hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,323 Commits 1,773 Branches 168 Tags
50cf5e23a884d378bdb2be58151b4582ec7ec2c5
Commit Graph

34323 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
50cf5e23a8 add generic tests for features 2022-06-30 08:32:43 +02:00
Esben Sparre Andreasen
45a9bb8769 Document EndpointFeatures.qll 2022-06-30 08:32:43 +02:00
Esben Sparre Andreasen
a05c475cc0 add ParameterAccessPathSimpleFromArgumentTraversal 2022-06-30 08:32:42 +02:00
Esben Sparre Andreasen
e21b2f4dc1 improve getSimpleAccessPath 2022-06-30 08:32:42 +02:00
Esben Sparre Andreasen
a676cf62a6 refactor calleeAccessPath feature to class 2022-06-30 08:32:42 +02:00
Stephan Brandauer
e73b50a3f4 refactor getACallBasedTokenFeature to class-use 2022-06-30 08:32:41 +02:00
Esben Sparre Andreasen
e5e3bb4247 Add CalleeAccessPathSimpleFromArgumentTraversal 2022-06-30 08:32:41 +02:00
Esben Sparre Andreasen
592959048e refactor EndpointFeatures.ql to use classes 2022-06-30 08:32:41 +02:00
Anders Schack-Mulligen
f1ec2e3260 Merge pull request #8426 from atorralba/atorralba/missing-severities 
Java: Add missing security-severity scores
 2022-03-31 14:53:47 +02:00
Chris Smowton
fa8791f1d5 Merge pull request #8620 from jketema/doc-typo-fix 
CLI docs: make the running text match the example
 2022-03-31 12:36:51 +01:00
Anders Schack-Mulligen
8d9ce5fb4c Merge pull request #8625 from aschackmull/java/qldoc-casing-fix 
Java: Fix acronym casing in qldoc referring to Java class names.
 2022-03-31 13:33:11 +02:00
Tom Hvitved
9c90385846 Merge pull request #8624 from hvitved/ruby/fix-import 
Ruby: Fix broken import
 2022-03-31 12:51:50 +02:00
Anders Schack-Mulligen
f28da00ec4 Java: Fix qldoc as followup to https://github.com/github/codeql/pull/8323 2022-03-31 12:50:36 +02:00
Tom Hvitved
40986bfcb1 Ruby: Fix broken import 2022-03-31 12:32:03 +02:00
Michael Nebel
27b1d1e1e0 Merge pull request #8348 from michaelnebel/csharp/externalapi-telemetry 
C#: ExternalAPI implementation for Telemetry.
 2022-03-31 11:36:07 +02:00
Geoffrey White
146318dbc1 Merge pull request #8580 from geoffw0/privdata 
C++: Port PrivateData.qll from C# and use it in cpp/cleartext-transmission
 2022-03-31 10:12:46 +01:00
Arthur Baars
15c54f6100 Merge pull request #8354 from aibaars/incomplete-url-string-sanitization 
Incomplete url string sanitization
 2022-03-31 10:59:51 +02:00
Jeroen Ketema
85e2367769 CLI docs: make the running text match the example 2022-03-31 10:14:30 +02:00
Arthur Baars
7e866ed376 Merge pull request #8617 from cklin/qldoc-coverage-new-language 
QLdoc check: handle new languages gracefully
 2022-03-31 10:00:36 +02:00
Chuan-kai Lin
1ff0fda5d1 QLdoc check: handle new languages gracefully 2022-03-30 14:58:13 -07:00
Chuan-kai Lin
48015e5a2e Merge pull request #8597 from cklin/run-js-ml-tests 
JS: Fix expected test output for ATM queries
 2022-03-30 13:10:02 -07:00
Chuan-kai Lin
a8dabb238d JS: Fix expected test output for ATM queries 2022-03-30 11:35:17 -07:00
Nick Rolfe
fa1bb82701 Merge pull request #8610 from github/nickrolfe/re-fix-location-join-order 
Ruby: undo accidental revert of #8538
 2022-03-30 16:31:52 +01:00
Nick Rolfe
10b75bff76 Ruby: undo accidental revert of 13be9919 2022-03-30 16:02:12 +01:00
Chris Smowton
9675f34cf5 Merge pull request #8257 from luchua-bc/java/insecure-webview-resource-response 
Java: CWE-200 Query to detect insecure WebResourceResponse implementation
 2022-03-30 15:56:27 +01:00
Arthur Baars
031d183bdf Merge pull request #8532 from aibaars/regex-refactor-2 
JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll
 2022-03-30 16:38:47 +02:00
Dave Bartolomeo
70c44734e6 Merge pull request #8445 from dbartol/dbartol/ir-range/semantic-scratch 
Sign, Modulus, and Range analysis for C++ using sharable semantic layer
 2022-03-30 07:08:09 -04:00
Dave Bartolomeo
e2396a5e03 Remove PrintIR tests for range analysis 
These were only used for debugging, and don't actually make good tests.
 2022-03-30 06:45:28 -04:00
Dave Bartolomeo
19789fa738 Merge remote-tracking branch 'upstream/main' into semantic-scratch 2022-03-30 06:39:14 -04:00
Nick Rolfe
a274af2b16 Merge pull request #7985 from github/nickrolfe/constant_regexp 
Ruby: separate constant propagation of regexps from strings
 2022-03-30 11:37:33 +01:00
Robert Marsh
8d21c8b7c5 Merge pull request #8423 from 4B5F5F4B/main 
[CPP][Linux Kernel]Add ql to detect CVE-2017-5123
 2022-03-29 15:10:15 -04:00
luchua-bc
fa2a6a7da3 Remove unnecessary taint step and update qldoc 2022-03-29 17:52:49 +00:00
Jeroen Ketema
e5ac492b62 Merge pull request #8593 from jketema/pointless-options 
C++: Remove debugging options from library tests
 2022-03-29 17:55:47 +02:00
Jeroen Ketema
d1857a9e37 C++: Remove debugging options from library tests 2022-03-29 17:24:18 +02:00
Geoffrey White
e04298d532 C++: Delete experimental PrivateData.qll. 2022-03-29 15:26:46 +01:00
Geoffrey White
cf5c6baadd C++: More test cases for salary. 2022-03-29 15:05:27 +01:00
Geoffrey White
0e3e145e53 C++: Add CWE-359 tag to cpp/cleartext-transmission. 2022-03-29 14:44:06 +01:00
Michael Nebel
db7abb429f C#: Remove unneeded exists. 2022-03-29 14:59:32 +02:00
Michael Nebel
6be41b0c29 C#/Java: Address review comments. 2022-03-29 14:52:57 +02:00
Michael Nebel
b0a24a7a44 C#: Change the implementation on getAnInput and getAnOutput based on hvitveds recommendations. 2022-03-29 14:52:57 +02:00
Michael Nebel
c2196a04aa C#: Update the description of the telemetry queries. 2022-03-29 14:52:57 +02:00
Michael Nebel
bfb206c810 C#: Let ExternalApi extend DataFlowCallable instead of Callable. 2022-03-29 14:52:57 +02:00
Michael Nebel
e1d4c1b68c C#/Java: Reorder code in terms of dependency, rename ExternalAPI to ExternalApi and add some missing predicate qualifiers. 2022-03-29 14:52:52 +02:00
Michael Nebel
4f00666591 C#: Add query and test case for supported external taint. 2022-03-29 14:49:37 +02:00
Michael Nebel
03c1bf6d87 C#: Mark Xunit as uninteresting. 2022-03-29 14:49:37 +02:00
Michael Nebel
18b1b51d07 C#: Add test for known sources telemetry query. 2022-03-29 14:49:37 +02:00
Michael Nebel
1f1059bfc6 C#: Add telemetry query for supported sources. 2022-03-29 14:49:37 +02:00
Michael Nebel
a7ece69f2b C#: Add test for supported sinks query. 2022-03-29 14:49:37 +02:00
Michael Nebel
d81e73f9c6 C#: Add telemetry query for supported sinks. 2022-03-29 14:49:37 +02:00
Michael Nebel
e4f6321851 C#: Add test for unsupported uses of library code. 2022-03-29 14:49:37 +02:00