hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,689 Commits 1,697 Branches 161 Tags
37fff48dcd3b18cf475a7ca78e74099011d982ee
Commit Graph

83689 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nora Dimitrijević
37fff48dcd Python/ServerSideRequestForgeryQuery 
python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql
 2025-10-28 09:40:24 +01:00
Nora Dimitrijević
baccdcc07f Python/PolynomialReDoSQuery 
python/ql/src/Security/CWE-730/PolynomialReDoS.ql
 2025-10-28 09:40:21 +01:00
Nora Dimitrijević
bb80d83276 JS/SSRF 
javascript/ql/src/experimental/Security/CWE-918/SSRF.ql
 2025-10-28 09:40:19 +01:00
Nora Dimitrijević
bcdbe0b50a JS/PolynomialReDoSQuery 
javascript/ql/src/Performance/PolynomialReDoS.ql
 2025-10-28 09:40:16 +01:00
Nora Dimitrijević
94343254e3 JS/ShellCommandInjectionFromEnvironmentQuery 
javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
 2025-10-28 09:40:14 +01:00
Nora Dimitrijević
71cf042607 JS/IndirectCommandInjectionQuery 
javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql
 2025-10-28 09:40:11 +01:00
Nora Dimitrijević
2a30ea923a JS/CommandInjectionQuery 
javascript/ql/src/experimental/heuristics/ql/src/Security/CWE-078/CommandInjection.ql

javascript/ql/src/Security/CWE-078/CommandInjection.ql
 2025-10-28 09:40:09 +01:00
Nora Dimitrijević
f24a6f64ab Java/WebviewDebugEnabledQuery 
java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.ql
 2025-10-28 09:40:06 +01:00
Nora Dimitrijević
518c0818a4 Java/UnsafeDeserializationQuery 
java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.ql
 2025-10-28 09:40:03 +01:00
Nora Dimitrijević
4439322e88 Java/TempDirLocalInformationDisclosureQuery 
java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql
 2025-10-28 09:40:01 +01:00
Nora Dimitrijević
2a889f4f98 Java/TaintedPermissionsCheckQuery 
java/ql/src/Security/CWE/CWE-807/TaintedPermissionsCheck.ql
 2025-10-28 09:39:58 +01:00
Nora Dimitrijević
697f428eae Java/TaintedEnvironmentVariableQuery 
java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironment.ql
 2025-10-28 09:39:55 +01:00
Nora Dimitrijević
72a97773b1 Java/NumericCastTaintedQuery 
java/ql/src/Security/CWE/CWE-681/NumericCastTainted.ql
 2025-10-28 09:39:52 +01:00
Nora Dimitrijević
247ae1d23c Java/MaybeBrokenCryptoAlgorithmQuery 
java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql
 2025-10-28 09:39:50 +01:00
Nora Dimitrijević
eebff9c282 Java/ImproperValidationOfArrayConstructionFlow 
java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql
 2025-10-28 09:39:47 +01:00
Nora Dimitrijević
9eeeec336e Java/ImproperValidationOfArrayConstructionCodeSpecifiedQuery 
java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql
 2025-10-28 09:39:45 +01:00
Nora Dimitrijević
dc1dff98b0 Java/ConditionalBypass 
java/ql/src/Security/CWE/CWE-807/ConditionalBypass.ql
 2025-10-28 09:39:42 +01:00
Nora Dimitrijević
4482e831d7 Java/CommandLineQuery 
85a4dd0325/java/ql/src/Security/CWE/CWE-078/ExecTainted.ql

857b51be58/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql

b6e56f26c7/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql
 2025-10-28 09:39:39 +01:00
Nora Dimitrijević
b023880a0a Java/BrokenCryptoAlgorithmQuery 
java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql
 2025-10-28 09:39:37 +01:00
Nora Dimitrijević
1129230e10 Java/ArithmeticUncontrolledQuery 
java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
 2025-10-28 09:39:34 +01:00
Nora Dimitrijević
a228936c63 Java/ArithmeticTainted 
java/ql/src/Security/CWE/CWE-190/ArithmeticTainted.ql
 2025-10-28 09:39:31 +01:00
Nora Dimitrijević
913550f408 Java/ArbitraryApkInstallationQuery 
java/ql/src/Security/CWE/CWE-094/ArbitraryApkInstallation.ql
 2025-10-28 09:39:29 +01:00
Nora Dimitrijević
59a8e9b78c Go/InsufficientKeySize 2025-10-28 09:39:27 +01:00
Nora Dimitrijević
7722f31cb8 Go/DivideByZero 2025-10-28 09:39:24 +01:00
Nora Dimitrijević
ba22f0d7d2 C#/DontInstallRootCert 2025-10-28 09:39:21 +01:00
Nora Dimitrijević
ad31f1ab6d C++/WordexpTainted 
Same file usees source and sink as endpoints
 2025-10-28 09:39:19 +01:00
Nora Dimitrijević
5a1a887fd2 Actions/ReusableWorkflowsSummaries 2025-10-28 09:39:16 +01:00
Nora Dimitrijević
1243c6362d Actions/ReusableWorkflowsSources 2025-10-28 09:39:14 +01:00
Nora Dimitrijević
a972ef7e31 Actions/ReusableWorkflowsSinks 
Same file uses source as endpoint
 2025-10-28 09:39:11 +01:00
Nora Dimitrijević
9c24ce0650 Actions/CompositeActionsSummaries 
Same file uses source as endpoint
 2025-10-28 09:39:09 +01:00
Nora Dimitrijević
78f2cee51c Actions/CompositeActionsSources 
Same file uses source as endpoint
 2025-10-28 09:39:06 +01:00
Nora Dimitrijević
d36b721513 Actions/CompositeActionsSinks 
Same file uses source as endpoint
 2025-10-28 09:38:55 +01:00
Nora Dimitrijević
bb10307303 Actions/SecretExfiltrationQuery 
actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql uses source as endpoint
 2025-10-28 09:38:38 +01:00
Nora Dimitrijević
890ca8e7d1 Actions/RequestForgeryQuery 
actions/ql/src/experimental/Security/CWE-918/RequestForgery.ql uses source as endpoint
 2025-10-28 09:38:21 +01:00
Nora Dimitrijević
3fa8259042 Actions/OutputClobberingQuery 
actions/ql/src/experimental/Security/CWE-074/OutputClobberingHigh.ql uses source as endpoint
 2025-10-28 09:38:01 +01:00
Asger F
8d49f26f3d Merge pull request #20397 from asgerf/js/build-artifact-leak-fp 
JS: Fix FP in js/build-artifact-leak when keys come from an array of constants
 2025-10-28 06:40:13 +01:00
Alexander Eyers-Taylor
227e1fcbde Merge pull request #20598 from github/alexet/overlay-query-libraries 
Java: Make some query libraries local.
 2025-10-27 17:52:27 +00:00
Paolo Tranquilli
630ea7bd0a Merge pull request #20641 from github/redsun82/fix-pytest-build-as-test-windows 
Pytest: fix the `build-as-test` mode on Windows
 2025-10-27 15:47:24 +01:00
Idriss Riouak
11a7d53002 Merge pull request #20657 from github/idrissrio/java-maven-fix 
Java: Add integration test to reproduce regression
 2025-10-27 15:09:41 +01:00
idrissrio
d473b36918 Java: Accept new test results after extractor changes 2025-10-27 14:26:48 +01:00
idrissrio
714b2ad565 Java: Add integration test for maven 2025-10-27 14:26:47 +01:00
Simon Friis Vindum
35b4a36f37 Merge pull request #20691 from paldepind/cpp/range-analysis-refactor 
C++: A few small refactors to the simple range analysis library
 2025-10-27 14:15:37 +01:00
Anders Schack-Mulligen
31428b2f66 Merge pull request #20700 from aschackmull/java/delete-old-ssa-consistency 
Java: Remove old SSA consistency queries.
 2025-10-27 14:12:09 +01:00
Paolo Tranquilli
105f810654 Merge pull request #20658 from github/redsun82/csharp-fix-xframe-options-in-location 
Csharp: fix `cs/web/missing-x-frame-options` to also consider `location` elements
 2025-10-27 13:49:09 +01:00
Chris Smowton
2e0e9e0834 Merge pull request #20550 from github/smowton/admin/document-rails-5-csrf 
Ruby: Update CSRF protection notes in documentation
 2025-10-27 12:19:16 +00:00
Anders Schack-Mulligen
96fc1e889a Java: Accept .expected file. 2025-10-27 13:17:53 +01:00
Anders Schack-Mulligen
02a942554d Java: Remove old SSA consistency queries. 2025-10-27 12:55:43 +01:00
Jeroen Ketema
47b26ddea4 Merge pull request #20446 from github/jketema/swift-6.2 
Swift: Make extractor compile with Swift 6.2
 2025-10-27 12:24:16 +01:00
Jeroen Ketema
be0d405f6d Swift: Update artifacts 2025-10-27 11:28:53 +01:00
Jeroen Ketema
aabc8bc38b Swift: Fix typo in change note 2025-10-27 10:54:39 +01:00