codeql

mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00

Author	SHA1	Message	Date
luchua-bc	6a6727fc80	Reduce the scope of the query to reduce FPs	2021-02-14 15:01:06 +00:00
luchua-bc	ff1ed3a012	Revamp the query to use three configurations to detect password hash without salt	2021-01-29 03:39:02 +00:00
luchua-bc	b9809b071e	Update the query to work with wrapper classes	2021-01-18 19:22:34 +00:00
luchua-bc	048167d39a	Revamp the query to reduce FPs introduced by wrapper calls	2021-01-18 04:23:30 +00:00
luchua-bc	3af8773dd6	Add more cases	2021-01-15 16:20:31 +00:00
luchua-bc	86c04e6971	Detect the scenario of passwords concatenated with a salt to reduce FPs	2021-01-11 16:59:57 +00:00
luchua-bc	39103af718	Remove additional taint step	2021-01-08 13:02:57 +00:00
luchua-bc	b56fe2b25f	Remove specific method name in additional taint step	2021-01-07 16:31:21 +00:00
luchua-bc	19ff00bad4	Enhance the additional step flow and update qldoc	2021-01-07 13:15:30 +00:00
luchua-bc	ce2db21f15	Query to detect hash without salt	2021-01-06 17:30:04 +00:00
Rasmus Wriedt Larsen	49f902d28b	Merge pull request #4757 from yoff/python-dataflow-synthetic-callables Python: Enclosing callable for synthetic arguments	2020-12-18 16:06:26 +01:00
yoff	a08eb99778	Merge pull request #4779 from RasmusWL/django-class-based-handlers Python: Add modeling of django class based view handlers	2020-12-18 15:58:51 +01:00
Anders Schack-Mulligen	5106d5df53	Merge pull request #4833 from luchua-bc/java-broken-crypto-algorithms Java: Add missing broken crypto algorithms	2020-12-18 15:12:29 +01:00
Rasmus Wriedt Larsen	3e6296c7b8	Python: Fix grammar in QLDoc	2020-12-18 14:54:14 +01:00
Rasmus Wriedt Larsen	ed11e8f916	Python: Simplify predicate implementation Co-authored-by: yoff <lerchedahl@gmail.com>	2020-12-18 14:52:20 +01:00
Chris Smowton	de4cdda839	Merge pull request #4841 from smowton/smowton/admin/mergeback-126-2020-12-16 Mergeback rc/1.26	2020-12-18 12:59:06 +00:00
Rasmus Lerchedahl Petersen	0629d3e6e7	Python: Enclosing callable for synthetic arguments	2020-12-18 10:45:24 +01:00
Rasmus Lerchedahl Petersen	a16d58dfc0	Python: Add tests cases with synthetic arguments	2020-12-18 10:41:42 +01:00
Jonas Jensen	fd7dec7f20	Merge pull request #4824 from geoffw0/modelchanges5 C++: Add cases in the Allocation model.	2020-12-18 09:16:01 +01:00
yoff	39acc9a40b	Merge pull request #4735 from RasmusWL/python-untrusted-flow Python: Untrusted data used in external APIs	2020-12-18 00:15:08 +01:00
yoff	9dd6439e3c	Merge pull request #4749 from RasmusWL/command-injection-tests Python: Add some command injection tests	2020-12-17 23:36:06 +01:00
yoff	8a44405365	Merge pull request #4827 from RasmusWL/reword-qldoc-for-type-tracking-classes Python: Reword QLDoc for class modeling with type-tracking	2020-12-17 23:28:19 +01:00
Tamás Vajk	45893ab084	Merge pull request #4775 from tamasvajk/feature/cil-attribute-decoding2 C#: Improve CIL attribute decoding	2020-12-17 15:20:44 +01:00
Tamás Vajk	65c58edbed	Merge pull request #4617 from tamasvajk/feature/csharp9-implicit-obj-creation C#: Extract 'ImplicitObjectCreationExpressionSyntax'	2020-12-17 15:20:13 +01:00
Tamas Vajk	f12befdcd0	Add extra test for collection initialization	2020-12-17 13:49:02 +01:00
luchua-bc	bed8a68d28	Exclude broken algorithms from the list of secure algorithms	2020-12-17 00:41:23 +00:00
Aditya Sharad	a79f1e145b	Merge pull request #4832 from github/docs/add-favicon [docs] Add GitHub favicon to CodeQL docs	2020-12-16 13:29:32 -08:00
Chris Smowton	faa08c10e0	Merge branch 'rc/1.26' of https://github.com/github/codeql into smowton/admin/mergeback-126-2020-12-16	2020-12-16 21:08:20 +00:00
James Fletcher	7bfc2853cb	Merge pull request #4839 from github/docs/css-fixes-126 [CodeQL docs] Fix two CSS bugs (rc/1.26)	2020-12-16 18:10:18 +00:00
James Fletcher	58f17d79c2	Merge pull request #4838 from github/docs/css-fixes [CodeQL docs] Fix two CSS bugs	2020-12-16 16:44:59 +00:00
james	6c430ce0c7	align list items correctly	2020-12-16 16:41:27 +00:00
james	686eca9adf	fix footnote spacing	2020-12-16 16:41:27 +00:00
james	ff123f8e78	align list items correctly	2020-12-16 15:58:12 +00:00
james	256460dddc	fix footnote spacing	2020-12-16 15:31:25 +00:00
Tamas Vajk	1bc65a68df	Address PR review comments	2020-12-16 16:12:11 +01:00
Geoffrey White	c89f7d824b	C++: Back out support for SysAllocString. It turns out supporting all of the SysAlloc stuff is beyond our current models, supporting just SysFreeString as we do is OK.	2020-12-16 15:08:53 +00:00
CodeQL CI	41ef7a3fce	Merge pull request #4733 from erik-krogh/args Approved by esbena	2020-12-16 06:51:26 -08:00
CodeQL CI	287954e0d8	Merge pull request #4686 from erik-krogh/buildFp Approved by esbena	2020-12-16 06:42:41 -08:00
Erik Krogh Kristensen	94e07bb91c	add change note	2020-12-16 15:10:03 +01:00
Erik Krogh Kristensen	99af484042	move the "commander" source	2020-12-16 15:05:59 +01:00
luchua-bc	6b77922a25	Fix typo and update qldoc	2020-12-16 14:04:45 +00:00
Erik Krogh Kristensen	2ae0400922	update docstring for dashdash	2020-12-16 15:00:44 +01:00
Erik Krogh Kristensen	3d03e7192c	Update javascript/ql/src/semmle/javascript/security/dataflow/IndirectCommandInjectionCustomizations.qll Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-12-16 14:57:20 +01:00
Erik Krogh Kristensen	d377a02825	add change note	2020-12-16 14:53:23 +01:00
James Fletcher	8b6c53cbb5	Merge pull request #4830 from owen-mc/update-go-supported-frameworks Update supported Go frameworks	2020-12-16 10:07:48 +00:00
Jonas Jensen	406cc64dcc	Merge pull request #4831 from geoffw0/printfunknown C++: Fix Printf.qll specsAreKnown	2020-12-16 10:56:56 +01:00
james	1a7ca1d3d2	add favicon to query help and support projects	2020-12-16 09:29:26 +00:00
CodeQL CI	9ae8880bd0	Merge pull request #4802 from max-schaefer/js/external-remote-flow-sources Approved by asgerf, jf205	2020-12-16 00:34:40 -08:00
luchua-bc	d7facb42d6	Add missing broken crypto algorithms	2020-12-16 04:32:11 +00:00
james	c26ae246b3	correct path to favicon on docs landing page	2020-12-15 20:24:29 +00:00

1 2 3 4 5 ...

18770 Commits