hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,999 Commits 1,684 Branches 159 Tags
3bf2cf0ed8f1ff837103f43dde4e7b487ff64ec3
Commit Graph

1999 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
3bf2cf0ed8 Add precision metadata 2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
9634e8d7b0 Update path in qlref file 2021-08-18 11:54:04 +01:00
Owen Mansel-Chan
ca01d55297 Promote insufficient key size query 
Files were just moved - changes made in next commit
 2021-08-18 11:54:04 +01:00
Chris Smowton
10e362a0f2 Merge pull request #562 from sauyon/remove-binary 
Remove accidentally added binary
 2021-08-17 19:55:26 +01:00
Chris Smowton
2b6dde8e6c Merge pull request #561 from github/developer-happiness-query-suite 
Add a query suite for new experimental "developer happiness" queries
 2021-08-17 19:45:44 +01:00
Sauyon Lee
dc50d73008 Remove accidentally added binary 2021-08-17 10:11:04 -07:00
Sam Partington
78a4823bde Ensure all 3 IDs are considered 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-08-17 09:53:11 +01:00
Sam Partington
4e36d1f52f Add a query suite for new experimental "developer happiness" queries 
These are the queries added in https://github.com/github/codeql-go/pull/558.
 2021-08-16 18:05:31 +01:00
Chris Smowton
fbc65b3f87 Merge pull request #558 from sauyon/add-sample-queries 
Add sample DB-related queries
 2021-08-12 21:55:14 +01:00
Sauyon Lee
4c5d3ff344 Move defer in loop query to experimental 2021-08-12 10:13:30 -07:00
Sauyon Lee
02396dbd04 Add database query in loop query 
co-authored-by: Robert <robertbrignull@github.com>
co-authored-by: Sam Partington <sampart@github.com>
 2021-08-11 18:15:23 -07:00
Sauyon Lee
1ffeb26a61 Add query for a GORM error not checked 
co-authored-by: Sam Partington <sampart@github.com>
co-authored-by: Robin Neatherway <rneatherway@github.com>
 2021-08-11 18:15:23 -07:00
Shati Patel
65e9262b41 Merge pull request #556 from github/shati-patel-patch-1 
Update CODEOWNERS
 2021-07-28 12:56:48 +01:00
Shati Patel
0c4674cf86 Update CODEOWNERS 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2021-07-28 11:54:25 +01:00
Shati Patel
e83af8e4ea Update CODEOWNERS 2021-07-28 11:42:33 +01:00
Chris Smowton
e39753c72a Merge pull request #552 from github/deferinloop-kind 
Add @kind to deferinloop.ql
 2021-07-19 11:17:26 +01:00
Chris Smowton
b03513bcd2 Merge pull request #542 from gagliardetto/cors-misconfig 
Add query to detect CORS misconfiguration
 2021-07-16 16:12:15 +01:00
Chris Smowton
87afdae1c7 use hasFlowTo where possible 2021-07-16 14:38:05 +01:00
Sam Partington
e227a4315f Add @kind to deferinloop.ql 
Required to use this query with the CodeQL CLI
 2021-07-16 14:25:58 +01:00
Slavomir
52b650a1be Add AllowOriginHeaderWrite and AllowCredentialsHeaderWrite classes 2021-07-16 00:01:55 +02:00
Slavomir
e92738a93f Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-16 00:42:36 +03:00
Chris Smowton
73227f12df Merge pull request #539 from gagliardetto/fiber 
Add web framework: github.com/gofiber/fiber
 2021-07-15 17:53:45 +01:00
Slavomir
d252d6003f Remove Protocol as UntrustedFlowSource 2021-07-15 16:20:33 +02:00
Slavomir
498332c186 Mention Fiber.json in Fiber.qll 2021-07-15 15:15:10 +02:00
Slavomir
7d1a632b61 Move fiber spec in the same folder as source 2021-07-15 15:12:02 +02:00
Slavomir
92e0f02d2a Remove special cases inside if 2021-07-15 15:06:28 +02:00
Slavomir
66bd56f444 Don't use any() as sink 2021-07-05 13:14:56 +02:00
Chris Smowton
cd1e14ed09 Merge pull request #549 from edoardopirovano/change-pragma 
Performance: Remove `pragma[noopt]`
 2021-06-22 19:14:52 +01:00
Edoardo Pirovano
65a34b4aa6 Performance: Remove pragma[noopt] 2021-06-22 10:05:53 +01:00
Chris Smowton
52028cf363 Merge pull request #547 from edoardopirovano/fix-join-order 
Performance: Fix bad join ordering
 2021-06-21 20:11:22 +01:00
Edoardo Pirovano
a7c656db8b Performance: Fix bad join ordering 2021-06-21 18:58:35 +01:00
Slavomir
c0f195ba16 Reduce false positives 2021-06-19 22:25:51 +02:00
edvraa
ac777d237d autoformat 2021-06-17 09:23:26 +01:00
edvraa
0456d4793a Fix path tracking 2021-06-17 09:23:26 +01:00
edvraa
4576b16f30 Use dataflow gettype 2021-06-17 09:23:26 +01:00
edvraa
062acedd49 Unify and make getValueForFieldWrite private 2021-06-17 09:23:26 +01:00
edvraa
236b623f60 Get rid of NetHttpCookieTrackingConfiguration 2021-06-17 09:23:26 +01:00
edvraa
031a79b8f5 Gorilla Store Save sink 2021-06-17 09:23:26 +01:00
edvraa
8110c3d059 Use HasFlow 2021-06-17 09:23:26 +01:00
edvraa
d60d18a8d0 Stay on dataflow level 2021-06-17 09:23:26 +01:00
edvraa
ed8d025bdf Dedicated types 2021-06-17 09:23:26 +01:00
edvraa
cba4f0448e Use package 2021-06-17 09:23:26 +01:00
edvraa
167496edff Use MethodCallNode and hasQualifiedName 2021-06-17 09:23:26 +01:00
edvraa
5929f66efb No need for Function f 2021-06-17 09:23:26 +01:00
edvraa
06c328c5aa Fix comment 2021-06-17 09:23:26 +01:00
edvraa
3ac1b4ba0b Use CallNode 2021-06-17 09:23:26 +01:00
edvraa
d06f4ca21e Fix argumnt nr 2021-06-17 09:23:26 +01:00
edvraa
9224a315f1 inline isGinContextCookieFlow 2021-06-17 09:23:26 +01:00
edvraa
4d397d9974 Fix tests 2021-06-17 09:23:26 +01:00
edvraa
5349c98ae1 Comments 2021-06-17 09:23:26 +01:00