hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,275 Commits 1,671 Branches 157 Tags
tausbn/python-refine-location-of-flask-request-sources
Commit Graph

1012 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
1b13790a36 Ruby: Deprecate and replace BarrierGuard class. 2022-06-20 15:46:38 +02:00
thiggy1342
0456870136 Merge branch 'main' into experimental-manually-check-request-verb 2022-06-18 15:21:53 -04:00
thiggy1342
ecb2114b7b replace duplicate post with put 2022-06-18 19:21:17 +00:00
thiggy1342
8b36191023 drop precision to low for now 2022-06-18 18:38:58 +00:00
thiggy1342
059c4d38ad refine query to use appropriate types 2022-06-18 18:26:45 +00:00
thiggy1342
8aa2602d9e trying to hone in on eq comparison and include? 2022-06-18 03:09:04 +00:00
thiggy1342
78f5186e6a remove barrierguards import 2022-06-18 00:43:01 +00:00
thiggy1342
b171883cd0 Merge branch 'main' into experimental-decompression-api 2022-06-17 12:30:38 -04:00
thiggy1342
4163ae1ca3 Update ruby/ql/src/experimental/decompression-api/DecompressionApi.qhelp 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-06-17 12:30:22 -04:00
thiggy1342
3b87c1d040 add qlhelp file and example 2022-06-17 16:03:40 +00:00
thiggy1342
7c2b19baad tweaks and add Zip::File.open_buffer to query 2022-06-17 02:43:54 +00:00
thiggy1342
6416b8ddb9 Update ruby/ql/src/experimental/decompression-api/DecompressionApi.ql 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-06-16 10:20:17 -04:00
Harry Maclean
ff0422c12d Ruby: Add rb/improper-memoization change note 2022-06-16 12:44:33 +12:00
Harry Maclean
ef6f0e5b30 Ruby: Add Improper Memoization query 
This query finds cases where a method memoizes its result but fails to
include one or more of its parameters in the memoization key (or doesn't
use memoization keys at all). This can lead to the method returning
incorrect results when subsequently called with different arguments.
 2022-06-16 12:44:33 +12:00
thiggy1342
0281dbd532 remove Zip::Entry.extract from query 2022-06-16 00:04:31 +00:00
github-actions[bot]
1ed70d51d7 Post-release preparation for codeql-cli-2.9.4 2022-06-15 13:25:20 +00:00
github-actions[bot]
104ac05f49 Release preparation for version 2.9.4 2022-06-15 08:22:38 +00:00
thiggy1342
0fce620536 Merge branch 'main' into experimental-decompression-api 2022-06-14 21:54:08 -04:00
thiggy1342
c012c235c6 rough draft of check request verb query 2022-06-14 01:45:02 +00:00
Alex Ford
8d195e3188 Merge pull request #9157 from alexrford/crypto-op-block-mode 
Ruby/Python: Add a `BlockMode` concept for `CryptographicOperations`
 2022-06-13 21:32:36 +02:00
thiggy1342
62291124ff remove constraint for Zip::File.open 2022-06-06 21:20:44 +00:00
thiggy1342
3c62271dba fix casing of Api 2022-06-06 21:18:08 +00:00
thiggy1342
c5db11ee2e use select placeholder correctly 2022-06-06 14:01:02 +00:00
thiggy1342
5ada3b76ed Merge branch 'main' into experimental-decompression-api 2022-06-03 16:45:53 -04:00
thiggy1342
54fd7809fe tweak metadata 2022-06-03 18:22:50 +00:00
thiggy1342
c5dc8779d1 Increased query robustness and test coverage 2022-06-03 18:05:56 +00:00
Nick Rolfe
f417c12c5e Merge pull request #9332 from github/post-release-prep/codeql-cli-2.9.3 
Post-release preparation for codeql-cli-2.9.3
 2022-05-31 16:17:50 +01:00
github-actions[bot]
ed2f3409bc Post-release preparation for codeql-cli-2.9.3 2022-05-31 09:54:55 +00:00
Adam Thigpen
a37443106b reduce false positives with some sanitizers 2022-05-28 15:14:42 -04:00
Adam Thigpen
2bf160c008 initial draft of decompression-api query 2022-05-28 15:14:32 -04:00
Nick Rolfe
385e442f7f Ruby: fix spelling errors 2022-05-25 16:38:48 +01:00
github-actions[bot]
1f1b364feb Release preparation for version 2.9.3 2022-05-25 07:46:48 +00:00
Alex Ford
9e483ac4e0 Fix change note formatting 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-05-19 14:25:44 +01:00
Alex Ford
bda1c21562 BrokenCryptoAlgorithm block mode change notes 2022-05-16 15:49:19 +01:00
Alex Ford
4752c45fe5 ruby: update rb/weak-cryptographic-algorithm to specify the block mode if appropriate 2022-05-13 16:32:30 +01:00
github-actions[bot]
b7cbd8fd75 Post-release preparation for codeql-cli-2.9.2 2022-05-12 18:21:38 +00:00
github-actions[bot]
ee9980b31c Release preparation for version 2.9.2 2022-05-12 10:17:28 +00:00
yoff
6c3e2db7fd Merge branch 'main' into python/simple-csrf 2022-05-10 10:55:28 +02:00
github-actions[bot]
1a25457178 Post-release preparation for codeql-cli-2.9.1 2022-05-05 19:05:50 +00:00
github-actions[bot]
8e4cf190e9 Release preparation for version 2.9.1 2022-04-28 11:59:05 +00:00
Harry Maclean
ba1d43dd42 Merge pull request #8658 from hmac/hmac/insecure-download 
Ruby: Add InsecureDownload query
 2022-04-28 11:07:35 +12:00
Harry Maclean
f4453f4da2 Merge pull request #8573 from hmac/hmac/missing-regexp-anchor 
Ruby: Add MissingRegExpAnchor query
 2022-04-28 11:06:33 +12:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
Harry Maclean
f35379bf8c Ruby: Add change note for rb/insecure-download 2022-04-27 12:47:09 +12:00
Harry Maclean
bb3fb0325b Ruby: Add InsecureDownload query 
This query finds cases where a potentially unsafe file is downloaded
over an unsecured connection.
 2022-04-27 12:47:09 +12:00
Harry Maclean
bbc3043836 Add change note for rb/regex/missing-regexp-anchor 2022-04-27 10:12:33 +12:00
Harry Maclean
af2965c2a0 Explain anchors in MissingRegExpAnchor qlhelp 2022-04-27 10:12:33 +12:00
Harry Maclean
6f9dc5eb7e Ruby: Update import for file move 2022-04-27 10:12:33 +12:00
Harry Maclean
2feb4a48be Ruby: Add hasMisleadingAnchorPrecedence to MissingRegExpAnchor 2022-04-27 10:12:33 +12:00
Harry Maclean
e3c3c00c68 Ruby: Add MissingRegExpAnchor query 2022-04-27 10:12:33 +12:00