hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,369 Commits 1,690 Branches 160 Tags
48475e66afbef2e480ca3ed2016ef0452d495f23
Commit Graph

181 Commits

Author SHA1 Message Date
github-actions[bot]
48475e66af Post-release preparation for codeql-cli-2.24.0 2026-01-19 15:49:08 +00:00
github-actions[bot]
4142b9c4ce Release preparation for version 2.24.0 2026-01-19 14:49:14 +00:00
Ian Lynagh
dcd0a69759 Merge remote-tracking branch 'upstream/main' into igfoo/mb 2026-01-13 01:01:35 +00:00
github-actions[bot]
2cb932cf5d Post-release preparation for codeql-cli-2.23.9 2026-01-06 15:42:16 +00:00
github-actions[bot]
c00663766e Release preparation for version 2.23.9 2026-01-05 11:57:06 +00:00
Óscar San José
d972af9ef8 Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main 2025-12-12 13:22:08 +01:00
github-actions[bot]
2854330759 Post-release preparation for codeql-cli-2.23.8 2025-12-08 15:49:10 +00:00
github-actions[bot]
66c51e979e Release preparation for version 2.23.8 2025-12-08 14:38:23 +00:00
Óscar San José
bc6133de5c Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.20 2025-12-05 19:31:47 +01:00
Chris Smowton
02caa098bc Actions: note imprecision of MissingActionsPermissions.ql 
Added a note to the query's qhelp to note its imprecision, but also encourage usage of a permissions block regardless as a belt-and-braces measure.
 2025-12-05 12:36:07 +00:00
Owen Mansel-Chan
fb841ea591 Make predicates containing query logic more self-contained 2025-12-04 16:50:37 +00:00
Owen Mansel-Chan
f6bdb3a126 Fix filtering of code injection alerts between medium and critical 2025-12-04 16:50:34 +00:00
github-actions[bot]
085faa2bdb Post-release preparation for codeql-cli-2.23.7 2025-12-02 16:39:43 +00:00
github-actions[bot]
a045b317ac Release preparation for version 2.23.7 2025-12-02 15:31:27 +00:00
github-actions[bot]
19a13467e0 Release preparation for version 2.23.7 2025-12-01 16:07:37 +00:00
Felicity Chapman
caf6b950ac Remove trailing periods from @name metadata in query files 
Fixed 73 .ql query files where the @name metadata contained an ending period.
This ensures consistency with the CodeQL query metadata style guidelines.
 2025-11-26 14:29:51 +00:00
github-actions[bot]
5ee45af3aa Post-release preparation for codeql-cli-2.23.6 2025-11-18 09:53:12 +00:00
github-actions[bot]
18fa6799ce Release preparation for version 2.23.6 2025-11-17 16:38:07 +00:00
github-actions[bot]
4014df9a6e Post-release preparation for codeql-cli-2.23.4 2025-11-04 17:57:52 +00:00
github-actions[bot]
64fcdd1f2f Release preparation for version 2.23.4 2025-11-03 14:52:23 +00:00
Nora Dimitrijević
5a1a887fd2 Actions/ReusableWorkflowsSummaries 2025-10-28 09:39:16 +01:00
Nora Dimitrijević
1243c6362d Actions/ReusableWorkflowsSources 2025-10-28 09:39:14 +01:00
Nora Dimitrijević
a972ef7e31 Actions/ReusableWorkflowsSinks 
Same file uses source as endpoint
 2025-10-28 09:39:11 +01:00
Nora Dimitrijević
9c24ce0650 Actions/CompositeActionsSummaries 
Same file uses source as endpoint
 2025-10-28 09:39:09 +01:00
Nora Dimitrijević
78f2cee51c Actions/CompositeActionsSources 
Same file uses source as endpoint
 2025-10-28 09:39:06 +01:00
Nora Dimitrijević
d36b721513 Actions/CompositeActionsSinks 
Same file uses source as endpoint
 2025-10-28 09:38:55 +01:00
github-actions[bot]
6dd07790ac Post-release preparation for codeql-cli-2.23.3 2025-10-14 11:16:33 +00:00
Henry Mercer
9507ec0853 Fix "be be" typos 2025-10-14 11:09:43 +01:00
github-actions[bot]
33542f7d40 Release preparation for version 2.23.3 2025-10-14 09:30:24 +00:00
github-actions[bot]
a7a4e43991 Post-release preparation for codeql-cli-2.23.2 2025-09-29 15:10:19 +00:00
github-actions[bot]
d2130a589b Release preparation for version 2.23.2 2025-09-29 10:28:45 +00:00
github-actions[bot]
4e8343664f Post-release preparation for codeql-cli-2.23.1 2025-09-17 10:13:40 +00:00
github-actions[bot]
02a1b1efcb Release preparation for version 2.23.1 2025-09-16 14:14:42 +00:00
Henry Mercer
1e77891271 Merge branch 'main' into henrymercer/actions-status 2025-09-05 14:55:58 +01:00
Henry Mercer
fea05331aa Add date to changelog note filename 2025-09-05 14:51:28 +01:00
Henry Mercer
e7fbd28505 Add changelog note 2025-09-05 14:48:12 +01:00
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Michael Nebel
a9baf34629 Merge pull request #20324 from michaelnebel/actions/ql4ql 
Actions: Fix some Ql4Ql violations.
 2025-09-03 12:29:06 +02:00
github-actions[bot]
e8a2600a0c Post-release preparation for codeql-cli-2.23.0 2025-09-02 11:46:23 +00:00
github-actions[bot]
0bfa93828b Release preparation for version 2.23.0 2025-09-02 11:09:32 +00:00
Michael Nebel
64f9758c29 Actions: Fix some Ql4Ql violations. 2025-09-01 14:45:00 +02:00
Henry Mercer
67dc01b636 Actions: Add successfully extracted files query 2025-08-29 20:10:43 +01:00
github-actions[bot]
42e3d31c49 Post-release preparation for codeql-cli-2.22.4 2025-08-18 14:42:42 +00:00
github-actions[bot]
90d29994c8 Release preparation for version 2.22.4 2025-08-18 14:06:09 +00:00
Nora Dimitrijević
126d24a522 [DIFF-INFORMED] Actions: EnvVarInjection 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.ql#L35
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql#L46
 2025-08-15 11:11:12 +02:00
Nora Dimitrijević
f1445eb52f [DIFF-INFORMED] Actions: EnvPathInjection 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.ql#L30
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql#L37
 2025-08-15 11:11:07 +02:00
Nora Dimitrijević
f1b995a736 [DIFF-INFORMED] Actions: CommandInjection 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/experimental/Security/CWE-078/CommandInjectionMedium.ql#L24
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/experimental/Security/CWE-078/CommandInjectionCritical.ql#L28
 2025-08-15 11:11:03 +02:00
Nora Dimitrijević
418e4b4a3a [DIFF-INFORMED] Actions: CodeInjection 
Query: https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql#L46
 2025-08-15 11:10:58 +02:00
Nora Dimitrijević
bbda2902be [DIFF-INFORMED] Actions: ArtifactPoisoning 
Queries:
- https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql#L23
- https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql#L26
 2025-08-15 11:10:42 +02:00
Nora Dimitrijević
896819fdf3 [DIFF-INFORMED] Actions: ArgumentInjection 
Query:
- https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.ql#L23
- https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.ql#L27
 2025-08-15 11:10:14 +02:00