hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 00:27:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,918 Commits 1,673 Branches 157 Tags
17565cde751bcb39e2b77bf77f0dcee264690c63
Commit Graph

57918 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maiky
17565cde75 Add JWT Security Queries 2023-08-25 21:28:53 +02:00
Jeroen Ketema
cf53956d39 Merge pull request #14021 from jketema/non-const-format-test 
C++: Add `cpp/non-constant-format` test
 2023-08-22 17:38:45 +02:00
Jeroen Ketema
6566b91355 C++: Add indication that the test result is good 2023-08-22 16:38:46 +02:00
Robert Marsh
5734e475d4 Merge pull request #14014 from rdmarsh2/rdmarsh2/swift/keypath-force-steps 
Swift: flow through keypath optional components
 2023-08-22 10:35:36 -04:00
Jeroen Ketema
1e8daff02a C++: Add cpp/non-constant-format test 2023-08-22 16:23:47 +02:00
Robert Marsh
e94781fa8f Swift: fix comment 2023-08-22 13:27:17 +00:00
Tamás Vajk
afe1e9c453 Merge pull request #13957 from tamasvajk/razor-standalone-2 
C#: Generate source files from cshtml files in standalone
 2023-08-22 14:22:11 +02:00
Michael Nebel
fe36230061 Merge pull request #14015 from michaelnebel/csharp/vscodesettings 
C#: Update of VS Code settings.
 2023-08-22 14:16:31 +02:00
Tom Hvitved
31738a37ae Merge pull request #14016 from hvitved/csharp/codeql-threads 
C#: Respect `$CODEQL_THREADS` environment variable
 2023-08-22 13:04:48 +02:00
yoff
00c0ebe9e4 Merge pull request #13738 from RasmusWL/path-steps 
Python: Include all assignments in data flow paths
 2023-08-22 11:58:11 +02:00
Michael Nebel
2b718fbc62 Merge pull request #13995 from michaelnebel/csharp/refactorimports 
C#: Re-factor imports.
 2023-08-22 11:52:02 +02:00
Tom Hvitved
6bb37ca465 C#: Respect $CODEQL_THREADS environment variable 2023-08-22 11:46:03 +02:00
Michael Nebel
b4c903fd15 C#: tasks.json no longer needed if C# Dev kit is installed. 2023-08-22 11:45:53 +02:00
Michael Nebel
8441b54bd8 C#: Set the extractor solution file as the default solution for the C# Dev Kit and add config for the Format usings plugin. 2023-08-22 11:35:47 +02:00
Michael Nebel
e9b1c933ed C#: Recommend the C# Dev Kit and C# Format usings plugins. 2023-08-22 11:34:50 +02:00
Tom Hvitved
5192d7c137 Merge pull request #13997 from hvitved/ruby/type-tracking-splats 
Ruby: Include more (hash) splat flow in type tracking
 2023-08-22 11:33:39 +02:00
Tom Hvitved
3f54ecbcc2 Update ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll 
Co-authored-by: Harry Maclean <hmac@github.com>
 2023-08-22 11:18:12 +02:00
Anders Schack-Mulligen
bdc5f9cdea Merge pull request #14012 from knewbury01/knewbury01/add-sanitizer-command-query 
Java: add sanitizer to command injection query
 2023-08-22 08:40:49 +02:00
Michael Nebel
ce6fd8ac5f Merge pull request #13432 from michaelnebel/updateissupported 
Java/C#: Update telemetry queries to report callables with sink/source neutrals as being supported.
 2023-08-22 08:39:38 +02:00
Sid Shankar
a9ea61f0b2 Merge pull request #14001 from github/sidshank/clarify-js-and-ts-requirements 
Clarify system requirements for TypeScript extraction
 2023-08-21 20:59:11 -04:00
Robert Marsh
a335ece5e5 Swift: change note for keypath optional flows 2023-08-21 20:11:37 +00:00
Robert Marsh
1634fa2e25 Swift: support for optional chaining in keypaths 2023-08-21 20:09:28 +00:00
Robert Marsh
81bf415b50 Swift: modify test so implicit read isn't needed at sink 2023-08-21 20:08:30 +00:00
Robert Marsh
246d5c530e Swift: flow through keypath force components 2023-08-21 19:07:40 +00:00
Henry Mercer
5a76b9f59e Merge pull request #14010 from github/henrymercer/cs/add-alias 
C#: Add "c#" alias to language pack
 2023-08-21 18:26:54 +01:00
Kristen Newbury
5e01e1d464 Java: add sanitizer to command injection query 2023-08-21 12:33:05 -04:00
Mathias Vorreiter Pedersen
e1ed49f3ac Merge pull request #14011 from github/revert-13991-redsun82/swift-use-concepts 
Revert "Swift: use C++20 constraints and concepts to simplify code"
 2023-08-21 17:21:42 +01:00
Paolo Tranquilli
1daedd9fb6 Revert "Swift: use C++20 constraints and concepts to simplify code" 2023-08-21 17:40:15 +02:00
Henry Mercer
cbce0736c2 C#: Add "c#" alias to language pack 
This will allow users to reference the C# extractor using
`--language c#` in future versions of the CLI.
 2023-08-21 16:27:39 +01:00
Tamas Vajk
2575db356d Improve code quality: fix review findings 2023-08-21 16:07:56 +02:00
Paolo Tranquilli
6d85d0d0f7 Merge pull request #13991 from github/redsun82/swift-use-concepts 
Swift: use C++20 constraints and concepts to simplify code
 2023-08-21 15:45:44 +02:00
Tom Hvitved
12d1d04592 Merge pull request #13983 from hvitved/dataflow/reduced-dispatch-early-join 
Data flow: Earlier call-context based dispatch filtering
 2023-08-21 13:20:08 +02:00
Tom Hvitved
1b4520b058 Data flow: Update QL doc 2023-08-21 12:56:37 +02:00
Sid Shankar
671eb0f82f Updates requirements for TypeScript only 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-08-21 06:51:30 -04:00
Jeroen Ketema
2d0f73d7c2 Merge pull request #13881 from jketema/shared-taint-tracking 
Introduce shared taint tracking library
 2023-08-21 12:45:49 +02:00
Rasmus Wriedt Larsen
c8c69aac9b Merge pull request #13561 from amammad/amammad-python-WebAppsConstatntSecretKeys 
Python: Flask & Django Constant Secret Key initialization
 2023-08-21 11:39:19 +02:00
Tamas Vajk
b5cdaa2f94 Fix compile issues after rebase 2023-08-21 10:43:36 +02:00
Tamas Vajk
62666915b4 Adjust integration test to opt into cshtml extraction 2023-08-21 10:38:22 +02:00
Tamas Vajk
84a78e7a8d Add opt-in environment variable for cshtml generation 2023-08-21 10:38:22 +02:00
Tamas Vajk
ba0cc76da1 Minor cleanup of dotnet CLI invocations 2023-08-21 10:38:22 +02:00
Tamas Vajk
ad3cc8e1c7 Change backslash to forward slash in file paths in the analyzer config file 2023-08-21 10:38:22 +02:00
Tamas Vajk
c2eb2e9c69 Add more logging 2023-08-21 10:38:22 +02:00
Tamas Vajk
a644133d8f Write CSC arguments to file and pass that to the execution 2023-08-21 10:38:22 +02:00
Michael Nebel
166633dac0 C#: Only apply Path.combine to OS agnostic parts of the path. 2023-08-21 10:38:21 +02:00
Michael Nebel
d48ab36273 C#: Run dotnet exec command silently. 2023-08-21 10:38:21 +02:00
Tamas Vajk
d391246f27 C#: Generate source files from .cshtml files in standalone 2023-08-21 10:38:21 +02:00
Tamas Vajk
ba0f07b66c C#: Add integration test for cshtml extraction in standalone mode 2023-08-21 10:38:21 +02:00
Tamas Vajk
af1a0b9a6c C#: Include cshtml files in integration test results 2023-08-21 10:38:21 +02:00
Jeroen Ketema
a2bb7dee18 Java: Delete copy of shared taint tracking library 2023-08-21 10:32:28 +02:00
Michael Nebel
51f166d71e Java: Address review comments. 2023-08-21 10:22:28 +02:00