hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,868 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.4
Commit Graph

3007 Commits

Author SHA1 Message Date
Jami Cogswell
46b8fbc4c9 Java: update remaining models, resolve merge conflict 2022-12-15 00:33:06 -05:00
Jami
359e49044f Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-14 15:33:29 -05:00
Tom Hvitved
25b2d11368 Merge pull request #11635 from hvitved/dataflow/approx-content 
Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3
 2022-12-14 12:56:50 +01:00
Erik Krogh Kristensen
8a89849476 Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Henry Mercer
a3933fbf4f Bump minor versions of packs we regularly release 2022-12-13 18:59:24 +00:00
Henry Mercer
7167f078be Merge branch 'main' into henrymercer/mergeback-3.8 2022-12-13 18:40:53 +00:00
Jami Cogswell
a33436a39b Java: update hasProvenance 2022-12-13 11:26:23 -05:00
Tom Hvitved
24b1da4d02 Python: Implement ContentApprox 2022-12-13 09:53:01 +01:00
Tom Hvitved
0c2eee2a72 Data flow: Sync files 2022-12-13 09:52:55 +01:00
yoff
557a5b469f Merge pull request #11555 from pwntester/new_python_cmdi_sinks 
Added two new CMDi sinks for python's stdlib
 2022-12-13 09:00:34 +01:00
Jami
93d8a03e73 Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-12 20:31:53 -05:00
Jami Cogswell
623068c4b9 Java: add hasProvenance predicate, remove isManuallyGenerated and isBothAutoAndManuallyGenerated 2022-12-12 11:23:46 -05:00
erik-krogh
b3a9c1ca06 Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
github-actions[bot]
343b7b1c8b Post-release preparation for codeql-cli-2.11.6 2022-12-11 18:15:04 +00:00
github-actions[bot]
0b2fb4f70a Release preparation for version 2.11.6 2022-12-10 15:49:35 +00:00
Jami Cogswell
6854845b75 Java: refactor isManuallyGenerated and isBothAutoAndManuallyGenerated 2022-12-09 18:37:50 -05:00
Michael Nebel
f4f7d83349 Python: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
079d48c42a Sync files. 2022-12-09 15:04:42 +01:00
Asger F
387a673c10 Merge pull request #11567 from asgerf/js/data-extensions2 
JS: Move MaD models to data extensions
 2022-12-09 10:09:24 +01:00
Jami Cogswell
0b2f2a3f88 Java: remove predicates from NegativeSummarizedCallable 2022-12-08 23:46:55 -05:00
Chris Smowton
81110b19e7 Merge pull request #11612 from smowton/smowton/admin/merge-rc38-into-main 
Merge rc/3.8 into main
 2022-12-08 12:25:59 +00:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
Rasmus Wriedt Larsen
d684dbdf5c Merge pull request #10656 from porcupineyhairs/PyPamImprove 
Python: Improve the PAM authentication bypass query
 2022-12-08 11:59:10 +01:00
Rasmus Wriedt Larsen
a826c4f48b Merge branch 'main' into call-graph-code 2022-12-08 11:39:30 +01:00
Jami Cogswell
aa7e6d7811 Java: add negative numbers 2022-12-07 17:17:35 -05:00
Jami
5e694b5983 Merge pull request #11192 from jcogs33/jcogs33/share-key-sizes 
Share encryption key sizes between Java and Python
 2022-12-07 08:08:24 -05:00
Asger F
5af1b367c7 Support data extensions 2022-12-07 11:35:05 +01:00
Jami Cogswell
b82f9b1911 Java: add draft of generated vs manual MaD metrics query 2022-12-06 22:15:19 -05:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
Tom Hvitved
52f3a48638 Data flow: Sync files 2022-12-05 12:57:27 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Alvaro Muñoz
7fe4108a0b add change note 2022-12-03 16:37:14 +01:00
Alvaro Muñoz
fc56843c04 improve predicate QLdoc 2022-12-03 16:34:14 +01:00
Alvaro Muñoz
7e0e56dadc Added two new CMDi sinks fot python's stdlib 2022-12-02 22:16:40 +01:00
github-actions[bot]
5e35785fd0 Post-release preparation for codeql-cli-2.11.5 2022-12-02 11:37:44 +00:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
github-actions[bot]
31ab22e3a0 Release preparation for version 2.11.5 2022-12-01 20:05:14 +00:00
Jami Cogswell
1f4bd00993 split rsa/dsa/dh 2022-12-01 11:56:44 -05:00
Jami Cogswell
0fa05d47e3 add shared key sizes 2022-12-01 11:56:44 -05:00
Tom Hvitved
b33f5925bb Data flow: Sync files 2022-11-30 13:39:25 +01:00
Owen Mansel-Chan
55c4643b20 Dataflow: Sync. 2022-11-30 11:00:07 +00:00
porcupineyhairs
346dd864b5 Update python/ql/lib/change-notes/2022-11-17-py-pam-improve.md 
fix typo

Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-11-30 05:21:11 +05:30
Tom Hvitved
f3dca95958 Merge pull request #11087 from hvitved/dataflow/summary-ctx 
Data flow: Add summary/return context to pruning stages 2-4
 2022-11-29 10:36:53 +01:00
Rasmus Wriedt Larsen
8694119c3c Python: Update py/pam-auth-bypass change-note wording 2022-11-28 16:16:34 +01:00
Rasmus Wriedt Larsen
3d9556e5a3 Python: Use proper Query suffix 2022-11-28 16:03:17 +01:00
Rasmus Wriedt Larsen
c310948521 Python: Remove enclosing module for PAM Auth Bypass.qll 2022-11-28 16:02:38 +01:00
Tom Hvitved
cde05e1190 Data flow: Sync files 2022-11-28 12:11:38 +01:00
Erik Krogh Kristensen
03737543d4 Merge pull request #11403 from erik-krogh/additional 
ReDoS: add missing additional keywords
 2022-11-24 15:53:51 +01:00
Rasmus Wriedt Larsen
d151e21f15 Python: Move ControlFlowNode.toString() to AST cached stage 
This means points-to is no longer evaluated for sql injection 🎉

Thanks @asgerf 💪
 2022-11-24 10:14:39 +01:00
Erik Krogh Kristensen
1eec067474 Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00