isEffectivelyPublic predicate 2023-09-18 13:49:16 +02:00
Koen Vlaswinkel
ff2cef3d6b C#: Switch from Declaration to Callable 2023-09-18 13:44:32 +02:00
Koen Vlaswinkel
e524e358f0 C#: Check accessor declaration for publicness 2023-09-18 13:40:23 +02:00
Koen Vlaswinkel
0cc74a2691 C#: Extract TestLibrary to separate module 2023-09-18 13:40:18 +02:00
Anders Schack-Mulligen
b13d026434 Dataflow: Review fixes. 2023-09-18 13:15:26 +02:00
Tamas Vajk
fa814a5276 Add test cases for implicit using parsing 2023-09-18 12:47:50 +02:00
Joe Farebrother
868836e747 Update severity 2023-09-15 16:40:12 +01:00
Joe Farebrother
eb2f5898bd Fix typos 2023-09-15 16:39:51 +01:00
Joe Farebrother
68ad5b7c00 Restrict logic for checking for id parameters on index expressions for performance 2023-09-15 16:35:29 +01:00
Tamas Vajk
c34fef1eb6 Adjust integration tests after path changes and generating file with global usings 2023-09-15 13:35:25 +02:00
Joe Farebrother
6d704be7d2 Rewrite checks for index expressions in terms of dataflow 2023-09-15 10:25:27 +01:00
Joe Farebrother
a2dce6be14 Check for authorize attributes in more namespaces and on overridden methods 2023-09-15 10:25:27 +01:00
Joe Farebrother
6a95ed64ff Add test cases for authorization from attributes 2023-09-15 10:25:27 +01:00
Joe Farebrother
ac45050545 Add checks for authorization attributes 2023-09-15 10:25:27 +01:00
Joe Farebrother
0a27da08d6 Minor changes from review suggestions to shared logic between this and missing access control 
Use case insensitive regex, factor out page load to improve possible bad joins make needsAuth not a member predicate
 2023-09-15 10:25:27 +01:00
Joe Farebrother
a022893f0f Add additional example to qhelp + additional resource 2023-09-15 10:25:27 +01:00
Joe Farebrother
86abd338e5 Update test options 2023-09-15 10:25:26 +01:00
Joe Farebrother
9f25c71ca6 Apply minor reveiw suggstions 2023-09-15 10:25:26 +01:00
Joe Farebrother
4967fe0b77 Add change note + update query ID 2023-09-15 10:25:26 +01:00
Joe Farebrother
3e6750ba4c Add documentation 2023-09-15 10:25:26 +01:00
Joe Farebrother
f8b1b38438 Update alert message and make user checks more precise 2023-09-15 10:25:26 +01:00
Joe Farebrother
009a7bfc87 Add MVC tests 2023-09-15 10:25:26 +01:00
Joe Farebrother
20d42dfd7d Add tests for webforms case 2023-09-15 10:25:26 +01:00
Joe Farebrother
2edd73eb60 Fix typos in filepath + metadata, add severity 2023-09-15 10:25:26 +01:00
Joe Farebrother
251f875304 Fix filenme typo 2023-09-15 10:25:26 +01:00
Joe Farebrother
5d1289672b Add IDOR query 2023-09-15 10:25:26 +01:00
Joe Farebrother
a510a7b4c0 Add insecure direct object reference definitions and factor out those from missing access control 2023-09-15 10:25:26 +01:00
Tamas Vajk
d725bd9169 C#: Generate source file with implicit usings in Standalone 2023-09-15 10:52:57 +02:00
Michael Nebel
e577fb68bd C#: Add integration test for dotnet dotnet. 2023-09-14 14:59:49 +02:00
Michael Nebel
8768b9e3dd C#: Fix tracer issue with dotnet dotnet. 2023-09-14 14:49:57 +02:00
Michael Nebel
b9acf1a4ee Merge pull request #14111 from michaelnebel/csharp/reduceprojectrestore 
C#: Avoid explicitly restoring projects in solution files.
 2023-09-14 10:06:49 +02:00
Michael Nebel
84ec823ac0 C#: Add some explanatory comments about parallel restore. 2023-09-13 16:07:47 +02:00
Anders Schack-Mulligen
1750d00fbe C#: Add localMustFlowStep 2023-09-13 15:43:46 +02:00
Dave Bartolomeo
edf6a80c3b Merge pull request #14185 from michaelnebel/csharp/quotinghotfixrc 
C#: Quoting hotfix.
 2023-09-13 09:34:05 -04:00
Michael Nebel
0127b779b5 C#: Address review comments. 2023-09-13 13:31:58 +02:00
Koen Vlaswinkel
585fb9db7e C#: Add VS Code model editor queries 2023-09-13 13:12:55 +02:00
Tom Hvitved
53302117a1 C#: Implement missingArgumentCallExclude and multipleArgumentCallExclude 2023-09-12 20:05:11 +02:00
Tom Hvitved
c13a8e41ad Data flow: Add more consistency checks 2023-09-12 20:05:05 +02:00
Tom Hvitved
49d57653dc Merge pull request #14170 from hvitved/csharp/cil-arg-exclude 
C#: Exclude CIL arguments from `ArgumentNode` when they are compiled from source
 2023-09-12 13:44:29 +02:00
Michael Nebel
7bcaa49f5a C#: Add integration test with quoted arguments. 2023-09-12 10:33:39 +02:00
Michael Nebel
6fe9b70c92 C#: Poor mans quoting of arguments on windows. 2023-09-12 10:33:21 +02:00
Michael Nebel
6bfaa90fe4 C#: Avoid explicitly restoring the projects in the restored solution files. 2023-09-11 13:30:28 +02:00
Michael Nebel
d4a1c297aa C#: Quote arguments containing whitespaces on windows in the tracer. 2023-09-11 11:18:27 +02:00
Michael Nebel
8475464fbe C#: Cleanup hotfix version of quoting. 2023-09-11 11:18:27 +02:00
Michael Nebel
1b90216c98 Merge pull request #14172 from michaelnebel/csharp/poormansquoting 
C#: Poor mans quoting.
 2023-09-11 08:57:44 +02:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
Michael Nebel
11987d3ebf C#: Add integration test with quoted arguments. 2023-09-08 15:09:24 +02:00
Michael Nebel
9691100138 C#: Poor mans quoting of arguments on windows. 2023-09-08 15:09:24 +02:00