hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

84161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chad Bentz
fc98cd8d08 Fix naming standards 2025-09-15 22:11:33 -04:00
Chad Bentz
19cb187436 Update ruby/ql/lib/codeql/ruby/frameworks/Grape.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-15 22:03:27 -04:00
Chad Bentz
6cea93919e Merge branch 'main' into ruby-framework-grape 2025-09-15 22:02:24 -04:00
Chad Bentz
a8d4d6b563 Apply naming standards + changenote 2025-09-15 22:02:03 -04:00
Chris Smowton
c375f24598 Merge pull request #20423 from smowton/smowton/fix/length-comparison-off-by-one-fp 
JS: Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access
 2025-09-15 18:24:45 +01:00
Geoffrey White
3ca287454a Merge branch 'main' into assignment 2025-09-15 18:01:19 +01:00
Geoffrey White
8442146a0f Rust: Add a couple of simple data flow test cases. 2025-09-15 17:37:30 +01:00
Napalys Klicius
278a1efb4b JS: Add change note 2025-09-15 18:21:45 +02:00
Mathias Vorreiter Pedersen
18c96fd7d4 Shared: Remove antijoin. 2025-09-15 17:12:23 +01:00
Ian Lynagh
9231119b07 Merge pull request #20437 from github/igfoo/tweak-release-note 
C++: Tweak a release note
 2025-09-15 16:39:51 +01:00
Mathias Vorreiter Pedersen
a4c845c418 C++: Fix barrier in 'cpp/unbounded-write'. 2025-09-15 16:34:05 +01:00
Ian Lynagh
cc72314219 C++: Tweak a release note 2025-09-15 16:26:32 +01:00
Ian Lynagh
7860857b55 Merge pull request #20434 from github/igfoo/fix-typo 
javascript: Fix spelling error in documentation
 2025-09-15 16:21:57 +01:00
Ian Lynagh
b797df6ad5 Merge pull request #20436 from github/igfoo/fix-typo-substract 
Csharp: Fix typo in LeapYear qhelp
 2025-09-15 16:21:26 +01:00
Napalys Klicius
3a75500f54 JS: Add modeling for call-me-maybe 2025-09-15 17:15:31 +02:00
Napalys Klicius
0d23ab07db JS: Add data flow modeling for promisified user-defined functions 2025-09-15 17:13:13 +02:00
Napalys Klicius
2c6db00cbc JS: Add modeling for util promisify* 2025-09-15 17:09:28 +02:00
Napalys Klicius
e002f2088f JS: Add modeling for es6-promisify 2025-09-15 17:04:34 +02:00
Napalys Klicius
35c75c00ba JS: Add modeling for @gar/promisify 2025-09-15 16:58:11 +02:00
Napalys Klicius
312471e9db JS: Add modeling for @google-cloud/promisify 2025-09-15 16:55:27 +02:00
Napalys Klicius
d37425ae3e JS: Treat promisify(obj).member as obj.member 2025-09-15 16:51:19 +02:00
Ian Lynagh
5cf052dec1 Csharp: Fix typo in LeapYear qhelp 
Corrects "add/substract" to "add/subtract" in the UnsafeYearConstruction.qhelp
file to improve clarity.
 2025-09-15 15:44:11 +01:00
Napalys Klicius
22b61852a1 JS: Add modeling for thenify-all 2025-09-15 16:31:14 +02:00
Napalys Klicius
d6a14e63ba JS: Add test cases for promisification libraries. 2025-09-15 16:21:12 +02:00
Ian Lynagh
d0091e1b3c javascript: Fix spelling error in documentation 
Corrects the spelling of "occurrences" in the Incomplete Multi-Character
Sanitization documentation to improve clarity.
 2025-09-15 14:53:22 +01:00
copilot-swe-agent[bot]
e630bf86bd Implement Rust non-HTTPS URL query (CWE-319) 
Co-authored-by: geoffw0 <40627776+geoffw0@users.noreply.github.com>
 2025-09-15 11:44:05 +00:00
copilot-swe-agent[bot]
459f00ab41 Initial plan 2025-09-15 11:25:11 +00:00
Simon Friis Vindum
78389c8897 Merge pull request #20133 from paldepind/rust/type-inference-blanket-impl 
Rust: Support blanket implementations
 2025-09-15 12:46:41 +02:00
Simon Friis Vindum
af49301332 Merge pull request #20381 from paldepind/rust/request-forgery-query 
Rust: Add basic request forgery query
 2025-09-15 12:46:23 +02:00
Geoffrey White
00f644888c Merge pull request #20426 from geoffw0/cookie2 
Rust: cookie and biscotti crypto query sinks
 2025-09-15 11:07:46 +01:00
Anders Schack-Mulligen
acb4d9f681 Shared: Copy some qldoc from Guards.qll 2025-09-15 11:41:23 +02:00
Simon Friis Vindum
35438294d1 Rust: Remove condition that always holds 2025-09-15 10:58:27 +02:00
Anders Schack-Mulligen
be39c4c0cd Shared: Minor precision improvement. 2025-09-15 10:38:49 +02:00
Simon Friis Vindum
875c7da87c Rust: Improve comments in type inference 2025-09-15 10:37:38 +02:00
Anders Schack-Mulligen
b308c5438f Java: Add a change note, and a minor ql comment. 2025-09-15 10:14:26 +02:00
Simon Friis Vindum
50bdc658ba Rust: Apply documentation tweaks 2025-09-15 09:32:33 +02:00
Chad Bentz
5cfa6e83b3 Add support for route parameters(+ blocks), headers, and cookies in Grape API 2025-09-12 22:51:47 -04:00
Chad Bentz
3252bd39d2 Enhance Grape framework with additional data flow modeling and helper method support 2025-09-12 22:13:21 -04:00
Chad Bentz
738ab6fba7 Refactor Grape framework code for improved readability and consistency 2025-09-12 19:23:15 -04:00
Chad Bentz
d295acc3c3 Add initial support for Ruby Grape 2025-09-12 19:22:05 -04:00
Geoffrey White
989081ba4a Rust: Change note. 2025-09-12 18:12:59 +01:00
Geoffrey White
118ac07b71 Rust: Convert 'from' models into one generic one. 2025-09-12 18:05:30 +01:00
Geoffrey White
9f83b67a7c Rust: Model vec::from_elem. 2025-09-12 17:30:44 +01:00
Geoffrey White
e2d94127d6 Rust: Model vec::from. 2025-09-12 16:44:47 +01:00
Geoffrey White
5d3ea2f4d3 Rust: Add models for the cookie and biscotti crates. 2025-09-12 16:13:14 +01:00
Geoffrey White
2bb9e2f7be Rust: Add test cases for hardcoded cryptographic constants in cookies. 2025-09-12 15:42:56 +01:00
Simon Friis Vindum
e2e6fd0683 Rust: Address feedback from PR review 2025-09-12 16:10:58 +02:00
Simon Friis Vindum
19c529e87b Bazel: regenerate vendored cargo dependencies 2025-09-12 15:48:23 +02:00
Simon Friis Vindum
3cf1a16a13 Cargo: upgrade dependencies 2025-09-12 15:45:37 +02:00
Anders Schack-Mulligen
e302616135 Java: Accept qltest change. 2025-09-12 15:41:18 +02:00