Henry Mercer
|
245edd41ff
|
Merge pull request #7186 from github/henrymercer/rename-available-models-predicate
JS: [Internal only] Rename the available ML models external predicate
|
2021-11-22 18:26:46 +00:00 |
|
Arthur Baars
|
f6baab6399
|
Merge pull request #7211 from dbartol/dbartol/ruby-workspace
Merge Ruby workspace into root workspace
|
2021-11-22 16:22:12 +01:00 |
|
Dave Bartolomeo
|
186e3755c0
|
Remove unnecessary path options
|
2021-11-22 09:50:01 -05:00 |
|
Dave Bartolomeo
|
522074940d
|
Merge Ruby workspace into root workspace
|
2021-11-22 09:10:59 -05:00 |
|
AlonaHlobina
|
b60fef88b5
|
Merge pull request #7206 from github/AlonaHlobina-patch-2
Update query-metadata-style-guide.md
|
2021-11-22 14:48:46 +01:00 |
|
Mathias Vorreiter Pedersen
|
74221f4aba
|
Merge pull request #7209 from geoffw0/experimental-tests
C++: Move experimental test.
|
2021-11-22 13:01:52 +00:00 |
|
Harry Maclean
|
6f22867af9
|
Merge pull request #7015 from github/hmac/ssrf
Ruby: Add Server-Side Request Forgery query
|
2021-11-22 12:41:39 +00:00 |
|
CodeQL CI
|
ddeb700fd6
|
Merge pull request #7207 from github/asgerf/document-template-language-extensions
Approved by esbena
|
2021-11-22 04:16:19 -08:00 |
|
Geoffrey White
|
6f2b528a32
|
C++: Move experimental test.
|
2021-11-22 11:02:06 +00:00 |
|
Asger F
|
8322a44379
|
JS: Mention .hbs, .ejs, and .njk file extensions
Also fixes a typo `.xhm` -> `.xhtm`
|
2021-11-22 11:53:55 +01:00 |
|
Tom Hvitved
|
39e3254fe0
|
Merge pull request #7182 from hvitved/csharp/self-assignment-bad-magic
C#: Fix bad magic `Element::fromSource` in context of `SelfAssignment.ql`
|
2021-11-22 10:57:48 +01:00 |
|
AlonaHlobina
|
0de6511dff
|
Update query-metadata-style-guide.md
|
2021-11-22 10:17:57 +01:00 |
|
Erik Krogh Kristensen
|
9f08acab7e
|
Merge pull request #7170 from erik-krogh/qldocStyle
Ruby: use A/An/The to start qlDoc for classes
|
2021-11-19 17:34:35 +01:00 |
|
Anders Schack-Mulligen
|
344f7bca5b
|
Merge pull request #7187 from aschackmull/java/dont-clear-in-summary-store
Java: Don't clear content in store steps in summaries.
|
2021-11-19 16:12:37 +01:00 |
|
Harry Maclean
|
06000781e9
|
Ruby: Document PairCfgNode::getKey/getValue
|
2021-11-19 14:54:06 +00:00 |
|
Anders Schack-Mulligen
|
fc43220864
|
Java: bugfix
|
2021-11-19 15:01:29 +01:00 |
|
Anders Schack-Mulligen
|
2b1f34ed9b
|
Java: Don't clear content in store steps in summaries.
|
2021-11-19 14:22:28 +01:00 |
|
Henry Mercer
|
8ba864e897
|
JS: Rename the available ML models external predicate
|
2021-11-19 12:56:03 +00:00 |
|
Tom Hvitved
|
47fd64fc44
|
Merge pull request #7130 from hvitved/cfg/dead-end-consistency
Shared CFG: Add "dead end" consistency query
|
2021-11-19 13:49:53 +01:00 |
|
Tom Hvitved
|
2b2ff7717e
|
Merge pull request #7179 from hvitved/ruby/shared-ssa-consistency
Ruby: Move SSA consistency queries into shared SSA library
|
2021-11-19 13:49:25 +01:00 |
|
Erik Krogh Kristensen
|
75586b0cf6
|
Apply suggestions from code review
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
|
2021-11-19 13:23:01 +01:00 |
|
Tom Hvitved
|
a393bff6cb
|
C#: Fix bad magic Element::getLocation in context of SelfAssignment.ql
|
2021-11-19 12:44:07 +01:00 |
|
Harry Maclean
|
90a9688310
|
Ruby: update CFG fixture
|
2021-11-19 11:31:14 +00:00 |
|
Harry Maclean
|
8fc7e4be43
|
Ruby: Increase precision of SSRF query
|
2021-11-19 11:28:09 +00:00 |
|
Harry Maclean
|
c297a68acf
|
Model more of the RestClient API
We now handle this form:
RestClient::Request.execute(url: "http://example.com")
|
2021-11-19 11:28:09 +00:00 |
|
Harry Maclean
|
e2ef780c55
|
Add base_uri note to HTTParty modelling
|
2021-11-19 11:28:09 +00:00 |
|
Harry Maclean
|
38ff584307
|
Model more Faraday behaviour
You can instantiate a Faraday connection by passing a URL as an keyword
argument:
conn = Faraday.new(url: "http://example.com")
|
2021-11-19 11:28:09 +00:00 |
|
Harry Maclean
|
f933d24031
|
Fix comment
|
2021-11-19 11:28:09 +00:00 |
|
Harry Maclean
|
70efadac77
|
Add change note for Ruby SSRF query
|
2021-11-19 11:28:09 +00:00 |
|
Harry Maclean
|
e87a4531d8
|
Remove redundant imports
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
ac20eafecc
|
Add qhelp for Ruby SSRF
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
2bba31eb02
|
Update metadata of Ruby SSRF query
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
dc464879a2
|
Add a query for server-side request forgery
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
cd33e4d394
|
Make string interpolation sanitizer reusable
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
b6ce37b241
|
Add getURL to HTTP::Client::Request
This member predicate gets dataflow nodes which contribute to the URL of
the request.
Also consolidate the identical tests for each HTTP client.
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
8fd8c9b04d
|
Fix CallExprCfgNode.getKeywordArgument
This predicate now produces results.
|
2021-11-19 11:28:08 +00:00 |
|
Harry Maclean
|
0caea17118
|
Add a test for CallCfgNodes
This test shows that `CallCfgNode.getKeywordArgument(string keyword)`
doesn't return any results.
|
2021-11-19 11:28:07 +00:00 |
|
Tom Hvitved
|
34feafd4fa
|
C#: Do not pass in TSourceVariable IPA type into shared SSA library
|
2021-11-19 11:53:25 +01:00 |
|
Anders Schack-Mulligen
|
1f3f7e9ccc
|
Merge pull request #7169 from erik-krogh/useMatches
use matches instead of regexpMatch/prefix/suffix
|
2021-11-19 11:42:47 +01:00 |
|
Tom Hvitved
|
4068cc9c3a
|
Shared SSA: Sync files
|
2021-11-19 11:31:28 +01:00 |
|
Tom Hvitved
|
bc80c9b013
|
Ruby: Move SSA consistency queries into shared SSA library
|
2021-11-19 11:31:28 +01:00 |
|
Tom Hvitved
|
fd0e318eb1
|
C#: Document inconsistency in one test
|
2021-11-19 09:43:51 +01:00 |
|
Tom Hvitved
|
923ca134e8
|
Shared CFG: Add "dead end" consistency query
|
2021-11-19 09:14:38 +01:00 |
|
Erik Krogh Kristensen
|
62730e7a4b
|
Merge pull request #7174 from erik-krogh/fixCSharpImport
C#: move Linq/Helpers.qll to the lib folder
|
2021-11-18 19:40:53 +01:00 |
|
Tom Hvitved
|
2f7250a0b3
|
Merge pull request #7160 from hvitved/csharp/cfg/static-scope
C#: Extend `(Annotated)ExitNode` to also cover static fields
|
2021-11-18 19:15:06 +01:00 |
|
Erik Krogh Kristensen
|
63ecae5426
|
update imports
|
2021-11-18 17:31:17 +01:00 |
|
Erik Krogh Kristensen
|
2d78cce7a5
|
move Linq/Helpers to the lib folder
|
2021-11-18 16:59:34 +01:00 |
|
Henry Mercer
|
46958e5bff
|
Merge pull request #7168 from erik-krogh/useMinInsteadofRank1
ATM: use min() instead of rank[1]
|
2021-11-18 14:56:49 +00:00 |
|
Erik Krogh Kristensen
|
af55f172ae
|
use A/An/The to start qlDoc for classes
|
2021-11-18 15:42:45 +01:00 |
|
Erik Krogh Kristensen
|
011fc20963
|
use matches instead of regexpMatch
|
2021-11-18 15:41:25 +01:00 |
|