codeql

mirror of https://github.com/github/codeql.git synced 2026-05-31 03:21:23 +02:00

Author	SHA1	Message	Date
Max Schaefer	1555a52bee	Revert "JS: Recognize DomSanitizer from @angular/core" This reverts commit `ff1d0cc4c7`.	2022-04-22 13:06:44 +00:00
Henry Mercer	2d7a1a2f10	Remove NoSQL sinks since September 2018	2022-04-22 13:06:44 +00:00
Esben Sparre Andreasen	e3d42cee2d	Remove additional Xss sinks	2022-04-22 13:06:44 +00:00
Esben Sparre Andreasen	8d440c3f38	Remove additional SQL sinks	2022-04-22 13:06:43 +00:00
Esben Sparre Andreasen	1b01fd8776	Remove additional path-injection sinks	2022-04-22 13:06:43 +00:00
Esben Sparre Andreasen	3bcf967439	Remove pseudo-properties	2022-04-22 13:06:43 +00:00
Esben Sparre Andreasen	feee7c815a	Remove 2020 sinks from SqlInjection.ql	2022-04-22 13:06:43 +00:00
Esben Sparre Andreasen	345ed5a1e1	Remove 2020 sinks from Xss.ql	2022-04-22 13:06:43 +00:00
Esben Sparre Andreasen	f8bfc1bc37	Remove 2020 sinks from TaintedPath.ql	2022-04-22 13:06:43 +00:00
Erik Krogh Kristensen	c1798c4ebd	remove redundant extends clause	2022-04-21 09:13:18 +02:00
Erik Krogh Kristensen	6007dfa101	fix qldoc in StoredXssCustomizations Co-authored-by: Asger F <asgerf@github.com>	2022-04-21 09:11:08 +02:00
Erik Krogh Kristensen	b9a7c563d1	fix typo in change note Co-authored-by: Asger F <asgerf@github.com>	2022-04-21 09:09:56 +02:00
Erik Krogh Kristensen	7e73ecceab	add change-note	2022-04-20 23:31:42 +02:00
Erik Krogh Kristensen	06394c8dc6	move storedXss sources to the Customizations file	2022-04-20 18:17:49 +02:00
Erik Krogh Kristensen	58fcdbc406	QL: remove some benign results from ql/abstract-class-import	2022-04-20 18:17:08 +02:00
Erik Krogh Kristensen	81ce8ac715	ATM: fix compiler warnings about unused variables	2022-04-20 18:10:59 +02:00
Erik Krogh Kristensen	4bc36d82f6	update expected output for ATM	2022-04-20 18:10:56 +02:00
Erik Krogh Kristensen	c1c66a0200	refactor CountAlertAndEndpoints to not refer to deprecated files	2022-04-20 18:10:56 +02:00
Erik Krogh Kristensen	c5f7df17ee	add .actual files to .gitignore for ATM tests	2022-04-20 18:10:56 +02:00
Erik Krogh Kristensen	1c5d59f885	fix an instance of ql/acronyms-should-be-pascal-case	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	ea6b68fc59	add missing qldoc	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	12e60c7a06	move TypeTestGuard to the Query.qll file	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	b1bad271d5	only activate the PrefixString label in Query.qll files	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	8a5b1668f9	move initialization of sanitizer-guards to Query.qll files	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	73dbe44824	remove dead import	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	8d3bd9d7cd	move the ExceptionXss sources into the Customizations file	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	25708c5091	move the XssThroughDom sources into the Customizations file	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	ad14bbae90	create a customizations file for StoredXss	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	162a4992a5	move the ReflectedXss sources/sinks into the Customizations file	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	173e1d0262	move the DomBasedXss sources/sinks into the Customizations file	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	9631b68de9	move LocalUrlSanitizingGuard out of the customizations file	2022-04-20 18:10:52 +02:00
Arthur Baars	040dd09c5a	Merge pull request #8718 from github/sj/codeowners-pms Update CODEOWNERS for documentation and license changes	2022-04-20 18:08:43 +02:00
Arthur Baars	98df392b4f	Merge pull request #8719 from github/sj/update-readme-license-explanation Update README to clarify license explanation	2022-04-20 18:07:00 +02:00
AlexDenisov	a187939424	Merge pull request #8784 from AlexDenisov/alexdenisov/swift-package-test-sdk Swift: package test SDK	2022-04-20 16:07:40 +02:00
Bas van Schaik	732a2c32a8	Update README.md	2022-04-20 15:03:49 +01:00
Anders Schack-Mulligen	677c436e99	Merge pull request #8703 from aschackmull/dataflow/revert-state-in-out-barriers Dataflow: Revert support for flow-state based in-/out-barriers	2022-04-20 14:54:02 +02:00
Nick Rolfe	3d109a4051	Merge pull request #8777 from github/nickrolfe/post_update_node Ruby: make PostUpdateNode public	2022-04-20 12:04:37 +01:00
Alex Denisov	682c910d49	Swift: package test SDK	2022-04-20 12:35:19 +02:00
Asger F	e60475618d	Merge pull request #8728 from asgerf/ql/library-coverage QL: Add facilities for data flow	2022-04-20 11:40:18 +02:00
Nick Rolfe	f1b8af1db9	Ruby: rename PostUpdateNode::Range to PostUpdateNodeImpl	2022-04-20 10:35:40 +01:00
Anders Schack-Mulligen	cb898ae03f	Merge pull request #8701 from aschackmull/doc/any-none Doc: Add any() and none() to the language reference.	2022-04-20 10:49:42 +02:00
yoff	0c7130602a	Merge pull request #8731 from RasmusWL/delete-old-readme Python: Delete old dataflow readme	2022-04-20 10:36:12 +02:00
yoff	a66153d73e	Merge pull request #8733 from RasmusWL/split-dataflow-private Python: Split `DataFlowPrivate`	2022-04-20 10:21:05 +02:00
Erik Krogh Kristensen	10130eef6d	Merge pull request #8678 from erik-krogh/fileSource JS: Add files as a source for `js/xss-through-dom`	2022-04-20 09:18:38 +02:00
Felicity Chapman	b10e7300ae	Update docs/codeql/ql-language-reference/formulas.rst	2022-04-19 17:29:31 +01:00
Nick Rolfe	c02670aca2	Ruby: make PostUpdateNode public	2022-04-19 17:12:51 +01:00
Felicity Chapman	d663102ffb	Update docs/codeql/ql-language-reference/formulas.rst	2022-04-19 16:57:05 +01:00
Felicity Chapman	6fbe227cbc	Try to fix Sphinx warning in formulas.rst	2022-04-19 16:36:42 +01:00
Stephan Brandauer	2fb3147b7b	Merge pull request #8430 from kaeluka/js/CVE-2022-24718 JS: Add taint step for handlebars model	2022-04-19 15:57:58 +01:00
Michael Nebel	91324d40b5	Merge pull request #8659 from michaelnebel/csharp/capturemodelsmetadata C#: Add kind tag to Capture model queries.	2022-04-19 16:39:03 +02:00

1 2 3 4 5 ...

34723 Commits