hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

83874 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nora Dimitrijević
37fff48dcd Python/ServerSideRequestForgeryQuery 
python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql
 2025-10-28 09:40:24 +01:00
Nora Dimitrijević
baccdcc07f Python/PolynomialReDoSQuery 
python/ql/src/Security/CWE-730/PolynomialReDoS.ql
 2025-10-28 09:40:21 +01:00
Nora Dimitrijević
bb80d83276 JS/SSRF 
javascript/ql/src/experimental/Security/CWE-918/SSRF.ql
 2025-10-28 09:40:19 +01:00
Nora Dimitrijević
bcdbe0b50a JS/PolynomialReDoSQuery 
javascript/ql/src/Performance/PolynomialReDoS.ql
 2025-10-28 09:40:16 +01:00
Nora Dimitrijević
94343254e3 JS/ShellCommandInjectionFromEnvironmentQuery 
javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
 2025-10-28 09:40:14 +01:00
Nora Dimitrijević
71cf042607 JS/IndirectCommandInjectionQuery 
javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql
 2025-10-28 09:40:11 +01:00
Nora Dimitrijević
2a30ea923a JS/CommandInjectionQuery 
javascript/ql/src/experimental/heuristics/ql/src/Security/CWE-078/CommandInjection.ql

javascript/ql/src/Security/CWE-078/CommandInjection.ql
 2025-10-28 09:40:09 +01:00
Nora Dimitrijević
f24a6f64ab Java/WebviewDebugEnabledQuery 
java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.ql
 2025-10-28 09:40:06 +01:00
Nora Dimitrijević
518c0818a4 Java/UnsafeDeserializationQuery 
java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.ql
 2025-10-28 09:40:03 +01:00
Nora Dimitrijević
4439322e88 Java/TempDirLocalInformationDisclosureQuery 
java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql
 2025-10-28 09:40:01 +01:00
Nora Dimitrijević
2a889f4f98 Java/TaintedPermissionsCheckQuery 
java/ql/src/Security/CWE/CWE-807/TaintedPermissionsCheck.ql
 2025-10-28 09:39:58 +01:00
Nora Dimitrijević
697f428eae Java/TaintedEnvironmentVariableQuery 
java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironment.ql
 2025-10-28 09:39:55 +01:00
Nora Dimitrijević
72a97773b1 Java/NumericCastTaintedQuery 
java/ql/src/Security/CWE/CWE-681/NumericCastTainted.ql
 2025-10-28 09:39:52 +01:00
Nora Dimitrijević
247ae1d23c Java/MaybeBrokenCryptoAlgorithmQuery 
java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql
 2025-10-28 09:39:50 +01:00
Nora Dimitrijević
eebff9c282 Java/ImproperValidationOfArrayConstructionFlow 
java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql
 2025-10-28 09:39:47 +01:00
Nora Dimitrijević
9eeeec336e Java/ImproperValidationOfArrayConstructionCodeSpecifiedQuery 
java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql
 2025-10-28 09:39:45 +01:00
Nora Dimitrijević
dc1dff98b0 Java/ConditionalBypass 
java/ql/src/Security/CWE/CWE-807/ConditionalBypass.ql
 2025-10-28 09:39:42 +01:00
Nora Dimitrijević
4482e831d7 Java/CommandLineQuery 
85a4dd0325/java/ql/src/Security/CWE/CWE-078/ExecTainted.ql

857b51be58/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql

b6e56f26c7/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql
 2025-10-28 09:39:39 +01:00
Nora Dimitrijević
b023880a0a Java/BrokenCryptoAlgorithmQuery 
java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql
 2025-10-28 09:39:37 +01:00
Nora Dimitrijević
1129230e10 Java/ArithmeticUncontrolledQuery 
java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
 2025-10-28 09:39:34 +01:00
Nora Dimitrijević
a228936c63 Java/ArithmeticTainted 
java/ql/src/Security/CWE/CWE-190/ArithmeticTainted.ql
 2025-10-28 09:39:31 +01:00
Nora Dimitrijević
913550f408 Java/ArbitraryApkInstallationQuery 
java/ql/src/Security/CWE/CWE-094/ArbitraryApkInstallation.ql
 2025-10-28 09:39:29 +01:00
Nora Dimitrijević
59a8e9b78c Go/InsufficientKeySize 2025-10-28 09:39:27 +01:00
Nora Dimitrijević
7722f31cb8 Go/DivideByZero 2025-10-28 09:39:24 +01:00
Nora Dimitrijević
ba22f0d7d2 C#/DontInstallRootCert 2025-10-28 09:39:21 +01:00
Nora Dimitrijević
ad31f1ab6d C++/WordexpTainted 
Same file usees source and sink as endpoints
 2025-10-28 09:39:19 +01:00
Nora Dimitrijević
5a1a887fd2 Actions/ReusableWorkflowsSummaries 2025-10-28 09:39:16 +01:00
Nora Dimitrijević
1243c6362d Actions/ReusableWorkflowsSources 2025-10-28 09:39:14 +01:00
Nora Dimitrijević
a972ef7e31 Actions/ReusableWorkflowsSinks 
Same file uses source as endpoint
 2025-10-28 09:39:11 +01:00
Nora Dimitrijević
9c24ce0650 Actions/CompositeActionsSummaries 
Same file uses source as endpoint
 2025-10-28 09:39:09 +01:00
Nora Dimitrijević
78f2cee51c Actions/CompositeActionsSources 
Same file uses source as endpoint
 2025-10-28 09:39:06 +01:00
Nora Dimitrijević
d36b721513 Actions/CompositeActionsSinks 
Same file uses source as endpoint
 2025-10-28 09:38:55 +01:00
Nora Dimitrijević
bb10307303 Actions/SecretExfiltrationQuery 
actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql uses source as endpoint
 2025-10-28 09:38:38 +01:00
Nora Dimitrijević
890ca8e7d1 Actions/RequestForgeryQuery 
actions/ql/src/experimental/Security/CWE-918/RequestForgery.ql uses source as endpoint
 2025-10-28 09:38:21 +01:00
Nora Dimitrijević
3fa8259042 Actions/OutputClobberingQuery 
actions/ql/src/experimental/Security/CWE-074/OutputClobberingHigh.ql uses source as endpoint
 2025-10-28 09:38:01 +01:00
Asger F
8d49f26f3d Merge pull request #20397 from asgerf/js/build-artifact-leak-fp 
JS: Fix FP in js/build-artifact-leak when keys come from an array of constants
 2025-10-28 06:40:13 +01:00
Geoffrey White
b76f27d10b Rust: Remove redundant model. 2025-10-27 18:47:17 +00:00
Geoffrey White
03204b7881 Rust: Accept tests repaired. 2025-10-27 17:53:40 +00:00
Alexander Eyers-Taylor
227e1fcbde Merge pull request #20598 from github/alexet/overlay-query-libraries 
Java: Make some query libraries local.
 2025-10-27 17:52:27 +00:00
Geoffrey White
0c92b33b8f Revert "Rust: Generalize more models." 
This reverts commit 56811d02ac.
 2025-10-27 17:47:00 +00:00
Geoffrey White
a468b1d647 Rust: Accept regressions spotted by CI. 2025-10-27 17:46:01 +00:00
Paolo Tranquilli
630ea7bd0a Merge pull request #20641 from github/redsun82/fix-pytest-build-as-test-windows 
Pytest: fix the `build-as-test` mode on Windows
 2025-10-27 15:47:24 +01:00
Geoffrey White
56811d02ac Rust: Generalize more models. 2025-10-27 14:11:09 +00:00
Idriss Riouak
11a7d53002 Merge pull request #20657 from github/idrissrio/java-maven-fix 
Java: Add integration test to reproduce regression
 2025-10-27 15:09:41 +01:00
yoff
406e48b3bb java: fix aliasing FP 
reorganise code, adding `LockField`
 2025-10-27 14:30:25 +01:00
yoff
531b994819 java: add test for aliasing 
found by triage
 2025-10-27 14:27:32 +01:00
idrissrio
d473b36918 Java: Accept new test results after extractor changes 2025-10-27 14:26:48 +01:00
idrissrio
714b2ad565 Java: Add integration test for maven 2025-10-27 14:26:47 +01:00
Simon Friis Vindum
35b4a36f37 Merge pull request #20691 from paldepind/cpp/range-analysis-refactor 
C++: A few small refactors to the simple range analysis library
 2025-10-27 14:15:37 +01:00
Anders Schack-Mulligen
31428b2f66 Merge pull request #20700 from aschackmull/java/delete-old-ssa-consistency 
Java: Remove old SSA consistency queries.
 2025-10-27 14:12:09 +01:00