hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,010 Commits 1,672 Branches 157 Tags
24c9a516c97a2aecdfb51b2c87c287fca36d0646
Commit Graph

8816 Commits

Author SHA1 Message Date
Ed Minnix
24c9a516c9 Add QLdoc to ArbitraryApkInstallationQuery.qll 2023-03-08 13:21:09 -05:00
Ed Minnix
882e909862 Renamed ArbitraryAPKInstallation to ArbitraryApkInstallation 2023-03-08 12:16:46 -05:00
Ed Minnix
5fb5f1b23b Begin InlineExpectationsTest 2023-03-08 12:14:45 -05:00
Ed Minnix
3ea167cadf Split ArbitraryApkInstallation file into 3 files 2023-03-08 12:12:11 -05:00
Edward Minnix III
2d1088e923 Change severity level to error 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-08 12:12:11 -05:00
Ed Minnix
0eaad4136e Add RemoteFlowSource as a valid source 2023-03-08 12:12:11 -05:00
Ed Minnix
4d51e4fed0 Change description wording 2023-03-08 12:12:11 -05:00
Ed Minnix
10cd6328dc Add missing QLDocs 2023-03-08 12:12:11 -05:00
Edward Minnix III
8ec5b5b7fa Apply suggestions from code review 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-03-08 12:12:10 -05:00
Ed Minnix
8fcf00b73d Test improvements 2023-03-08 12:12:10 -05:00
Ed Minnix
fa416564c7 Documentation and examples 2023-03-08 12:12:10 -05:00
Ed Minnix
d3d712fbff Remove Url#parse as a source 2023-03-08 12:12:10 -05:00
Ed Minnix
5f4e8e3e6a Add test cases relating to intents with the ACTION_INSTALL_PACKAGE action 2023-03-08 12:12:10 -05:00
Ed Minnix
f03e90f894 Remove http(s) literal sources 2023-03-08 12:12:10 -05:00
Edward Minnix III
839b88a4bc Formatting, capitalization, and typos 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-08 12:12:10 -05:00
Ed Minnix
b606271a61 Additional documentation 2023-03-08 12:12:10 -05:00
Ed Minnix
01b20b3a26 Added external storage test case 2023-03-08 12:12:10 -05:00
Ed Minnix
c448481bf7 Added test expectations 2023-03-08 12:12:10 -05:00
Ed Minnix
12f78dbed4 Add DataFlow::PathGraph import 2023-03-08 12:12:10 -05:00
Ed Minnix
cd5a46123e Add a change note 2023-03-08 12:12:10 -05:00
Ed Minnix
2d6cdff14b Add period to alert message 2023-03-08 12:12:10 -05:00
Ed Minnix
0ec4df28f5 Add query metadata 2023-03-08 12:12:10 -05:00
Ed Minnix
3f589722c2 Refactor query to change returned source 2023-03-08 12:12:10 -05:00
Ed Minnix
618b608962 Arbitrary APK Installation MVP 2023-03-08 12:12:10 -05:00
Mathias Vorreiter Pedersen
92ad099c1b DataFlow: Remove bindingsets, remove the call column, and swap parameter and argument columns. 2023-03-06 13:47:59 +00:00
Mathias Vorreiter Pedersen
3bf28cc752 DataFlow: Sync identical files. 2023-03-06 13:46:21 +00:00
Mathias Vorreiter Pedersen
4720e2a30a Java: Add stub. 2023-03-06 13:44:24 +00:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
Anders Schack-Mulligen
557cb17f4d Dataflow: Minor perf fix for single config wrapper. 2023-03-06 10:24:33 +01:00
Chris Smowton
b234bbd119 Accept test changes 2023-03-03 14:46:21 +00:00
Anders Schack-Mulligen
0addcfa7c5 Dataflow: Fix some perf issues. 2023-03-03 11:45:32 +01:00
Anders Schack-Mulligen
b34f99f716 Dataflow: Add change notes. 2023-03-02 16:01:29 +01:00
github-actions[bot]
3b9de22af9 Add changed framework coverage reports 2023-03-02 00:18:47 +00:00
Tony Torralba
59bd1e5ab1 Merge pull request #12228 from github/java/mad-decls-triage-request-2276 
Java: Update MaD sink decls after triage
 2023-03-01 17:08:38 +01:00
Tony Torralba
0439eb640d Add tests 2023-03-01 09:49:28 +01:00
Tony Torralba
4e7dbbf5f0 Add stubs 2023-03-01 09:48:33 +01:00
Anders Schack-Mulligen
5469a82efb Go,Java,Python: Fix some tests. 2023-02-28 14:31:00 +01:00
github-actions[bot]
b6f81fc938 Add changed framework coverage reports 2023-02-28 00:17:14 +00:00
Edward Minnix III
7f607fb46b Merge pull request #12032 from egregius313/egregius313/promote-hardcoded-jwt-credential 
Java: Promote Hardcoded JWT credential query
 2023-02-27 11:33:53 -05:00
Tony Torralba
db6cb1ffe3 Remove dubious model after investigating it 2023-02-27 14:57:56 +01:00
Ed Minnix
ed1aac1aa5 Remove unneeded example file 2023-02-27 12:16:14 +01:00
Ed Minnix
06a1368e7c Additional test cases 2023-02-27 12:16:14 +01:00
Ed Minnix
4aec708fac Add change note 2023-02-27 12:16:14 +01:00
Ed Minnix
6de946ef00 Remove experimental files 2023-02-27 12:16:14 +01:00
Ed Minnix
3ff1a97e38 Add byte[] signatures 2023-02-27 12:16:14 +01:00
Ed Minnix
d71386e001 Add example file for documentation 2023-02-27 12:16:14 +01:00
Ed Minnix
fa6ac063d1 Add com.auth0.jwt.algorithm.Algorithm sinks 
The HMAC* constructors of the com.auth0.jwt.algorithm.Algorithm class
take a secret as a parameter. Therefore, the arguments should be added
to be checked for hardcoded credentials.
 2023-02-27 12:16:14 +01:00
Tony Torralba
c027e10ef7 Add java.net tests 2023-02-27 09:33:16 +01:00
Tony Torralba
4a9f63ea1a Fix toASCIIString casing 2023-02-27 09:32:42 +01:00
Alvaro Muñoz
f393a3c549 Add toExternalForm 2023-02-24 18:50:31 +01:00