hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
56,394 Commits 1,673 Branches 157 Tags
4920557c368ab55a064485e2780fe97fee2c5f29
Commit Graph

4081 Commits

Author SHA1 Message Date
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
github-actions[bot]
668aaa2dc8 Post-release preparation for codeql-cli-2.13.5 2023-06-30 08:51:48 +00:00
github-actions[bot]
9d7987f822 Release preparation for version 2.13.5 2023-06-29 09:26:18 +00:00
Henry Mercer
5afdaf8fe1 Merge pull request #13525 from github/rc/3.10 
Merge `rc/3.10` back to `main`
 2023-06-21 17:13:36 +01:00
Erik Krogh Kristensen
2341c82450 Merge pull request #13342 from erik-krogh/once-again-deps 
Py: delete more old deprecations
 2023-06-20 15:29:17 +02:00
Rasmus Wriedt Larsen
47d0a6d2e3 Python: Restore rest of experimental files 2023-06-20 14:30:43 +02:00
github-actions[bot]
18b678e69e Post-release preparation for codeql-cli-2.13.4 2023-06-20 10:20:05 +00:00
Tony Torralba
8f6d2ed2f9 Adjust ZipSlip query description according to review suggestions. 2023-06-19 10:27:41 +02:00
Tony Torralba
3c4d938cf1 Apply code review suggestions. 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-19 10:20:19 +02:00
Tony Torralba
433fc680ec Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-06-19 10:17:40 +02:00
Tony Torralba
c97868f774 Add change notes 2023-06-16 09:01:02 +02:00
Tony Torralba
3e96fe60c5 Go/Java/JS/Python/Ruby: Update the description and qhelp of the ZipSlip query 
All filesystem operations, not just writes, with paths built from untrusted archive entry names are dangerous
 2023-06-16 08:52:44 +02:00
erik-krogh
df61c4dd62 reintroduce the experiemental queries that use deprecated features 2023-06-14 08:31:57 +02:00
erik-krogh
3a436d1f84 do a quick-and-dirty conversion of py/hardcoded-credentials to the new dataflow library 2023-06-14 08:31:56 +02:00
erik-krogh
ae8bf5ed3c delete old deprecations 2023-06-14 08:31:51 +02:00
Erik Krogh Kristensen
798f3880c9 Merge pull request #13402 from erik-krogh/deps-some-py 
Py: delete some old deprecations
 2023-06-12 11:29:44 +02:00
erik-krogh
6dfeb2536b delete old deprecations 2023-06-09 15:12:23 +02:00
github-actions[bot]
e4be303a23 Release preparation for version 2.13.4 2023-06-08 19:57:37 +00:00
Rasmus Wriedt Larsen
0c8b4251cf Python: Avoid duplicated query-id 2023-06-07 10:07:01 +02:00
Taus
c4bfb21f0f Merge pull request #13371 from github/nickrolfe/python-location-tostring 
Python: avoid selecting `getLocation()`
 2023-06-06 12:05:51 +02:00
Nick Rolfe
02395867c8 Python: avoid selecting getLocation() in py/truncated-division 2023-06-05 13:42:46 +01:00
Nick Rolfe
c67a350e36 Python: avoid selecting getLocation() in py/unnecessary-delete 2023-06-05 11:16:13 +01:00
jorgectf
3e8c7f72b6 Add changenote 2023-06-02 18:20:55 +02:00
jorgectf
5608082f35 Update py/unsafe-deserialization name 2023-06-02 17:57:24 +02:00
Erik Krogh Kristensen
96a720cfa0 Merge pull request #13285 from erik-krogh/redoshelp 
ReDoS: fix whitespace in the samples in ReDoS.qhelp
 2023-06-01 15:53:58 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Asger F
75fd20b3b8 Python: add meta-query for calls to summarized callables 2023-05-26 11:40:58 +02:00
erik-krogh
9f5bf8fb22 also fix the first code-block 2023-05-25 13:56:29 +02:00
erik-krogh
765076bcba fix whitespace in the samples in ReDoS.qhelp 2023-05-25 13:28:39 +02:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Rasmus Wriedt Larsen
5c77edecf7 Merge pull request #12991 from Sim4n6/python-UBV 
[Python] Add Unicode Bypass Validation query tests and help
 2023-05-23 12:21:55 +02:00
github-actions[bot]
7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
Rasmus Wriedt Larsen
c1b90c8f05 Python: Apply suggested change 2023-05-22 11:58:32 +02:00
Rasmus Wriedt Larsen
44d806507d Merge branch 'main' into python-UBV 2023-05-22 11:53:56 +02:00
erik-krogh
710b309142 apply suggestions from doc review 2023-05-21 22:18:48 +02:00
Sim4n6
be3f59afab Replaced StringMethod() with a restrained String method calls 2023-05-20 12:17:33 +01:00
Sim4n6
d939f192d5 Deleted the UBV query change note. 2023-05-20 11:46:18 +01:00
Sim4n6
21e99d52c7 Fix a redundant import 2023-05-20 10:23:04 +01:00
Sim4n6
b8969707c5 Delete the vulnerability flow image from the QHelp file. 2023-05-20 10:21:38 +01:00
Sim4n6
16ce024429 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:13:23 +01:00
Sim4n6
8462b14b54 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:12:55 +01:00
Sim4n6
2a8645c447 Fix 'Singleton set literal' warning 2023-05-20 10:11:26 +01:00
Sim4n6
58be109a70 Moved UnicodeBypassValidation Customizations & Query.qll to src/experimental 2023-05-20 10:08:56 +01:00
erik-krogh
480e71fd69 avoid contractions 2023-05-17 08:42:45 +02:00
erik-krogh
83ca1495e0 trim the whitespace in the poly-redos examples 2023-05-15 16:47:24 +02:00
erik-krogh
d989359656 add another example to the qhelp in poly-redos, showing how to just limit the length of the input 2023-05-15 16:47:02 +02:00
Rasmus Wriedt Larsen
62f0c64a03 Merge pull request #12552 from erik-krogh/py-type-trackers 
Py: refactor regex tracking to type-trackers
 2023-05-11 16:18:34 +02:00
Kasper Svendsen
d9f29a85d6 Python: Enable implicit this warnings 2023-05-04 10:16:52 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00