hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,672 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CodeQL CI
394d3349ac Merge pull request #6213 from asgerf/js/vuex 
Approved by erik-krogh
 2021-08-03 01:49:06 -07:00
Geoffrey White
bb96ca3e00 Merge branch 'main' into impropnull 2021-08-03 09:37:58 +01:00
Anders Schack-Mulligen
62adefb015 Merge pull request #6400 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-03 10:36:27 +02:00
Geoffrey White
db292287db Merge branch 'main' into impropnull 2021-08-03 09:34:16 +01:00
Tony Torralba
084cda6daa Merge branch 'main' into atorralba/promote-groovy-injection 2021-08-03 09:53:46 +02:00
Tony Torralba
36565802dc Delete unnecesary file 
RequestForgery.expected in experimental was an artifact from a merge that wasn't adequately removed
 2021-08-03 09:48:04 +02:00
Tony Torralba
8852f69d36 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-08-03 09:46:32 +02:00
CodeQL CI
a27cb4b1ae Merge pull request #6399 from erik-krogh/nunjucks 
Approved by esbena
 2021-08-03 00:45:37 -07:00
Erik Krogh Kristensen
f1f44ceee7 add change-note 2021-08-03 09:11:27 +02:00
Erik Krogh Kristensen
6b579dfad3 normalize auth-headers to lowercase 2021-08-03 09:09:47 +02:00
Erik Krogh Kristensen
116679d8b6 simplify union 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
8f613b6b16 rename seq to visitSequence 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
e56e56c14e use Collection instead of Iterable 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
1479376f23 rename visit to visitWithSuccessors to avoid ambiguity 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
4289875747 make utility methods static 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
94a593b208 rename entry and exit to getEntryNode and getExitNode respectively 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
366a16f700 rename the V class to WriteSuccessorsVisitor 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
c059ceaee9 add qldoc to union(xs, ys) 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
8db10aeb9d add JavaDoc to createIterable and createReversedIterable 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
8fdcd917ee rename foreach and hcaerof to createIterable and createReversedIterable respectively 2021-08-03 08:59:32 +02:00
Erik Krogh Kristensen
014728a66a implement hcaerof in terms of foreach 2021-08-03 08:59:32 +02:00
Erik Krogh Kristensen
ca26b5ebbc rename succ to writeSuccessor/writeSuccessors 2021-08-03 08:59:32 +02:00
Asger Feldthaus
c88d213f37 JS: Use appendToNamespace 2021-08-03 08:52:19 +02:00
Asger Feldthaus
f5f255d93d JS: Rename getPrefix -> getNamespace 2021-08-03 08:51:35 +02:00
Asger F
ff17d298b0 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-08-03 08:45:56 +02:00
github-actions[bot]
cd65baf481 Add changed framework coverage reports 2021-08-03 00:07:34 +00:00
Ethan Palm
2c6977e5e2 Merge pull request #6327 from ethanpalm/cwe-coverage-tables 
CodeQL: Display CWE coverage information by language
 2021-08-02 18:00:01 -04:00
Erik Krogh Kristensen
87c0c60c22 don't report dummy authentication headers as hardcoded-crendentials 2021-08-02 22:56:14 +02:00
Erik Krogh Kristensen
f719e0ca1b remove nunjucks template URLs from the target-blank query 2021-08-02 22:46:59 +02:00
Ethan P
6a6993248d Add note to readme about CWE coverage tables 2021-08-02 13:34:26 -07:00
Benjamin Muskalla
60c7003667 Optimize return type check 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
fda394858b Turn external API query into diagnostics query 
* Expose (partial) CSV model for the API
* Rework and simplify predicates
 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
8595ae71f7 Simplify api coverage detection 
Fixes a bug that doesn't take super types into account
when computing the usage of a specific API.
 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
3365634259 Expose csv parameter format predicate 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
aab633eced Reformat 2021-08-02 17:14:43 +02:00
Benjamin Muskalla
2064915d3b Fold JDK API query into external API query 2021-08-02 17:14:43 +02:00
Benjamin Muskalla
0c04c9a2c2 Fix aggregation of jar usages 2021-08-02 17:14:43 +02:00
Benjamin Muskalla
722889e881 Make id unique 2021-08-02 17:14:42 +02:00
Benjamin Muskalla
d9285e78c0 Add query to collect external API calls 2021-08-02 17:14:42 +02:00
Benjamin Muskalla
07303ccbb3 Fix formatting 2021-08-02 17:14:42 +02:00
Benjamin Muskalla
b9f6b60c4d Introduce query to capture external libraries 2021-08-02 17:14:41 +02:00
Benjamin Muskalla
32f52ac30d Improve column names 2021-08-02 17:14:41 +02:00
Benjamin Muskalla
18e3763f90 Expose whether APIs are already supported 2021-08-02 17:14:41 +02:00
Benjamin Muskalla
9b6ae9029f Introduce query for capture JDK API usage 2021-08-02 17:14:40 +02:00
Chris Smowton
fad1622730 Merge pull request #5435 from haby0/DynamicallyLoadedClasses 
Java: CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
 2021-08-02 16:04:30 +01:00
Tony Torralba
08bdd1aa7a Merge branch 'main' into atorralba/promote-ognl-injection 2021-08-02 16:05:38 +02:00
Tony Torralba
8b50b3d00f Add jackson-core to test dependencies 2021-08-02 16:04:49 +02:00
Geoffrey White
904db788ec Merge branch 'main' into impropnull 2021-08-02 15:00:12 +01:00
Chris Smowton
09a873138d Add missing qldoc 2021-08-02 14:48:42 +01:00
Chris Smowton
170bb43393 Update java/ql/test/library-tests/frameworks/json-java/test.ql 
Remove unnecessary import

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-08-02 14:46:38 +01:00