hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 00:27:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
76,790 Commits 1,758 Branches 168 Tags
2172ced0bec8058a2be99a53ddef8515ec3cf7af
Commit Graph

252 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
abc23e038a Merge branch 'main' into revert-ps-module-extraction 2025-02-26 12:26:17 +00:00
Mathias Vorreiter Pedersen
29c11a4a5e PS: Add upgrade and downgrade scripts. 2025-02-24 14:23:49 +00:00
Mathias Vorreiter Pedersen
4bfd6fd345 PS: Revert psmodule path file extraction. 2025-02-24 14:23:46 +00:00
Mathias Vorreiter Pedersen
1978e10c05 PS: Remove extractor option to skip psmodule extraction. 2025-02-24 14:23:35 +00:00
Mathias Vorreiter Pedersen
6909792627 PS: Also get rid of an easy-to-fix SSA warning. 2025-02-21 12:22:06 +00:00
Mathias Vorreiter Pedersen
efb43bca3e PS: Match the changes from #18696. 2025-02-21 12:16:00 +00:00
Mathias Vorreiter Pedersen
3dbe7f4fa6 PS: Add the type model generation script and add a short readme. 2025-02-19 14:10:28 +00:00
Mathias Vorreiter Pedersen
6ef09412a9 PS: Add .NET and PowerShell SDK type models. 2025-02-19 00:05:51 +00:00
Dilan Bhalla
414feffcaa microsoft-public -> public 2025-02-07 10:09:34 -08:00
Dilan Bhalla
ba97b92148 microsoft public namespace edit 2025-02-06 23:41:09 -08:00
dilanbhalla
c749c19db4 Update CommandInjection.ql 2025-02-06 12:04:51 -08:00
dilanbhalla
fa74d05211 Update CommandInjection.ql 2025-02-06 12:04:39 -08:00
dilanbhalla
14ab30ce1f Update DoNotUseInvokeExpression.ql 2025-02-06 12:04:29 -08:00
Mathias Vorreiter Pedersen
c43b682862 PS: Ensure that the PowerShell CFG library compiles with CodeQL version 2.20.4. 2025-02-06 19:55:29 +00:00
Mathias Vorreiter Pedersen
25f8f049c3 Powershell: Update changes to remain in sync with GitHub's shared libraries. 2025-01-23 18:06:22 +00:00
Chanel
7f5e5ffa37 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2025-01-09 10:41:16 -08:00
Chanel Young
17f9c9a0b5 invoke expression powershell query 2025-01-09 10:22:32 -08:00
Lindsay Simpkins
ff03d6c22a PS: support buildmode none in extractor 2024-11-19 19:38:55 -05:00
Mathias Vorreiter Pedersen
ba8a37c625 PS: Add more injetion sinks and type models. 2024-11-12 20:12:57 +00:00
Mathias Vorreiter Pedersen
308afb996b PS: Add common GAC (global assembly cache) assemblies and all automatic varibles. 2024-11-12 20:12:54 +00:00
Mathias Vorreiter Pedersen
f103fed6de PS: Use ! to mark static members/methods. 2024-11-12 20:12:52 +00:00
Mathias Vorreiter Pedersen
50c05517d2 PS: Include implicit qualifiers. 2024-11-12 20:05:20 +00:00
Mathias Vorreiter Pedersen
a382d08915 PS: Don't raise an alert on all call operator node arguments. 2024-11-11 15:25:18 +00:00
Mathias Vorreiter Pedersen
446b3ea0e1 PS: Accept test changes. 2024-11-11 12:28:00 +00:00
Mathias Vorreiter Pedersen
7fe9cce53f PS: Avoid CP. 2024-11-11 12:19:46 +00:00
Mathias Vorreiter Pedersen
50188a2175 PS: Drive-by: Fix toString on Cmd. 2024-11-11 12:19:33 +00:00
Mathias Vorreiter Pedersen
86a40b9b0b Merge pull request #138 from microsoft/powershell-tainted-command-query 
PS: Add the first non-experimental query
 2024-11-08 20:44:15 +01:00
Mathias Vorreiter Pedersen
40f50dd472 PS: Ensure the parameter has the right enclosing function. 2024-11-08 19:41:52 +00:00
Mathias Vorreiter Pedersen
b3de6a23ea PS: Add tests. 2024-11-08 16:07:12 +00:00
Mathias Vorreiter Pedersen
40cf8dd387 PS: Add test dependency on powereshell-queries. 2024-11-08 16:07:11 +00:00
Mathias Vorreiter Pedersen
e8274a66a5 PS: Add qhelp. 2024-11-08 16:07:09 +00:00
Mathias Vorreiter Pedersen
299c3e9eed PS: Add 'powershell/command-injection' query. 2024-11-08 16:07:07 +00:00
Mathias Vorreiter Pedersen
f16b2cbd76 PS: Accept test changes. 2024-11-08 16:04:10 +00:00
Mathias Vorreiter Pedersen
5a715c7d11 PS: Flow through string interpolation. 2024-11-08 16:01:23 +00:00
Mathias Vorreiter Pedersen
d5d3712db4 PS: Add taint test. 2024-11-08 15:59:26 +00:00
Mathias Vorreiter Pedersen
4a2fd527ed PS: Add reads of environment variables as local flow sources. 2024-11-08 15:01:18 +00:00
Mathias Vorreiter Pedersen
9f0f0ca8a4 PS: Add placeholder for speculative flow now that this has been merged on the GitHub side. 2024-11-08 15:00:37 +00:00
Mathias Vorreiter Pedersen
aaa01820e0 PS: Add AST and CFG nodes for operator &. 2024-11-08 14:59:56 +00:00
Mathias Vorreiter Pedersen
2255fda9e6 PS: Accept test changes. These are all from the changes to 'toString' from the previous commit. 2024-11-07 12:59:06 +00:00
Mathias Vorreiter Pedersen
a086d63f31 PS: Drive-by fix: Better toString on Cmd. 2024-11-07 12:47:58 +00:00
Mathias Vorreiter Pedersen
7531d88f6d PS: Allow explicit module qualifiers to be selected with the 'instance' path. 2024-11-07 12:47:23 +00:00
Mathias Vorreiter Pedersen
689a34b823 PS: Add a public dataflow node class for TypeNames. 2024-11-07 12:46:08 +00:00
Mathias Vorreiter Pedersen
938069d5ba PS: Include more module IPA nodes. 2024-11-07 12:45:06 +00:00
Mathias Vorreiter Pedersen
18d8de1fc8 PS: Add a bunch of source models. 2024-11-06 13:43:18 +00:00
Mathias Vorreiter Pedersen
d02ad25aaa PS: Add (empty) model-related files. 2024-11-06 13:43:16 +00:00
Mathias Vorreiter Pedersen
4344e70543 PS: Include certain statements as local source nodes. 2024-11-06 13:43:14 +00:00
Mathias Vorreiter Pedersen
4f58b19217 PS: Add wrapper classes for local and remote flow sources. 2024-11-06 13:43:13 +00:00
Mathias Vorreiter Pedersen
2ffbf179d8 PS: Dataflow additions to support api graphs. 2024-11-06 13:43:10 +00:00
Mathias Vorreiter Pedersen
9a03d10eb1 PS: Add API graph files. 2024-11-06 13:43:07 +00:00
Mathias Vorreiter Pedersen
314951779d PS: Add shared files for API graphs. 2024-11-06 13:43:03 +00:00