34206 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Harry Maclean	167bda2d4e	Ruby: Add QLDoc for InsecureDependencyQuery.qll	2022-03-30 13:50:12 +13:00
Harry Maclean	d13bbbaf35	Ruby: Add change note for rb/insecure-dependency	2022-03-30 13:39:35 +13:00
Harry Maclean	37cedda63a	Ruby: Add InsecureDependencyResolution query ... This query looks for places in a Gemfile where URLs with insecure protocols (HTTP or FTP) are specified.	2022-03-30 13:39:15 +13:00
Robert Marsh	8d21c8b7c5	Merge pull request #8423 from 4B5F5F4B/main ... [CPP][Linux Kernel]Add ql to detect CVE-2017-5123	2022-03-29 15:10:15 -04:00
Jeroen Ketema	e5ac492b62	Merge pull request #8593 from jketema/pointless-options ... C++: Remove debugging options from library tests	2022-03-29 17:55:47 +02:00
Jeroen Ketema	d1857a9e37	C++: Remove debugging options from library tests	2022-03-29 17:24:18 +02:00
Michael Nebel	c3ac5aba57	Merge pull request #8482 from michaelnebel/csharp/capturesourcesink-models ... C#: Capture[Source|Sink]Models utility.	2022-03-29 14:43:10 +02:00
Asger F	68575f3655	Merge pull request #8579 from asgerf/js/literal-csv-rows ... JS: write all CSV rows as literals	2022-03-29 11:13:19 +02:00
Michael Nebel	8e60073d5a	Java: Remove dataflow imports for java.qll.	2022-03-29 11:07:58 +02:00
Michael Nebel	f734edf8ff	C#/Java: Minor refactor and re-arranging of code to align the CaptureModel specific implementations.	2022-03-29 11:07:58 +02:00
Michael Nebel	dd267b353a	C#: Move isRelevantMemberAccess out of PropagateToSinkConfigurationSpecific.	2022-03-29 11:07:58 +02:00
Michael Nebel	3933dfa78e	Java: Make imports private and add parts of the dataflow library to java.qll (same as in C#).	2022-03-29 11:07:58 +02:00
Michael Nebel	ad90c55bc6	C#: Improve encapsulation in CaptureModelsSpecific.	2022-03-29 11:07:57 +02:00
Michael Nebel	26d5eb64b3	C#/Java: Initial merge ModelGeneratorUtils into CaptureModels.	2022-03-29 11:07:57 +02:00
Michael Nebel	9b7691a5fc	C#/Java: Address comments on re-exposing functionality.	2022-03-29 11:07:57 +02:00
Michael Nebel	1710b66003	C#/Java: Some minor variable name changes and QL Doc updates.	2022-03-29 11:07:57 +02:00
Michael Nebel	4298024cd6	C#: Refactor isRelevantForModels.	2022-03-29 11:07:57 +02:00
Michael Nebel	5970fd9904	C#: Also include property reads in possible new sink discovery. Only include public fields and properties.	2022-03-29 11:07:57 +02:00
Michael Nebel	8a65efbae4	C#/Java: Add isRelevantSinkKind predicate with language specific implementation.	2022-03-29 11:07:57 +02:00
Michael Nebel	0009d781d7	Java: Make most imports private.	2022-03-29 11:07:57 +02:00
Michael Nebel	1c7d764d54	C#: Make most module imports private.	2022-03-29 11:07:57 +02:00
Michael Nebel	ad27a5a1a6	C#/Java: Add some more QL Doc to the CaptureModels[Specific] implementation.	2022-03-29 11:07:57 +02:00
Michael Nebel	62dcbff67f	C#: Update sync files config.	2022-03-29 11:07:57 +02:00
Michael Nebel	5d62c48890	C#/Java: Move libraries to internal folder as these are for internal use only.	2022-03-29 11:07:57 +02:00
Michael Nebel	3d2ce57c9e	Java: Collapse all the specific code for summary, source and sink models into a single file.	2022-03-29 11:07:57 +02:00
Michael Nebel	43c9f9d7bb	C#: Collapse all the specific code for summary, source and sink models into a single file.	2022-03-29 11:07:57 +02:00
Michael Nebel	852d8a2770	Java: Collapse all the shared code for summary, source and sink models into a single file.	2022-03-29 11:07:57 +02:00
Michael Nebel	4f2227f206	C#: Collapse all the shared code for summary, source and sink models into a single file.	2022-03-29 11:07:57 +02:00
Michael Nebel	79fd2e6a40	C#/Java: Make configurations private and sprinkle some QL Doc.	2022-03-29 11:07:57 +02:00
Michael Nebel	6194d5cf63	C#: Add test for CaptureSinkModel query.	2022-03-29 11:07:57 +02:00
Michael Nebel	5babb0e66a	C#: Update stubs to include one more known sink method.	2022-03-29 11:07:57 +02:00
Michael Nebel	858508fa33	C#: Make sure that language independent parts of CaptureSinkModels is in sync.	2022-03-29 11:07:57 +02:00
Michael Nebel	db21a6a0f3	C#: Add CaptureSummaryModels query.	2022-03-29 11:07:57 +02:00
Michael Nebel	fb2a7dfb48	Java: Refactor CaptureSinkModels into language specific and generic part.	2022-03-29 11:07:57 +02:00
Michael Nebel	cc5fbbb7c5	Java: Minor cleanup in CaptureSinkModels.	2022-03-29 11:07:56 +02:00
Michael Nebel	cc4e26466f	C#: Add test case for CaptureSummaryModels query.	2022-03-29 11:07:56 +02:00
Michael Nebel	b4efd0e154	C#: Make sure that the shared CaptureSummaryModel is in sync.	2022-03-29 11:07:56 +02:00
Michael Nebel	4ae5dc323f	C#: Add CaptureSourceModel query.	2022-03-29 11:07:56 +02:00
Michael Nebel	45234b1631	Java: Refactor CaptureSourceModel to enable re-use.	2022-03-29 11:07:56 +02:00
Michael Nebel	f00837578b	Java: isPublic and fromSource check as this is already ensured by the TargetApi characteristic predicate.	2022-03-29 11:07:56 +02:00
Michael Nebel	f42ed1e3ad	Java: Cleanup imports in CaptureSourceModels.	2022-03-29 11:07:56 +02:00
4B5F5F4B	9358b824c0	modify select clause to make codeql happy:)	2022-03-29 10:41:12 +08:00
Asger Feldthaus	e152416317	JS: write all CSV rows as literals	2022-03-28 15:30:18 +02:00
Asger F	e5f2b830f3	Merge pull request #8577 from asgerf/fix-mad-warning ... JS/Ruby: Fix regexp in MaD checking	2022-03-28 15:29:16 +02:00
Asger F	f22df765ed	Merge pull request #8533 from asgerf/mad-receiver-token ... JS/Ruby: Represent non-positional arguments with Argument/Parameter tokens	2022-03-28 15:28:52 +02:00
Asger Feldthaus	0b30ecf36a	Ruby: add select clause back to Summaries.ql	2022-03-28 13:57:50 +02:00
Asger Feldthaus	d5bcd14733	Sync ApiGraphModels.qll	2022-03-28 12:43:55 +02:00
Asger Feldthaus	7e6206ed36	JS: Fix the regexp for valid MaD token arguments	2022-03-28 12:43:43 +02:00
Arthur Baars	af1d949d06	Merge pull request #8489 from aibaars/regex-refactor ... Ruby: refactor regex libraries	2022-03-28 12:17:00 +02:00
Erik Krogh Kristensen	c98d024c0e	Merge pull request #8575 from erik-krogh/qlFixTypo ... QL: fix Import::getImportString	2022-03-28 11:41:59 +02:00