Josh Soref
f4b32a3042
spelling: excluding
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:56:41 -04:00
Josh Soref
893c5457a8
spelling: disambiguation
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:56:40 -04:00
Josh Soref
8483c79aef
spelling: continuing
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:52:02 -04:00
Josh Soref
b986c30454
spelling: connection
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:52:01 -04:00
Josh Soref
939dc49a88
spelling: compound
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:52:01 -04:00
Josh Soref
fe7bd81c9a
spelling: captured
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:52:01 -04:00
Josh Soref
72f91c1d29
spelling: ancestors
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:51:27 -04:00
Josh Soref
5d94733078
spelling: ambiguously
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-10-13 10:51:25 -04:00
Geoffrey White
7d78df25bf
Swift: Define SQL sinks.
2022-10-13 15:50:57 +01:00
sylwia-budzynska
c33dd8fd4b
Merge branch 'main' into python-db-models
2022-10-13 16:48:50 +02:00
Alex Ford
594812640e
Merge pull request #10746 from alexrford/ruby/activejob-deserialize
...
Ruby: Add `ActiveJob::Serializers.deserialize` as a code execution sink
2022-10-13 15:36:45 +01:00
Geoffrey White
ce5631e7cb
Swift: Complete the rename.
2022-10-13 15:22:36 +01:00
Geoffrey White
12cb099376
Swift: Rename to match other languages (except Java).
2022-10-13 15:21:39 +01:00
Geoffrey White
398b2a392f
Swift: Add more test variants.
2022-10-13 15:13:29 +01:00
Paolo Tranquilli
81628f595c
Merge branch 'main' into redsun82/cmake-generator-prototype
2022-10-13 15:55:50 +02:00
Arthur Baars
9abd599024
Ruby: treat Faraday#run_request as remote source
2022-10-13 15:44:21 +02:00
Paolo Tranquilli
b8b6b254bb
Swift: cmake generator for better IDE support
...
A cmake generator in bazel is introduced allowing to import the Swift
extractor as a CMake project while keeping Bazel files as the source of
truth for the build.
Using the CMake project:
* requires bazel and clang to be installed and available on the command
line
* does not require a previous bazel build, however
* will require a CMake reconfiguration for changes to generated code
(like changes to the schema)
2022-10-13 15:25:24 +02:00
Alvaro Muñoz
744cea9baa
add tests
2022-10-13 15:19:29 +02:00
Anders Schack-Mulligen
ad8f0fc1dd
Java: Address review comments.
2022-10-13 14:55:55 +02:00
Anders Schack-Mulligen
f1634d3dca
Dataflow: Add support for C#/Python/Ruby/Swift.
2022-10-13 14:29:27 +02:00
Anders Schack-Mulligen
69bf13b1d4
Dataflow: Sync.
2022-10-13 14:19:12 +02:00
Anders Schack-Mulligen
2848909450
Dataflow: Add support for synthetic global fields in MaD.
2022-10-13 14:18:13 +02:00
Erik Krogh Kristensen
3a1a94b8af
Merge pull request #10798 from erik-krogh/matchCaseReg
...
Rb: add case-when expressions as a sink to rb/polynomial-redos
2022-10-13 13:55:42 +02:00
Arthur Baars
6ea2b87224
Merge pull request #10811 from aibaars/silence-warning
...
Ruby: remove warning
2022-10-13 13:38:25 +02:00
Tom Hvitved
758494b10a
Merge pull request #10790 from hvitved/csharp/avoid-get-a-reachable-read
...
C#: Deprecate `AssignableRead::getAReachableRead`
2022-10-13 13:25:01 +02:00
Tom Hvitved
19e3d7cdb2
Merge pull request #10769 from hvitved/csharp/cil-ssa-data-flow-nodes
...
C#: Include CIL SSA definitions in `DataFlow::Node`
2022-10-13 13:24:44 +02:00
Anders Schack-Mulligen
d79a7e863a
Merge pull request #10806 from aschackmull/dataflow/additional
...
Dataflow: Add additional annotation.
2022-10-13 13:02:48 +02:00
Arthur Baars
16b035600e
Ruby: remove warning
2022-10-13 13:01:06 +02:00
Calum Grant
8305a634fa
Update Ruby frameworks
2022-10-13 11:50:30 +01:00
sylwia-budzynska
fec3ab7e01
Update Frameworks.qll
2022-10-13 12:46:20 +02:00
Calum Grant
7db37d9201
Update supported Ruby version
2022-10-13 11:46:14 +01:00
Sylwia Budzynska
5f737c82a4
Resolve confilct
2022-10-13 12:43:47 +02:00
Alex Ford
a65850e922
Merge pull request #10784 from alexrford/ruby/pathname-existence
...
Ruby: model `Pathname#existence` extension from `ActiveSupport`
2022-10-13 11:38:22 +01:00
Sylwia Budzynska
646c9b559b
Add tests
2022-10-13 12:36:57 +02:00
Sylwia Budzynska
e41d79e37d
Add python cx_oracle, phoenixdb, pyodbc models
2022-10-13 12:36:41 +02:00
erik-krogh
3a3a5aa17c
add case-in as a sink for polynomial-redos
2022-10-13 12:36:07 +02:00
Alvaro Muñoz
468628525e
Change to camelcase
2022-10-13 12:18:07 +02:00
Alvaro Muñoz
ea8edb8408
initial tests
2022-10-13 11:32:21 +02:00
Anders Schack-Mulligen
30a891c2e7
Java: Fix compilation errors.
2022-10-13 11:19:57 +02:00
Anders Schack-Mulligen
51dfb319f5
Java: autoformat
2022-10-13 11:17:44 +02:00
Anders Schack-Mulligen
ac3379657d
Java: qldoc fix and changenote.
2022-10-13 11:17:44 +02:00
Anders Schack-Mulligen
5b8fa3f8f9
Java: Add test for Stream.collect.
2022-10-13 11:17:44 +02:00
Anders Schack-Mulligen
8c7b6d6f20
Java: Add support for synthetic callables with flow summaries and model Stream.collect.
2022-10-13 11:17:44 +02:00
Anders Schack-Mulligen
036724ce8d
Dataflow: Sync.
2022-10-13 11:03:30 +02:00
Anders Schack-Mulligen
c4915b27e7
Dataflow: Add additional annotation.
2022-10-13 11:03:08 +02:00
Tamás Vajk
6c781b5b1a
Merge pull request #10789 from tamasvajk/kotlin-useless-params
...
Kotlin: reduce FPs in useless parameter check for Kotlin code
2022-10-13 09:40:54 +02:00
Jami Cogswell
e0f0d554cb
condense code
2022-10-12 22:18:07 -04:00
Harry Maclean
a3c14f7f46
Update test
2022-10-13 13:57:28 +13:00
Harry Maclean
8e55e62b15
Ruby: Add change note
2022-10-13 13:24:16 +13:00
Harry Maclean
4686718630
Ruby: Add kind to Http::Server::RequestInputAccess
...
Like in JS, this describes whether the input came from the request URL,
body, parameters, headers or cookie. Only some of these are relevant for
UrlRedirect and ReflectedXSS queries.
2022-10-13 13:24:16 +13:00