hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,907 Commits 1,671 Branches 157 Tags
codeql-cli-2.8.2
Commit Graph

32907 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamás Vajk
17fbbdba34 Merge pull request #8233 from github/release-prep/2.8.2 
Release preparation for version 2.8.2
codeql-cli/v2.8.2 		2022-02-24 20:07:55 +01:00
Jeroen Ketema
0c788d7352 C++: Remove redundant empty line 2022-02-24 17:31:10 +01:00
Jeroen Ketema
b933a58215 C++: Replace Deprecated Queries by Deprecated Classes 
This is more accurate for the only change in the list.
 2022-02-24 16:48:23 +01:00
Tamas Vajk
0d16a7e38d Fix formatting of C# change logs 2022-02-24 16:06:54 +01:00
github-actions[bot]
20fe22c8c8 Release preparation for version 2.8.2 2022-02-24 14:57:08 +00:00
Tamás Vajk
83aaeca751 Merge pull request #8228 from tamasvajk/fix/change-notes-0.0.9 
Fix 0.0.9 change note to match concatenated change log
 2022-02-24 14:04:31 +01:00
Chris Smowton
4973224de7 Merge pull request #8216 from github/smowton/fix/creating-codeql-databases-docs-typo 
Fix typo
 2022-02-24 12:24:32 +00:00
Tamas Vajk
a8c2d87897 Fix 0.0.9 change note to match concatenated change log 2022-02-24 12:51:10 +01:00
Erik Krogh Kristensen
e13b2df86f Merge pull request #8185 from erik-krogh/amdImp 
JS: recognize modules imported by AMD imports as library inputs
 2022-02-23 20:21:45 +01:00
Chris Smowton
3167a67e65 Fix typo 2022-02-23 18:19:11 +00:00
Chris Smowton
01db73bfc7 Merge pull request #5935 from porcupineyhairs/javaSstiNew 
Java : Add SSTI query
 2022-02-23 17:30:02 +00:00
Mathias Vorreiter Pedersen
fd83f3a999 Merge pull request #8209 from jketema/ir-structured-bindings-tests 
C++: Add IR structured binding tests
 2022-02-23 16:09:40 +00:00
Chris Smowton
7b425a80bc Note path query expectations 2022-02-23 16:02:54 +00:00
Rasmus Wriedt Larsen
aeba497832 Merge pull request #7735 from yoff/python/promote-log-injection 
Python: promote log injection
 2022-02-23 16:21:12 +01:00
Jeroen Ketema
99dd049c1b Add IR test for tuple structured bindings 2022-02-23 16:15:19 +01:00
Jeroen Ketema
caf0f28547 Add IR test for data member structured bindings 2022-02-23 15:55:19 +01:00
Taus
3ce7d47b5b Merge pull request #7452 from jorgectf/python_jwt 
Python: Add Python_JWT to JWT security query
 2022-02-23 15:23:20 +01:00
Jeroen Ketema
ec2567b64b Add IR test for array structured bindings 2022-02-23 15:10:10 +01:00
Chris Smowton
a8fe10f353 Java template injection query: import pathgraph 2022-02-23 13:47:24 +00:00
CodeQL CI
7d55771092 Merge pull request #8150 from asgerf/js/prep-sharing-api-graph-mad 
Approved by erik-krogh
 2022-02-23 11:59:31 +00:00
CodeQL CI
62ee8fce3a Merge pull request #8186 from asgerf/js/request-forgery-docs-followup 
Approved by esbena, hubwriter
 2022-02-23 11:46:37 +00:00
Stephan Brandauer
a664e02d04 Merge pull request #8014 from kaeluka/js/functionality-from-untrusted-source 
JS: Functionality from untrusted sources query (CWE-830)
 2022-02-23 12:45:31 +01:00
Chris Smowton
50d9945625 Autoformat 2022-02-23 11:41:23 +00:00
Chris Smowton
476997a599 Replace more non-breaking spaces 2022-02-23 11:02:17 +00:00
Stephan Brandauer
1ed71e15f3 apply docreview feedback 2022-02-23 11:21:22 +01:00
Tony Torralba
f011bbc92c Merge pull request #8055 from luchua-bc/java/unsafe-url-forward-with-shared-lib 
CWE-552: Switch to the shared PathSanitizer library
 2022-02-23 11:00:23 +01:00
Stephan Brandauer
517d6969e1 Merge pull request #8171 from kaeluka/js/update-atm-query-docs-for-nosql-sql-injection 
update ATM NosqlInjection and SqlInjection query docs
 2022-02-23 10:54:37 +01:00
Asger Feldthaus
22ba43fff6 JS: Minor fixup in the client-side request forgery qhelp 2022-02-23 10:54:26 +01:00
Erik Krogh Kristensen
203212657e recognize modules imported by AMD imports as library inputs 2022-02-23 10:39:45 +01:00
Stephan Brandauer
c17d8b145a Merge pull request #8054 from asgerf/js/split-request-forgery 
JS: split request forgery query into server-side and client-side variants
 2022-02-23 10:27:16 +01:00
Mathias Vorreiter Pedersen
31a204a5d9 Merge pull request #8174 from jketema/hinding-cleanup 
C++: Simplify `cpp/declaration-hides-variable`
 2022-02-23 08:27:59 +00:00
Esben Sparre Andreasen
58e0d54744 Merge pull request #8168 from github/esbena/hapi-reflected-xss 
JS: model hapi handler returns as reflected-xss sinks
 2022-02-23 08:53:15 +01:00
jorgectf
4aa1c0a11e Update .expected 2022-02-23 00:55:39 +01:00
Jeroen Ketema
423d325204 C++: Simplify cpp/declaration-hides-variable 
The check for `(unnamed local variable)` is no longer needed, because these
variables are now identified as being compiler generated.
 2022-02-22 23:04:48 +01:00
Erik Krogh Kristensen
73f2e89f3e Merge pull request #8165 from erik-krogh/protoWrite 
JS: support more property writes in js/prototype-pollution-utility
 2022-02-22 21:30:22 +01:00
jorgectf
7c108c7892 Polish test 2022-02-22 20:57:20 +01:00
Jorge
0216798cb9 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-02-22 20:55:51 +01:00
Porcupiney Hairs
c81d85f321 Include suggestions from review 2022-02-22 23:07:34 +05:30
Erik Krogh Kristensen
b6b93065ff Merge pull request #8157 from erik-krogh/lodash-clone 
JS: add lodash.{clone, cloneDeep} as a clone step
 2022-02-22 18:12:10 +01:00
Erik Krogh Kristensen
c487bb73a7 Merge pull request #8143 from erik-krogh/pred-ql-style 
QL: add ql-for-ql query for detecting bad predicate qldoc
 2022-02-22 17:49:12 +01:00
Jeroen Ketema
aecc17c49b Merge pull request #7928 from jketema/structured-bindings-db-scheme 
C++: Add table that identifies C++ structured bindings
 2022-02-22 17:34:26 +01:00
Stephan Brandauer
6a9186cdef update ATM NosqlInjection and SqlInjection query docs 2022-02-22 16:56:18 +01:00
Geoffrey White
31d214d5ee Merge pull request #8170 from geoffw0/typos 
C++: Fix Spelling Typos.
 2022-02-22 15:09:50 +00:00
Mathias Vorreiter Pedersen
894992d403 Merge pull request #8169 from MathiasVP/fix-spelling-in-post-dominance-frontier 
C++/C#: Fix spelling of 'postDominanceFrontier'
 2022-02-22 14:54:39 +00:00
Geoffrey White
4908eaf5ec C++: Typos. 2022-02-22 14:33:11 +00:00
Mathias Vorreiter Pedersen
b6740ed4a1 C++/C#: Fix spelling of 'postDominanceFrontier'. 2022-02-22 13:48:13 +00:00
Esben Sparre Andreasen
2c527f7b35 model hapi handler returns as reflected-xss sinks 2022-02-22 14:12:01 +01:00
Erik Krogh Kristensen
517e17d422 support more property writes in js/prototype-pollution-utility, and generalize ObjectDefinePropertyAsPropWrite 2022-02-22 13:23:34 +01:00
Pierre
5ee96121fc Merge pull request #8162 from github/turbo-no-glibc-no 
Docs: Add note about muslc incompatibility
 2022-02-22 13:06:28 +01:00
Henry Mercer
4f7604f0dd Merge pull request #8151 from github/henrymercer/separate-atm-model-pack 2022-02-22 11:47:35 +00:00