hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,404 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.1
Commit Graph

4694 Commits

Author SHA1 Message Date
Sim4n6
d939f192d5 Deleted the UBV query change note. 2023-05-20 11:46:18 +01:00
Sim4n6
21e99d52c7 Fix a redundant import 2023-05-20 10:23:04 +01:00
Sim4n6
b8969707c5 Delete the vulnerability flow image from the QHelp file. 2023-05-20 10:21:38 +01:00
Sim4n6
16ce024429 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:13:23 +01:00
Sim4n6
8462b14b54 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:12:55 +01:00
Sim4n6
2a8645c447 Fix 'Singleton set literal' warning 2023-05-20 10:11:26 +01:00
Sim4n6
58be109a70 Moved UnicodeBypassValidation Customizations & Query.qll to src/experimental 2023-05-20 10:08:56 +01:00
erik-krogh
480e71fd69 avoid contractions 2023-05-17 08:42:45 +02:00
erik-krogh
83ca1495e0 trim the whitespace in the poly-redos examples 2023-05-15 16:47:24 +02:00
erik-krogh
d989359656 add another example to the qhelp in poly-redos, showing how to just limit the length of the input 2023-05-15 16:47:02 +02:00
Rasmus Wriedt Larsen
62f0c64a03 Merge pull request #12552 from erik-krogh/py-type-trackers 
Py: refactor regex tracking to type-trackers
 2023-05-11 16:18:34 +02:00
Kasper Svendsen
d9f29a85d6 Python: Enable implicit this warnings 2023-05-04 10:16:52 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Kasper Svendsen
3eb5a95ee3 Python: Make implicit this receivers explicit 2023-05-03 12:16:21 +02:00
Sim4n6
083cd612cd add a change note markdown 2023-05-02 15:17:03 +01:00
Sim4n6
1fa1a4e268 Add Unicode Bypass Validation query tests and help 2023-05-02 15:09:16 +01:00
github-actions[bot]
18d4af994d Post-release preparation for codeql-cli-2.13.1 2023-05-02 10:50:20 +00:00
erik-krogh
59cc90e547 move Regex into a ParseRegExp file, and rename the class to RegExp 2023-05-01 10:42:14 +02:00
erik-krogh
f0254fc089 introduce RegExpInterpretation instead of RegexString, and move RegexTreeView.qll into a regexp folder 2023-05-01 10:42:13 +02:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
amammad
b3669b818b v1.3 change name according to camelCase 2023-04-28 04:56:47 +02:00
amammad
a541fdf5e5 v1.2 code quality improvements including commnets too 2023-04-27 08:30:46 +02:00
amammad
1bf159e9a9 Merge branch 'github:main' into amammad-python-paramiko 2023-04-26 23:28:29 -07:00
yoff
b35637e1c5 Merge pull request #12858 from RasmusWL/paramiko-modeling 
Python: Expand modeling of `paramiko`
 2023-04-25 14:04:50 +02:00
Luke Cartey
a47778c22e Update SimpleXmlRpcServer.ql to avoid av detection 
This file was being flagged by McAfee as an `Exploit-Generic.src`
trojan. We have attempted to report this to Mcafee without success so
far. This commit therefore adjusts the file to avoid detection.
 2023-04-20 11:59:18 +01:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Rasmus Wriedt Larsen
a168af349e Python: Expand modeling of paramiko 2023-04-18 11:57:20 +02:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
github-actions[bot]
648f0e19ec Post-release preparation for codeql-cli-2.13.0 2023-04-17 15:39:24 +00:00
github-actions[bot]
075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Tom Hvitved
3cc9dec9c8 Remove all queries.xml files 2023-04-13 11:18:58 +02:00
Taus
beae3e9187 Python: Clarify version data 2023-04-12 11:53:16 +00:00
github-actions[bot]
ac426b1302 Post-release preparation for codeql-cli-2.12.6 2023-04-04 16:49:26 +00:00
github-actions[bot]
0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
github-actions[bot]
e87ce62f95 Post-release preparation for codeql-cli-2.12.5 2023-03-30 13:48:58 +00:00
Raul Garcia
cf8a683d7d Merge branch 'main' into main 2023-03-29 20:27:03 -07:00
Rasmus Wriedt Larsen
34cbaf10c2 Python: Use PostUpdateNode in py/azure-storage/unsafe-client-side-encryption-in-use 2023-03-29 13:22:21 +02:00
Rasmus Wriedt Larsen
86333e3ba5 Python: Remove duplicate results from azure blob query 2023-03-29 11:47:29 +02:00
Rasmus Wriedt Larsen
32d52c023e Python: Allow any order for azure blob query 
By only allowing the sink in the state where encryption v1 is used, we
can handle the new case where the order of attribute assignment is
flipped.

However, we get a few too many paths because we can have multiple
sources reaching the same sink... let's fix in next commit.
 2023-03-29 11:42:01 +02:00
Rasmus Wriedt Larsen
683985a00a Python: Expand azure blob modeling 
Now we can differentiate between the classes
 2023-03-29 11:24:36 +02:00
Rasmus Wriedt Larsen
8ea6b6f256 Python: Update py/azure-storage/unsafe-client-side-encryption-in-use to use datafow 2023-03-28 10:09:22 +02:00
Rasmus Wriedt Larsen
7a17cd2a9e Python: Rewrite azure query to more idiomatic ql 2023-03-28 10:06:00 +02:00
yoff
a1a2eb356c Merge pull request #11515 from yoff/py/port-comparison-using-is 
python: port `py/comparison-using-is`
 2023-03-28 09:42:34 +02:00
Taus
a3c40a3ae4 Python: Add experimental tags 2023-03-27 14:23:36 +00:00
Taus
af060e8c6b Merge branch 'main' into timing-attack-py 2023-03-27 15:27:13 +02:00
Taus
700eb04487 Python: Lower precision of non-header queries 
cf. https://github.com/github/securitylab/issues/691#issuecomment-1387391014
 2023-03-27 12:22:17 +00:00
Taus
0b4c85f8d2 Python: Autoformat and fix broken module reference 2023-03-27 12:16:44 +00:00
yoff
2121ed784f Merge branch 'main' into python/rewrite-InsecureContextConfiguration 2023-03-27 10:20:53 +02:00