hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

5839 Commits

Author SHA1 Message Date
Jami Cogswell
8501a16cac Java: move TopJdkApis.qll to lib directory for better importing 2023-03-31 18:02:09 -04:00
Jami Cogswell
fea55e910e Java: move query logic to qll file and add subset restriction for top500 jdk apis 2023-03-31 18:02:08 -04:00
Edward Minnix III
2b9daed26a Merge pull request #12563 from egregius313/egregius313/refactor-java-libs-to-dataflow-modules 
Java: Refactor Java query libraries to use dataflow modules
 2023-03-31 12:38:14 -04:00
github-actions[bot]
0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
Edward Minnix III
8e54328315 Merge pull request #12681 from egregius313/egregius313/java/move-configurations-to-libraries 
Java: Move dataflow configurations in queries to `*Query.qll` libraries (part 1)
 2023-03-30 14:33:21 -04:00
Ed Minnix
684408a493 Fix StringFormat import 2023-03-30 11:20:35 -04:00
Alex Ford
62fcea030a Merge pull request #12718 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-30 15:50:56 +01:00
github-actions[bot]
e87ce62f95 Post-release preparation for codeql-cli-2.12.5 2023-03-30 13:48:58 +00:00
Ian Lynagh
f5a2853ab9 Merge pull request #12705 from igfoo/igfoo/integ-extractor-info 
Java: Allow keys to be omitted from ExtractorInformation.ql
 2023-03-30 14:06:41 +01:00
Tony Torralba
3102199a69 Make LocalUserInputToArgumentToExecFlowConfig and LocalUserInputToArgumentToExecFlow importable 2023-03-30 10:24:23 +02:00
Tony Torralba
534725f9eb Add command injection sink kind 2023-03-30 10:17:35 +02:00
Ed Minnix
6a3eadf6cb Refactor ImplicitPendingIntents 2023-03-29 22:33:09 -04:00
Ed Minnix
42b582da2f Refactor StaticInitializationVector 2023-03-29 22:33:09 -04:00
Ed Minnix
469ac80d40 Refactor PartialPathTraversal 2023-03-29 22:33:09 -04:00
Ed Minnix
f8e26f1571 Refactor MissingJWTSignatureCheck 2023-03-29 22:33:09 -04:00
Ed Minnix
cae5637d8d Refactor InsufficientKeySize 2023-03-29 22:33:09 -04:00
Ed Minnix
fa2f0dbc3b Refactor InsecureBasicAuth 2023-03-29 22:33:09 -04:00
Ed Minnix
dcd46c2236 Refactor InsecureTrustManager 2023-03-29 22:33:09 -04:00
Ed Minnix
7262c6a097 Refactor XmlParsers.qll 2023-03-29 22:33:09 -04:00
Ed Minnix
da718610e8 Refactor HttpsUrlsQuery.qll 2023-03-29 22:33:09 -04:00
Ed Minnix
2698b61514 Refactor HardcodedCredentialsApiCall.qll 2023-03-29 22:33:08 -04:00
Ed Minnix
e8f7e3fcf1 Refactor ExternalAPIs.qll 2023-03-29 22:33:08 -04:00
Ed Minnix
ac8dec740a Refactor UnsafeCertTrustQuery 2023-03-29 22:33:08 -04:00
Ed Minnix
a040ff6997 Refactor ConditionalBypass 2023-03-29 22:33:08 -04:00
Ed Minnix
e5f11d00a7 Refactor CWE-502/UnsafeDeserialization 2023-03-29 22:33:08 -04:00
Ed Minnix
9afa051621 Move ExternallyControlledFormatStringFlow to Query.qll 2023-03-29 17:59:34 -04:00
Ed Minnix
3eaa94a5d2 Move ResponseSplitting configuration to ResponseSplittingQuery.qll 2023-03-29 17:59:33 -04:00
Ed Minnix
e3af8b2c7f Move LdapInjectionLib to LdapInjectionQuery.qll 2023-03-29 17:59:33 -04:00
Ed Minnix
1add692643 Move XssConfig to XssQuery.qll 2023-03-29 17:59:33 -04:00
Ed Minnix
19a94a5c13 Move InsecureBeanValidation configuration to Query.qll 2023-03-29 17:59:33 -04:00
Ed Minnix
367042bcff Move ZipSlip configurations to Query.qll library 2023-03-29 17:59:33 -04:00
Ed Minnix
ce2cab0d2e Move TaintedPath configurations to Query.qll 2023-03-29 17:59:33 -04:00
Ed Minnix
a3c1d08a59 Fix ExecUnescaped 2023-03-29 11:45:09 -04:00
Ed Minnix
25359d2218 Deprecate execTainted 2023-03-29 11:45:09 -04:00
Ed Minnix
0249890747 Refactor CommandLineQuery.qll 2023-03-29 11:45:09 -04:00
Edward Minnix III
117a983423 Merge pull request #12639 from egregius313/egregius313/java/refactor-injection-queries 
Java: Refactor injection queries to new dataflow API
 2023-03-29 11:02:18 -04:00
Ian Lynagh
4fa1bbf018 Java: Allow keys to be omitted from ExtractorInformation.ql 
This is useful in tests, as some keys contain unstable information.
 2023-03-29 13:10:17 +01:00
Tony Torralba
ce191e1f9f Fix InsecureLdapAuth tags 2023-03-28 17:10:33 +02:00
Ed Minnix
3d033fd727 Fix SqlConcatenated 2023-03-27 13:06:31 -04:00
Ed Minnix
9bfb13b942 Update to the Global/flow* api 2023-03-27 12:26:18 -04:00
Edward Minnix III
106e5e7145 Docs review suggestion 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
 2023-03-27 12:16:44 -04:00
Edward Minnix III
43d79dc5b8 Apply docs review suggestions 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
 2023-03-27 12:16:44 -04:00
Ed Minnix
658c54a18f Change names of configuration to fit new naming convention 2023-03-27 12:16:44 -04:00
Ed Minnix
cb58936c08 Documentation changes 2023-03-27 12:16:44 -04:00
Ed Minnix
752620a34d Rename SSL configuration and fix PathGraph 2023-03-27 12:16:44 -04:00
Ed Minnix
efdfc2d0c3 Change version of PathNode used to appropriate module 2023-03-27 12:16:44 -04:00
Ed Minnix
0f4709e769 Add change note 2023-03-27 12:16:44 -04:00
Ed Minnix
db60c08de7 Add security severity 2023-03-27 12:16:44 -04:00
Ed Minnix
6a0167fa7f Convert to using the new DataFlow modules 2023-03-27 12:16:44 -04:00
Ed Minnix
3936aea690 Split Ldap query file into libraries 2023-03-27 12:16:43 -04:00