codeql

mirror of https://github.com/github/codeql.git synced 2026-04-08 00:24:03 +02:00

Author	SHA1	Message	Date
Arthur Baars	5df728dd7d	Merge pull request #354 from github/hvitved/identical-files-fix Remove "DataFlow2" section from `identical-files.json`	2021-10-13 17:20:40 +02:00
Tom Hvitved	6b46aaaefb	Remove "DataFlow2" section from `identical-files.json`	2021-10-13 17:03:48 +02:00
Arthur Baars	893ca5a250	Merge pull request #353 from github/rc/3.3 Merge rc/3.3 into main	2021-10-13 16:33:42 +02:00
Arthur Baars	dc8399f13c	Merge pull request #352 from github/hvitved/dataflowimpl2-sync Add missing `DataFlowImpl2.qll` entry to `identical-files.json`	2021-10-13 16:08:24 +02:00
Tom Hvitved	11792e17a9	Add missing `DataFlowImpl2.qll` entry to `identical-files.json`	2021-10-13 15:50:29 +02:00
Andrew Eisenberg	01819cdbde	Merge pull request #344 from github/aeisenberg/tutorial	2021-10-13 06:48:55 -07:00
Andrew Eisenberg	0e0441743b	Move tutorial directly into each qlpack See also https://github.com/github/codeql/pull/6862	2021-10-13 15:28:17 +02:00
Arthur Baars	aa4d0021a8	Merge pull request #349 from github/aibaars/bump-codeql-main Bump codeql submodule on main	2021-10-13 15:26:59 +02:00
Arthur Baars	078cebe822	Merge pull request #351 from github/aibaars/fix-broken-links Update broken links	2021-10-13 15:25:23 +02:00
Arthur Baars	f4003406cf	Apply suggestions from code review Co-authored-by: Tom Hvitved <hvitved@github.com>	2021-10-13 15:11:04 +02:00
Arthur Baars	112b7a8e27	Update broken links	2021-10-13 15:03:19 +02:00
Arthur Baars	bf3d291a1c	Updates after codeql file sync	2021-10-13 13:24:20 +02:00
Arthur Baars	80ac05d5c6	Bump codeql submodule to 'main'	2021-10-13 13:24:08 +02:00
Alex Ford	0d72a51334	Merge pull request #342 from github/improve-xss-isAdditionalFlowStep Improve `XSS::Shared::isAdditionalFlowStep` performance	2021-10-13 12:15:52 +01:00
Arthur Baars	6a18aa4e2a	Merge pull request #348 from github/rc/3.3 Merge rc/3.3 into main	2021-10-13 13:08:55 +02:00
Arthur Baars	287046e9b0	Merge pull request #346 from github/erik-krogh/fix-primary-class-typo fix typo for getAPrimaryQlClass	2021-10-13 12:53:51 +02:00
Nick Rolfe	1c5dcecf1e	Update expected output to match getAPrimaryQlClass change	2021-10-13 12:39:13 +02:00
Erik Krogh Kristensen	e1675ff055	fix typo for getAPrimaryQlClass	2021-10-13 12:39:13 +02:00
Arthur Baars	d448e208ab	Merge pull request #347 from github/aibaars/bump-codeql Bump codeql submodule to rc/3.3	2021-10-13 12:28:17 +02:00
Arthur Baars	8ef1af9de0	Bump codeql submodule to rc/3.3	2021-10-13 12:03:49 +02:00
Tom Hvitved	e2db11b31f	Performance improvements in `XSS.qll` Various performance improvements to make sure that we never join methods and calls (or variables and accesses) on only name (or file), but always perform a multi-join on both values.	2021-10-13 11:53:49 +02:00
Andrew Eisenberg	7a0437f159	Merge pull request #343 from github/aeisenberg/defaultSuite Add defaultSuite	2021-10-12 14:26:35 -07:00
Andrew Eisenberg	d9ab13b43d	Update ql/src/qlpack.yml Co-authored-by: Arthur Baars <aibaars@github.com>	2021-10-12 13:01:03 -07:00
Andrew Eisenberg	2fca1f57c6	Add defaultSuite Also, change the dependencies to be in alignment with other standard qlpacks.	2021-10-12 21:57:53 +02:00
Arthur Baars	4e79d9fad6	Merge pull request #334 from github/RasmusWL/normalize-qlpack Packaging: Normalize src/qlpack.yml	2021-10-12 21:56:31 +02:00
Alex Ford	ad5c1f9b32	ql format	2021-10-12 20:43:20 +01:00
Alex Ford	d7b5e4c779	update predicate visibility	2021-10-12 20:43:20 +01:00
Alex Ford	9083cda8df	improve XSS::Shared::isFlowFromHelperMethod performance	2021-10-12 20:43:20 +01:00
Alex Ford	9afc1f9275	split out isAdditionalXSSFlowStep components	2021-10-12 20:43:20 +01:00
Arthur Baars	bf139a09f9	Merge pull request #341 from github/rc/3.3 Rc/3.3 mergeback	2021-10-12 20:48:21 +02:00
Arthur Baars	8531174d30	Merge pull request #333 from github/hvitved/api-graphs-non-linear-rec API graphs: Avoid non-linear recursion	2021-10-12 20:24:07 +02:00
Arthur Baars	80ebfed226	Merge pull request #336 from github/improve-getTemplateFile Improve `RenderCall#getTemplateFile` performance and accuracy	2021-10-12 20:21:12 +02:00
Arthur Baars	06e91c1182	Merge pull request #322 from github/request-without-validation rb/request-without-cert-validation	2021-10-12 20:19:11 +02:00
Arthur Baars	a78ee535a0	Merge pull request #340 from github/mergeback Merge rc/3.3 into main	2021-10-12 20:16:59 +02:00
Nick Rolfe	ceef9762a7	Fix comment typo Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2021-10-12 17:45:34 +01:00
Arthur Baars	398ed4c0c9	Merge pull request #338 from github/aibaars/update-grammar Update tree-sitter-ruby	2021-10-12 18:39:34 +02:00
Arthur Baars	bb5da92577	Update src/unsupported_feature.rb with a feature that is still unsupported	2021-10-12 18:11:00 +02:00
Arthur Baars	8c9d3b88df	Update dbscheme stats	2021-10-12 17:48:59 +02:00
Arthur Baars	0dc3ea5ed1	Add test-cases for forward arguments and endless methods	2021-10-12 17:32:01 +02:00
Arthur Baars	e44064cda7	Add forward parameter/arguments to AST	2021-10-12 17:31:31 +02:00
Nick Rolfe	ecc9f07c50	Merge pull request #311 from github/nickrolfe/oj Consider Oj.load a sink for unsafe deserialization	2021-10-12 16:17:08 +01:00
Alex Ford	e35ad020d5	ql format	2021-10-12 15:56:00 +01:00
Alex Ford	909cdacb1a	remove cast to StringlikeLiteral	2021-10-12 15:27:26 +01:00
Alex Ford	44499cab51	replace an abstract predicate	2021-10-12 15:27:10 +01:00
Alex Ford	9640af0b8c	Merge pull request #339 from github/rc-workflows enable actions workflows for rc branches	2021-10-12 12:23:47 +01:00
Alex Ford	f870c38e4c	enable actions workflows for rc branches	2021-10-12 10:47:27 +01:00
Alex Ford	48f3d48a11	add some test cases for checking against spurious flow into ERB templates	2021-10-12 10:37:22 +01:00
Arthur Baars	2a7f3fbfaf	Add upgrade script	2021-10-12 11:36:10 +02:00
Nick Rolfe	8e14b6582d	Remove unused predicate	2021-10-11 18:15:41 +01:00
Alex Ford	7270fe0ee7	slightly limit viable template files from render calls	2021-10-11 17:12:08 +01:00

1 2 3 4 5 ...

1451 Commits