hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 12:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,825 Commits 1,686 Branches 158 Tags
41003231b0d945d13ce28b0255ecf166a810ddea
Commit Graph

265 Commits

Author SHA1 Message Date
github-actions[bot]
e8747d3176 Post-release preparation for codeql-cli-2.10.2 2022-07-28 20:00:09 +00:00
github-actions[bot]
212786ed91 Release preparation for version 2.10.2 2022-07-28 13:38:35 +00:00
Harry Maclean
cb3ebeedf9 Merge pull request #9696 from thiggy1342/experimental-strong-params 
RB: Experimental strong params query
 2022-07-25 12:08:55 +12:00
thiggy1342
0c0ba925a7 this one should have no tag 2022-07-22 18:44:03 +00:00
thiggy1342
f39ca1aad2 correct cwe tagged 2022-07-22 18:36:25 +00:00
thiggy1342
c2710fb038 Update ruby/ql/src/change-notes/2022-07-21-check-http-verb.md 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-07-22 13:52:00 -04:00
thiggy1342
2c095cf166 Update ruby/ql/src/change-notes/2022-07-21-weak-params.md 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-07-22 13:51:38 -04:00
thiggy1342
1842bde879 add change note 2022-07-21 22:13:53 +00:00
thiggy1342
c1a6ca5f94 add change note 2022-07-21 22:11:14 +00:00
thiggy1342
486a394a7f Update ruby/ql/src/experimental/weak-params/WeakParams.ql 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-07-21 17:26:09 -04:00
thiggy1342
cc958dc171 Update ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-07-21 17:19:33 -04:00
thiggy1342
8c55a15fa6 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-20 10:27:40 -04:00
thiggy1342
6f74a2609c Merge branch 'main' into experimental-strong-params 2022-07-20 10:26:49 -04:00
thiggy1342
9586259706 style tweak for checking multiple method names 2022-07-19 00:29:30 +00:00
thiggy1342
304203ad2f fix path problem output 2022-07-19 00:25:50 +00:00
github-actions[bot]
0ee476129a Post-release preparation for codeql-cli-2.10.1 2022-07-14 14:38:49 +00:00
github-actions[bot]
d1aa0d7dd3 Release preparation for version 2.10.1 2022-07-14 08:56:03 +00:00
thiggy1342
62a10e20b2 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-13 20:28:09 -04:00
thiggy1342
9d277027a3 Merge branch 'main' into experimental-strong-params 2022-07-13 20:19:50 -04:00
thiggy1342
3dd61cadf4 formatting query 2022-07-14 00:19:36 +00:00
thiggy1342
ee79834cc8 formatting in qhelp 2022-07-14 00:15:39 +00:00
thiggy1342
ae634367c9 add qhelp file 2022-07-14 00:11:52 +00:00
thiggy1342
2cc703387b use taint config for data flow 2022-07-14 00:11:52 +00:00
Erik Krogh Kristensen
c4f44bb67f sync files 2022-07-13 10:01:26 +02:00
thiggy1342
7129002573 tweak tests more 2022-07-13 00:33:58 +00:00
thiggy1342
7facc63699 remove predicate 2022-07-12 22:59:48 +00:00
thiggy1342
ad7c3e7217 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-11 10:20:07 -04:00
thiggy1342
5d3232c614 refactor to use data flow 2022-07-08 18:53:24 +00:00
thiggy1342
0435105d16 Merge remote-tracking branch 'upstream/main' into experimental-strong-params 2022-07-08 18:36:09 +00:00
thiggy1342
6aab970a9e refactor query to use cfg and dataflow 2022-07-08 18:32:54 +00:00
Andrew Eisenberg
ddf06f8617 Add change notes and qldoc for moved files 2022-06-29 10:03:12 -07:00
Andrew Eisenberg
a3f4d1bf66 Move contextual queries from src to lib 
With this change, users are now able to run View AST command in
vscode within vscode workspaces that do not include the core libraries.
The relevant core library only needs to be installed in the package
cache.
 2022-06-29 07:51:26 -07:00
github-actions[bot]
d506f448ef Post-release preparation for codeql-cli-2.10.0 2022-06-24 07:36:33 +00:00
thiggy1342
6ea1aad5fc more style fixes 2022-06-23 22:57:51 -04:00
thiggy1342
ce2edd4b28 style tweaks 2022-06-24 02:46:48 +00:00
thiggy1342
ca074e2275 add qhelp file 2022-06-24 02:19:06 +00:00
thiggy1342
45dd38df6e polish up dataflow query 2022-06-24 01:50:20 +00:00
Asger F
d94010c244 Grammar: report -> reports 2022-06-23 14:17:52 +02:00
github-actions[bot]
a74051c658 Release preparation for version 2.10.0 2022-06-23 11:17:46 +00:00
thiggy1342
e838b83f5f attempt to introduce dataflow tracking 2022-06-23 02:21:47 +00:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
thiggy1342
995f365568 just check string literal 2022-06-22 02:17:01 +00:00
thiggy1342
c767f241ad narrow query scope 2022-06-22 02:12:23 +00:00
thiggy1342
f6c4b5c44b Merge branch 'experimental-manually-check-request-verb' of https://github.com/thiggy1342/codeql into experimental-manually-check-request-verb 2022-06-21 21:27:39 +00:00
thiggy1342
990747cd22 Limit findings to just those called in Controllers 2022-06-21 21:27:18 +00:00
thiggy1342
53729f99c5 restrict findings to just controller classes 2022-06-21 20:28:29 +00:00
thiggy1342
83b720d730 first draft of weak params query 2022-06-21 19:28:53 +00:00
Edoardo Pirovano
70dbd92e25 Bump minor version of all regularly released packs 2022-06-21 11:22:58 +01:00
Edoardo Pirovano
ad02b85efa Merge branch main into rc/3.6 2022-06-21 11:15:25 +01:00
thiggy1342
db46a1d807 Update ruby/ql/src/experimental/decompression-api/DecompressionApi.ql 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-06-20 11:05:16 -04:00