hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,275 Commits 1,671 Branches 157 Tags
tausbn/python-refine-location-of-flask-request-sources
Commit Graph

1012 Commits

Author SHA1 Message Date
amammad
d96153a05e v1.2 change to PascalCase 2023-05-27 01:14:36 +00:00
amammad
e4b8a0e06d v1.1 2023-05-27 01:14:36 +00:00
amammad
486a5ac96f v1 2023-05-27 01:14:36 +00:00
Maiky
9ab6eabd15 add filterTaintStep, qhelp file and test files 2023-05-26 18:13:58 +02:00
Asger F
3831dc7785 Merge pull request #13288 from asgerf/rb/super-and-flow-through 
Ruby: two bug fixes
 2023-05-26 15:04:52 +02:00
Asger F
cfaa27ab5d Ruby: change note 2023-05-26 14:44:00 +02:00
yoff
af1f4c30fb Merge pull request #13299 from asgerf/rb/meta-query-summarised-callable-sites 
Ruby/Python: add meta-queries for calls to summarised callables
 2023-05-26 13:27:56 +02:00
Arthur Baars
e0466900ad Merge pull request #12992 from Sim4n6/ruby-UBV 
[Ruby] Add Unicode Bypass Validation query, test and help file
 2023-05-26 13:00:21 +02:00
Asger F
1c7f6dc32e Ruby: add meta-query for calls to summarized callables 2023-05-26 11:34:23 +02:00
Maiky
026d94c457 Add LDAP Injection query (incomplete) 2023-05-25 22:51:25 +02:00
erik-krogh
9f5bf8fb22 also fix the first code-block 2023-05-25 13:56:29 +02:00
erik-krogh
765076bcba fix whitespace in the samples in ReDoS.qhelp 2023-05-25 13:28:39 +02:00
Sim4n6
09c97ce0da Added one more example to the qhelp 2023-05-25 09:41:22 +01:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Asger F
8bd6f6c450 Ruby: change note 2023-05-24 10:22:22 +02:00
github-actions[bot]
7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
erik-krogh
710b309142 apply suggestions from doc review 2023-05-21 22:18:48 +02:00
Sim4n6
0a0a6dde40 Replaced CGI.escapeHTML() with the html_escape() 2023-05-20 17:59:39 +01:00
Sim4n6
f5ff50880c Updated qhelp for the use of html_escape() 2023-05-20 17:58:24 +01:00
Sim4n6
e345d7dca4 Update ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-05-20 12:54:03 +01:00
Sim4n6
7cd1fd4bbf CWE-179 and CWE-180 are included in metadata 2023-05-20 12:51:45 +01:00
Sim4n6
c9c7179a0b Deleted the ugly flowchart. 2023-05-20 12:49:46 +01:00
Sim4n6
c3c65ca712 Qhelp formatting 2023-05-20 12:48:26 +01:00
Sim4n6
8dcf139b45 Update ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-05-20 12:46:54 +01:00
Sim4n6
69ca49f168 Deleted the UBV query change note. 2023-05-20 12:39:54 +01:00
erik-krogh
480e71fd69 avoid contractions 2023-05-17 08:42:45 +02:00
erik-krogh
83ca1495e0 trim the whitespace in the poly-redos examples 2023-05-15 16:47:24 +02:00
erik-krogh
d989359656 add another example to the qhelp in poly-redos, showing how to just limit the length of the input 2023-05-15 16:47:02 +02:00
Maiky
0227b94ab5 Edit change note 2023-05-11 15:40:36 +02:00
Maiky
071a77cedc Ruby : XPath Injection Query (CWE-643) 2023-05-11 15:29:54 +02:00
Kasper Svendsen
e6ca3fe272 Ruby: Enable implicit this warnings 2023-05-10 13:03:39 +02:00
Kasper Svendsen
6b8a7c2f6f Ruby: Make implicit this receivers explicit 2023-05-10 13:03:39 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Alex Ford
82c025020d Merge remote-tracking branch 'origin/main' into maikypedia/ruby-ssti 2023-05-02 16:18:41 +01:00
Sim4n6
019b85beb6 Add Unicode Bypass Validation query, test and help file 2023-05-02 15:36:39 +01:00
github-actions[bot]
18d4af994d Post-release preparation for codeql-cli-2.13.1 2023-05-02 10:50:20 +00:00
Asger F
f59c149bae Ruby: add SQL injection sinks to meta query 2023-05-02 10:46:55 +02:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Erik Krogh Kristensen
d7325ba4e1 Merge pull request #12856 from p-/p--non-constant-open-improvments 
Ruby: Add additional sanitizers for Kernel.open or IO.read or similar sinks with a non-constant value
 2023-04-19 13:39:16 +02:00
Peter Stöckli
672cb92fbd Ruby: improve non-constant-kernel-open, recursive step for freeze 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-04-19 10:50:59 +02:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Peter Stöckli
2f268b309b Ruby: improve non-constant-kernel-open, freeze called on constant 2023-04-18 11:24:01 +02:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Peter Stöckli
0a6bb3f7ce Ruby: improve non-constant-kernel-open, no FP's on open without arguments 2023-04-18 10:10:36 +02:00
github-actions[bot]
648f0e19ec Post-release preparation for codeql-cli-2.13.0 2023-04-17 15:39:24 +00:00
github-actions[bot]
075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Maiky
64cf3adfd4 Update examples 2023-04-13 17:29:14 +02:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Tom Hvitved
3cc9dec9c8 Remove all queries.xml files 2023-04-13 11:18:58 +02:00