hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 06:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
56,903 Commits 1,740 Branches 165 Tags
2cfa14b91ff86e3d60bf5c1336e1fc5351bc94ce
Commit Graph

56903 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathew Payne
cf65ab834d fix: formatting issue 2023-07-14 12:31:40 +01:00
Mathew Payne
4c1612f2dd feat: add change log notes 2023-07-14 12:28:51 +01:00
Mathew Payne
c292984338 feat: add MaD to XSS query 2023-07-14 12:25:54 +01:00
Alex Ford
c0009379d1 qlformat 2023-07-14 12:04:03 +01:00
Asger F
31bed36231 Merge pull request #13612 from asgerf/rb/api-graph-explicit-proc-lambda 
Ruby: Improve support for explicit proc-creation
 2023-07-14 13:02:44 +02:00
Geoffrey White
1c8297b91b Merge pull request #13548 from geoffw0/redos 
Swift: Query for REDOS (Regular Expression Denial Of Service)
 2023-07-14 10:44:52 +01:00
Anders Schack-Mulligen
80a799df01 Merge pull request #13735 from aschackmull/dataflow/forcehighprecision-fix 
Dataflow: Fix forceHighPrecision for length-2 prefixes.
 2023-07-14 11:42:35 +02:00
Geoffrey White
1274393c72 Swift: Remove 'cached' annotations. 2023-07-14 10:11:09 +01:00
Anders Schack-Mulligen
aaea1ad2fa Docs: Switch to PascalCase. 2023-07-14 10:18:42 +02:00
Chris Smowton
3d8b4d850a Merge pull request #13742 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-07-14 09:00:17 +01:00
Anders Schack-Mulligen
2947f176ef Docs: Update data flow documentation to the new API. 2023-07-14 09:59:08 +02:00
github-actions[bot]
b675a1e2fe Add changed framework coverage reports 2023-07-14 00:19:14 +00:00
Alvaro Muñoz
11a915dcd7 Merge branch 'ruby/add_gqlgen_support' of https://github.com/pwntester/codeql into ruby/add_gqlgen_support 2023-07-13 22:16:41 +02:00
Alvaro Muñoz
55366f6743 retab 2023-07-13 22:16:34 +02:00
Alvaro Muñoz
9f6c7efd91 Update go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 22:11:37 +02:00
Alvaro Muñoz
4111ed6653 retab generated.go 2023-07-13 22:10:19 +02:00
Alvaro Muñoz
d681094824 Fixup expected file 2023-07-13 21:42:16 +02:00
Alvaro Muñoz
1dedc0ae55 Update go/ql/test/library-tests/semmle/go/frameworks/gqlgen/graph/schema.resolvers.go 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 21:39:47 +02:00
Alvaro Muñoz
94628edf98 Merge branch 'ruby/add_gqlgen_support' of https://github.com/pwntester/codeql into ruby/add_gqlgen_support 2023-07-13 21:36:49 +02:00
Alvaro Muñoz
730781720d remove unnecessary file 2023-07-13 21:35:11 +02:00
Alvaro Muñoz
7a54755c1b Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 21:32:56 +02:00
Alvaro Muñoz
1b6308e32f Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 21:32:46 +02:00
Geoffrey White
962c16d918 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-07-13 19:20:49 +01:00
Geoffrey White
2b9d25b317 Swift: Additional test cases. 2023-07-13 17:30:03 +01:00
Asger F
d57276ca35 Merge pull request #13719 from asgerf/js/barrier-inout 
JS: Replace barrier edges with barrier nodes
 2023-07-13 16:36:52 +02:00
Mathias Vorreiter Pedersen
c13f015b95 C++: No need to select the 'instruction' as the sink when the dataflow node has a better 'toString'. 2023-07-13 14:17:43 +01:00
Mathias Vorreiter Pedersen
5e06043120 C++: Completely get rid of merged path nodes. 2023-07-13 14:15:14 +01:00
Tony Torralba
cafc67e3be Merge pull request #13714 from pwntester/java/langs3_improvements 
[Java] Add missing commons lang3 model for ToStringBuilder.reflectionToString
 2023-07-13 14:45:33 +02:00
Max Schaefer
85991266da Merge pull request #13661 from github/max-schaefer/improve-command-injection-qhelp 
JavaScript: Improve query help for js/command-line-injection
 2023-07-13 13:34:10 +01:00
Anders Schack-Mulligen
a0e96594d8 Merge pull request #13736 from aschackmull/dataflow/remove-superfluous-module-members 
C#/Java/Ruby: Remove superfluous module members.
 2023-07-13 13:59:31 +02:00
Alvaro Muñoz
a590c57174 add stubs 2023-07-13 13:31:15 +02:00
Max Schaefer
b8eb2ef8d8 Merge branch 'main' into max-schaefer/improve-command-injection-qhelp 2023-07-13 12:11:15 +01:00
Max Schaefer
ae237247f2 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-07-13 12:10:57 +01:00
Tamás Vajk
60af9b062c Merge pull request #13733 from tamasvajk/fix/test-path-combine 
C#: Fix test expectations in `RuntimeVersion` tests to handle platfor…
 2023-07-13 12:44:06 +02:00
Alvaro Muñoz
aa2d61c7e3 replace deps with stubs 2023-07-13 12:18:12 +02:00
Asger F
18762db0fb Ruby: factor out isProcCreationCall 2023-07-13 11:53:16 +02:00
Asger F
8d2dba18c0 Ruby: change note 2023-07-13 11:53:16 +02:00
Asger F
f232669ea5 Ruby: support Proc.new alongside 'proc' and 'lambda' 2023-07-13 11:53:16 +02:00
Asger F
194fe85442 Ruby: Use asCallable() to generate epsilon edges 2023-07-13 11:53:16 +02:00
Asger F
452fbe7e8f Ruby: add test showing lack of lambda handling 2023-07-13 11:53:16 +02:00
Anders Schack-Mulligen
91de43f918 C#/Java/Ruby: Remove superfluous module members. 2023-07-13 11:38:35 +02:00
Stephan Brandauer
4391799b7e Merge pull request #13403 from github/java/update-mad-decls-after-triage-2023-06-08T08-51-47 
Java: Update MaD Declarations after Triage
 2023-07-13 11:15:41 +02:00
Anders Schack-Mulligen
837df2ad37 Dataflow: Sync. 2023-07-13 10:55:39 +02:00
Anders Schack-Mulligen
58cd16565f Dataflow: Fix forceHighPrecision for length-2 prefixes. 2023-07-13 10:55:39 +02:00
Anders Schack-Mulligen
d46b2a32ae Dataflow: Improve debug printing. 2023-07-13 10:55:39 +02:00
Jeroen Ketema
e6d7a83d41 Merge pull request #13732 from jketema/dataflow-default-none 
C++/Swift: Remove `none()` dataflow configuration predicates
 2023-07-13 10:42:39 +02:00
Tamas Vajk
35cc058474 C#: Fix test expectations in RuntimeVersion tests to handle platform dependent behaviour of Path.Combine 2023-07-13 09:50:26 +02:00
Tony Torralba
7204c30025 Update 2023-07-12-apache-commons-lang3-tostringbuilder.md 2023-07-13 09:38:33 +02:00
Owen Mansel-Chan
1767ca2682 Merge pull request #13728 from owen-mc/go/minor-cleanup-Twirp-models 
Go: minor cleanup to Twirp models
 2023-07-12 22:59:13 +01:00
Maiky
119a32fe0e fix naming error 2023-07-12 23:54:58 +02:00