Erik Krogh Kristensen
|
1500fa5f67
|
Merge pull request #10663 from pwntester/restify_improvements
Javascript: Improve Restify support and add new Spife support
|
2022-12-15 11:08:22 +01:00 |
|
Michael Nebel
|
a67e02df21
|
Merge pull request #11691 from michaelnebel/renameextensibles
C#/Java: Rename externalflow extensible predicates
|
2022-12-15 11:05:22 +01:00 |
|
Michael Nebel
|
12c1ebd81c
|
C#/Java: Add change note.
|
2022-12-15 09:41:14 +01:00 |
|
Erik Krogh Kristensen
|
55558120d9
|
add explicit this
|
2022-12-14 20:59:28 +01:00 |
|
Jami
|
33955ee4ab
|
Merge pull request #11623 from jcogs33/jcogs33/exclude-funcexpr-from-dataflowtargetapi
Java/C#: exclude `FunctionalExpr`s from `DataFlowTargetApi`
|
2022-12-14 12:22:50 -05:00 |
|
Owen Mansel-Chan
|
8703da9db6
|
Merge pull request #11698 from owen-mc/go/fix-test-to-do-what-it-says
Fix test to use `hasQualifiedName/2`
|
2022-12-14 17:11:58 +00:00 |
|
Alvaro Muñoz
|
f46a8faf00
|
port RouteSetup API-based implementation to DataFlow one
|
2022-12-14 17:37:32 +01:00 |
|
Owen Mansel-Chan
|
6ef677b606
|
Fix test to use hasQualifiedName/2
|
2022-12-14 15:20:02 +00:00 |
|
Asger F
|
a92acf5218
|
Merge pull request #11689 from asgerf/js/missing-csrf-qhelp
JS: Update MissingCsrfMiddleware after 'csurf' deprecation
|
2022-12-14 15:50:32 +01:00 |
|
Alvaro Muñoz
|
818c2da1aa
|
fix Spife tests (without heuristics)
|
2022-12-14 15:42:27 +01:00 |
|
Alvaro Muñoz
|
4cf7299d79
|
restore Spife.qll to working status
|
2022-12-14 15:41:53 +01:00 |
|
Alvaro Muñoz
|
14faff4477
|
fix restify tests
|
2022-12-14 15:38:35 +01:00 |
|
Owen Mansel-Chan
|
38369a72dc
|
Merge pull request #11696 from github/smowton-patch-1
go: fix bug in zip-slip example fix
|
2022-12-14 14:31:58 +00:00 |
|
Michael Nebel
|
fe3c8613cd
|
Java: Fix name of extensible in java integration test.
|
2022-12-14 15:25:47 +01:00 |
|
Chris Smowton
|
5799287a2b
|
go: fix bug in zip-slip example fix
|
2022-12-14 13:51:32 +00:00 |
|
Jami
|
b248b44983
|
Merge pull request #11668 from jcogs33/jcogs33/update-isjdkinternal
Java: update `isJdkInternal`
|
2022-12-14 08:33:18 -05:00 |
|
Erik Krogh Kristensen
|
7615668f92
|
Merge pull request #11662 from erik-krogh/c-useInstanceOf
Swift/C++: Use instanceof in more places
|
2022-12-14 14:30:21 +01:00 |
|
Jami
|
f61b817751
|
Merge pull request #11631 from jcogs33/jcogs33/update-externalapi-charpredicate
Java/C#: add `isUninteresting` to `ExternalApi` characteristic predicate
|
2022-12-14 08:25:02 -05:00 |
|
Owen Mansel-Chan
|
0b849a319b
|
Merge pull request #11587 from owen-mc/go/remove-error-expr-from-dbscheme
Go: Remove @errorexpr from the dbscheme (use @badexpr)
|
2022-12-14 13:15:04 +00:00 |
|
Anders Schack-Mulligen
|
598b4c38b7
|
Merge pull request #11619 from aschackmull/java/typetrack-lambda
Java: Switch DispatchFlow to typetracking.
|
2022-12-14 14:08:29 +01:00 |
|
Michael Nebel
|
bc02adb400
|
Java: Make the corresponding rename in all the data extensions.
|
2022-12-14 13:48:31 +01:00 |
|
Michael Nebel
|
b45d079a01
|
Java: Move and rename externalflow related extensible predicates.
|
2022-12-14 13:43:34 +01:00 |
|
Michael Nebel
|
9fc1b3ac82
|
C#: Rename predicates in tests.
|
2022-12-14 13:43:34 +01:00 |
|
Michael Nebel
|
b5e7ba6135
|
C#: Rename extensible predicate in data extension definitions.
|
2022-12-14 13:43:34 +01:00 |
|
Michael Nebel
|
596c2c0345
|
C#/Java: Rename the modelgenerator and converter predicate names.
|
2022-12-14 13:43:34 +01:00 |
|
Michael Nebel
|
6d7401de7d
|
C#: Rename the extensible predicates related to external flow.
|
2022-12-14 13:43:34 +01:00 |
|
Alvaro Muñoz
|
e1f05e960d
|
Merge branch 'restify_improvements' of https://github.com/pwntester/codeql into restify_improvements
|
2022-12-14 13:11:13 +01:00 |
|
Alvaro Muñoz
|
a71fc930a6
|
add tests
|
2022-12-14 13:11:02 +01:00 |
|
Tom Hvitved
|
25b2d11368
|
Merge pull request #11635 from hvitved/dataflow/approx-content
Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3
|
2022-12-14 12:56:50 +01:00 |
|
Asger F
|
b63c658e3b
|
JS: recognize tiny-csrf
|
2022-12-14 12:30:15 +01:00 |
|
Asger F
|
162419138d
|
JS: Replace csurf -> lusca.csrf from example and qhelp
|
2022-12-14 12:30:15 +01:00 |
|
Owen Mansel-Chan
|
3c6f466e78
|
Include downgrade scripts in extractor pack
|
2022-12-14 10:46:20 +00:00 |
|
Owen Mansel-Chan
|
14e6f9fee2
|
Remove @errorexpr from the dbscheme (use @badexpr)
|
2022-12-14 10:46:19 +00:00 |
|
Henry Mercer
|
6023a1225c
|
Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4
JS: Bump version numbers of ML-powered packs after 0.4.4 release
|
2022-12-14 10:27:00 +00:00 |
|
Alvaro Muñoz
|
701676eea1
|
Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2022-12-14 10:18:47 +01:00 |
|
Tamás Vajk
|
a6d227d52e
|
Merge pull request #11599 from igfoo/igfoo/diags
Java/Kotlin: Update the diagnostic severity documentation
|
2022-12-14 10:13:30 +01:00 |
|
Michael Nebel
|
54701f539e
|
Merge pull request #11683 from github/workflow/coverage/update
Update CSV framework coverage reports
|
2022-12-14 09:41:23 +01:00 |
|
Paolo Tranquilli
|
a80e9206c8
|
Merge pull request #11639 from github/alexdenisov/switch-to-bootstrapped-swift
Swift: switch to bootstrapped Swift compiler
|
2022-12-14 09:04:19 +01:00 |
|
github-actions[bot]
|
d905bed92f
|
Add changed framework coverage reports
|
2022-12-14 00:17:01 +00:00 |
|
Jami Cogswell
|
c956589945
|
Java: remove dot before percent
|
2022-12-13 17:46:20 -05:00 |
|
Jami Cogswell
|
dee251e5d6
|
Java: update isJdkInternal
|
2022-12-13 17:46:20 -05:00 |
|
Jami
|
11bd35661c
|
Merge branch 'main' into jcogs33/exclude-funcexpr-from-dataflowtargetapi
|
2022-12-13 17:10:39 -05:00 |
|
Erik Krogh Kristensen
|
8a89849476
|
Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf
Py/JS/RB: Use instanceof in more places
|
2022-12-13 21:50:13 +01:00 |
|
Tamás Vajk
|
8e500ec0f3
|
Merge pull request #11675 from tamasvajk/kotlin-error-expr-consistency
Kotlin: Report CFG dead end consistency issues on `ErrorExpr`
|
2022-12-13 20:22:47 +01:00 |
|
Edward Minnix III
|
a85de2b5f4
|
Merge pull request #10865 from egregius313/egregius313/android-activity-alias
Java: Add library support for activity-alias elements in AndroidManifest.qll
|
2022-12-13 11:52:01 -05:00 |
|
Jami Cogswell
|
a889cc4f65
|
Java/C#: remove isTestLibrary
|
2022-12-13 10:34:04 -05:00 |
|
Jami
|
9b0163ce22
|
Merge pull request #11624 from jcogs33/jcogs33/exclude-paramless-constructors-from-dataflowtargetapi
Java/C#: exclude parameterless constructors from `DataFlowTargetApi`
|
2022-12-13 10:05:57 -05:00 |
|
Jami Cogswell
|
91c1ec3be6
|
C#: exclude AnonymousFunctionExpr from DataFlowTargetApi
|
2022-12-13 09:54:05 -05:00 |
|
Jami Cogswell
|
1c06378a53
|
Java: exclude FunctionalExprs from DataFlowTargetApi
|
2022-12-13 09:54:05 -05:00 |
|
Tamas Vajk
|
5cc2868857
|
Kotlin: Report CFG dead end consistency issues on ErrorExpr
|
2022-12-13 15:51:33 +01:00 |
|