hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
24,211 Commits 1,741 Branches 166 Tags
383b5f2ff281e1a1fecda9b2dd5adfd59005cabc
Commit Graph

24211 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
cea2f82be9 Python: Port py/path-injection to use proper source/sink customization 2021-07-13 14:09:02 +02:00
Rasmus Wriedt Larsen
bf214ac3bb Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-07-13 13:41:26 +02:00
Tom Hvitved
cb1b227c87 Merge pull request #6270 from hvitved/csharp/standalone-nuget-restore 
C#: Skip `dotnet restore` in standalone extraction when `nuget_restore: false` is set
 2021-07-13 13:36:40 +02:00
Rasmus Wriedt Larsen
1a59c9b64a Merge pull request #6204 from tausbn/python-ensmallen-localsourcenode 
Python: Clean up `LocalSourceNode` charpred
 2021-07-13 13:27:38 +02:00
Robin Neatherway
fc38960795 Split up metric information across the doc 2021-07-13 11:25:15 +01:00
Mathias Vorreiter Pedersen
1ed027e0d1 Merge pull request #6266 from erik-krogh/mootools-doc 
JS: add missing qldoc in MooTools.qll
 2021-07-13 10:39:21 +02:00
Anders Schack-Mulligen
be96647f78 Merge pull request #6256 from hvitved/dataflow/summary-node-type-join-order 
Data flow: Fix bad join-orders in `summaryNodeType`
 2021-07-13 10:24:30 +02:00
Erik Krogh Kristensen
07bc5856db add the cwd option from read-pkg as sink for path-injection 2021-07-12 23:43:15 +02:00
Erik Krogh Kristensen
cadbdcff0a add missing qldoc in MooTools.qll 2021-07-12 23:20:51 +02:00
Robert Marsh
61ee4af66c Merge pull request #6159 from MathiasVP/more-effective-barriers-in-bounded-predicate 
C++: More effective barriers in the `bounded` predicate for CWE-190
 2021-07-12 11:59:37 -07:00
Mathias Vorreiter Pedersen
7da7ec60d9 C++: Inline predicates from 'Bounded.qll'. 2021-07-12 19:09:33 +02:00
Robin Neatherway
2c14c982d8 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-07-12 17:34:52 +01:00
Mathias Vorreiter Pedersen
4fc60aedc6 C++: Relax the restrictions on when '%' is a barrier and accept test changes. 2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen
a6f1f8d3b6 C++: Add testcases demonstrating FPs from real code. 2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen
6a11aa7f2a Merge pull request #6154 from MathiasVP/more-random-sources-in-uncontrolled-arithmetic 
C++: Add more random sources in `cpp/uncontrolled-arithmetic`
 2021-07-12 17:37:44 +02:00
Robin Neatherway
5d849a9f9d Add docs for summary type queries 2021-07-12 16:26:21 +01:00
Erik Krogh Kristensen
899e54fbc9 add support for the slash library 2021-07-12 16:36:54 +02:00
Rasmus Wriedt Larsen
47f5c977cf Python: Port py/stack-trace-exposure to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Rasmus Wriedt Larsen
934007c811 Python: Port py/unsafe-deserialization to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Rasmus Wriedt Larsen
7c71223f7f Python: Port py/url-redirection to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Rasmus Wriedt Larsen
b4c0b1b525 Python: Port py/reflective-xss to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Rasmus Wriedt Larsen
62e4445f45 Python: Port py/command-line-injection to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Rasmus Wriedt Larsen
7f53781ba7 Python: Port py/code-injection to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Rasmus Wriedt Larsen
0be280c608 Python: Port py/sql-injection to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Tom Hvitved
6ba6d9931c C#: Skip dotnet restore in standalone extraction when nuget_restore: false is set 2021-07-12 15:16:16 +02:00
Asger F
d8927e5612 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-07-12 14:23:58 +02:00
Erik Krogh Kristensen
c4f5009917 make explicit calls to member predicates 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-07-12 14:22:08 +02:00
Erik Krogh Kristensen
d22ebadcf2 add support for many more case changing libraries 2021-07-12 14:09:34 +02:00
Mathias Vorreiter Pedersen
dec747f6f0 Merge branch 'main' into more-random-sources-in-uncontrolled-arithmetic 2021-07-12 13:48:48 +02:00
Erik Krogh Kristensen
a5d1325d3f add support for the change-case library 2021-07-12 13:37:06 +02:00
Mathias Vorreiter Pedersen
c47d680d65 Merge pull request #6168 from criemen/fix-warning 
C++: Fix warning from compile-query.
 2021-07-12 12:41:29 +02:00
Tom Hvitved
47d126e681 Data flow: Sync 2021-07-12 12:09:51 +02:00
Tom Hvitved
09daf86e33 Data flow: Fix bad join-orders in summaryNodeType 2021-07-12 12:09:06 +02:00
Mathias Vorreiter Pedersen
04dcef5ec4 C++: Include ComplementExpr as a sanitizer. 2021-07-12 11:53:47 +02:00
Cornelius Riemenschneider
d34f7b941a C++: Address code review. 2021-07-12 11:43:43 +02:00
Cornelius Riemenschneider
e821b8be99 C++: Fix warning from compile-query. 2021-07-12 11:43:43 +02:00
Mathias Vorreiter Pedersen
d2cc0d3925 C++: Fix annotations. 2021-07-12 11:30:43 +02:00
Erik Krogh Kristensen
bef7e61e76 add support for the fast-json-stringify library 2021-07-12 11:13:01 +02:00
Erik Krogh Kristensen
40aa970db3 add support for the strip-json-comments library 2021-07-12 11:08:50 +02:00
Erik Krogh Kristensen
23c3be6860 add support for the json-cycle library 2021-07-12 11:03:39 +02:00
Asger Feldthaus
5df961c4ed JS: Add change note 2021-07-12 10:53:41 +02:00
Erik Krogh Kristensen
94cbc4b2c0 add step through the fclone library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
f99a33598f add support for the safe-stable-stringify library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
d6300bced3 add support for the replicator library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
babf657d9d add support for the teleport-javascript library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
9261b7f859 add support for the flatted library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
1792c9a611 add taint step through the prettyjson library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
0bfff1eb7e add support for the json5 library 2021-07-12 10:51:42 +02:00
Erik Krogh Kristensen
cb3bd4901b add taint step through the json2csv library 2021-07-12 10:51:42 +02:00
Tom Hvitved
db4c8dfd3c Merge pull request #6208 from hvitved/csharp/query-modules 
C#: Add `Query` suffix to libraries that should only be imported by queries
 2021-07-12 10:26:45 +02:00