hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,672 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

4804 Commits

Author SHA1 Message Date
erik-krogh
44b6366586 delete old deprecations 2023-06-02 11:58:08 +02:00
Jeroen Ketema
7b17b92aca Fix typo in spelling of expectation 2023-06-02 10:36:11 +02:00
Alex Ford
6fa9e13a2e Ruby: update TaintStep output 2023-06-01 16:27:20 +01:00
Alex Ford
606d601923 qlformat 2023-06-01 16:26:05 +01:00
Alex Ford
d09f6d318c Merge branch 'main' into maikypedia/sqli-sink 2023-06-01 15:02:44 +01:00
Alex Ford
40cf09996a Merge pull request #13066 from maikypedia/maikypedia/sqli-sink-2 
Ruby: Add Sequel as SQL Injection Sink
 2023-06-01 15:01:38 +01:00
Erik Krogh Kristensen
96a720cfa0 Merge pull request #13285 from erik-krogh/redoshelp 
ReDoS: fix whitespace in the samples in ReDoS.qhelp
 2023-06-01 15:53:58 +02:00
Alex Ford
b62a02f0ad ruby: remove unused field 2023-06-01 14:01:40 +01:00
Alex Ford
23e22799a9 ruby: rack - modelling -> modeling 2023-06-01 14:01:40 +01:00
Alex Ford
24635df1a3 ruby: add some qldoc for rack 2023-06-01 14:01:40 +01:00
Alex Ford
40da7d45c2 ruby: make a predicate private 2023-06-01 14:01:40 +01:00
Alex Ford
4905a70e21 Ruby: update rack test output 2023-06-01 14:01:40 +01:00
Alex Ford
19664879c8 ruby: slightly expand a TODO 2023-06-01 14:01:40 +01:00
Alex Ford
a5a15f3804 Ruby: restructure rack model 2023-06-01 14:01:40 +01:00
Alex Ford
b2958f87b2 ruby: rack - add redirect responses 2023-06-01 14:01:40 +01:00
Alex Ford
c3ab867595 ruby: start restructuring rack 2023-06-01 14:01:40 +01:00
Alex Ford
f8d2cbbe79 ruby: rack responses implement are HTTP responses 2023-06-01 14:01:39 +01:00
Alex Ford
c87c266871 ruby: add Rack::ResponseNode#getAStatusCode 2023-06-01 14:01:39 +01:00
Alex Ford
e7e0cf5cb3 ruby: add Rack::ResponseNode class 2023-06-01 14:01:39 +01:00
Alex Ford
7d943c7621 Ruby: update test output 2023-06-01 13:50:32 +01:00
Alex Ford
4794066d3c Merge branch 'main' into maikypedia/sqli-sink-2 2023-06-01 13:04:54 +01:00
Maiky
7579f182ad Add requested changes 2023-06-01 11:00:35 +02:00
Michael Nebel
06b02eb3ce Sync files. 2023-06-01 09:30:31 +02:00
Maiky
13ce6a6d8e Update Frameworks.qll 2023-06-01 00:53:01 +02:00
Arthur Baars
e93b44670f Ruby: printCfg: only show graph for selected CfgScope 2023-05-31 16:08:01 +02:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Michael Nebel
2266e28583 Merge pull request #13262 from michaelnebel/flowsummary/refactorgetcomponentstack 
C#: Re-factor getComponent.
 2023-05-31 08:22:44 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Arthur Baars
d91fa2d038 Ruby: add print-cfg query 2023-05-30 17:30:04 +02:00
Rasmus Lerchedahl Petersen
2daa9577bb ruby/python: implement shared module 
ruby:
- create new shared file `SummaryTypeTracker.qll`
- move much logic into the module
- instantiate the module
- remove old logic, now provided by module

python:
- clone shared file
- instantiate module
- use (some of the) steps provided by the module
 2023-05-30 13:31:24 +02:00
Maiky
345f43fbae fix concepts 2023-05-29 21:17:48 +02:00
Maiky
62353122c0 Add Improper LDAP Authentication query (CWE-287) 2023-05-29 21:16:13 +02:00
Maiky
03b7c5e5e8 naming error 2023-05-29 16:34:40 +02:00
Maiky
a8f887e3f9 naming error 2023-05-29 16:33:58 +02:00
Harry Maclean
e70e3e52dc Ruby: fix typo in qhelp 2023-05-29 04:05:42 +00:00
Harry Maclean
ca1024e285 Ruby: Reword unsafe deserialization qhelp 2023-05-29 03:46:30 +00:00
Maiky
2d8318dc02 remove unnecessary imports and edit .qhelp 2023-05-28 17:40:31 +02:00
Maiky
065b69460d remove space 2023-05-28 17:34:16 +02:00
Maiky
5e33f14ff1 Undo Concepts changes 2023-05-28 17:33:05 +02:00
Maiky
d45d046fa7 Add test file and .expected 2023-05-28 17:29:34 +02:00
Maiky
d8bc818d5a add Change note 2023-05-28 16:50:36 +02:00
Harry Maclean
e515981c81 Ruby: Remove unused examples 2023-05-27 12:01:00 +00:00
Harry Maclean
562065f29e Ruby: Add change note 2023-05-27 01:20:09 +00:00
Harry Maclean
b8c3cba4ff Ruby: Consolidate unsafe deserialization queries 
Merge the experimental YAMLUnsafeDeserialization and
PlistUnsafeDeserialization queries into the generate
UnsafeDeserialization query in the default suite.

These queries look for some specific sinks that we now find in the
general query.

Also apply some small code and comment refactors.
 2023-05-27 01:20:04 +00:00
amammad
d727d573d5 v4.2 write exact version of yaml.load default loader change 2023-05-27 01:15:29 +00:00
amammad
40e24b6b94 v4.1 fix file names in qhelp 2023-05-27 01:15:29 +00:00
amammad
335441ce04 v4: make variable names camelCase, some inhancement, remove some duplicates 2023-05-27 01:15:29 +00:00
amammad
e76ed9454a v3 add global taint steps for to_ruby of YAML/Psych 2023-05-27 01:15:24 +00:00
amammad
ad7e107ff5 add the new YAML/PLIST sinks into the existing rb/unsafe-deserialization query 2023-05-27 01:14:36 +00:00
amammad
b9296d3df8 v2.1 fix file names 2023-05-27 01:14:36 +00:00