hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

1577 Commits

Author SHA1 Message Date
Mathew Payne
8347a410b7 Merge branch 'main' into csharp-ext 2023-06-19 13:25:07 +01:00
Mathew Payne
a6a86acd9a Fix formatting for ExternalFlow 2023-06-19 12:44:01 +01:00
Mathew Payne
4597210519 Update csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-06-19 12:03:46 +01:00
Mathew Payne
861ac177b8 Update csharp/ql/lib/semmle/code/csharp/security/dataflow/CommandInjectionQuery.qll 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-06-19 12:03:38 +01:00
Michael Nebel
04736b6e10 C#: Add lost QL Doc. 2023-06-15 10:00:09 +02:00
Joe Farebrother
9b31b61143 Broaden the scope of checks for authorization attributes 2023-06-14 16:07:41 +01:00
Joe Farebrother
1500089b86 Add test cases for webforms auth via web.config files 2023-06-14 16:07:41 +01:00
Joe Farebrother
57b3b2b2e3 Add qldoc + exclude empty methods 2023-06-14 16:07:40 +01:00
Joe Farebrother
582c4a7fbc Support virtual route mappings for webforms actions 2023-06-14 16:07:40 +01:00
Joe Farebrother
63b3e16a54 Support Authorize attribute 2023-06-14 16:07:40 +01:00
Joe Farebrother
29b5f14283 Add support for auth via xml using the physical path 2023-06-14 16:07:40 +01:00
Joe Farebrother
e93f3186fe Add missing function level access control query 2023-06-14 16:07:40 +01:00
Owen Mansel-Chan
3ff6d033d3 Rename to neverSkipInPathGraph 2023-06-14 15:29:54 +01:00
Owen Mansel-Chan
5f72ce0935 Add stub implementations of flowCheckNodeSpecific 2023-06-14 14:46:35 +01:00
Owen Mansel-Chan
e0f7437d40 Sync dataflow library 2023-06-14 14:29:56 +01:00
Jami
35591113c2 Merge branch 'main' into jcogs33/shared-sink-kind-validation 2023-06-14 08:06:34 -04:00
Michael Nebel
f26c514426 C#: Remove the JumpReturnKind and the related summary component stack. 2023-06-14 14:00:19 +02:00
Michael Nebel
afec9b05e9 Merge pull request #13147 from michaelnebel/csharp/entityframeworkrefactor 
C#: Use synthetic global in the EntityFramework code instead of jump steps.
 2023-06-14 13:47:56 +02:00
Michael Nebel
2200a2ae79 C#: Address review comments. 2023-06-14 11:25:31 +02:00
Michael Nebel
9690ff6177 C#: Address review comments. 2023-06-13 14:19:17 +02:00
Anders Schack-Mulligen
2d616d494e C#/Ruby: Add fields as per review comments. 2023-06-13 11:26:30 +02:00
Jami Cogswell
9abe3e3da4 Shared: use a module as input to 'KindValidation' 2023-06-09 14:35:37 -04:00
Anders Schack-Mulligen
2ecce575a9 C#: Fix types of summary parameter nodes. 2023-06-09 15:39:28 +02:00
Anders Schack-Mulligen
98f51d7f29 Dataflow: Sync. 2023-06-09 15:39:28 +02:00
Anders Schack-Mulligen
5e6031724a C#: Adjust to FlowSummaryImpl changes. 2023-06-09 15:27:17 +02:00
Anders Schack-Mulligen
2cc5bde925 Dataflow: Sync. 2023-06-09 15:27:17 +02:00
Michael Nebel
5510d050c1 C#: Synthetic names only needs to rely on the output stack. 2023-06-09 11:40:04 +02:00
Michael Nebel
7620c051d3 C#: Remove the savechanges origin name from the synthetic name (this is not needed). 2023-06-09 09:15:45 +02:00
Anders Schack-Mulligen
d230509905 Dataflow: Address review comments. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
4399138c82 Dataflow: Fix QL4QL alert. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
53f2b8aab0 Dataflow: Sync. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
96c1b5b0a9 C#: Enable type strengthening. 2023-06-09 08:37:35 +02:00
Anders Schack-Mulligen
e8cea79f1d Dataflow: Sync. 2023-06-09 08:37:35 +02:00
Jami Cogswell
da58b2afc8 Shared: move shared file to 'shared' folder and add parameterized module for 'getInvalidModelKind' 2023-06-08 20:05:27 -04:00
Michael Nebel
2a1c0e8ba6 C#: Re-factor. 2023-06-08 19:02:07 +02:00
Mathew Payne
8052b35e62 Merge branch 'main' into csharp-ext 2023-06-08 10:58:02 +01:00
Mathew Payne
c493e276ec Update MaD sink kinds from main 2023-06-08 10:57:12 +01:00
Jami Cogswell
5a23421d9a Shared: minor updates to comments 2023-06-05 13:46:56 -04:00
Jami Cogswell
7a4b74dd6a C#: fix typo with outdated sink msg location 2023-06-05 13:21:39 -04:00
Jami Cogswell
6c46cd9c21 Java/C#/Go/Swift: move 'SharedModelValidation.qll' to internal folder 2023-06-05 13:11:08 -04:00
Jami Cogswell
9d5972acc2 Shared: update qldocs 2023-06-05 12:18:34 -04:00
Jami Cogswell
3f1dc8e5c7 Shared: add outdated Swift sink kinds 2023-06-05 12:18:34 -04:00
Jami Cogswell
62ac0dc471 Shared: add outdated sink kind msg to 'getInvalidModelKind' for all languages 2023-06-05 12:18:33 -04:00
Jami Cogswell
76f5dca861 Shared: move 'OutdatedSinkKind' to shared file and add outdated JS and C# sink kinds 2023-06-05 12:18:33 -04:00
Jami Cogswell
7b629f5d63 Shared: include 'qltest%' and 'test-%' 2023-06-05 12:18:33 -04:00
Jami Cogswell
615f2a573b Java/C#/Go/Swift: remove commented-out code 2023-06-05 12:18:33 -04:00
Jami Cogswell
7317c29eea Shared: update kind information 2023-06-05 12:18:33 -04:00
Jami Cogswell
79f61cc645 Java/C#/Go/Swift: use 'SharedModelValidation' file 2023-06-05 12:18:33 -04:00
Jami Cogswell
ddb5d92ef8 Shared: add source, summary, and neutral shared valid kinds 2023-06-05 12:18:33 -04:00
Jami Cogswell
869f820fcf Shared: add 'SharedModelValidation' file as experiment 2023-06-05 12:18:33 -04:00