hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,275 Commits 1,671 Branches 157 Tags
tausbn/python-refine-location-of-flask-request-sources
Commit Graph

1012 Commits

Author SHA1 Message Date
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Alex Ford
9d421ffa8d Ruby: configsig rb/improper-ldap-auth 2023-09-21 12:24:15 +01:00
github-actions[bot]
3acf5244b0 Post-release preparation for codeql-cli-2.14.6 2023-09-20 10:25:10 +00:00
github-actions[bot]
0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
Maiky
97c20b181a Add change note 2023-09-16 14:01:53 +02:00
Maiky
f08eb3cdf4 Doc change 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-09-15 11:51:53 +02:00
Maiky
15b965bb3b rename verifies() to verifiesSignature() 2023-09-15 11:45:19 +02:00
Maiky
c43d0866f6 Update ruby/ql/src/experimental/cwe-347/EmptyJWTSecret.ql 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-09-15 11:42:43 +02:00
Maiky
d4f6111621 Naming change 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-09-15 11:40:51 +02:00
Erik Krogh Kristensen
7e7852eff6 Merge pull request #13641 from erik-krogh/multi-char 
JS/RB: write qhelp for `incomplete-multi-character-sanitization`
 2023-09-14 14:48:30 +02:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
amammad
d44c9d3e74 stash 2023-09-08 05:51:21 +10:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
Alex Ford
4a01de13ef Ruby: avoid toString in query warning 2023-09-07 14:54:50 +01:00
Alex Ford
13300a2e2f Ruby: un-private PathGraph imports 2023-09-07 14:24:46 +01:00
Alex Ford
0d7d5a35c9 Ruby: Use a newtype instead of DataFlow::FlowState for code-injection 2023-09-07 13:39:10 +01:00
amammad
4191b07b1f Merge branch 'github:main' into amammad-ruby-bombs 2023-09-06 20:17:49 +10:00
github-actions[bot]
abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Alex Ford
98851736d6 Revert "Ruby: configsig rb/tainted-format-string" 
This reverts commit f5860cb4818dc3c07eeb6731e75bf5df203dd48f.
 2023-09-03 17:20:06 +01:00
Alex Ford
bf6837cca0 Revert "Ruby: configsig rb/http-to-file-access" 
This reverts commit e77ba1589663905c952cdb643ab66885760b27bd.
 2023-09-03 17:20:06 +01:00
Alex Ford
e399eac2b3 Ruby: changenote for using new dataflow api 2023-09-03 17:20:06 +01:00
Alex Ford
73ed5696f3 Ruby: configsig rb/xxe 2023-09-03 17:20:06 +01:00
Alex Ford
956207b7d9 Ruby: configsig rb/meta/tainted-nodes 2023-09-03 17:20:06 +01:00
Alex Ford
f24102e0e7 Ruby: configsig rb/weak-params 2023-09-03 17:20:06 +01:00
Alex Ford
6c06def5d7 Ruby: configsig rb/manually-checking-http-verb 2023-09-03 17:20:06 +01:00
Alex Ford
39af2d2870 Ruby: configsig rb/user-controlled-file-decompression 2023-09-03 17:20:06 +01:00
Alex Ford
cdc788b162 Ruby: configsig rb/hardcoded-credentials 2023-09-03 17:20:06 +01:00
Alex Ford
4d1684e37b Ruby: configsig rb/overly-permissive-file 2023-09-03 17:20:06 +01:00
Alex Ford
b6d12f8b1c Ruby: configsig rb/zip-slip 2023-09-03 17:20:05 +01:00
Alex Ford
ebf2a2e1f5 Ruby: configsig rb/unicode-bypass-validation 2023-09-03 17:20:05 +01:00
Alex Ford
7445fc43f9 Ruby: configsig rb/regexp-injection 2023-09-03 17:20:05 +01:00
Alex Ford
494b7b3fdf Ruby: configsig rb/polynomial-redos 2023-09-03 17:20:05 +01:00
Alex Ford
04d3d04317 Ruby: configsig rb/regex/badly-anchored-regexp 2023-09-03 17:20:05 +01:00
Alex Ford
77f3a70376 Ruby: renames for rb/xpath-injection 2023-09-03 17:20:05 +01:00
Alex Ford
42cd58695d Ruby: configsig rb/url-redirection 2023-09-03 17:20:05 +01:00
Alex Ford
f79796a644 Ruby: configsig rb/shell-command-constructed-from-input 2023-09-03 17:20:05 +01:00
Alex Ford
f03f670312 Ruby: configsig rb/html-constructed-from-input 2023-09-03 17:20:05 +01:00
Alex Ford
8ad6c72ba2 Ruby: configsig rb/unsafe-deserialization 2023-09-03 17:20:05 +01:00
Alex Ford
461bc0d359 Ruby: configsig rb/unsafe-code-construction 2023-09-03 17:20:05 +01:00
Alex Ford
3e23a6e021 Ruby: configsig rb/server-side-template-injection 2023-09-03 17:20:05 +01:00
Alex Ford
0a73ebdbee Ruby: configsig rb/tainted-format-string 2023-09-03 17:20:05 +01:00
Alex Ford
f5e433940f Ruby: renames for rb/stored-xss 2023-09-03 17:20:05 +01:00
Alex Ford
030aae5693 Ruby: configsig rb/stack-trace-exposure 2023-09-03 17:20:05 +01:00
Alex Ford
bf1cb33be3 Ruby: configsig rb/sql-injection 2023-09-03 17:20:05 +01:00
Alex Ford
ba8ff0710d Ruby: configsig rb/request-forgery 2023-09-03 17:20:05 +01:00
Alex Ford
df9173502e Ruby: configsig rb/sensitive-get-query 2023-09-03 17:20:05 +01:00
Alex Ford
593d9a48d4 Ruby: configsig rb/reflected-xss 2023-09-03 17:20:05 +01:00
Alex Ford
ad2bbfb265 Ruby: configsig rb/path-injection 2023-09-03 17:20:05 +01:00
Alex Ford
867e47bcdd Ruby: renames for rb/log-injection 2023-09-03 17:20:04 +01:00