hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
a9b7fed537 C++: Accept test changes. 2021-11-04 21:25:37 +00:00
Mathias Vorreiter Pedersen
ac90259906 C++: Teach 'getMaxConvertedLength' to use 'SimpleRangeAnalysis'. 2021-11-04 21:25:28 +00:00
Mathias Vorreiter Pedersen
693baae1ba C++: Add test cases with false positives due to missing range analysis in 'cpp/overrunning-write'. 2021-11-04 21:13:28 +00:00
Alex Ford
5f78bbbf52 add missing documentation 2021-11-04 21:07:54 +00:00
Ethan Palm
f1ac23eff5 Merge pull request #7040 from ethanpalm/extractor-options-docs 
New docs for extractor options
 2021-11-04 13:53:22 -07:00
Ethan P
fab3479f68 Fix numbered lists 2021-11-04 13:41:59 -07:00
Ethan P
457ece152a Fix list formatting 2021-11-04 13:31:52 -07:00
Ethan P
5bfe0fff89 Test using dash for LIs 2021-11-04 13:20:00 -07:00
Ethan P
10e5a8b3e5 Adjust spacing 2021-11-04 13:18:37 -07:00
Alex Ford
543bd28b03 add a change note for rb/csrf-protection-disabled 2021-11-04 20:14:54 +00:00
Ethan P
ad2b068429 fix list formatting 2021-11-04 13:05:22 -07:00
Alex Ford
d324f9397c qhelp for rb/csrf-protection-disabled 2021-11-04 19:56:56 +00:00
Alex Ford
25da904314 test cases for rb/csrf-protection-disabled 2021-11-04 19:56:56 +00:00
Alex Ford
4666024419 model some ways to configure Rails 2021-11-04 19:56:56 +00:00
Alex Ford
91f99ed2a1 model skip_forgery_protection calls in ActionController classes 2021-11-04 19:56:56 +00:00
Alex Ford
fad7e9489b Add a query to detect instances of CSRF protection being disabled 2021-11-04 19:56:55 +00:00
Ethan P
f3fda42b83 Fix link 2021-11-04 12:53:03 -07:00
Ethan Palm
f41c4702c3 Apply suggestions from code review 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
 2021-11-04 12:41:07 -07:00
Alex Ford
8a412dc5fd Add CSRFProtectionSetting concept 2021-11-04 18:18:29 +00:00
Rasmus Lerchedahl Petersen
624b794980 Python: separate taint sources in with 2021-11-04 17:06:36 +01:00
james
5ea93d6447 further imrpovements 2021-11-04 14:54:30 +00:00
Rasmus Wriedt Larsen
9e2bc41648 Python: Improve hashlib.new modeling 
By using a backwards type-tracker to find possible hashing algorithm
names.
 2021-11-04 15:36:32 +01:00
Rasmus Wriedt Larsen
9e91f3a341 Python: Highlight shortcomings of hashlib.new modeling 2021-11-04 15:29:40 +01:00
Ian Wright
95f21b5308 Merge pull request #7027 from github/z80coder/faster-callee-api-name-feature 
more efficient implementation of calleeApiName
 2021-11-04 14:23:13 +00:00
Tom Hvitved
3544c85445 Ruby: Make the target of basicStoreStep the post-update node 2021-11-04 14:21:22 +01:00
Tom Hvitved
1101b1054d Ruby: Make target of basicStoreStep a normal data flow node 2021-11-04 14:20:07 +01:00
Tom Hvitved
a56a5e4e7d Ruby: Add type tracker tests 2021-11-04 14:19:16 +01:00
james
7236f3b4b6 improve description of new option 2021-11-04 12:41:30 +00:00
james
af0f32fdb6 further changes for query help in sarif 2021-11-04 12:36:27 +00:00
Ian Wright
b8d7f52d3e format code 2021-11-04 12:28:08 +00:00
Erik Krogh Kristensen
a19627c72f optionally ignore everything after a dash 2021-11-04 13:19:44 +01:00
Erik Krogh Kristensen
02f500b9c2 Merge branch 'main' into htmlReg 2021-11-04 12:58:42 +01:00
Erik Krogh Kristensen
99f5f70345 Merge branch 'main' into protoLib 2021-11-04 12:53:53 +01:00
Erik Krogh Kristensen
bf5e36e9d4 fix docstring 
Co-authored-by: Asger F <asgerf@github.com>
 2021-11-04 12:46:24 +01:00
Mathias Vorreiter Pedersen
58f6058a63 Merge pull request #7051 from MathiasVP/better-paths-in-tests 
C++: Better `InlineExpectation` tests for path-explanations
 2021-11-04 11:35:10 +00:00
Erik Krogh Kristensen
4ba5ae09b0 add js/sensitive-get-query query 2021-11-04 12:30:44 +01:00
Arthur Baars
061fc16730 Merge pull request #7038 from aibaars/aibaars/merge-3.3-main 
Merge rc/3.3 into main
 2021-11-04 12:23:23 +01:00
Mathias Vorreiter Pedersen
0d1ff4d2ee C++: Respond to review comments and accept test changes. 2021-11-04 11:13:23 +00:00
Arthur Baars
27bbddf035 Merge pull request #6995 from aibaars/aibaars/pr-qhelp-check 
Rewrite qhelp-pr-preview.yml
 2021-11-04 11:51:14 +01:00
CodeQL CI
2895428d5b Merge pull request #6714 from valeria-meli/javascript/ssrf 
Approved by asgerf
 2021-11-04 03:10:27 -07:00
james
3bfa868105 add new option to database analyze tutorial 2021-11-04 09:53:32 +00:00
CodeQL CI
5515256e53 Merge pull request #7044 from asgerf/js/proto-pollution-fps 
Approved by erik-krogh
 2021-11-04 02:45:46 -07:00
Tony Torralba
f4704f1325 Merge pull request #6397 from atorralba/atorralba/android-intent-redirect-query 
Java: Create new Android Intent Redirection query
 2021-11-04 10:42:59 +01:00
Tony Torralba
fd92c4e435 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-11-04 10:08:53 +01:00
Mathias Vorreiter Pedersen
ae4b6c54bc C++: Change the structure of the 'annotate_path_to_sink' tests to better test path-explanations. 2021-11-03 20:32:05 +00:00
Mathias Vorreiter Pedersen
e9b114630a Merge pull request #6948 from ihsinme/ihsinme-patch-076 
CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory
 2021-11-03 18:50:13 +00:00
ihsinme
aef0275b3c Update IncorrectChangingWorkingDirectory.expected 2021-11-03 20:45:38 +03:00
Arthur Baars
7b4460edb7 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-11-03 18:42:49 +01:00
Tom Hvitved
d00196f6be Merge pull request #7048 from hvitved/ruby/remove-node-predicates 
Ruby: Remove `Node::getEnclosingCallable` and `ParameterNode::isParameterOf`
 2021-11-03 17:46:16 +01:00
Ethan P
0894e81ce4 add missing backtick 2021-11-03 09:21:24 -07:00