hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-20 22:27:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,971 Commits 1,758 Branches 167 Tags
codeql-cli-2.25.3
Commit Graph

614 Commits

Author SHA1 Message Date
Geoffrey White
49063ac8a9 Rust: Cut down the example for readability. 2025-11-12 18:13:02 +00:00
Geoffrey White
dcae0ef975 Rust: I prefer the original certificates reference from the Go .qhelp. 2025-11-12 18:10:44 +00:00
Geoffrey White
87d66c69a3 Rust: Clean up the .qhelp a little. 2025-11-12 18:10:02 +00:00
Geoffrey White
bb78fdf150 Rust: Add qhelp and examples (translated from Go, by Copilot). 2025-11-12 16:50:50 +00:00
Geoffrey White
c77eef39e2 Rust: Convert the query to a path-problem with global data flow. 2025-11-12 16:21:46 +00:00
Geoffrey White
209f394b5e Rust: Fix the alert message. 2025-11-12 15:51:03 +00:00
Geoffrey White
f6b7aeaaca Rust: Add prototype query. 2025-11-11 16:01:10 +00:00
Tom Hvitved
c81f5f5190 Rust: Remove elements superseded by attribute macro expansions 2025-11-10 09:18:58 +01:00
Geoffrey White
61481b51e7 Rust: Change note. 2025-11-07 16:55:35 +00:00
Geoffrey White
1e7acc5e1a Merge branch 'main' into copilot/add-secure-cookie-test-cases 2025-11-05 17:53:02 +00:00
Michael B. Gale
046db0419f Merge pull request #20758 from github/post-release-prep/codeql-cli-2.23.4 
Post-release preparation for codeql-cli-2.23.4
 2025-11-05 10:45:51 +00:00
Geoffrey White
ff06181e4b Rust: We actually want barriers on set_secure(false) as well as set_secure(true), to prevent excessive flow paths. 2025-11-04 19:30:35 +00:00
github-actions[bot]
4014df9a6e Post-release preparation for codeql-cli-2.23.4 2025-11-04 17:57:52 +00:00
Geoffrey White
077bcf6b92 Merge pull request #20740 from geoffw0/rustbarriers 
Rust: Add numeric type barriers for three queries
 2025-11-04 10:08:46 +00:00
github-actions[bot]
64fcdd1f2f Release preparation for version 2.23.4 2025-11-03 14:52:23 +00:00
Geoffrey White
34f75952d0 Rust: Change note. 2025-10-31 16:40:02 +00:00
Geoffrey White
0e7d410163 Merge branch 'main' into macrometric2 2025-10-30 10:19:11 +00:00
Geoffrey White
7a864c5244 Rust: Implement suggestion from review. 2025-10-29 12:13:12 +00:00
Geoffrey White
5ca0bd071d Rust: Exclude skipped files from CallTargetStats and ExprTypeStats as well. 2025-10-29 10:42:04 +00:00
Geoffrey White
25e4b790a3 Rust: Exclude skipped files from MacroCallTargetStats. 2025-10-29 10:42:03 +00:00
Nora Dimitrijević
8e0c453c37 Rust/InsecureCookie 2025-10-28 09:42:14 +01:00
Nora Dimitrijević
4952cb27fb Rust/AccessAfterLifetime 2025-10-28 09:42:11 +01:00
Geoffrey White
7da00b3e9d Rust: Change note. 2025-10-21 13:33:17 +01:00
Geoffrey White
751d62aefb Rust: Add the metric to rust/diagnostic/database-quality (with a very low threshold for the time being). 2025-10-21 13:29:46 +01:00
Geoffrey White
d691c3215f Rust: Add expressions with unknown type metric (expected by DCA). 2025-10-21 12:00:25 +01:00
Geoffrey White
7b32cd4868 Merge pull request #20649 from geoffw0/mv1 
Rust: Move rust/weak-sensitive-data-hashing
 2025-10-20 10:17:40 +01:00
Owen Mansel-Chan
66f95bcbcd Merge pull request #20603 from owen-mc/update-broken-algo-qhelp 
Many languages: Update broken algo qhelp
 2025-10-17 12:30:43 +01:00
Geoffrey White
9dcc0a0d81 Rust: Move rust/weak-sensitive-data-hashing to CWE-327. 2025-10-15 15:14:16 +01:00
github-actions[bot]
6dd07790ac Post-release preparation for codeql-cli-2.23.3 2025-10-14 11:16:33 +00:00
github-actions[bot]
33542f7d40 Release preparation for version 2.23.3 2025-10-14 09:30:24 +00:00
Owen Mansel-Chan
2f22acdd06 Remove hashing example when not covered by query 2025-10-08 16:48:57 +01:00
Owen Mansel-Chan
0bcdb91639 Improve qhelp for broken crypto algo queries 
Previously it focussed too much on the risk of data being decrypted,
and didn't explain why using weak algorithms is a problem in other
contexts.
 2025-10-08 14:10:54 +01:00
Owen Mansel-Chan
2a1c9d8ec1 Remove erroneous comma 2025-10-08 14:08:36 +01:00
Geoffrey White
d9955ce93c Merge pull request #20503 from geoffw0/cookie 
Rust: New query rust/insecure-cookie
 2025-09-30 15:26:37 +01:00
github-actions[bot]
a7a4e43991 Post-release preparation for codeql-cli-2.23.2 2025-09-29 15:10:19 +00:00
github-actions[bot]
d2130a589b Release preparation for version 2.23.2 2025-09-29 10:28:45 +00:00
Geoffrey White
f458149655 Rust: Remove a sentance from the qhelp. 2025-09-26 11:32:45 +01:00
Geoffrey White
21fe142955 Update rust/ql/src/queries/security/CWE-614/InsecureCookie.qhelp 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-09-26 10:39:49 +01:00
Geoffrey White
5ad332e37f Merge pull request #20432 from github/copilot/fix-f50317f8-0a91-4bb4-a01b-353dcf0f6f3f 
Rust: Implement new query for non-HTTPS URLs (CWE-319)
 2025-09-22 18:03:52 +01:00
Geoffrey White
86c8c3c8c0 Rust: Fix warning by making the query a path-problem. 2025-09-22 17:01:12 +01:00
Geoffrey White
5b4632b432 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-22 16:55:43 +01:00
Geoffrey White
3de191177c Rust: Change note. 2025-09-22 16:12:30 +01:00
Geoffrey White
4662e42584 Rust: Add examples as tests (and fix them). 2025-09-22 16:12:27 +01:00
Geoffrey White
bd07350bc3 Rust: Add qhelp and examples. 2025-09-22 16:12:26 +01:00
Geoffrey White
2654affeee Rust: Account for the 'secure' and 'partitioned' attributes. 2025-09-22 16:12:22 +01:00
Geoffrey White
257a1b0179 Rust: Refactor sources, sinks into an extensions source file. 2025-09-22 16:09:30 +01:00
Geoffrey White
eadf922280 Rust: Use models-as-data, add source/sink/flow models. 2025-09-22 16:04:56 +01:00
Geoffrey White
d52b668149 Rust: Add security-severity tag. 2025-09-22 16:04:54 +01:00
Geoffrey White
7e75c1d242 Rust: Add very basic query prototype. 2025-09-22 16:04:53 +01:00
Geoffrey White
c26a07bb10 Apply suggestions from code review 
Co-authored-by: Simon Friis Vindum <simonfv@gmail.com>
 2025-09-19 16:49:54 +01:00