hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
33,449 Commits 1,773 Branches 168 Tags
36749a5b3b3cfdccbc900462e4369fca2d202dec
Commit Graph

33449 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
36749a5b3b Remove additional SQL sinks 2022-03-11 11:59:34 +00:00
Esben Sparre Andreasen
01ce892747 Remove additional path-injection sinks 2022-03-11 11:59:34 +00:00
Esben Sparre Andreasen
9f1eef302f Add benjamin-button.md 2022-03-11 11:59:34 +00:00
Esben Sparre Andreasen
ce8b938d95 Remove pseudo-properties 2022-03-11 11:59:34 +00:00
Esben Sparre Andreasen
df6a0e267a Remove 2020 sinks from SqlInjection.ql 2022-03-11 11:59:33 +00:00
Esben Sparre Andreasen
df815171eb Remove 2020 sinks from Xss.ql 2022-03-11 11:59:33 +00:00
Esben Sparre Andreasen
16f9dd1292 Remove 2020 sinks from TaintedPath.ql 2022-03-11 11:59:33 +00:00
Jeroen Ketema
a8b2805aeb Merge pull request #8246 from ihsinme/ihsinme-patch-82 
CPP: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf
 2022-03-11 12:54:49 +01:00
Chris Smowton
b1a42816bd Merge pull request #8402 from smowton/smowton/admin/revert-8360 
Java: Revert #8360, "Add CompileTimeConstantExpr.getStringified method"
 2022-03-11 11:54:24 +00:00
Erik Krogh Kristensen
e625d17978 Merge pull request #8374 from erik-krogh/nonDocBlock 
QL: add query detecting block comments in a position where a QLDoc should be
 2022-03-11 12:24:44 +01:00
Chris Smowton
46cd85c70b Revert #8360, "Add CompileTimeConstantExpr.getStringified method" 2022-03-11 11:13:21 +00:00
Chris Smowton
f006cd0e37 Merge pull request #8360 from JLLeitschuh/feat/JLL/compile_time_constant_getStringified 
[Java] Add CompileTimeConstantExpr.getStringified method
 2022-03-11 10:34:52 +00:00
Erik Krogh Kristensen
122ab6e6d8 C#: fix some ql/non-doc-block warnings 2022-03-11 11:02:58 +01:00
Erik Krogh Kristensen
ddf93b555e PY: fix some ql/non-doc-block warnings 2022-03-11 11:02:58 +01:00
Erik Krogh Kristensen
8db51b49f3 QL: fix ql/non-doc-block in QL-for-QL 2022-03-11 11:02:58 +01:00
Erik Krogh Kristensen
8483b9fd65 QL: add query detecting block comments in a position where a QLDoc should be 2022-03-11 11:02:56 +01:00
Tony Torralba
c99bad4047 Recover old change note 2022-03-11 10:35:04 +01:00
Erik Krogh Kristensen
df9533f46e Merge pull request #8347 from erik-krogh/depBeGone 
remove all deprecations that are over a year old
 2022-03-11 10:01:07 +01:00
Erik Krogh Kristensen
d316ad198e Merge pull request #8380 from erik-krogh/chainedCalls 
JS: support that the base is not a method-call in getAChainedMethodCall
 2022-03-10 21:13:42 +01:00
ihsinme
ac8adeabf5 Update ImproperCheckReturnValueScanf.expected 2022-03-10 21:12:23 +03:00
ihsinme
623f3fbe21 Update test.cpp 2022-03-10 21:10:41 +03:00
Erik Krogh Kristensen
9466043169 CPP: remove remaining ObjectiveC references 2022-03-10 19:00:49 +01:00
Alex Ford
19c7f7be46 Merge pull request #8271 from github/alexrford/ruby/orm-write-access 
Ruby: Add `OrmWriteAccess` concept to model writes to a DB using an ORM
 2022-03-10 17:35:02 +00:00
ihsinme
a094e6f63b Update test.cpp 2022-03-10 17:56:34 +03:00
ihsinme
fa3ce61369 Update test.cpp 2022-03-10 17:54:03 +03:00
Tom Hvitved
d4808a7b4a Merge pull request #8389 from hvitved/ruby/regex-unique-get-value 
Ruby: Avoid multiple `RegExpEscape::getValue` results
 2022-03-10 15:53:28 +01:00
Erik Krogh Kristensen
41778328c2 Update javascript/ql/lib/semmle/javascript/dataflow/Sources.qll 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-03-10 14:16:28 +01:00
Mathias Vorreiter Pedersen
5de2e24e9a Merge pull request #8358 from geoffw0/cwe497c 
C++: Upgrade cpp/system-data-exposure to high precision
 2022-03-10 10:49:19 +00:00
Erik Krogh Kristensen
c2743177af JS: delete the TrackedNodes.qll, it had no public interface left 2022-03-10 11:34:17 +01:00
Chris Smowton
3113b27606 Fix style 2022-03-10 10:03:14 +00:00
Tom Hvitved
208851cb91 Merge pull request #7084 from hvitved/ruby/self-flow 
Ruby: Cleanup flow through `self`
 2022-03-10 10:50:24 +01:00
Tom Hvitved
5b974582e3 Merge pull request #8322 from hvitved/csharp/remove-odasa-legacy 
C#: Remove legacy `odasa` support
 2022-03-10 10:34:33 +01:00
Tom Hvitved
76663f80f0 Ruby: Avoid multiple RegExpEscape::getValue results 2022-03-10 10:32:24 +01:00
Tom Hvitved
0d71f0ab40 Ruby: Add regex unicode test 2022-03-10 10:30:17 +01:00
Erik Krogh Kristensen
fa766126e5 CPP: remove import of deleted deprecation 2022-03-10 10:25:03 +01:00
Erik Krogh Kristensen
a96223c9c1 PY: remove leftover comments 2022-03-10 10:25:03 +01:00
Erik Krogh Kristensen
e6b0552114 JS: delete leftover comment 2022-03-10 10:25:02 +01:00
Erik Krogh Kristensen
53d557c037 CPP: delete file that that had been deprecated for over a year 2022-03-10 10:24:57 +01:00
Tom Hvitved
37f5db5baa Ruby: Reduce captureFlow(In|Out) 
When there is flow in/out of a block through a captured variable, we can restrict
the calls that give rise to the flow to the method calls to which the blocks
belong.
 2022-03-10 10:21:51 +01:00
Geoffrey White
9e3156dd1c Merge branch 'main' into cwe497c 2022-03-10 09:05:58 +00:00
Erik Krogh Kristensen
b9b65005d6 C#: delete leftover comment 2022-03-10 10:02:36 +01:00
ihsinme
4b451cfee6 Update ImproperCheckReturnValueScanf.expected 2022-03-10 10:13:04 +03:00
ihsinme
5e23615be7 Update test.cpp 2022-03-10 10:12:29 +03:00
Alex Ford
edf8a3f810 Ruby: update test output 2022-03-10 00:17:29 +00:00
Alex Ford
ace60df619 Ruby: add missing qldoc 2022-03-10 00:00:02 +00:00
Alex Ford
8abee165a5 Ruby: test cases for PersistentWriteAccess in rails model class 2022-03-09 22:35:40 +00:00
Alex Ford
a040b67434 Ruby: drop some redundant extends classes 2022-03-09 19:13:58 +00:00
Alex Ford
d85424d0e0 Ruby: Drop ActiveRecord::Persistence.ModifyAndSaveCall 2022-03-09 19:10:53 +00:00
Alex Ford
19c413d5fb Ruby: Drop setsKeyValuePair/2 predicate from ActiveRecord::Persistence.ModifyAndSaveCall 2022-03-09 19:09:18 +00:00
Alex Ford
ee433637f8 Ruby: replace OrmWriteAccess with PersistentWriteAccess concept 2022-03-09 18:59:16 +00:00