hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

4639 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
30cf213372 Python: Add change-note 2023-07-06 15:04:49 +02:00
amammad
2ba83022c7 delete old qhelp file 2023-07-01 04:49:35 +10:00
amammad
931f492df2 cleaning up mistakes 2023-06-30 23:03:29 +10:00
amammad
816799c4ba upgrade query to detect redash CVE too 2023-06-30 22:14:50 +10:00
github-actions[bot]
668aaa2dc8 Post-release preparation for codeql-cli-2.13.5 2023-06-30 08:51:48 +00:00
amammad
7a17b99c17 V2 2023-06-29 20:55:51 +10:00
github-actions[bot]
9d7987f822 Release preparation for version 2.13.5 2023-06-29 09:26:18 +00:00
amammad
8fccd65d34 fix a mistake :( 2023-06-26 16:51:14 +10:00
amammad
b506b7d298 better documents, remove separate PyZipFile 2023-06-26 16:50:33 +10:00
amammad
a38405e490 fix formatting error/warnings 2023-06-26 16:43:18 +10:00
amammad
e3e0307db7 V1 2023-06-25 20:36:28 +10:00
amammad
748e96d852 V1 Bombs 2023-06-22 19:28:27 +10:00
Henry Mercer
5afdaf8fe1 Merge pull request #13525 from github/rc/3.10 
Merge `rc/3.10` back to `main`
 2023-06-21 17:13:36 +01:00
Erik Krogh Kristensen
2341c82450 Merge pull request #13342 from erik-krogh/once-again-deps 
Py: delete more old deprecations
 2023-06-20 15:29:17 +02:00
Rasmus Wriedt Larsen
47d0a6d2e3 Python: Restore rest of experimental files 2023-06-20 14:30:43 +02:00
github-actions[bot]
18b678e69e Post-release preparation for codeql-cli-2.13.4 2023-06-20 10:20:05 +00:00
Tony Torralba
8f6d2ed2f9 Adjust ZipSlip query description according to review suggestions. 2023-06-19 10:27:41 +02:00
Tony Torralba
3c4d938cf1 Apply code review suggestions. 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-19 10:20:19 +02:00
Tony Torralba
433fc680ec Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-06-19 10:17:40 +02:00
Tony Torralba
c97868f774 Add change notes 2023-06-16 09:01:02 +02:00
Tony Torralba
3e96fe60c5 Go/Java/JS/Python/Ruby: Update the description and qhelp of the ZipSlip query 
All filesystem operations, not just writes, with paths built from untrusted archive entry names are dangerous
 2023-06-16 08:52:44 +02:00
erik-krogh
df61c4dd62 reintroduce the experiemental queries that use deprecated features 2023-06-14 08:31:57 +02:00
erik-krogh
3a436d1f84 do a quick-and-dirty conversion of py/hardcoded-credentials to the new dataflow library 2023-06-14 08:31:56 +02:00
erik-krogh
ae8bf5ed3c delete old deprecations 2023-06-14 08:31:51 +02:00
Erik Krogh Kristensen
798f3880c9 Merge pull request #13402 from erik-krogh/deps-some-py 
Py: delete some old deprecations
 2023-06-12 11:29:44 +02:00
erik-krogh
6dfeb2536b delete old deprecations 2023-06-09 15:12:23 +02:00
github-actions[bot]
e4be303a23 Release preparation for version 2.13.4 2023-06-08 19:57:37 +00:00
Rasmus Wriedt Larsen
0c8b4251cf Python: Avoid duplicated query-id 2023-06-07 10:07:01 +02:00
Taus
c4bfb21f0f Merge pull request #13371 from github/nickrolfe/python-location-tostring 
Python: avoid selecting `getLocation()`
 2023-06-06 12:05:51 +02:00
Nick Rolfe
02395867c8 Python: avoid selecting getLocation() in py/truncated-division 2023-06-05 13:42:46 +01:00
Nick Rolfe
c67a350e36 Python: avoid selecting getLocation() in py/unnecessary-delete 2023-06-05 11:16:13 +01:00
jorgectf
3e8c7f72b6 Add changenote 2023-06-02 18:20:55 +02:00
jorgectf
5608082f35 Update py/unsafe-deserialization name 2023-06-02 17:57:24 +02:00
Erik Krogh Kristensen
96a720cfa0 Merge pull request #13285 from erik-krogh/redoshelp 
ReDoS: fix whitespace in the samples in ReDoS.qhelp
 2023-06-01 15:53:58 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Asger F
75fd20b3b8 Python: add meta-query for calls to summarized callables 2023-05-26 11:40:58 +02:00
erik-krogh
9f5bf8fb22 also fix the first code-block 2023-05-25 13:56:29 +02:00
erik-krogh
765076bcba fix whitespace in the samples in ReDoS.qhelp 2023-05-25 13:28:39 +02:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Rasmus Wriedt Larsen
5c77edecf7 Merge pull request #12991 from Sim4n6/python-UBV 
[Python] Add Unicode Bypass Validation query tests and help
 2023-05-23 12:21:55 +02:00
github-actions[bot]
7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
Rasmus Wriedt Larsen
c1b90c8f05 Python: Apply suggested change 2023-05-22 11:58:32 +02:00
Rasmus Wriedt Larsen
44d806507d Merge branch 'main' into python-UBV 2023-05-22 11:53:56 +02:00
erik-krogh
710b309142 apply suggestions from doc review 2023-05-21 22:18:48 +02:00
Sim4n6
be3f59afab Replaced StringMethod() with a restrained String method calls 2023-05-20 12:17:33 +01:00
Sim4n6
d939f192d5 Deleted the UBV query change note. 2023-05-20 11:46:18 +01:00
Sim4n6
21e99d52c7 Fix a redundant import 2023-05-20 10:23:04 +01:00
Sim4n6
b8969707c5 Delete the vulnerability flow image from the QHelp file. 2023-05-20 10:21:38 +01:00
Sim4n6
16ce024429 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:13:23 +01:00
Sim4n6
8462b14b54 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:12:55 +01:00