hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marcono1234
020aa4d94c Java: Address feedback and fix test failures 2021-09-16 14:10:48 +01:00
Marcono1234
58d2d5d14e Java: Replace incorrect usage of Literal.getLiteral() 2021-09-16 14:10:48 +01:00
haby0
0277601705 Eliminate false positives caused by . 2021-09-16 20:59:34 +08:00
Rasmus Lerchedahl Petersen
72bf390ec5 Merge branch 'main' of github.com:github/codeql into python/promote-regex-injection 2021-09-16 14:50:17 +02:00
Tom Hvitved
1c1c46591e Merge pull request #6708 from hvitved/python/files-folders-drop-columns 
Python: Drop redundant columns from `files` and `folders` relations
 2021-09-16 14:42:15 +02:00
Tom Hvitved
1fd91ab9bd Merge pull request #295 from github/hvitved/remove-numlines 
No longer create redundant `numlines` relation
 2021-09-16 13:21:20 +02:00
Tom Hvitved
9f10018d48 Address review comment 2021-09-16 13:11:03 +02:00
Taus
783233dfe4 Merge pull request #6696 from yoff/python/copy-multiples-performance-fix-from-ruby 
Python: Copy performance fix for `multiples` from ruby
 2021-09-16 13:01:07 +02:00
Tom Hvitved
464b50231b DB upgrade script 2021-09-16 12:57:32 +02:00
Tony Torralba
f18c163408 Improve handling of the 'author' word as an exception 2021-09-16 11:57:28 +02:00
Tony Torralba
8022530f34 Merge pull request #5983 from atorralba/atorralba/promote-insecure-basic-auth 
Java: Promote Insecure Basic Authentication query from experimental
 2021-09-16 11:45:30 +02:00
Tom Hvitved
fd04baa9fe No longer create redundant numlines relation 2021-09-16 11:43:13 +02:00
Anders Schack-Mulligen
28e5dcef52 Java: Add container flow to the local taint flow relation. 2021-09-16 11:14:30 +02:00
Tom Hvitved
37ec83a68b Python: Upgrade script 2021-09-16 10:51:27 +02:00
Tom Hvitved
94b5c4eada Python: Drop redundant columns from files and folders relations 2021-09-16 10:51:27 +02:00
Benjamin Muskalla
d3caa80274 Merge pull request #6706 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-09-16 09:58:19 +02:00
Tamas Vajk
f015cea590 Merge branch 'main' into feature/service-stack 2021-09-16 09:42:42 +02:00
Tamas Vajk
05dd3fa0e7 Adjust review findings 2021-09-16 09:42:38 +02:00
Erik Krogh Kristensen
0198cf6318 Merge pull request #6704 from erik-krogh/fix-upgrade 
JS: fix dbsheme upgrade from TypeScript 4.4 PR
 2021-09-16 08:34:58 +02:00
Anders Schack-Mulligen
236ffc8972 Merge pull request #6700 from aschackmull/dataflow/subpaths-joinorder 
Dataflow: Fix bad joinorder in subpaths
 2021-09-16 08:22:59 +02:00
github-actions[bot]
563878d28d Add changed framework coverage reports 2021-09-16 00:08:03 +00:00
Erik Krogh Kristensen
5c73fed83a fix dbsheme upgrade from TypeScript 4.4 PR 2021-09-15 22:38:27 +02:00
Alex Ford
e89d485bc0 update test output (subpaths) 2021-09-15 20:51:14 +01:00
Alex Ford
773291e4c3 Put exprNodeReturnedFrom predicate in DataFlowDispatch.qll 2021-09-15 20:50:46 +01:00
Alex Ford
e80faa017c Fix rb/reflected-xss flow from helper method return values 2021-09-15 20:50:46 +01:00
Alex Ford
35da921deb format 2021-09-15 20:50:46 +01:00
Alex Ford
50b0bb8b36 Restrict rb/reflected-xss instance variable taint edges 2021-09-15 20:50:46 +01:00
Alex Ford
5cfefb1027 Add some more test cases for rb/reflected-xss 2021-09-15 20:50:46 +01:00
Alex Ford
6cc82d46f3 Fix LinkToCallArgumentAsSink matching when link_to is passed a block 2021-09-15 20:50:46 +01:00
Alex Ford
200c8f2493 Add some HTMLEscaping implementations for Rails 2021-09-15 20:50:46 +01:00
Alex Ford
2e65f9b80e update some comments referencing view components 2021-09-15 20:50:46 +01:00
Alex Ford
98fd0e1c24 Update ql/src/queries/security/cwe-079/ReflectedXSS.qhelp 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
0689e6095e make a type more specific 2021-09-15 20:50:46 +01:00
Alex Ford
ed708c1903 Update ql/src/queries/security/cwe-079/ReflectedXSS.qhelp 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
eed87b3319 Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
205b141482 format 2021-09-15 20:50:46 +01:00
Alex Ford
76864a82be remove an incorrect test case 2021-09-15 20:50:46 +01:00
Alex Ford
3445a6a5e7 fix flow steps from controller instance var assignement to view read access 2021-09-15 20:50:46 +01:00
Alex Ford
b993723595 remove spurious ivar -> locals hash mapping (actionview/controller) 2021-09-15 20:50:46 +01:00
Alex Ford
3430a46440 fix some local variable mappings between view and controller 2021-09-15 20:50:46 +01:00
Alex Ford
b264a05288 Update ql/lib/codeql/ruby/security/ReflectedXSSCustomizations.qll 
Co-authored-by: Harry Maclean <hmac@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
dbb239b04e reorder and format rb/reflected-xss qhelp 2021-09-15 20:50:46 +01:00
Alex Ford
d71dd3f6c7 rb/reflected-xss 2021-09-15 20:50:46 +01:00
Robert Marsh
c85cc1455b C++: accept changes to new ExecTainted test 2021-09-15 11:27:13 -07:00
Ethan P
080867a390 Add reviewer feedback 2021-09-15 11:19:41 -07:00
Robert Marsh
a3e1f54e33 C++: Refactor models to prevent IR reevaluation 2021-09-15 10:55:56 -07:00
Robert Marsh
509a3493b6 C++: support new subpaths predicate in ExecTainted 2021-09-15 10:55:56 -07:00
Robert Marsh
09ef8f639e C++: Improve performance by restricting isSource 2021-09-15 10:55:55 -07:00
Robert Marsh
83cc098412 C++: accept test output 2021-09-15 10:55:55 -07:00
Robert Marsh
3cd08bc724 C++: autoformat Printf.qll 2021-09-15 10:55:55 -07:00