codeql

mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00

Author	SHA1	Message	Date
Jami Cogswell	2daa3457d7	combine three configs into one	2022-10-13 17:57:56 -04:00
Jami Cogswell	e0f0d554cb	condense code	2022-10-12 22:18:07 -04:00
Jami Cogswell	bcb506b637	add placeholder qldocs	2022-10-12 17:04:51 -04:00
Jami Cogswell	bfbb6db436	clean up code	2022-10-12 16:58:34 -04:00
Jami Cogswell	37d85587e0	refactor code into InsufficientKeySize.qll	2022-10-12 15:39:57 -04:00
Jami Cogswell	0fc4a33d43	remove commented-out code	2022-10-12 08:54:06 -04:00
Jami Cogswell	01c2a8cbba	add symm to the single config; still seems to work	2022-10-12 08:51:22 -04:00
Jami Cogswell	29de0c6748	make one config for asymm with flow states; seems to work...	2022-10-11 22:29:48 -04:00
Jami Cogswell	3e8748e639	add path-graph back to query alerts	2022-10-11 16:56:11 -04:00
Jami Cogswell	26f4abf12b	remove globalflow for key(pair)gen	2022-10-11 16:56:11 -04:00
Jami Cogswell	e64825ff7a	fix code-scanning bot problems	2022-10-11 16:56:11 -04:00
Jami Cogswell	b6a8c27d48	delete experimental files	2022-10-11 16:56:11 -04:00
Jami Cogswell	bd76b1fcc0	clean-up and update configurations to have specs as sink	2022-10-11 16:56:10 -04:00
Jami Cogswell	0c2cff253f	updates from discussing with Tony	2022-10-11 16:56:10 -04:00
Jami Cogswell	3cc7f143b2	clean up code somewhat	2022-10-11 16:56:10 -04:00
Jami Cogswell	f5a2fef7a3	update tests for non-path version	2022-10-11 16:56:10 -04:00
Jami Cogswell	b0af9f936c	added kg taintracking config to all	2022-10-11 16:56:10 -04:00
Jami Cogswell	b7123c17f8	draft of adding kpg tracking into dataflow config	2022-10-11 16:56:10 -04:00
Jami Cogswell	cdac0e2b52	add local algo name tracking, still need to add ability to track algo name when KeyGen obj is param to other method	2022-10-11 16:56:10 -04:00
Jami Cogswell	c414ee0e25	add ECC dataflow config; passes all test cases; still don't have algo name tracking	2022-10-11 16:56:10 -04:00
Jami Cogswell	5e2ef66014	refactoring to use both dataflow configs; commit before deleting unused code	2022-10-11 16:56:10 -04:00
Jami Cogswell	ac707198d5	commit before adding taint flow back (since no taint flow doesn't capture all cases)	2022-10-11 16:56:10 -04:00
Jami Cogswell	8ffd2522e7	add draft code to find algo type to replace tainttracking configs	2022-10-11 16:56:10 -04:00
Jami Cogswell	d3b1a04c13	handle FN case with simple VarAccess; add draft of dataflow config to handle complex VarAccess	2022-10-11 16:56:10 -04:00
Jami Cogswell	7de9c05c9d	use CompileTimeConstantExpr for FN with VarAccess, and remove KeyGeneratorInitConfiguration	2022-10-11 16:56:10 -04:00
Jami Cogswell	75794ec7a7	false negative testing - before rewrite for variable dataflow	2022-10-11 16:56:10 -04:00
Jami Cogswell	7d94590d79	add change note	2022-10-11 16:56:10 -04:00
Jami Cogswell	9eb45c3787	refactor tests and code, update help file	2022-10-11 16:56:10 -04:00
Jami Cogswell	657e1e62ca	start refactoring query logic into lib file	2022-10-11 16:56:10 -04:00
Jami Cogswell	3643c9e658	update metadata	2022-10-11 16:56:10 -04:00
Jami Cogswell	9b7df354e6	move files	2022-10-11 16:56:10 -04:00
Mathias Vorreiter Pedersen	fc810ddbf4	Merge pull request #10775 from atorralba/atorralba/swift/custom-url-scheme-sources Swift: Add taint sources for custom URL scheme URLs	2022-10-11 16:47:52 +01:00
Tony Torralba	f4d43deec4	Add taint sources for custom URL scheme URLs	2022-10-11 17:19:04 +02:00
Mathias Vorreiter Pedersen	af79139c30	Merge pull request #10772 from atorralba/atorralba/swift/subscriptexpr-taint-step Swift: Add taint step for subscript expressions	2022-10-11 15:45:54 +01:00
Mathias Vorreiter Pedersen	7ac9c1e832	Merge pull request #10713 from MathiasVP/fix-types-in-ir-dataflow C++: Fix `getType` for experimental IR dataflow	2022-10-11 15:20:49 +01:00
Rasmus Wriedt Larsen	b3f10311b3	Merge pull request #10752 from RasmusWL/pymssql Python: DB Modeling: Add `pymssql` and `executemany` in general	2022-10-11 15:55:04 +02:00
Tony Torralba	0892a5795d	Add taint step for subscript expressions	2022-10-11 15:33:45 +02:00
Tamás Vajk	8523d21f8c	Merge pull request #10696 from tamasvajk/kotlin-lateinit Kotlin: Extract `lateinit` modifier	2022-10-11 15:03:10 +02:00
Tamás Vajk	e9835ec07e	Merge pull request #10756 from tamasvajk/kotlin-fix-java-modifier Kotlin: extract `protected` modifier from java class files	2022-10-11 15:02:13 +02:00
Erik Krogh Kristensen	66c2de87b0	Merge pull request #10729 from erik-krogh/py-last-msg Py: fix some more style-guide violations in the alert-messages	2022-10-11 14:48:14 +02:00
Rasmus Wriedt Larsen	ac30cfa5c1	Python: Apply suggestions from code review	2022-10-11 14:05:27 +02:00
erik-krogh	a826dbbdee	fix capitalization in stack-trace-exposure	2022-10-11 13:59:10 +02:00
Mathias Vorreiter Pedersen	95e798565b	C++: Expand on the comment about missing types in the database. Also rename 'getType0' to 'getTypeImpl' to avoid confusion.	2022-10-11 12:57:51 +01:00
Erik Krogh Kristensen	0883b1782d	Merge pull request #10730 from erik-krogh/ql-last-msg QL: fix some more style-guide violations in the alert-messages	2022-10-11 13:43:21 +02:00
Asger F	02656b16c3	Merge pull request #10685 from asgerf/rb/splat-and-local-field-step Ruby: summarize unary splat operators and add local field step	2022-10-11 13:28:58 +02:00
Erik Krogh Kristensen	01bc5f7226	Merge pull request #10731 from erik-krogh/rb-last-msg Ruby: fix some more style-guide violations in the alert-messages	2022-10-11 12:16:52 +02:00
Mathias Vorreiter Pedersen	5cfc3fe8df	C++: Use 'DataFlowType' instead of 'Type' for the 'getType' predicate in 'PostUpdateNode'.	2022-10-11 11:00:25 +01:00
Tom Hvitved	878654e0ff	Merge pull request #10763 from hvitved/ruby/move-summarized-callable-from-model Ruby: Move `SummarizedCallableFromModel` into `ModelsAsData.qll`	2022-10-11 11:47:38 +02:00
erik-krogh	42e1735f2a	update expected output	2022-10-11 11:37:26 +02:00
erik-krogh	8779da8c0b	reintroduce Psych	2022-10-11 11:14:52 +02:00

1 2 3 4 5 ...

44890 Commits