hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-06 11:10:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,806 Commits 1,675 Branches 157 Tags
4c06fbdc65f85fb6981a8cb0192403cff4c6ab47
Commit Graph

57806 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
4c06fbdc65 Ruby: Sync files and make manual changes. 2023-08-21 09:59:01 +02:00
Michael Nebel
42c7006378 Python: Sync files and make manual changes. 2023-08-21 09:59:01 +02:00
Michael Nebel
25cc561e50 Go: Sync files and make manual adjustments. 2023-08-21 09:59:01 +02:00
Michael Nebel
764581cc3e C#: Update FlowSummaries expected output. 2023-08-21 09:59:01 +02:00
Michael Nebel
807faf2c70 C#: Only include Neutral summary callables in the FlowSummaries test case. 2023-08-21 09:59:01 +02:00
Michael Nebel
6840a6dafe C#: Re-factor NeutralCallable to include all neutrals and introduce NeutralSummaryCallable. Also include printing of the neutral kind in FlowSummaries testcase. 2023-08-21 09:59:00 +02:00
Michael Nebel
8b5b153a21 C#: Update outdated comments in supported external APIs test case file. 2023-08-21 09:59:00 +02:00
Michael Nebel
699ed107f3 Java: Update SupportedExternalApis expected test output. 2023-08-21 09:59:00 +02:00
Michael Nebel
5623ccf4a0 Java: Re-factor NeutralCallable to include all neutrals and introduce NeutralSummaryCallable. 2023-08-21 09:59:00 +02:00
Michael Nebel
6deeb36a97 Java: Update the comments in SupportedExternalApis to include the neutral kind and add a sink neutral example. 2023-08-21 09:58:59 +02:00
Tony Torralba
71a36fcf0f Merge pull request #14003 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-08-21 09:28:05 +02:00
Michael Nebel
034db52c5c Merge pull request #13986 from michaelnebel/csharp/refactordepencyfetching 
C#: Re-factor dependency fetching into a separate project.
 2023-08-21 09:24:58 +02:00
Michael Nebel
4fb73ea191 C#: Address review comments. 2023-08-21 08:53:17 +02:00
Michael Nebel
1de86b4313 C#: Address review comments. 2023-08-21 07:37:27 +02:00
github-actions[bot]
181b3d0e33 Add changed framework coverage reports 2023-08-21 00:14:44 +00:00
Edward Minnix III
d109637e2d Merge pull request #13413 from egregius313/egregius313/trust-boundary 
Java: Trust Boundary Violation Query
 2023-08-18 10:33:32 -04:00
Michael B. Gale
a1c9deea61 Merge pull request #13867 from github/mbg/go/1.21-support 
Go: Basic Go 1.21 support
 2023-08-18 14:37:11 +01:00
Jeroen Ketema
1643a83678 Merge pull request #13996 from jbj/accept-BadlyBoundedWrite 
C++: Accept regression in test after evaluator fix
 2023-08-18 14:28:46 +02:00
Jonas Jensen
a002f59f58 C++: Undo BadlyBoundedWrite change from #13929 
This rolls back the query change, ensuring that there is no need for a
change note.
 2023-08-18 13:48:58 +02:00
Jonas Jensen
478a105e21 C++: delete change note 
Since the previous commit removed the best evidence we had for the
change described in this note, I'm removing the note for now.
 2023-08-18 13:35:32 +02:00
Jonas Jensen
cd1f196848 C++: Accept regression in test after evaluator fix 2023-08-18 13:30:20 +02:00
Harry Maclean
222aa41bbf Merge pull request #13938 from hmac/splat-flow-2 
Ruby: More precise flow into splat parameters
 2023-08-18 12:07:58 +01:00
Erik Krogh Kristensen
08ef31d452 Merge pull request #13916 from erik-krogh/limit-java-field-reg 
Java: limit field flow when tracking regex strings
 2023-08-18 12:14:31 +02:00
Michael Nebel
d968a91799 C#: Introduce convenience constructor for the DependencyManager. 2023-08-18 11:49:07 +02:00
Michael Nebel
c0d1179c8a C#: Minimal update of relevant code to minimize project dependencies and hide some implementation details behind interfaces. 2023-08-18 11:42:12 +02:00
Michael Nebel
f47e59dff1 C#: Move dependency related files into a new project. 2023-08-18 11:42:12 +02:00
Michael Nebel
b48567f6a5 C#: Add shared dependency fetching project. 2023-08-18 11:42:12 +02:00
Michael Nebel
15dd130d31 C#: Remove unused parameter in DownloadMissingPackages. 2023-08-18 11:42:11 +02:00
Michael B. Gale
9082fd218e Add taint flow tests for clear 2023-08-17 18:39:32 +01:00
Edward Minnix III
8d88af1af0 Apply docs review suggestions 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-08-17 13:05:38 -04:00
Ed Minnix
4eb1035dfe Documentation fixes 2023-08-17 13:05:38 -04:00
Ed Minnix
655a98452a Remove escapeHTML models 2023-08-17 13:05:37 -04:00
Ed Minnix
f53496b2a7 Added documentation for trust-boundary-violation sink 2023-08-17 13:05:37 -04:00
Ed Minnix
d468ea9e90 Add default sanitizers 2023-08-17 13:05:37 -04:00
Ed Minnix
b305962c9a Use more appropriate description 2023-08-17 13:05:37 -04:00
Ed Minnix
a36c12ff1f Add trust-boundary-violation sink kind 2023-08-17 13:05:37 -04:00
Ed Minnix
60642c52aa Use non-extending subtype 2023-08-17 13:05:37 -04:00
Ed Minnix
e22a67e7fe Remove unnecessary methods 2023-08-17 13:05:37 -04:00
Ed Minnix
a3a4c31911 Replace servlet source node with RemoteFlowSource 2023-08-17 13:05:37 -04:00
Edward Minnix III
929090a847 Typos and style fixes 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-08-17 13:05:37 -04:00
Ed Minnix
52ebf9fff6 Java: Add trust boundary change note 2023-08-17 13:05:37 -04:00
Ed Minnix
172b8a6967 Documentation fixes 2023-08-17 13:05:37 -04:00
Ed Minnix
b567ec875a Documentation 2023-08-17 13:05:37 -04:00
Ed Minnix
55fae2daaa Added ESAPI sanitizer 2023-08-17 13:05:37 -04:00
Ed Minnix
97d6e82869 Stubs for org.owasp.esapi 2023-08-17 13:05:37 -04:00
Ed Minnix
f58590c6a9 Trust Boundary Work 2023-08-17 13:05:37 -04:00
Ed Minnix
2aba425464 TrustBoundary test ql file 2023-08-17 13:05:36 -04:00
Ed Minnix
ab9f0240d3 Add taint steps for HTML encoding methods 2023-08-17 13:05:36 -04:00
Ed Minnix
b9f2da7875 Comments and import fixes 2023-08-17 13:05:36 -04:00
Ed Minnix
3e7444cd66 Style fixes 2023-08-17 13:05:36 -04:00