codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00

Author	SHA1	Message	Date
Fosstars	df0f9ee3a5	Fixed a few typos	2021-08-08 12:50:04 +02:00
Owen Mansel-Chan	9533f12e24	Add explanatory commented for MapIterator model	2021-08-06 07:06:36 +01:00
Owen Mansel-Chan	2ba41df2ba	Remove commented line	2021-08-06 07:06:36 +01:00
Owen Mansel-Chan	d1a440a45a	Improve helper functions for Put	2021-08-06 07:06:35 +01:00
Owen Mansel-Chan	26f5ac9ff2	Add change note	2021-08-06 07:06:35 +01:00
Owen Mansel-Chan	b922d7c6f3	Duplicate models for old package name The package name was org.apache.commons.collection until release 4.0.	2021-08-06 07:06:34 +01:00
Owen Mansel-Chan	51a7018afc	Add stubs	2021-08-06 07:06:16 +01:00
Raul Garcia	2708326624	Update csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2021-08-05 16:33:01 -07:00
Raul Garcia (MSFT)	e117077761	Adding change-note	2021-08-05 15:29:18 -07:00
Jordy Zomer	a3bacc76f1	Update cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2021-08-05 23:31:12 +02:00
Chris Smowton	0b6c991ac4	Unsafe deserialization: add support for Jodd JSON library	2021-08-05 16:01:14 +01:00
Jordy Zomer	cf40d0ae4d	Fix a typo unsiged -> unsigned	2021-08-05 16:40:49 +02:00
Shati Patel	8bb47b91b9	Merge pull request #6426 from shati-patel/docs/cwe-coverage Docs: Make TOC more visible and add note about CWE coverage	2021-08-05 15:01:29 +01:00
Shati Patel	97dd88661e	Merge pull request #6427 from shati-patel/docs/vscode-tests Docs: Mention setting for running tests in VS Code (already shipped)	2021-08-05 15:01:20 +01:00
Tom Hvitved	5b5ed97421	C#: Silence XML extraction commands	2021-08-05 15:24:01 +02:00
Tom Hvitved	4ee5cc5557	Merge pull request #6428 from hvitved/csharp/xss-nodes C#: Add missing `nodes` predicate to XSS queries	2021-08-05 15:03:22 +02:00
Tom Hvitved	9eb3f28ef1	C#: Add missing `nodes` predicate to XSS queries	2021-08-05 13:53:52 +02:00
Tom Hvitved	6471092139	Merge pull request #6394 from github/p0/csharp-virtual-dispatch-limit C#: Guard against virtual dispatch branching too much.	2021-08-05 13:20:14 +02:00
Jordy Zomer	489ac04f86	Remove author tag	2021-08-05 12:34:31 +02:00
shati-patel	dbf49a8257	Docs: Mention setting for running tests in VS Code	2021-08-05 11:27:20 +01:00
shati-patel	09f3001048	Docs: Make TOC more visible and add note about CWE coverage	2021-08-05 10:55:41 +01:00
Anders Schack-Mulligen	c29353db80	Merge pull request #6424 from github/workflow/coverage/update Update CSV framework coverage reports	2021-08-05 09:48:53 +02:00
Tony Torralba	0356ed7f9e	Merge pull request #5911 from atorralba/atorralba/promote-missing-jwt-signature-check Java: Promote Missing JWT signature check query from experimental	2021-08-05 09:43:03 +02:00
Anders Schack-Mulligen	1932f604dc	Merge pull request #6419 from smowton/smowton/admin/unsafe-deserialization-jabsorb Add unsafe-deserialization support for Jabsorb	2021-08-05 09:04:23 +02:00
Erik Krogh Kristensen	d3ea58002d	fix a case in `union` where order wasn't necessarily preserved	2021-08-05 08:48:15 +02:00
Erik Krogh Kristensen	6ca53c8b25	a little more special casing in CFGExtractor union	2021-08-05 08:32:56 +02:00
CodeQL CI	475032780e	Merge pull request #6311 from asgerf/js/dom-element-methods Approved by erik-krogh	2021-08-04 23:18:34 -07:00
Raul Garcia (MSFT)	7340a1293f	Fixing query & test	2021-08-04 19:37:57 -07:00
Raul Garcia (MSFT)	8544356f90	Adding `Membership.GeneratePassword()` as a bad source of random data because of the bias.	2021-08-04 17:12:00 -07:00
github-actions[bot]	9d13edb325	Add changed framework coverage reports	2021-08-05 00:08:17 +00:00
Erik Krogh Kristensen	7e422a656a	remove unused imports	2021-08-04 23:41:36 +02:00
Erik Krogh Kristensen	ff9943906d	micro optimize the hot loops by adding special cases and removing streams	2021-08-04 23:35:58 +02:00
Fosstars	b913928294	Renamed queries and merged qhelp files	2021-08-04 17:54:16 +02:00
Chris Smowton	1f08c3fe55	Move test files to appropriate package directories	2021-08-04 16:50:03 +01:00
edvraa	db2f9add53	Post merge	2021-08-04 18:37:17 +03:00
Chris Smowton	5a42448888	Code review suggestions - Remove unneeded import - Remove unnecessary `toLowerCase` call	2021-08-04 16:08:07 +01:00
Chris Smowton	69549e9ce3	Add unsafe-deserialization support for Jabsorb This is partly extracted from https://github.com/github/codeql/pull/5954	2021-08-04 15:35:50 +01:00
Asger Feldthaus	1b67b43b40	JS: Change note	2021-08-04 16:25:59 +02:00
Asger Feldthaus	00f4694616	JS: Recognize methods returning DOM objects	2021-08-04 16:25:56 +02:00
Anders Schack-Mulligen	5f9f857c34	Update java/ql/src/semmle/code/java/security/JWT.qll	2021-08-04 16:23:21 +02:00
Anders Schack-Mulligen	78998d0ca1	Update java/ql/src/semmle/code/java/security/JWT.qll	2021-08-04 16:22:56 +02:00
Anders Schack-Mulligen	6a09a5667d	Merge pull request #5931 from atorralba/atorralba/promote-jndi-injection Java: Promote JNDI Injection query from experimental	2021-08-04 15:48:44 +02:00
Owen Mansel-Chan	2e04319d9f	Manually improve tests	2021-08-04 14:27:01 +01:00
Owen Mansel-Chan	a538699a0a	Add automatically generated tests	2021-08-04 14:27:00 +01:00
Owen Mansel-Chan	b82389088b	Model interfaces in Apache Commons Collections main package	2021-08-04 14:26:59 +01:00
Owen Mansel-Chan	39ea0a989a	Model *Utils classes	2021-08-04 14:26:58 +01:00
Tony Torralba	bc9563c073	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-08-04 14:40:32 +02:00
Tony Torralba	989afb446e	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-08-04 14:07:10 +02:00
edvraa	d1e41689bb	Merge with main	2021-08-04 14:25:34 +03:00
Tony Torralba	a046d75ea6	Apply suggestions from code review	2021-08-04 13:15:49 +02:00

... 22 23 24 25 26 ...

26405 Commits