hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,451 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.4
Commit Graph

3471 Commits

Author SHA1 Message Date
Edward Minnix III
58f2777532 Merge pull request #15629 from egregius313/egregius313/csharp/dataflow/threat-modeling/remove-stored-query-variants 
C#: Remove `Stored` variants of queries
 2024-03-10 22:17:03 -04:00
Edward Minnix III
e7852f520f Merge pull request #15605 from egregius313/egregius313/csharp/dataflow/sources/commandargs-and-environment 
C#: Add more `environment` and `commandargs` sources for the C# Standard Library
 2024-03-08 14:10:09 -05:00
Michael Nebel
5b48bc4a3e C#: Delete the experimental IR queries. 2024-03-07 19:22:47 +01:00
Ed Minnix
ec6e17360d Replace Main-method parameters with ThreatModelFlowSource 2024-03-07 12:30:08 -05:00
Michael Nebel
73040bd30f C#: Use fully qualified name with types instead of label in IR queries. 2024-03-07 09:40:34 +01:00
Michael Nebel
58a1353ddc C#: Clean up implementation and remove CIL dataflow implementation. 2024-03-07 09:40:33 +01:00
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00
github-actions[bot]
a67218a027 Release preparation for version 2.16.4 2024-03-04 17:42:08 +00:00
Ed Minnix
4dc605354c Second-order SQL injection 2024-03-01 12:51:59 -05:00
Ed Minnix
1ba3efb111 Change note updates 2024-03-01 12:51:58 -05:00
Ed Minnix
c3671c7625 Fix change note 2024-03-01 12:51:55 -05:00
Ed Minnix
be3c1ed0be Change note 2024-03-01 12:51:53 -05:00
Ed Minnix
c95abd47ce Remove stored variants of queries 2024-03-01 12:51:51 -05:00
Ed Minnix
f488f23a48 Add LocalFlowSource back to UncontrolledFormatString 2024-02-29 12:06:59 -05:00
Edward Minnix III
89bdb7f437 Remove discussion of local flow in change note 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2024-02-29 12:03:19 -05:00
Ed Minnix
3563c7ef03 Modify deprecated RemoteSource classes to extend DataFlow::Node directly. 
Since `ThreatModelFlowSource` contains `RemoteFlowSource` by default, we
can safely remove the `RemoteSource` from the default of the queries.
 2024-02-29 12:03:16 -05:00
Ed Minnix
5198f52351 Add references to changed queries in change note 2024-02-29 12:03:11 -05:00
Ed Minnix
22e8da2928 Update change note date 2024-02-29 12:03:09 -05:00
Ed Minnix
eb81946adc Change note changes to mention local sources as well 2024-02-29 12:03:08 -05:00
Ed Minnix
b4dabee770 Remove unnecessary flowsources.Remote imports 
Since `FlowSources` now re-exports `Remote`, these can be safely removed.
 2024-02-29 12:03:07 -05:00
Ed Minnix
434fa20646 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:05 -05:00
Ed Minnix
b76795fd28 Refactor to using ThreatModelFlowSource 2024-02-29 12:03:03 -05:00
Ed Minnix
fd3738b10e Refactor to using SourceNode::getSourceType 2024-02-29 12:03:01 -05:00
Ed Minnix
75772664f2 Change note 2024-02-29 12:02:58 -05:00
Ed Minnix
f388a0f10c Deprecate direct uses of RemoteFlowSource and replace with ThreatModelFlowSource 2024-02-29 12:02:57 -05:00
Tom Hvitved
297a17975d Merge pull request #15665 from hvitved/csharp/variable-capture 
C#: Adopt shared variable capture library
 2024-02-28 15:13:03 +01:00
Tom Hvitved
606a8fed0c Merge pull request #15406 from hvitved/csharp/no-stats-experiment 
C#: Remove all DB stats
 2024-02-26 13:40:37 +01:00
Tom Hvitved
acd52192d1 C#: Adopt shared variable capture library 2024-02-26 09:53:30 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
erik-krogh
a5eb2dd906 update the QHelp for cs/web/unvalidated-url-redirection with examples inspired by the JS QHelp 2024-02-15 12:41:01 +01:00
erik-krogh
7c2465e7b7 add change-note 2024-02-14 13:53:43 +01:00
Erik Krogh Kristensen
062f16e618 Merge pull request #15519 from erik-krogh/cs-path 
C#: Improve the `cs/path-injection` QHelp
 2024-02-13 10:02:11 +01:00
Tom Hvitved
15cf695188 C#: Fix various bad joins 2024-02-12 19:49:53 +01:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
Dave Bartolomeo
92bd550c55 Merge pull request #15531 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 05:58:17 -08:00
Tamás Vajk
54c9135936 Merge pull request #15518 from tamasvajk/feature/telemetry-dependency-manager 
C#: Extract dependency restore telemetry data
 2024-02-07 08:14:01 +01:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
Mathias Vorreiter Pedersen
b68824a337 C#: Sync identical files. 2024-02-06 17:41:11 +00:00
erik-krogh
4e176236e7 add a definition of user 2024-02-06 09:21:35 +01:00
erik-krogh
44fe34a37d use the correct string type in the tainted-path examples 2024-02-06 09:20:27 +01:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
erik-krogh
a6b094cf53 delete the rendered markdown again 2024-02-05 13:54:13 +01:00
Tamas Vajk
24a7a7644d Remove superfluous conjunct to improve code quality 2024-02-05 13:50:20 +01:00
Tamas Vajk
c2c7826936 C#: Extract dependency restore telemetry data 2024-02-05 13:09:04 +01:00
erik-krogh
a240618ae4 generate the new rendered markdown 2024-02-05 13:09:02 +01:00