hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,579 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.2
Commit Graph

9240 Commits

Author SHA1 Message Date
erik-krogh
20625ae60d update {js/go/py}/xpath-injection to match csharp/java 2022-08-22 21:41:46 +02:00
erik-krogh
9395f156de update {js/py}/command-line-injection to match csharp/java 2022-08-22 21:41:46 +02:00
erik-krogh
2d0a4c3d83 update {go/py}/stack-trace-exposure to match javascript 2022-08-22 21:41:46 +02:00
erik-krogh
3553f3d9b8 update {rb/py/js/go}/path-injection to match java/csharp 2022-08-22 21:41:45 +02:00
erik-krogh
cc41a83a8d update {py/cpp}/commented-out-code to match csharp/java/javascript 2022-08-22 21:41:45 +02:00
erik-krogh
28083ebe09 run the implicit-this patch 2022-08-22 21:23:31 +02:00
erik-krogh
a593a52b5e add missing qldoc (that was already missing?) 2022-08-22 21:22:39 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
erik-krogh
9c95dcc126 add change-note 2022-08-22 14:09:19 +02:00
erik-krogh
2ac5441aec rename the XMLDTD class to XmlDTD 2022-08-22 14:09:19 +02:00
erik-krogh
1a89ddae5d update some comments from XML to Xml 2022-08-22 14:09:19 +02:00
erik-krogh
ce9f69a639 rename all occurrences of XML to Xml 2022-08-22 14:08:31 +02:00
Rasmus Wriedt Larsen
61bf2154cd Merge branch 'main' into shared-http-client-request 2022-08-22 12:05:37 +02:00
Taus
c904ba1d16 Merge pull request #9852 from tausbn/python-add-str-class 
Python: Add `Str` class
 2022-08-22 10:55:01 +02:00
Chris Smowton
f3ef8510d3 Merge pull request #10093 from smowton/smowton/feature/java-singular-locations 
Java: pick an arbitrary representative location when an entity has many candidate locations.
 2022-08-22 09:32:43 +01:00
erik-krogh
049af68bc2 restrict suffix-construction to relevant regexps 2022-08-21 20:35:39 +02:00
Chris Smowton
8d20b9cf52 Use hasLocationInfo to match several Location fields at once 2022-08-19 19:03:17 +01:00
erik-krogh
bcf4c57060 Merge branch 'main' into redosPrefix 2022-08-19 19:22:49 +02:00
erik-krogh
d052b1e3c9 also support regular expressions without repetitions 2022-08-19 19:21:44 +02:00
Chris Smowton
1ea7caf559 Fix join ordering in inline-expectations test 2022-08-19 18:17:22 +01:00
Taus
bd45ea94d0 Python: Fix TimingAttackAgainstHash.ql select 2022-08-19 12:31:12 +00:00
Tom Hvitved
1b29bddb73 Python: Revert change to AnyNode 2022-08-19 14:08:21 +02:00
Tom Hvitved
663096fe3a Remove redundant overrides 2022-08-19 13:57:41 +02:00
Taus
687cd92903 Python: Update .expected file 2022-08-19 11:43:57 +00:00
Erik Krogh Kristensen
4f93f2b9ba Merge pull request #10076 from erik-krogh/ql-for-ql-fixes 
various QL-for-QL fixes
 2022-08-18 15:46:48 +02:00
Rasmus Wriedt Larsen
47c9c5bddd Ruby: Update RequestWithoutValidation.ql to match Python version 
No library modeling currently has support for the new disablesCertificateValidation/2, so only the alert text has changed

(removed an import from Python so the queries would ACTUALLY match)
 2022-08-18 14:32:41 +02:00
Rasmus Wriedt Larsen
635fd1902d Python: Move HTTP::Client::Request to shared concepts 
New shared concepts uses correct casing of HTTP according to our
style-guide.
 2022-08-18 13:42:52 +02:00
erik-krogh
473bc92e2d move the PrefixConstruction module out of the ReDoSPruning module 2022-08-18 10:07:48 +02:00
Erik Krogh Kristensen
e93ff8672c Merge pull request #10075 from erik-krogh/depOld 
delete old deprecations
 2022-08-17 21:21:57 +02:00
yoff
78756bdc6a Merge pull request #9859 from tausbn/python-fix-another-bad-value-transfer-join 2022-08-17 20:47:00 +02:00
Taus
3d17989107 Python: Fix broken select statement 
Based on the alert description, "message" seemed like a suitable word to
use here.
 2022-08-17 17:09:18 +00:00
Taus
76de2f4203 Python: Remove trailing newlines 
These were causing the autoformatting check to fail. I'm not really sure
how these newlines got introduced. Possibly some editor option or
`git-commit` hook?
 2022-08-17 15:12:51 +00:00
Taus
1c15fc5600 Python: Define Str as an alias of StrConst 2022-08-17 13:36:32 +00:00
erik-krogh
6b9f01535b change All to Most in the change-notes 2022-08-17 15:34:57 +02:00
Ahmed Farid
313dbc9120 Autoformat PossibleTimingAttackAgainstSensitiveInfo.ql 2022-08-17 12:59:09 +01:00
Ahmed Farid
9f3de035c7 Autoformat PossibleTimingAttackAgainstHash.ql 2022-08-17 12:57:57 +01:00
erik-krogh
2622c78766 add change-notes 2022-08-17 13:55:16 +02:00
Ahmed Farid
cb5331bdd8 Autoformat TimingAttackAgainstHeaderValue.ql 2022-08-17 12:54:34 +01:00
Ahmed Farid
a7dcf96f55 Autoformat TimingAttackAgainstSensitiveInfo.ql 2022-08-17 12:53:07 +01:00
erik-krogh
8066e39d07 delete some redundant imports 2022-08-17 13:50:04 +02:00
Ahmed Farid
9b4d1789b1 Autoformat TimingAttackAgainstHash.ql 2022-08-17 12:49:58 +01:00
Ahmed Farid
b29ca57ce1 Autoformat TimingAttack.qll 2022-08-17 12:46:57 +01:00
erik-krogh
2e44fba67d add explicit this 2022-08-17 13:33:31 +02:00
Ahmed Farid
5daeea7aeb Adjust the @id property 2022-08-17 12:24:40 +01:00
Ahmed Farid
01828936e2 fix qhelp 2022-08-17 12:19:44 +01:00
Ahmed Farid
10d5ab20f5 fix qhelp 2022-08-17 12:19:02 +01:00
erik-krogh
5586c9a17e delete old deprecations 2022-08-16 22:27:15 +02:00
Ahmed Farid
9cb7a0ac2e Rename python/ql/test/experimental/query-tests/Security/CWE-208/PossibleTimingAttackAgainstSensitiveInfo.qlref to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.qlref 2022-08-16 16:29:05 +01:00
Ahmed Farid
685cd97b8e Rename python/ql/test/experimental/query-tests/Security/CWE-208/PossibleTimingAttackAgainstSensitiveInfo.expected to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.expected 2022-08-16 16:28:51 +01:00
Ahmed Farid
2377880d0c Rename python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstSensitiveInfo.py to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstSensitiveInfo/TimingAttackAgainstSensitiveInfo.py 2022-08-16 16:28:36 +01:00