hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

9615 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
6cee635cb5 Merge pull request #10180 from erik-krogh/fixTags 
Add missing security tags
 2022-09-02 08:04:57 +02:00
Rasmus Lerchedahl Petersen
0599e8ac35 python: add version check 
and attempt to set version for tests
 2022-09-01 23:47:07 +02:00
Rasmus Lerchedahl Petersen
1d2d28be76 python: replace points-to with API graph 2022-09-01 23:24:10 +02:00
Rasmus Lerchedahl Petersen
d102a84e02 python: replace points-to with API graph 2022-09-01 22:58:46 +02:00
Rasmus Lerchedahl Petersen
163bfc4f71 python: replace points-to with API graph 
- values are identified via `API::builtin`
- `points-to` is approximated by `getAValueReachableFromSource`
 2022-09-01 22:47:32 +02:00
Rasmus Lerchedahl Petersen
93fcaf24c1 python: RaisingTuple.ql to not use poins-to 
Use local dataflow instead and simply check for tuple literals.
 2022-09-01 21:45:57 +02:00
Edoardo Pirovano
8f332714f4 Merge pull request #10260 from github/edoardo/3.7-mergeback 
Merge `rc/3.7` into `main`
 2022-09-01 15:44:17 +01:00
Taus
623ad6bab0 Python: Add getADefiningWrite 2022-09-01 09:10:06 +00:00
Ian Lynagh
7dc5bdafe3 Merge pull request #10186 from github/post-release-prep/codeql-cli-2.10.4 
Post-release preparation for codeql-cli-2.10.4
 2022-08-31 17:29:57 +01:00
Ahmed Farid
0fd684cde8 Add more source of crypto call 2022-08-31 17:13:43 +01:00
Ahmed Farid
cf83b07aae Add more source of crypto call 2022-08-31 17:04:02 +01:00
Ahmed Farid
daff7775ca Update TimingAttack.qll 2022-08-31 16:09:22 +01:00
Ahmed Farid
a42cb20b86 Update TimingAttack.qll 2022-08-31 16:07:58 +01:00
Ahmed Farid
8153b790ad Update test result 2022-08-31 16:01:09 +01:00
Ahmed Farid
56d48e6264 Add more tests 2022-08-31 15:59:51 +01:00
Ahmed Farid
13d1a4fdc1 Update TimingAttackAgainstHeaderValue.ql 2022-08-31 12:46:17 +01:00
Ahmed Farid
12960fd00f Update TimingAttack.qll 2022-08-31 12:39:46 +01:00
Ahmed Farid
f2688c4a02 Update select statement 2022-08-31 12:39:00 +01:00
Ahmed Farid
275ed0d6e5 Update select statement 2022-08-31 12:37:36 +01:00
Ahmed Farid
740bf716cb Update TimingAttack.qll 2022-08-31 12:22:01 +01:00
Ahmed Farid
ca28d79541 Prevent crosstalk between the configurations 2022-08-31 11:15:39 +01:00
Ahmed Farid
133a3c19f0 Add more source of crypto call 2022-08-31 11:09:24 +01:00
Asger F
5ad6c05a9c Merge pull request #10205 from asgerf/mad-generics 
Support type variables in MaD typings
 2022-08-30 18:07:39 +02:00
Ahmed Farid
23f268f3b9 Import Django and Flask model 2022-08-30 16:39:40 +01:00
Ahmed Farid
de58d0f024 Update the subclasses of ClientSuppliedSecret class 2022-08-30 16:34:43 +01:00
Ahmed Farid
0177cd810e Update suspicious() 2022-08-30 13:58:54 +01:00
Asger F
dd44187aed Sync files again 2022-08-30 14:08:33 +02:00
Asger F
d5d1365104 Synchronize ApiGraphModels.qll 2022-08-30 14:07:37 +02:00
erik-krogh
7fd426e748 print a correct range for ranges that doesn't contain any alpha-numeric chars 2022-08-30 13:57:11 +02:00
Erik Krogh Kristensen
8f0b999c31 Merge pull request #10207 from erik-krogh/fixRank 
fix performance issue in the ReDoS query
 2022-08-30 10:17:11 +02:00
erik-krogh
e2caf3e8c0 put a limit on the length of the equivalent range 2022-08-30 09:29:22 +02:00
erik-krogh
f47b097d7c put a limit on the length of the equivalent range 2022-08-29 21:03:52 +02:00
Ahmed Farid
9995e91bb7 Update the name of the class (and its subclasses) 2022-08-29 18:57:56 +01:00
Ahmed Farid
b2551a5581 Update the name of the class (and its subclasses) 2022-08-29 18:30:43 +01:00
Ahmed Farid
baa0fd4148 Convert %UserPass% word to lowercase 2022-08-29 18:25:26 +01:00
Ahmed Farid
141b65fea8 Fix typo 2022-08-29 18:18:19 +01:00
Ahmed Farid
199e3d9462 Rename the query ID 2022-08-29 18:13:45 +01:00
Ahmed Farid
66fb420d00 Update PossibleTimingAttackAgainstHash.ql 2022-08-29 18:08:09 +01:00
erik-krogh
77949cbeb3 add context to the rankState predicate in ExponentialBackTracking.qll 2022-08-29 13:42:05 +02:00
erik-krogh
f678c8a967 PY: add python change-note 2022-08-29 13:08:52 +02:00
erik-krogh
4353937bcf PY: add missing security tags on Python queries 2022-08-29 13:08:47 +02:00
github-actions[bot]
3b4ad3c4f1 Post-release preparation for codeql-cli-2.10.4 2022-08-26 09:32:11 +00:00
erik-krogh
1d1aa7c8b4 update some expected output 2022-08-25 20:52:30 +02:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Rasmus Wriedt Larsen
0728ecebbb Python: Highlight that import problem is not just a relative problem 2022-08-25 15:54:21 +02:00
Rasmus Wriedt Larsen
1ca19533e0 Python: Add import problem test from the wild 2022-08-25 15:50:55 +02:00
Ian Lynagh
f20825ae55 Update python/ql/lib/CHANGELOG.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:25:10 +01:00
Ian Lynagh
b21883292d Update python/ql/lib/change-notes/released/0.5.4.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:24:58 +01:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00