hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

5747 Commits

Author SHA1 Message Date
Michael Nebel
b7803ef0b1 C#: Introduce SyntheticFieldContent in RelevantContent. 2022-03-14 13:50:55 +01:00
Michael Nebel
12ff2c6cd5 C#/Java: Improve comments in CaptureSummaryModels. 2022-03-14 13:50:55 +01:00
Michael Nebel
3ad9731e91 C#/Java: Add some more QL docs. 2022-03-14 13:50:50 +01:00
Michael Nebel
2476e716a2 C#: Move the isRelevantTaintStep and isRelevantContent into the shared utils. 2022-03-14 13:49:52 +01:00
Michael Nebel
665e3c9326 C#: Re-factor containerContent into standalone predicate in DataFlow library. 2022-03-14 13:49:51 +01:00
Michael Nebel
5d03e510d2 C#/Java: Include synthetic fields in isRelevantContent. 2022-03-14 13:49:51 +01:00
Michael Nebel
cd03af3be4 C#: Get rid of the isOwnInstanceAccess based on ReturnStmt. 2022-03-14 13:49:46 +01:00
Michael Nebel
34a91f1aac C#: Rename CaptureSummaryModelsQuery to CaptureSummaryModels. 2022-03-14 13:48:56 +01:00
Michael Nebel
36e0c683bd C#: Add QL Doc to the primary predicate used for capturing flow. 2022-03-14 13:48:56 +01:00
Michael Nebel
e8aacb710e C#: Add file level QL Doc to Capture Summary models specific implementations. 2022-03-14 13:48:56 +01:00
Michael Nebel
d114582b56 C#: Add QLDoc to the shared Capture summary models library. 2022-03-14 13:48:51 +01:00
Michael Nebel
82d93d0f9e Java: Refactor CaptureSummaryModels code to enable re-use in C#. 2022-03-14 13:47:20 +01:00
Michael Nebel
ba233ed7a1 Java: Rearrange and refactor language specific content into standalone predicates. 2022-03-14 13:46:24 +01:00
Michael Nebel
9ca199c9ae Java: Move generic code out of language specific file for model generation. 2022-03-14 13:43:45 +01:00
Michael Nebel
a2d9f4f6f4 Java: Introduce language specific file for model generator code. 2022-03-14 13:40:40 +01:00
Michael Nebel
a1c642685a Java: Re-arrange code in ModelGeneratorUtils. 2022-03-14 13:35:56 +01:00
Erik Krogh Kristensen
3bf5e06d53 delete all dead code 2022-03-14 13:03:31 +01:00
Jeroen Ketema
4c2081b7fc Merge pull request #8401 from jketema/taint-flow 
Extend taint tracking interface with flow states
 2022-03-14 12:06:10 +01:00
Tony Torralba
1f4f4207b5 Add missing security-severity scores 2022-03-14 09:50:14 +01:00
Joe Farebrother
b924de631f Add change note, minor docs improvement 2022-03-11 17:58:52 +00:00
Joe Farebrother
06f2c03828 Add tests 2022-03-11 17:44:52 +00:00
Jonathan Leitschuh
50ff2c2c68 Code cleanup from code review 2022-03-11 11:44:15 -05:00
Jeroen Ketema
93a0da75b6 Fix taint tracking configurations that broke due to interface change 2022-03-11 12:18:04 +01:00
Erik Krogh Kristensen
cc43a94385 Java: remove duplicated class 2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
69353bb014 patch upper-case acronyms to be PascalCase 2022-03-11 11:10:33 +01:00
github-actions[bot]
3a5ebbb861 Post-release preparation for codeql-cli-2.8.3 2022-03-11 09:23:34 +00:00
github-actions[bot]
6b194bc55f Release preparation for version 2.8.3 2022-03-10 19:43:58 +00:00
Joe Farebrother
4bf6c10896 Split configs into Query.qll library 2022-03-10 13:23:40 +00:00
Jonathan Leitschuh
b282c7f1b9 Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-07 11:31:32 -05:00
Jonathan Leitschuh
523ddb79f3 Cleanup after code review feedback 2022-03-04 15:35:01 -05:00
Joe Farebrother
6c05f7a81a remove url from sensitive info regex 2022-03-04 10:37:05 +00:00
Jonathan Leitschuh
7ab193dde2 Add System.getProperties().getProperty support 2022-03-03 20:08:38 -05:00
Jonathan Leitschuh
31527a67e5 Refactor OS Checks & SystemProperty logic from review feedback 2022-03-03 17:15:35 -05:00
Jonathan Leitschuh
103c770ce7 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-03 16:39:45 -05:00
Joe Farebrother
4ad402f33f Move from experimental to main 2022-03-03 12:13:14 +00:00
Jonathan Leitschuh
82d3cd8924 Improve system property lookup 2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
dad9a02fbd Update TempDirInfoDisclosure with new OS Guards 2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
fd63107edf Update OS Check from Review Feedback 2022-03-02 12:51:12 -05:00
Jonathan Leitschuh
39828fd596 Apply OS guard checks to TempDirLocalInformationDisclosure 2022-03-02 12:50:37 -05:00
Tamás Vajk
94cb5c2be4 Merge pull request #8296 from github/post-release-prep/codeql-cli-2.8.2 
Post-release preparation for codeql-cli-2.8.2
 2022-03-01 11:57:36 +01:00
github-actions[bot]
980f822983 Post-release preparation for codeql-cli-2.8.2 2022-03-01 09:24:30 +00:00
Michael Nebel
7bde1cbfb3 Java: Add case for Synthetic Fields in isRelevantTaintStep. 2022-03-01 09:15:01 +01:00
Michael Nebel
66fe0e74b5 Java: Don't require that the source is directly within the TargetApi itself (in that case wrappers get excluded). 2022-02-28 16:48:23 +01:00
Michael Nebel
4a0b2b64b3 Java: Explicitly tie ReturnNode to TargetApi before calling returnNodeAsOutput. 2022-02-28 16:48:23 +01:00
Tom Hvitved
44949b6353 Java: Add bindingset to returnNodeAsOutput 2022-02-28 16:48:23 +01:00
Anders Schack-Mulligen
908cc40c9f Java: Fix bug in model flow sanitizer. 2022-02-28 16:48:23 +01:00
Anders Schack-Mulligen
16a5ccddea Java: Simplify model generator query using flow state. 2022-02-28 16:48:23 +01:00
Ian Lynagh
1e62b485a5 Merge pull request #8241 from igfoo/igfoo/stats4 
Java: Update stats and make some performance tweaks
 2022-02-28 12:58:06 +00:00
luchua-bc
88d9694628 Query to detect insecure WebResourceResponse implementation 2022-02-26 02:03:35 +00:00
Chris Smowton
ff5d680837 Add missing substitution description 2022-02-25 19:12:25 +00:00