hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,579 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.2
Commit Graph

9240 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
4dbaed9ec2 Python: add qldoc 2023-08-07 11:31:22 +02:00
Jeroen Ketema
747cd1745a Update all languages to use the shared taint-tracking library 2023-08-04 22:53:25 +02:00
Mathias Vorreiter Pedersen
abe3a816ce Merge pull request #13851 from MathiasVP/sink-without-states 
DataFlow: Support stateless `isSink` in `StateConfigSig`s
 2023-08-04 18:01:42 +02:00
Asger F
c38cbe859d Merge pull request #13737 from asgerf/dynamic/fuzzy-models 
Dynamic: add Fuzzy token
 2023-08-03 09:58:24 +02:00
Mathias Vorreiter Pedersen
3007fdab5e Sync identical files. 2023-08-02 14:33:33 +02:00
Anders Schack-Mulligen
b27a3a81bc Python: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Maiky
6274dfafdc typo 
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com>
 2023-07-27 23:43:48 +02:00
Maiky
49aa3eb92b Update change note 
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com>
 2023-07-27 23:43:39 +02:00
Owen Mansel-Chan
9b2b58a823 Sync files 2023-07-26 21:48:10 +01:00
amammad
bee8e6ff0d remove unused saniter 2023-07-27 01:41:31 +10:00
amammad
591d81b5f9 remove saniter which was responsible for a defensive technique 2023-07-26 02:39:10 +10:00
Rasmus Lerchedahl Petersen
b2688bba7d Python: Relax module resolution 
Do not require modules to reside in a package
 2023-07-25 17:24:04 +02:00
jorgectf
8f8c064632 Modify test 2023-07-24 17:50:22 +02:00
amammad
1e1d42fa35 fix a mistake :( 2023-07-25 00:11:23 +10:00
amammad
7aff0079f5 better safe Flask example 2023-07-25 00:08:51 +10:00
amammad
0e8f83460c a little bit change on flask example 2023-07-24 21:41:54 +10:00
amammad
bbba906ff1 a little bit change on flask example 2023-07-24 21:41:44 +10:00
amammad
6f8ec118df fix qlhelp and qldoc bugs 2023-07-24 17:15:43 +10:00
amammad
c704158150 remove sources which are contained from environment variables, fix some bugs thanks to @yoff 2023-07-24 17:06:27 +10:00
github-actions[bot]
f91b7a9342 Post-release preparation for codeql-cli-2.14.1 2023-07-21 16:16:25 +00:00
github-actions[bot]
c936a920b0 Release preparation for version 2.14.1 2023-07-20 16:32:27 +00:00
jorgectf
3ac94c33b2 Add change note 2023-07-20 15:47:18 +02:00
jorgectf
55648ac4de Add shlex.quote as sanitizer 2023-07-20 15:34:54 +02:00
Geoffrey White
a0b784e7b1 Python: QLDoc. 2023-07-20 11:56:13 +01:00
Maiky
6d6a243776 Update Change Note 2023-07-20 12:33:26 +02:00
Geoffrey White
aaf9907a27 Python: Change note. 2023-07-20 11:23:15 +01:00
Geoffrey White
bb16731b86 Python: Fix for multiple parse mode flags. 2023-07-20 11:16:14 +01:00
Geoffrey White
dbde99df91 Python: Add test cases. 2023-07-20 11:06:00 +01:00
Maiky
1a1fee3088 Doc change 2023-07-20 03:28:13 +02:00
Maiky
a1782182dd Python: Add unsafe deserialization sinks (CWE-502) 2023-07-20 03:26:22 +02:00
Geoffrey White
cb6276e5e2 Python: Test layout. 2023-07-19 18:44:15 +01:00
Anders Schack-Mulligen
e72a0b2f8c Dataflow: Add change notes. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
ae24d68b5d C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
95d17045c9 Dataflow: Sync. 2023-07-19 11:41:15 +02:00
yoff
a1aa16f901 Merge pull request #13745 from GeekMasher/py-mad-xss 
Python - Add Models as Data support for Reflected XSS Query
 2023-07-18 13:39:17 +02:00
Mathew Payne
6ef55aa14f Update python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-07-17 15:44:38 +01:00
yoff
d032bf5c0e Merge pull request #13685 from RasmusWL/captured-variables-default-param-value 
Python: Model parameter with default value as `DefinitionNode`
 2023-07-17 14:25:13 +02:00
Mathew Payne
e3d75c488e Merge branch 'main' into py-mad-xss 2023-07-17 11:08:09 +01:00
Rasmus Wriedt Larsen
13fa08a90a Python: Move source modeling to shared file 2023-07-14 14:47:50 +02:00
Rasmus Wriedt Larsen
aa8ed91993 Python: Accept .expected changes 
but it's kinda bad, since it has paths to stdlib in there :(
 2023-07-14 14:47:27 +02:00
Rasmus Wriedt Larsen
9e0f985e23 Python: Fix qlref 2023-07-14 14:33:17 +02:00
Rasmus Wriedt Larsen
8279cf7c9c Merge branch 'main' into amammad-python-WebAppsConstatntSecretKeys 2023-07-14 14:32:43 +02:00
Mathew Payne
cf65ab834d fix: formatting issue 2023-07-14 12:31:40 +01:00
Mathew Payne
4c1612f2dd feat: add change log notes 2023-07-14 12:28:51 +01:00
Mathew Payne
c292984338 feat: add MaD to XSS query 2023-07-14 12:25:54 +01:00
Rasmus Wriedt Larsen
0db535bdd7 Python: Minor naming update 2023-07-14 12:54:54 +02:00
Asger F
eb5c600a6b Python: fix some whitespace 2023-07-13 15:42:34 +02:00
Asger F
2b0a8097e6 Python: implement Fuzzy for Python 2023-07-13 15:42:34 +02:00
Asger F
919cb07c1e Sync ApiGraphModels.qll 2023-07-13 15:42:33 +02:00
Rasmus Wriedt Larsen
991d5cc54b Python: Fix test of HttpResponse.getBody() 2023-07-13 13:57:08 +02:00