codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00

Author	SHA1	Message	Date
Sim4n6	2a8645c447	Fix 'Singleton set literal' warning	2023-05-20 10:11:26 +01:00
Sim4n6	58be109a70	Moved UnicodeBypassValidation Customizations & Query.qll to src/experimental	2023-05-20 10:08:56 +01:00
erik-krogh	480e71fd69	avoid contractions	2023-05-17 08:42:45 +02:00
erik-krogh	83ca1495e0	trim the whitespace in the poly-redos examples	2023-05-15 16:47:24 +02:00
erik-krogh	d989359656	add another example to the qhelp in poly-redos, showing how to just limit the length of the input	2023-05-15 16:47:02 +02:00
Rasmus Wriedt Larsen	62f0c64a03	Merge pull request #12552 from erik-krogh/py-type-trackers Py: refactor regex tracking to type-trackers	2023-05-11 16:18:34 +02:00
Kasper Svendsen	d9f29a85d6	Python: Enable implicit this warnings	2023-05-04 10:16:52 +02:00
Ian Lynagh	b56b843d13	Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 Post-release preparation for codeql-cli-2.13.1	2023-05-03 13:12:10 +01:00
Kasper Svendsen	3eb5a95ee3	Python: Make implicit this receivers explicit	2023-05-03 12:16:21 +02:00
Sim4n6	083cd612cd	add a change note markdown	2023-05-02 15:17:03 +01:00
Sim4n6	1fa1a4e268	Add Unicode Bypass Validation query tests and help	2023-05-02 15:09:16 +01:00
github-actions[bot]	18d4af994d	Post-release preparation for codeql-cli-2.13.1	2023-05-02 10:50:20 +00:00
erik-krogh	59cc90e547	move Regex into a ParseRegExp file, and rename the class to RegExp	2023-05-01 10:42:14 +02:00
erik-krogh	f0254fc089	introduce RegExpInterpretation instead of RegexString, and move RegexTreeView.qll into a regexp folder	2023-05-01 10:42:13 +02:00
github-actions[bot]	3bd29171fb	Release preparation for version 2.13.1	2023-04-28 12:14:35 +00:00
amammad	b3669b818b	v1.3 change name according to camelCase	2023-04-28 04:56:47 +02:00
amammad	a541fdf5e5	v1.2 code quality improvements including commnets too	2023-04-27 08:30:46 +02:00
amammad	1bf159e9a9	Merge branch 'github:main' into amammad-python-paramiko	2023-04-26 23:28:29 -07:00
yoff	b35637e1c5	Merge pull request #12858 from RasmusWL/paramiko-modeling Python: Expand modeling of `paramiko`	2023-04-25 14:04:50 +02:00
Luke Cartey	a47778c22e	Update SimpleXmlRpcServer.ql to avoid av detection This file was being flagged by McAfee as an `Exploit-Generic.src` trojan. We have attempted to report this to Mcafee without success so far. This commit therefore adjusts the file to avoid detection.	2023-04-20 11:59:18 +01:00
Alex Ford	924ce250dd	Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 Post-release preparation for codeql-cli-2.13.0	2023-04-18 14:40:40 +01:00
Rasmus Wriedt Larsen	a168af349e	Python: Expand modeling of `paramiko`	2023-04-18 11:57:20 +02:00
Tom Hvitved	f6d000eb20	Merge pull request #12805 from hvitved/remove-queries-xml Remove all `queries.xml` files	2023-04-18 10:52:14 +02:00
github-actions[bot]	648f0e19ec	Post-release preparation for codeql-cli-2.13.0	2023-04-17 15:39:24 +00:00
github-actions[bot]	075d063370	Release preparation for version 2.13.0	2023-04-14 13:31:30 +00:00
Alex Eyers-Taylor	c6a482819a	Bump all qlpacks major versions	2023-04-13 19:15:27 +01:00
Alex Ford	8c46bfd051	Merge pull request #12816 from github/rc/3.9 Merge `rc/3.9` into `main`	2023-04-13 12:35:41 +01:00
Tom Hvitved	3cc9dec9c8	Remove all `queries.xml` files	2023-04-13 11:18:58 +02:00
Taus	beae3e9187	Python: Clarify version data	2023-04-12 11:53:16 +00:00
github-actions[bot]	ac426b1302	Post-release preparation for codeql-cli-2.12.6	2023-04-04 16:49:26 +00:00
github-actions[bot]	0a3218676c	Release preparation for version 2.12.6	2023-03-30 19:25:06 +00:00
github-actions[bot]	e87ce62f95	Post-release preparation for codeql-cli-2.12.5	2023-03-30 13:48:58 +00:00
Raul Garcia	cf8a683d7d	Merge branch 'main' into main	2023-03-29 20:27:03 -07:00
Rasmus Wriedt Larsen	34cbaf10c2	Python: Use PostUpdateNode in `py/azure-storage/unsafe-client-side-encryption-in-use`	2023-03-29 13:22:21 +02:00
Rasmus Wriedt Larsen	86333e3ba5	Python: Remove duplicate results from azure blob query	2023-03-29 11:47:29 +02:00
Rasmus Wriedt Larsen	32d52c023e	Python: Allow any order for azure blob query By only allowing the sink in the state where encryption v1 is used, we can handle the new case where the order of attribute assignment is flipped. However, we get a few too many paths because we can have multiple sources reaching the same sink... let's fix in next commit.	2023-03-29 11:42:01 +02:00
Rasmus Wriedt Larsen	683985a00a	Python: Expand azure blob modeling Now we can differentiate between the classes	2023-03-29 11:24:36 +02:00
Rasmus Wriedt Larsen	8ea6b6f256	Python: Update `py/azure-storage/unsafe-client-side-encryption-in-use` to use datafow	2023-03-28 10:09:22 +02:00
Rasmus Wriedt Larsen	7a17cd2a9e	Python: Rewrite azure query to more idiomatic ql	2023-03-28 10:06:00 +02:00
yoff	a1a2eb356c	Merge pull request #11515 from yoff/py/port-comparison-using-is python: port `py/comparison-using-is`	2023-03-28 09:42:34 +02:00
Taus	a3c40a3ae4	Python: Add `experimental` tags	2023-03-27 14:23:36 +00:00
Taus	af060e8c6b	Merge branch 'main' into timing-attack-py	2023-03-27 15:27:13 +02:00
Taus	700eb04487	Python: Lower precision of non-header queries cf. https://github.com/github/securitylab/issues/691#issuecomment-1387391014	2023-03-27 12:22:17 +00:00
Taus	0b4c85f8d2	Python: Autoformat and fix broken module reference	2023-03-27 12:16:44 +00:00
yoff	2121ed784f	Merge branch 'main' into python/rewrite-InsecureContextConfiguration	2023-03-27 10:20:53 +02:00
Raul Garcia	4ba1740c45	Merge branch 'main' into main	2023-03-24 14:56:07 -07:00
Taus	11c89adbe3	Merge branch 'main' into timing-attack-py	2023-03-24 15:40:33 +01:00
Rasmus Lerchedahl Petersen	3c407eaa23	python: rewrite comment	2023-03-24 13:32:25 +01:00
Rasmus Lerchedahl Petersen	8ea4878f7a	python: move comment	2023-03-24 13:24:49 +01:00
yoff	cf4eac6fa1	Update python/ql/src/Security/CWE-327/PyOpenSSL.qll Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2023-03-24 13:18:03 +01:00

... 11 12 13 14 15 ...

4639 Commits