codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00

Author	SHA1	Message	Date
Jonathan Leitschuh	76964d58f2	Apply suggestions from code review Co-authored-by: Felicity Chapman <felicitymay@github.com>	2022-02-14 11:04:31 -05:00
Jonathan Leitschuh	bb580ddbab	Apply suggestions from code review Co-authored-by: Felicity Chapman <felicitymay@github.com>	2022-02-14 11:02:05 -05:00
Jonathan Leitschuh	7dee22a130	Fix implicit 'this' usage	2022-02-14 11:00:41 -05:00
luchua-bc	2b5982fd9d	Remove specified value step from additional taint step	2022-02-14 15:42:54 +00:00
luchua-bc	35a924292b	Model value passing between a setter and a getter call as a value step	2022-02-14 14:08:55 +00:00
Artem Smotrakov	48604cd7b3	Better HostnameVerificationCall.isIgnored()	2022-02-12 15:52:16 +00:00
Artem Smotrakov	36e565d673	Use classes from semmle.code.java.security.Encryption	2022-02-12 15:31:35 +00:00
Artem Smotrakov	651e43dee6	Clarify what verifier is	2022-02-12 12:24:48 +00:00
luchua-bc	78630f25dd	Match attribute name to reduce FP	2022-02-11 23:53:31 +00:00
Chuan-kai Lin	9b4dbb9dd8	Merge pull request #7895 from github/cklin/upgrades-initial-dbscheme Upgrade scripts testing: set initial dbschemes	2022-02-11 11:06:12 -08:00
luchua-bc	e3d0e9f083	Update normalized path node	2022-02-11 12:38:05 +00:00
github-actions[bot]	21bf29353f	Post-release preparation for codeql-cli-2.8.1	2022-02-11 11:07:31 +00:00
luchua-bc	12c53baba4	Simplify the query	2022-02-11 01:05:06 +00:00
github-actions[bot]	f25fc70b7c	Release preparation for version 2.8.1	2022-02-10 22:08:24 +00:00
Artem Smotrakov	0ba229a64b	Apply suggestions from code review (typos/formatting) Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com> Co-authored-by: Chris Smowton <smowton@github.com>	2022-02-10 18:37:12 +00:00
Jonathan Leitschuh	eee521e6ce	Fix test failure for TempDirLocalInformationDisclosure	2022-02-10 10:40:40 -05:00
Jonathan Leitschuh	bafcce17d4	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2022-02-09 22:14:17 -05:00
luchua-bc	ce03aeb4d9	Fixed an issue related to normalized path	2022-02-09 23:19:40 +00:00
Jonathan Leitschuh	ded8d64301	Remove CAPC and add CWE-93	2022-02-09 12:31:53 -05:00
Jonathan Leitschuh	03fdee3767	Cleanup Netty Response Splitting Query	2022-02-09 12:28:11 -05:00
Jonathan Leitschuh	8ffe878722	Apply suggestions from code review Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>	2022-02-09 12:28:11 -05:00
Jonathan Leitschuh	c732cb7759	Add HTTP Request Splitting to Netty Query	2022-02-09 12:28:10 -05:00
Jonathan Leitschuh	49a73673b6	Fix FP from mkdirs call on exact temp directory	2022-02-09 11:04:23 -05:00
Jonathan Leitschuh	787e3dac31	Update java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql Co-authored-by: Chris Smowton <smowton@github.com>	2022-02-09 10:07:56 -05:00
Tom Hvitved	9440a45015	Merge branch 'main' into post-release-prep/codeql-cli-2.8.0	2022-02-09 09:40:33 +01:00
luchua-bc	4609227e76	Use data model for request/session attribute operations	2022-02-09 03:24:46 +00:00
Jonathan Leitschuh	7f46640176	Consider calls to setReadable(false, false) then setReadable(true, true) to be safe	2022-02-08 17:57:10 -05:00
Chuan-kai Lin	a7f1ee574c	Upgrade scripts testing: set initial dbschemes This commit sets initial dbschemes for cpp, csharp, java, javascript, and python so that automated testing for upgrade scripts would also cover legacy upgrades.	2022-02-08 11:11:41 -08:00
Chris Smowton	a6596ea7ce	Fix test requirements, formatting	2022-02-08 12:01:32 +00:00
Benjamin Muskalla	b62df5a9ad	Merge pull request #7872 from bmuskalla/fixCoverageCollection Collect framework coverage on demand	2022-02-08 11:27:48 +01:00
Henry Mercer	eff0ca01b1	Merge pull request #7417 from github/henrymercer/java/update-telemetry-query-metadata Java: Start running telemetry queries on Code Scanning	2022-02-08 10:26:30 +00:00
Chris Smowton	79654592d9	Apply suggestions from code review	2022-02-08 10:23:46 +00:00
Benjamin Muskalla	ff8a96b96d	Rename framework coverage query Move it to the other summary queries, update all references.	2022-02-08 11:14:03 +01:00
luchua-bc	ff4826d203	Correct the data model and update qldoc	2022-02-08 04:02:27 +00:00
Jonathan Leitschuh	c4112e6d4c	Post refactor fixiup	2022-02-07 15:02:13 -05:00
Chris Smowton	de38638db6	Combine CWE-200 queries	2022-02-07 14:22:36 -05:00
Benjamin Muskalla	9af50f5216	Turn framework coverage into metric query	2022-02-07 12:08:18 +01:00
github-actions[bot]	b4ab86c020	Post-release preparation for codeql-cli-2.8.0	2022-02-06 23:34:07 +00:00
Artem Smotrakov	f53b2fcc62	Updated IgnoredHostnameVerification.ql to cover more uses of HostnameVerifier.verify()	2022-02-06 11:23:20 +00:00
Jonathan Leitschuh	1f47ea5164	Update to new change note format	2022-02-04 17:16:12 -05:00
Jonathan Leitschuh	0268dd9f0a	Add file creation sanitizer	2022-02-04 17:10:27 -05:00
Jonathan Leitschuh	9299c7996d	Add information disclosure test fix suggestions	2022-02-04 17:10:27 -05:00
Jonathan Leitschuh	0a621c2801	Fix the formatting in TempDirLocalInformationDisclosureFromMethodCall	2022-02-04 17:10:27 -05:00
Jonathan Leitschuh	79db76dcf8	Fix test failures TempDirLocalInformationDisclosureFromSystemProperty	2022-02-04 17:10:27 -05:00
Jonathan Leitschuh	d5c9af31b2	Fixup documentation/code from PR feedback	2022-02-04 17:10:26 -05:00
Jonathan Leitschuh	f7a4aac525	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2022-02-04 17:10:26 -05:00
Jonathan Leitschuh	a4b5573f53	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2022-02-04 17:10:26 -05:00
Jonathan Leitschuh	a8d25b63ac	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2022-02-04 17:10:26 -05:00
Chris Smowton	e795823d97	Autoformat TempDirUtils.qll	2022-02-04 17:10:26 -05:00
Jonathan Leitschuh	7e514e9ef9	Add QLdoc and fix Compiler Errors in Tests	2022-02-04 17:10:26 -05:00

1 2 3 4 5 ...

4388 Commits