hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,042 Commits 1,741 Branches 166 Tags
554404575d243ffdff19559e8cbbf4c300019d32
Commit Graph

21042 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
554404575d Python: fix typo and name. 2021-03-26 00:29:40 +01:00
Rasmus Lerchedahl Petersen
c93e0c08fd Merge branch 'python-port-insecure-protocol' of github.com:yoff/codeql into python-port-insecure-protocol 2021-03-26 00:26:33 +01:00
yoff
54dad57cf4 Update python/ql/test/query-tests/Security/CWE-327/pyOpenSSL_fluent.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-26 00:25:40 +01:00
Rasmus Lerchedahl Petersen
2b257318f1 Python: more precise comment 2021-03-25 23:22:24 +01:00
yoff
62a0775cf6 Update python/ql/src/Security/CWE-327/examples/secure_protocol.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-25 23:09:11 +01:00
yoff
164b383fda Update python/ql/test/query-tests/Security/CWE-327/pyOpenSSL_fluent.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-19 19:12:13 +01:00
Rasmus Lerchedahl Petersen
e0e6d5724e Merge branch 'main' of github.com:github/codeql into python-port-insecure-protocol 2021-03-18 23:34:53 +01:00
yoff
746e9948b0 Merge pull request #5075 from RasmusWL/crypto 
Python: Port py/weak-crypto-key to use type-tracking
 2021-03-18 20:53:28 +01:00
Aditya Sharad
f4dc5b963b Merge pull request #5335 from Marcono1234/patch-1 
Add name to check-change-note.yml workflow
 2021-03-18 10:44:53 -07:00
Erik Krogh Kristensen
6bab41ce8b Merge pull request #5350 from JarLob/actions 
github actions queries
 2021-03-18 14:46:25 +01:00
Mathias Vorreiter Pedersen
c0e1df47a6 Merge pull request #5431 from MathiasVP/av-rule-79-use-gvn 
C++: Use GVN in AV Rule 79
 2021-03-18 12:35:26 +01:00
CodeQL CI
3b34bfd1c6 Merge pull request #5432 from asgerf/js/more-string-steps 
Approved by erik-krogh
 2021-03-18 04:16:07 -07:00
Asger Feldthaus
e30fa89405 JS: Update more test expectations 2021-03-18 10:04:39 +00:00
Rasmus Wriedt Larsen
7b92012edf Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-03-18 10:58:49 +01:00
Jaroslav Lobačevski
a9ed3317bf Fix regex per suggestion 2021-03-18 11:54:55 +02:00
Mathias Vorreiter Pedersen
2abf4c068f C++: Use getAnExpr. Also extend the other recursive case similarly. 2021-03-18 08:42:10 +01:00
Jaroslav Lobačevski
7b6773c96a Update javascript/ql/src/experimental/semmle/javascript/Actions.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-17 19:49:03 +02:00
CodeQL CI
1d9f8c2d37 Merge pull request #5427 from RasmusWL/use-new-builtin-modeling 
Approved by yoff
 2021-03-17 09:07:36 -07:00
Jaroslav Lobačevski
e3bf308952 Removed positive lookbehind 2021-03-17 17:32:10 +02:00
Mathias Vorreiter Pedersen
834e35f192 C++: Add change-note. 2021-03-17 16:26:15 +01:00
Asger Feldthaus
ae410aabd6 JS: Add change note 2021-03-17 15:24:10 +00:00
Asger Feldthaus
e4d891cab5 JS: Add tests for flow through replace 2021-03-17 15:20:40 +00:00
Asger Feldthaus
9cfbb90591 JS: Add test case for insufficient replace-sanitizer 2021-03-17 15:20:40 +00:00
Asger Feldthaus
198bdcab26 JS: Make XSS MetacharEscapeSanitizer more precise 2021-03-17 15:20:40 +00:00
Asger Feldthaus
effa52f9e1 JS: Step through string replace callbacks 2021-03-17 15:15:49 +00:00
CodeQL CI
7c20c4a664 Merge pull request #5396 from asgerf/js/shared-taint-step 
Approved by erik-krogh, esbena
 2021-03-17 08:07:20 -07:00
Mathias Vorreiter Pedersen
a3f806bb1d Use GVN in AV rule 79. 2021-03-17 16:01:49 +01:00
yoff
514c9efcdd Merge pull request #5426 from RasmusWL/insecure-default-protocl-tests-are-also-py3 
Python: Also test py/insecure-default-protocol on Python 3
 2021-03-17 15:59:00 +01:00
Rasmus Wriedt Larsen
27032af2eb Python: Use API graphs for io.open 2021-03-17 15:50:02 +01:00
Rasmus Wriedt Larsen
d52d328587 Python: Use new API::builtin in stdlib modeling 2021-03-17 15:50:01 +01:00
Rasmus Wriedt Larsen
315127d888 Python: Also test py/insecure-default-protocol on Python 3 2021-03-17 14:53:36 +01:00
CodeQL CI
d95b295e52 Merge pull request #5400 from erik-krogh/replaceCallbacks 
Approved by asgerf
 2021-03-17 06:42:34 -07:00
Tom Hvitved
5b2d5ee010 Merge pull request #4940 from hvitved/csharp/base-ssa-phi-input 
C#: Take phi nodes into account in `Steps::getARead()`
 2021-03-17 14:33:59 +01:00
Asger Feldthaus
ccc879dc5c JS: Autoformat 2021-03-17 13:29:17 +00:00
Asger Feldthaus
e1bfc6cd38 JS: Add qldoc to deprecated class member 2021-03-17 13:29:17 +00:00
Asger Feldthaus
ab1947a028 JS: Add comment explaining how to add new steps 2021-03-17 13:29:17 +00:00
Asger Feldthaus
c2764069b5 JS: Mention why we cache predicates outside the class 2021-03-17 13:29:17 +00:00
Asger Feldthaus
a97d3452a7 JS: Add DataFlow::SharedFlowStep to future-proof the tutorial 2021-03-17 13:29:17 +00:00
Asger Feldthaus
d74e84abd8 JS: Remove or update some mentions of AdditionalTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
c0b5a9ad0c JS: Deprecate AdditionalTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
332ee40984 JS: Autoformat 2021-03-17 13:29:17 +00:00
Asger Feldthaus
0675066ab9 JS: Fixup UriLibraries test 2021-03-17 13:29:17 +00:00
Asger Feldthaus
443b59e676 JS: Fixup bad merge in HeapTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
80bc5d921b JS: Update Vue test 2021-03-17 13:29:16 +00:00
Asger Feldthaus
d52ff3e4f6 JS: Autoformat and add qldoc 2021-03-17 13:29:16 +00:00
Asger Feldthaus
96c6e4d8d8 JS: Update with new AdditionalTaintStep subclasses 2021-03-17 13:29:16 +00:00
Asger Feldthaus
561b9d09b3 JS: Put in same stage as RemoteFlowSource 2021-03-17 13:29:16 +00:00
Asger Feldthaus
e4a75b42e9 JS: Autoformat 2021-03-17 13:29:16 +00:00
Asger Feldthaus
8542c7172e JS: Fix promiseStep documentation 2021-03-17 13:29:16 +00:00
Asger Feldthaus
f95c799d6e JS: Cache taint steps in same stage 2021-03-17 13:29:16 +00:00