hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-24 16:17:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
40,163 Commits 1,758 Branches 168 Tags
63fcc85372fd434b79465cfc4444dde71bbb11af
Commit Graph

111 Commits

Author SHA1 Message Date
Stephan Brandauer
9613f73116 enable new features for experimentation 2022-06-13 14:04:47 +02:00
Stephan Brandauer
fd4f509615 add stringConcatenatedWith feature to help the model learn that string concatenation leaves are usually not sinks 2022-06-13 14:04:47 +02:00
Stephan Brandauer
4ba7243b1f add assignedToPropName feature to let the model improve number of false positives for XSS query 2022-06-13 14:04:46 +02:00
Stephan Brandauer
5346ade995 fix bug in InputArgumentIndex feature 2022-06-13 14:04:46 +02:00
Stephan Brandauer
ebedeaf543 performance fixes 2022-06-13 14:04:45 +02:00
Stephan Brandauer
ea1e44b035 use ? for unknown parameternames 2022-06-13 14:04:45 +02:00
Stephan Brandauer
250ed0831c add documentations and rename a feature 2022-06-13 14:04:44 +02:00
Stephan Brandauer
314333f7ed add functionInterfacesInFile and surroundingFunctionParameters features 2022-06-13 14:04:44 +02:00
Stephan Brandauer
3f6d663105 documentation for calleeImports ATM feature 2022-06-13 14:04:43 +02:00
Stephan Brandauer
962ed4a51b documentation for new feature 2022-06-13 14:04:43 +02:00
Stephan Brandauer
2f1882bd3a ATM: new feature to list all imports in an endpoint's file 2022-06-13 14:04:42 +02:00
Esben Sparre Andreasen
e53ba21387 remove Input_ArgumentIndexAndAccessPathFromCallee 2022-06-13 14:00:36 +02:00
Esben Sparre Andreasen
ec1dc985ef add docstring examples 2022-06-13 14:00:36 +02:00
Esben Sparre Andreasen
008024b3bb address review comments 2022-06-13 14:00:35 +02:00
Esben Sparre Andreasen
874da9d81c fix semantic merge conflict 2022-06-13 14:00:34 +02:00
Esben Sparre Andreasen
8e0781d78a rename new features 2022-06-13 14:00:34 +02:00
Esben Sparre Andreasen
937d6b1f3e add more features 2022-06-13 14:00:33 +02:00
Esben Sparre Andreasen
7d4125010c improve feature documentation 2022-06-13 14:00:33 +02:00
Esben Sparre Andreasen
57c88d5fd6 improve access path strings 2022-06-13 14:00:32 +02:00
Esben Sparre Andreasen
026dfaec97 support import in getSimpleAccessPath 2022-06-13 14:00:31 +02:00
Esben Sparre Andreasen
c523c4f96e support await in getSimpleAccessPath 2022-06-13 14:00:31 +02:00
Esben Sparre Andreasen
ef5148bb80 avoid using new feautes by default 2022-06-13 14:00:30 +02:00
Esben Sparre Andreasen
f322aaf344 Document EndpointFeatures.qll 2022-06-13 14:00:29 +02:00
Esben Sparre Andreasen
3c9e70341b add ParameterAccessPathSimpleFromArgumentTraversal 2022-06-13 14:00:28 +02:00
Esben Sparre Andreasen
cfe20810bf improve getSimpleAccessPath 2022-06-13 14:00:28 +02:00
Esben Sparre Andreasen
065002ad18 refactor calleeAccessPath feature to class 2022-06-13 14:00:27 +02:00
Stephan Brandauer
7778aa59ea refactor getACallBasedTokenFeature to class-use 2022-06-13 14:00:27 +02:00
Esben Sparre Andreasen
8ef6f59737 Add CalleeAccessPathSimpleFromArgumentTraversal 2022-06-13 14:00:26 +02:00
Esben Sparre Andreasen
b4339e8ac5 refactor EndpointFeatures.ql to use classes 2022-06-13 14:00:26 +02:00
Asger F
cc42f2f824 Merge pull request #8606 from asgerf/js/api-graph-api 
JS/Python/Ruby: Document how API graphs should be interpreted
 2022-05-30 10:49:14 +02:00
github-actions[bot]
1fa2fd73f2 JS: Bump patch version of ML-powered library and query packs post-release 2022-05-24 10:40:45 +00:00
github-actions[bot]
53a25c8c42 JS: Bump minor version of ML-powered library and query packs 2022-05-24 10:34:26 +00:00
Asger F
87cbf7b216 JS: Update ATM code 2022-05-24 11:57:30 +02:00
Asger Feldthaus
e2858b7b64 JS: Update ATM code 2022-05-24 11:57:30 +02:00
Erik Krogh Kristensen
b74d1fdb1a Merge pull request #8783 from erik-krogh/jsAbstractBi 
JS: don't initialize sanitizer-guards in the standard library
 2022-04-29 11:12:16 +02:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
Erik Krogh Kristensen
ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Erik Krogh Kristensen
81ce8ac715 ATM: fix compiler warnings about unused variables 2022-04-20 18:10:59 +02:00
Erik Krogh Kristensen
b1bad271d5 only activate the PrefixString label in Query.qll files 2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
8a5b1668f9 move initialization of sanitizer-guards to Query.qll files 2022-04-20 18:10:53 +02:00
annarailton
de4e01a8f2 Change NotASinkType to NegativeType 
Fixes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/1819
 2022-04-08 10:22:13 +01:00
Erik Krogh Kristensen
67e1ffdd3e fix isKnownStepSrc such that it actually includes taint/dataflow-steps 2022-03-31 09:46:01 +02:00
github-actions[bot]
1e620c99c6 JS: Bump patch version of ML-powered library and query packs post-release 2022-03-23 11:53:34 +00:00
github-actions[bot]
dc0c8374d2 JS: Bump minor version of ML-powered library and query packs 2022-03-23 11:47:53 +00:00
Erik Krogh Kristensen
b0fc958b32 simplify imports 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-03-15 15:10:04 +01:00
Erik Krogh Kristensen
89af50f6d5 rename all lower-case import-as statements 2022-03-15 14:40:38 +01:00
Henry Mercer
f38b498eed Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore 
JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries
 2022-03-15 10:04:30 +00:00
Henry Mercer
5102cadf8e Merge pull request #8404 from github/codeql-ci/js-atm-new-release 
JS: Bump version numbers of ML-powered packs after 0.1.0 release
 2022-03-14 17:32:37 +00:00
Henry Mercer
8b1b2af2d8 JS: Remove isEffectiveSinkWithOverridingScore 
This was previously used in the ATM external API query, but is now dead
code.
 2022-03-14 14:25:36 +00:00
github-actions[bot]
7ac7657ffc JS: Bump patch version of ML-powered library and query packs post-release 2022-03-11 12:17:13 +00:00