Josh Brown
|
3606679eee
|
Terminate p tag
|
2025-07-10 10:35:09 -07:00 |
|
Josh Brown
|
4dfa5d2858
|
Merge pull request #251 from microsoft/jb1/upstream-zipslip
Manual merge upstream
|
2025-07-10 09:48:55 -07:00 |
|
Josh Brown
|
87e0b08531
|
Merge branch 'main' into jb1/upstream-zipslip
|
2025-07-10 09:35:03 -07:00 |
|
Josh Brown
|
81f9e88040
|
run add-overlay-annotations.py
|
2025-07-09 22:37:51 -07:00 |
|
Mathias Vorreiter Pedersen
|
8cd58aa6e8
|
Merge pull request #255 from microsoft/add-iwr-as-flow-source
PS: Add more flow sources
|
2025-07-09 14:56:43 +01:00 |
|
Mathias Vorreiter Pedersen
|
d1988774a3
|
PS: Add more flow sources and accept test changes.
|
2025-07-09 12:22:33 +01:00 |
|
Mathias Vorreiter Pedersen
|
1816356515
|
PS: Add test with missing remote flow.
|
2025-07-09 12:20:41 +01:00 |
|
Mathias Vorreiter Pedersen
|
3101cc81e6
|
Merge pull request #253 from microsoft/add-set-execution-policy-bypass-query
PS: Add query for insecure uses of `Set-ExecutionPolicy`
|
2025-07-07 19:33:06 +01:00 |
|
Mathias Vorreiter Pedersen
|
398d27b779
|
PS: Fix missing AST child.
|
2025-07-07 19:15:18 +01:00 |
|
Mathias Vorreiter Pedersen
|
28de6ede04
|
PS: Also require '-Force' with a truthy value. Note the 'NOT DETECTED' test. We will fix that in the next commit.
|
2025-07-07 19:14:01 +01:00 |
|
Mathias Vorreiter Pedersen
|
1d64a7949b
|
Merge pull request #252 from microsoft/add-more-remote-flow-sources
PS: Add flow sources from `System.Net.WebClient`
|
2025-07-07 14:50:03 +01:00 |
|
Lindsay Simpkins
|
d4571f5b95
|
Merge pull request #254 from microsoft/implement-localExprTaint
PS: Actually implement `localExprTaint`
|
2025-07-07 08:23:11 -04:00 |
|
Mathias Vorreiter Pedersen
|
b6b4df5ce0
|
PS: Implement 'localExprTaint' instead of leaving it as 'none()'.
|
2025-07-04 20:24:22 +01:00 |
|
Mathias Vorreiter Pedersen
|
4e524a189d
|
PS: Add tests.
|
2025-07-04 19:44:49 +01:00 |
|
Mathias Vorreiter Pedersen
|
f7c9899450
|
PS: Add documentation.
|
2025-07-04 19:44:39 +01:00 |
|
Mathias Vorreiter Pedersen
|
2731983fbe
|
PS: Add query for insecure uses of 'Set-ExecutionPolicy'.
|
2025-07-04 19:44:15 +01:00 |
|
Mathias Vorreiter Pedersen
|
52ff5d3fbc
|
Merge pull request #246 from microsoft/powershell-commandinjection-invokesinkfix
InvokeSink fix
|
2025-07-04 18:17:09 +01:00 |
|
Chanel Young
|
654bf2f42f
|
random newline to reset git latest pusher
|
2025-07-04 10:07:57 -07:00 |
|
Mathias Vorreiter Pedersen
|
766cf826bb
|
PS: Add more models and accept test changes.
|
2025-07-04 18:01:45 +01:00 |
|
Mathias Vorreiter Pedersen
|
bd9043576d
|
PS: Add test with missing remote flow source.
|
2025-07-04 18:00:19 +01:00 |
|
Chanel
|
8aa8dde439
|
Merge branch 'main' into powershell-commandinjection-invokesinkfix
|
2025-07-04 09:59:15 -07:00 |
|
Mathias Vorreiter Pedersen
|
2a26c43c19
|
PS: Cleanup a few manually generated models.
|
2025-07-04 17:01:25 +01:00 |
|
Mathias Vorreiter Pedersen
|
eec092c4c4
|
PS: Mark the BAD results in the test appropriately.
|
2025-07-04 11:13:15 +01:00 |
|
Mathias Vorreiter Pedersen
|
7d07773a33
|
PS: Accept test changes.
|
2025-07-04 11:12:55 +01:00 |
|
Mathias Vorreiter Pedersen
|
0585c2f9e5
|
PS: Gets back the previously-lost false negative by making the variable property name expression the sink when there is a call to 'Invoke'.
|
2025-07-04 11:12:31 +01:00 |
|
Josh Brown
|
4122283ec8
|
Manual merge
|
2025-07-01 16:10:55 -07:00 |
|
Jeroen Ketema
|
19d6f665b4
|
Merge pull request #19676 from mrigankpawagi/patch-1
Fixes in cpp/global-use-before-init
|
2025-07-01 19:17:29 +02:00 |
|
Jeroen Ketema
|
7c2fd28585
|
Merge pull request #19938 from jketema/external
C++: Remove unused `external_package` tables from the dbscheme
|
2025-07-01 16:50:31 +02:00 |
|
Mrigank Pawagi
|
fe24cc876a
|
Merge branch 'main' into patch-1
|
2025-07-01 20:04:13 +05:30 |
|
Arthur Baars
|
4c6c395b1b
|
Merge pull request #19939 from github/aibaars/rust-workflows
Rust: add to `generate-code-scanning-query-list.py` and `shared-code-metrics.py` scripts
|
2025-07-01 16:12:11 +02:00 |
|
Jeroen Ketema
|
02e5541953
|
Merge branch 'main' into patch-1
|
2025-07-01 15:58:48 +02:00 |
|
Mrigank Pawagi
|
b821b21500
|
Create 2025-07-01-global-vars-ubi-query-fixes.md.md
|
2025-07-01 13:12:38 +00:00 |
|
Tom Hvitved
|
b813010b75
|
Merge pull request #19903 from hvitved/rust/type-inference-overlap2
Rust: Apply inherent method prioritization inside type inference loop
|
2025-07-01 14:21:15 +02:00 |
|
Tom Hvitved
|
d6b051ed30
|
Merge pull request #19936 from hvitved/rust/path-resolution-prelude-always
Rust: Assume prelude is always available in path resolution
|
2025-07-01 13:13:35 +02:00 |
|
Owen Mansel-Chan
|
811ed3ccde
|
Merge pull request #19892 from owen-mc/fix-markdown-query-help-formatting
Fix markdown query help formatting
|
2025-07-01 12:05:35 +01:00 |
|
Tom Hvitved
|
219a622299
|
Merge pull request #19926 from hvitved/ruby/restrict-string-component-length
Ruby: Do not compute `StringlikeLiteralImpl.getStringValue` for large strings
|
2025-07-01 12:45:51 +02:00 |
|
Arthur Baars
|
c08d98d159
|
Rust: add to querylist and shared code metrics scripts
|
2025-07-01 12:16:42 +02:00 |
|
Tom Hvitved
|
072339137a
|
Rust: Update expected test output
|
2025-07-01 10:34:16 +02:00 |
|
Jeroen Ketema
|
f3c5870d44
|
C++: Update stats file
|
2025-07-01 10:21:51 +02:00 |
|
Tom Hvitved
|
bd1f46b75c
|
Rust: Assume prelude is always available in path resolution
|
2025-07-01 10:18:02 +02:00 |
|
Jeroen Ketema
|
8ac69b9116
|
C++: Add upgrade and downgrade scripts
|
2025-07-01 10:17:43 +02:00 |
|
Tom Hvitved
|
e88d7baa7d
|
Rust: Apply inherent method prioritization inside type inference loop
|
2025-07-01 10:17:26 +02:00 |
|
Tom Hvitved
|
e5f0ef6ae8
|
Rust: Add more type inference tests
|
2025-07-01 10:17:25 +02:00 |
|
Jeroen Ketema
|
7779f14654
|
C++: Remove unused external_package tables from the dbscheme
|
2025-07-01 10:13:04 +02:00 |
|
Jeroen Ketema
|
a791640b52
|
Merge pull request #19935 from jketema/sync-dbscheme-cpp
C++: synchronize dbscheme
|
2025-07-01 09:51:29 +02:00 |
|
Michael Nebel
|
233b54c7fa
|
Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites
Go/Ruby/Python: Freeze quality queries in `security-and-quality`.
|
2025-07-01 09:04:19 +02:00 |
|
Tom Hvitved
|
2ee3401cfb
|
Merge pull request #19873 from github/redsun82/rust-item-reorg
Rust: make `AssocItem` and `ExternItem` subclasses of `Item`
|
2025-07-01 08:58:48 +02:00 |
|
Jeroen Ketema
|
d5c7905009
|
Merge pull request #19907 from github/idrissrio/no-string-representation
C++: fix `(no string representation)` for `ConstructorInit`
|
2025-07-01 08:13:31 +02:00 |
|
Jeroen Ketema
|
98798b6f73
|
C++: Update stats file
|
2025-06-30 20:12:49 +02:00 |
|
Jeroen Ketema
|
1772193982
|
Merge pull request #19933 from jketema/arm-change
C++: Add Arm64 change note
|
2025-06-30 19:19:32 +02:00 |
|