hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,404 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.1
Commit Graph

695 Commits

Author SHA1 Message Date
Karim Ali
bb3bf64364 update example with both AES and Blowfish for better clarity 2022-10-17 12:54:34 +02:00
Karim Ali
b840a41222 fix typo in doc 2022-10-17 12:54:34 +02:00
Karim Ali
e942cfb98e fix typos in docs and in-code comments 2022-10-17 12:54:34 +02:00
Karim Ali
aef9645bd6 change use of toString() to getName() 2022-10-17 12:54:34 +02:00
Karim Ali
81e027f225 address QLDoc style comments 2022-10-17 12:54:34 +02:00
Karim Ali
d56c82ff75 add a query that detects hardcoded keys 2022-10-17 12:54:34 +02:00
Geoffrey White
8eccae1cdd Swift: Fix the qhelp. 2022-10-14 15:31:53 +01:00
Geoffrey White
f96e4eb87e Swift: One more go at getting the query message how ql-for-ql wants it. 2022-10-14 15:28:14 +01:00
Geoffrey White
227b10adf6 Swift: Qhelp. 2022-10-14 15:18:47 +01:00
Geoffrey White
24c6bb4c52 Swift: More modern (?) phrasing. 2022-10-14 14:41:02 +01:00
Geoffrey White
3da3a278ab Swift: Query metadata. 2022-10-14 14:31:38 +01:00
Geoffrey White
76ff593cc5 Swift: Bring it all together into a query. 2022-10-13 16:06:44 +01:00
Geoffrey White
7d78df25bf Swift: Define SQL sinks. 2022-10-13 15:50:57 +01:00
Geoffrey White
ce5631e7cb Swift: Complete the rename. 2022-10-13 15:22:36 +01:00
Geoffrey White
12cb099376 Swift: Rename to match other languages (except Java). 2022-10-13 15:21:39 +01:00
Geoffrey White
bcab9d8e7c Swift: Add framework for SQL Injection query. 2022-10-10 17:25:08 +01:00
Nora Dimitrijević
8a08a3ecce Merge branch 'main' into swift/cleartext-storage-nsuserdefaults 2022-10-10 14:06:32 +02:00
Nora Dimitrijević
29df69742c Swift: Docs review response: consistent naming 2022-10-05 14:42:11 +02:00
Nora Dimitrijević
ba7d375c01 Swift: Fix QL-on-QL warnings. 2022-10-05 12:22:33 +02:00
Nora Dimitrijević
75a980905c Swift: Initial CleartextStoragePreferences impl. 
Clearly based on CleartextStorageDatabase by @geoffw0.
 2022-10-04 23:14:55 +02:00
Geoffrey White
0ed89fb11a Swift: Use ClassOrStructDecl. 2022-10-04 15:10:41 +01:00
Karim Ali
d44f6b0f41 fix formatting issue raised by ql-format 2022-10-03 12:18:01 +02:00
Karim Ali
72ba77d900 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:53:39 +02:00
Karim Ali
5e189b8c75 update qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
677946d19d update typos to address requested changes 2022-10-02 15:50:26 +02:00
Karim Ali
dbc86b2cd8 update qhelp to adjust for US spelling + improved readability 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
a23e17a370 fix typo in qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
2409ba2c05 update query description 2022-10-02 15:50:26 +02:00
Karim Ali
2080f0dd36 address style violation in generated alerts 2022-10-02 15:50:26 +02:00
Karim Ali
f060f056c2 rename ECBEncryption to please the codeql formatter 2022-10-02 15:50:26 +02:00
Karim Ali
fe024ef91e change TaintTracking::Configuration to DataFlow::Configuration 2022-10-02 15:50:25 +02:00
Karim Ali
9576e4c008 update qhelp to include a description for the accompanying example 2022-10-02 15:50:25 +02:00
Karim Ali
746f535ee5 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:50:25 +02:00
Geoffrey White
13b2b1f304 Swift: Repair CleartextTransmission query. 2022-09-27 18:25:32 +01:00
Geoffrey White
ed3d3e4ff0 Swift: fix regression. 2022-09-23 21:01:25 +01:00
erik-krogh
6c3ed6cd0e update alert-messages to follow the style-guide 2022-09-23 12:23:40 +02:00
Mathias Vorreiter Pedersen
90f24d3e82 Merge pull request #10430 from geoffw0/cleartextmissing 
Swift: Fix missing results in swift/cleartext-storage-database
 2022-09-20 14:23:29 +01:00
Geoffrey White
3573dd6728 Swift: Address review comments. 2022-09-20 12:17:21 +01:00
Erik Krogh Kristensen
a4cd913aea Merge pull request #10312 from erik-krogh/fix-caseDiff 
ensure consistent casing of names
 2022-09-19 10:43:12 +02:00
Geoffrey White
c3c86a79ee Swift: Update comment. 2022-09-14 21:08:52 +01:00
Geoffrey White
dc47771937 Swift: Fix locationless results. 2022-09-14 20:43:24 +01:00
Geoffrey White
25840996f6 Swift: Use a slightly different approach to fix false positive. 2022-09-14 20:43:23 +01:00
Geoffrey White
7b96cb071a Swift: Remove the original sink cases as they are no longer required. 2022-09-14 20:43:22 +01:00
Geoffrey White
e0100d7b98 Swift: Expand sinks and fix issue with post-update notes to catch the missing test results. 2022-09-14 20:43:22 +01:00
Dave Bartolomeo
c5622135a6 Add lock files for Swift packs 2022-09-14 10:21:40 -04:00
Mathias Vorreiter Pedersen
6074f22d3f Merge pull request #10335 from github/redsun82/swift-weak-hashing-phase-1 
Swift: first version of query targeting weak hashing
 2022-09-14 08:29:47 +01:00
Paolo Tranquilli
c3320a3afe Apply suggestions from code review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-14 08:21:58 +02:00
AlexDenisov
be21b26d46 Merge pull request #10045 from github/alexdenisov/swift-cwe-757 
Swift: CWE-757: insecure TLS configuration
 2022-09-12 15:25:15 +02:00
AlexDenisov
568eb3a118 Update swift/ql/src/queries/Security/CWE-757/InsecureTLS.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-12 14:00:29 +02:00
Paolo Tranquilli
a8a34addde Merge branch 'main' into redsun82/swift-weak-hashing-phase-1 2022-09-09 11:07:41 +02:00