hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-31 16:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,794 Commits 1,673 Branches 157 Tags
034db52c5ceab314eab596d424d332e08ba28301
Commit Graph

243 Commits

Author SHA1 Message Date
Ed Minnix
a36c12ff1f Add trust-boundary-violation sink kind 2023-08-17 13:05:37 -04:00
Tom Hvitved
7cc01ea8b5 Merge pull request #13595 from hvitved/csharp/use-shared-cfg-pack 
C#: Adopt shared CFG construction library from shared `controlflow` pack
 2023-08-17 10:37:09 +02:00
yoff
7f2f6f14e7 Merge pull request #13729 from yoff/python/model-aws-lambdas 
Python/JavaScript: Shared module for serverless functions
 2023-08-16 15:14:08 +02:00
yoff
99bc050366 Update shared/yaml/codeql/serverless/ServerLess.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-08-15 15:09:30 +02:00
Erik Krogh Kristensen
6a3b9e10eb Merge pull request #13914 from erik-krogh/escape-unicode 
ReDoS: escape unicode chars in the output for the ReDoS queries
 2023-08-15 11:21:21 +02:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Tom Hvitved
9b38028e25 Data flow: Fix localWriteStep consistency query 2023-08-10 15:31:04 +02:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
erik-krogh
fe542565c3 fix performance 2023-08-09 13:48:07 +02:00
erik-krogh
0bce42410a support arbitrary codepoints in NfaUtils.qll 2023-08-08 22:14:51 +02:00
erik-krogh
859e1bfabc add constraint that i should be between 0 and 65535 2023-08-08 21:11:59 +02:00
erik-krogh
0391e063ca move to4digitHex to Numbers.qll 2023-08-08 21:10:58 +02:00
Anders Schack-Mulligen
0ca3f3308b Merge pull request #13478 from aschackmull/java/varcapture 
Java: Add proper support for variable capture flow.
 2023-08-08 16:22:56 +02:00
Anders Schack-Mulligen
1cd32722be Java: More review fixes. 2023-08-08 14:32:48 +02:00
Anders Schack-Mulligen
9d59f50340 Java: Review fixes. 2023-08-08 13:37:40 +02:00
erik-krogh
03fbd387df way better hex conversion 2023-08-08 09:08:39 +02:00
erik-krogh
92db7b047c escape unicode chars in the output for the ReDoS queries 2023-08-08 00:15:54 +02:00
github-actions[bot]
79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Rasmus Lerchedahl Petersen
ef1a5cb0fa shared: change-note 2023-08-07 11:50:03 +02:00
Tom Hvitved
b926a7ebba Data flow: Update QL doc 2023-08-07 11:35:21 +02:00
Tom Hvitved
4d14311653 Data flow: Rename DataFlowParameter to InputSig 2023-08-07 11:35:21 +02:00
Tom Hvitved
6208175aa9 Data flow: Move DataFlowParameter into DataFlow.qll 2023-08-07 11:35:21 +02:00
Tom Hvitved
0d33c32d8e Data flow: Move DataFlowImpl(Common).qll into an internal folder 2023-08-07 11:35:21 +02:00
Rasmus Lerchedahl Petersen
b8717b3046 Python: remove incorrect use of "stem" 2023-08-07 11:25:31 +02:00
Mathias Vorreiter Pedersen
abe3a816ce Merge pull request #13851 from MathiasVP/sink-without-states 
DataFlow: Support stateless `isSink` in `StateConfigSig`s
 2023-08-04 18:01:42 +02:00
Mathias Vorreiter Pedersen
e066e87890 Update shared/dataflow/codeql/dataflow/DataFlowImpl.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-08-04 11:32:41 +02:00
Mathias Vorreiter Pedersen
eb19052a7d Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-08-04 11:10:12 +02:00
Mathias Vorreiter Pedersen
981f67531c DataFlow: Introduce 'revSinkNode'. 2023-08-04 11:09:08 +02:00
Tom Hvitved
b69188fee9 C#: Adopt shared CFG construction library from shared controlflow pack 2023-08-03 14:12:24 +02:00
Mathias Vorreiter Pedersen
50f5c4d5f6 DataFlow: Don't support stateless sink nodes in partial flow exploration. 2023-08-03 13:30:05 +02:00
Tom Hvitved
2ac646770e Merge ControlFlowTreeBase and AstNode 2023-08-03 10:59:26 +02:00
Tom Hvitved
525ed65b0b Rename getNode to getAstNode 2023-08-03 10:56:50 +02:00
Anders Schack-Mulligen
72171972c3 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
84316c41a3 Java: Add more qldoc. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
90052a3ca2 Java: Add proper types for capture nodes. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
e2a0849a0e Java: Add more qldoc. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
c5990311ca Java: Redesign and reimplement variable capture flow. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
f4a05c183b Shared: Add some qldoc. 2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen
15daa51ee5 Shared: Address review comments and QL4QL alerts. 2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen
d1a616a70a Java: Add proper support for variable capture flow. 2023-08-03 10:04:02 +02:00
Tom Hvitved
2f3e52646c Add class wrappers around newtype in Cfg.qll 2023-08-03 09:39:30 +02:00
Tom Hvitved
5d69e14cc1 Rename ControlFlowElement to AstNode 2023-08-03 09:39:30 +02:00
Tom Hvitved
1988397f93 Make shared CFG construction library a parameterized module 2023-08-03 09:39:30 +02:00
Tom Hvitved
5049aafdd8 Copy existing ControlFlowGraphImplShared into new shared controlflow pack 2023-08-03 09:32:37 +02:00
Mathias Vorreiter Pedersen
a5f521cfa4 DataFlow: Add change note. 2023-08-02 14:56:57 +02:00
Mathias Vorreiter Pedersen
b953c4a1cf DataFlow: Allow stateless sinks. 2023-08-02 14:31:18 +02:00
Anders Schack-Mulligen
1ad51e754e Dataflow: Rename change note to proper format. 2023-08-02 08:50:51 +02:00
Anders Schack-Mulligen
199d1431d7 Dataflow: Add change note. 2023-08-01 14:02:34 +02:00
Anders Schack-Mulligen
50e7892498 Dataflow: Autoformat/indent. 2023-08-01 13:47:08 +02:00
Anders Schack-Mulligen
d7ea60e137 Java: Move data flow lib. 2023-08-01 13:47:08 +02:00