hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 13:11:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,980 Commits 1,689 Branches 160 Tags
26b8a394b3cdfc8e32bc228294e15b09fcf771b2
Commit Graph

82980 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
REDMOND\brodes
26b8a394b3 Adjusting acryonym for SSRF for casing standards. 2025-09-30 14:09:06 -04:00
REDMOND\brodes
a660eaba95 Adding docs. 2025-09-30 14:07:32 -04:00
REDMOND\brodes
acddb2c272 Moved change log to correct location. 2025-09-30 14:02:43 -04:00
Ben Rodes
d790c6df57 Update python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_azure_client.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-30 14:00:25 -04:00
Ben Rodes
fab96d9539 Update python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_azure_client.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-30 14:00:16 -04:00
Ben Rodes
5ca9ff2082 Update python/ql/lib/semmle/python/frameworks/SSRFSink.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-30 14:00:05 -04:00
REDMOND\brodes
341f553866 Added change logs. 2025-09-30 13:55:31 -04:00
REDMOND\brodes
704e2966cb Adding azure sdk test cases and updated test expected file. 2025-09-30 13:32:56 -04:00
REDMOND\brodes
d27d4fdb27 Updating comments. 2025-09-30 13:31:48 -04:00
REDMOND\brodes
47fac883b8 Azure SDK models for SSRF analysis. 
(cherry picked from commit 0274962612c02af09729526a3c44a545c1e69be8)
 2025-09-30 11:58:26 -04:00
Geoffrey White
d9955ce93c Merge pull request #20503 from geoffw0/cookie 
Rust: New query rust/insecure-cookie
 2025-09-30 15:26:37 +01:00
Idriss Riouak
fa8cbeeb44 Merge pull request #20546 from github/idrissrio/ql-constant 
Java: Fix false positives in evaluation-to-constant query for ErrorType
 2025-09-30 14:24:28 +02:00
idrissrio
63771110a5 Java: Address review comment 2025-09-30 11:46:37 +02:00
Geoffrey White
90a7a58929 Merge pull request #20515 from geoffw0/libs 
Rust: Update Supported languages and frameworks
 2025-09-30 09:56:09 +01:00
Geoffrey White
a286631018 Merge pull request #20512 from geoffw0/stmtlist 
Rust: Improve StmtList
 2025-09-30 09:53:55 +01:00
Nick Rolfe
9688d84f3e Merge pull request #20549 from github/post-release-prep/codeql-cli-2.23.2 
Post-release preparation for codeql-cli-2.23.2
 2025-09-30 09:45:22 +01:00
github-actions[bot]
a7a4e43991 Post-release preparation for codeql-cli-2.23.2 2025-09-29 15:10:19 +00:00
Nick Rolfe
a05ffdbc81 Merge pull request #20545 from github/release-prep/2.23.2 
Release preparation for version 2.23.2
codeql-cli/v2.23.2 		2025-09-29 15:35:24 +01:00
Nick Rolfe
a76d736136 C#: tweak changelog wording 2025-09-29 15:32:52 +01:00
idrissrio
b82d8c2252 Java: Accept new test results after query change 2025-09-29 13:38:01 +02:00
idrissrio
659afb5f30 Java: Fix false positives in evaluation-to-constant query for ErrorType 2025-09-29 13:37:25 +02:00
idrissrio
e0444c531b Java: Add integration test for constant expr detection 2025-09-29 13:37:20 +02:00
Kasper Svendsen
b52fff2f81 Merge pull request #20505 from kaspersv/kaspersv/future-proof-java-discarding2 
Overlay: Discard Java config and XML base entities in overlay extracted files
 2025-09-29 13:01:08 +02:00
github-actions[bot]
d2130a589b Release preparation for version 2.23.2 2025-09-29 10:28:45 +00:00
Jeroen Ketema
9dfd87c284 Merge pull request #20514 from jketema/permissive 
C++: Update tests after extractor changes
 2025-09-28 16:56:31 +02:00
Owen Mansel-Chan
18a1075e70 Merge pull request #20523 from smowton/smowton/fix/mistyped-exp-fp 
Go: mistyped-exponentiation: notice constants with likely-bitmask values
 2025-09-26 16:02:30 +01:00
Owen Mansel-Chan
f5f61193a0 Delete change note 2025-09-26 15:33:26 +01:00
Geoffrey White
1236e2b829 Rust: Add references to alternatives in the getStmtOrExpr methods. 2025-09-26 14:55:06 +01:00
Geoffrey White
a0b533bd40 Merge pull request #20529 from geoffw0/convert 
Rust: Correct from model to taint
 2025-09-26 14:48:58 +01:00
Geoffrey White
4570d7e46e Rust: Replace getBlockChildNode with uses of getStmtOrExpr. 2025-09-26 14:32:36 +01:00
Geoffrey White
27b6f12b3c Rust: Use the suggested cleaner implementation for getStmtOrExpr. 2025-09-26 14:30:31 +01:00
Florin Coada
ba07daa50a Merge pull request #20532 from github/coadaflorin/changelog-fixes 
Update changelog for CodeQL CLI 2.23.1
 2025-09-26 14:21:21 +01:00
Geoffrey White
1635ef9ad9 Merge branch 'main' into convert 2025-09-26 14:11:04 +01:00
Florin Coada
5a0bae27ac Update changelog for CodeQL CLI 2.23.1 2025-09-26 13:57:57 +01:00
Anders Schack-Mulligen
f4388c80d0 Merge pull request #20519 from aschackmull/controlflowreach/perf2 
ControlFlow: Split only on relevant values.
 2025-09-26 14:51:49 +02:00
Florin Coada
a4f5e9aaf5 Update changelog for CodeQL CLI 2.23.1 
Added acknowledgment for the original contributor of the 'Permissive CORS configuration' query and clarified the detection of path injection in Go.
 2025-09-26 13:46:12 +01:00
Florin Coada
f6fe469e02 Merge pull request #20531 from github/coadaflorin-formatingfix2 
Fix formatting in codeql-cli-2.23.1.rst
 2025-09-26 13:31:22 +01:00
Florin Coada
3e9332edfa Fix formatting in codeql-cli-2.23.1.rst 2025-09-26 13:16:45 +01:00
Florin Coada
f8388c521e Merge pull request #20530 from github/coadaflorin/attributer-query 
Attribute `js/cors-permissive-configuration` to original author
 2025-09-26 13:11:08 +01:00
Anders Schack-Mulligen
2c29f21004 Shared: Address review comments. 2025-09-26 13:59:53 +02:00
Tom Hvitved
615b0a0310 Merge pull request #20502 from hvitved/rust/path-resolution-check-arity 
Rust: Check call arities in path resolution
 2025-09-26 13:45:26 +02:00
Tom Hvitved
4c7b66c66a Address review comments 2025-09-26 13:14:44 +02:00
Geoffrey White
77e7898f71 Rust: Use US spelling in comment. 2025-09-26 11:49:23 +01:00
Geoffrey White
f458149655 Rust: Remove a sentance from the qhelp. 2025-09-26 11:32:45 +01:00
Geoffrey White
57f84873b4 Rust: Split off cookieOptionalBarrier predicate (as suggested) and expand / clarify the QLDoc. 2025-09-26 11:29:17 +01:00
Geoffrey White
21fe142955 Update rust/ql/src/queries/security/CWE-614/InsecureCookie.qhelp 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-09-26 10:39:49 +01:00
Florin Coada
ba520c60d2 Update 2.1.0.md 2025-09-26 10:11:03 +01:00
Florin Coada
09833e2541 Update CHANGELOG for query promotion and acknowledgment 
Promote 'Permissive CORS configuration' query to default suite and acknowledge contributor.
 2025-09-26 10:09:30 +01:00
Florin Coada
2f96e32ec9 Update 2.1.0.md 2025-09-26 10:08:31 +01:00
Geoffrey White
3a03bb5a0b Rust: Repair rust/hard-coded-cryptographic-value, which had an unintentional dependence on the taint flow. 2025-09-26 10:03:38 +01:00