hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 15:49:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,302 Commits 1,703 Branches 162 Tags
730f6ed5b02c9c9c9e7d316eb81e02300aef8d15
Commit Graph

62302 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chad Bentz
730f6ed5b0 Merge branch 'main' into go-xxe-libxml2 2023-12-22 11:57:43 -05:00
Chad Bentz
86c258df7e mention sinks in changelog 2023-12-22 16:56:54 +00:00
Chad Bentz
cf25cc9531 Add docs 2023-12-22 16:53:21 +00:00
Edward Minnix III
d6d76fa4f1 Merge pull request #15183 from egregius313/egregius313/java/fix-weak-hashing-adddition 
Java: Fix minor error in `java/potentially-weak-cryptographic-algorithm`
 2023-12-22 11:38:55 -05:00
Edward Minnix III
be50696746 Merge pull request #100 from atorralba/atorralba/java/weak-hashing-suggestion 
Java: Generalize MaybeBrokenCryptoAlgorithmQuery.qll
 2023-12-22 09:03:59 -05:00
Jeroen Ketema
9c039c4a08 Merge pull request #12125 from jketema/unique-function 
C++: Ensure that only one `Function` exists for every function
 2023-12-22 13:56:35 +01:00
Jeroen Ketema
1cb02475a8 Update cpp/ql/lib/change-notes/2023-12-22-unique-function.md 2023-12-22 13:33:20 +01:00
Jeroen Ketema
d4f9e89b5b C++: Add change note 2023-12-22 13:20:38 +01:00
Mathias Vorreiter Pedersen
ecd2003c14 Merge pull request #15191 from MathiasVP/show-indirections-in-ssainternals-2 
C++: Show base variable in SSA variable `toString`s
 2023-12-22 12:58:12 +01:00
Arthur Baars
c5b6f48569 Merge pull request #15127 from smowton/smowton/feature/buildless-tests 
Add buildless tests
 2023-12-22 11:39:16 +01:00
Mathias Vorreiter Pedersen
ffdd28eaa9 C++: Show base variable in SSA variable 'toString's. 2023-12-22 10:29:31 +01:00
Tony Torralba
67f8bcce44 Merge pull request #14752 from masterofnow/LoadClassNoSignatureCheck 
Java: Insecure Loading of Class in Android App without Package Signature Checking
 2023-12-22 10:24:34 +01:00
Tony Torralba
8ad787f3b8 Java: Generelize MaybeBrokenCryptoAlgorithmQuery.qll 2023-12-22 10:15:40 +01:00
Ed Minnix
8051cfcef5 Fix tests and fix getStringValue method 2023-12-21 22:48:08 -05:00
Ed Minnix
6455e1893d Add more test cases 2023-12-21 22:48:08 -05:00
Ed Minnix
7f9dff2dc7 Fix minor error in Weak Hashing 2023-12-21 22:48:07 -05:00
masterofnow
0fd09759df Added sample java file for qhelp to render correctly. 2023-12-22 08:31:23 +08:00
masterofnow
cb5733d647 Apply suggestions from code review 
Update to documentation.

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-22 08:25:05 +08:00
AlexDenisov
e43fafc249 Merge pull request #15116 from github/alexdenisov/improve-swift-autobuilder-further 
Swift: separate installation of dependencies and autobuilding
 2023-12-21 17:35:34 +01:00
Jeroen Ketema
f7da6f56f3 C++: Ensure that only one Function exists for every function 2023-12-21 16:33:22 +01:00
Mathias Vorreiter Pedersen
7a10d88f36 Merge pull request #15185 from MathiasVP/show-indirections-in-ssainternals 2023-12-21 13:52:14 +01:00
masterofnow
7162540faf Added options, .qhelp and .expected file for unit test. 2023-12-21 19:57:37 +08:00
Mathias Vorreiter Pedersen
1007c4fc83 C++: Show indirections when printing SSA variables. 2023-12-21 10:38:58 +01:00
Tony Torralba
55f15d2deb Merge pull request #15182 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-12-21 09:39:36 +01:00
masterofnow
8dc522fb5f Merge remote-tracking branch 'origin/LoadClassNoSignatureCheck' into LoadClassNoSignatureCheck 2023-12-21 12:15:06 +08:00
masterofnow
25c818f425 Added unit test files. 2023-12-21 12:13:00 +08:00
Chad Bentz
7c93a2c825 Add const XMLParseNoEnt to stub 2023-12-21 00:49:14 +00:00
Chad Bentz
667861f575 depstubber with latest change 
- still failing with ./tst.go:195:25: undefined: parser.XMLParseNoEnt
 2023-12-21 00:42:37 +00:00
Chad Bentz
6f3867d804 stub the type Parser + the function New 
(it will automatically make stubs for all the methods on that type)

Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-20 19:25:48 -05:00
Chad Bentz
4c46be1ed0 Use 3 arg overload on Method for hasQualifiedName for Package/Name/Type 2023-12-21 00:23:01 +00:00
github-actions[bot]
d77e8df800 Add changed framework coverage reports 2023-12-21 00:16:28 +00:00
Andrew Eisenberg
0cc4ba6552 Merge pull request #15164 from github/aeisenberg/system-reqs 2023-12-20 12:13:51 -08:00
Andrew Eisenberg
c6d1b6cb58 Update docs/codeql/codeql-overview/system-requirements.rst 2023-12-20 11:51:23 -08:00
yoff
b83c743810 Merge pull request #14944 from yoff/python/captured-variables-basic 
Python: Basic implementation of variable capture
 2023-12-20 16:53:48 +01:00
Max Schaefer
706dee927d Merge pull request #15160 from github/max-schaefer/csharp-xss 
C#: Mention more XSS sanitisation options in query help.
 2023-12-20 15:39:25 +00:00
Rasmus Lerchedahl Petersen
da4aef80e9 Revert "Python: make it a real consistency check" 
This reverts commit 45411f4a93.
 2023-12-20 16:15:17 +01:00
Max Schaefer
fea69263f3 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-12-20 15:06:03 +00:00
Rasmus Lerchedahl Petersen
0f89f69555 Python: fix VariableWrite and remove unneded step 2023-12-20 15:45:18 +01:00
Tony Torralba
1b9f59efa7 Merge pull request #14646 from github/java/update-mad-decls-after-triage-2023-10-31T15-52-01 
Java: Update MaD Declarations after Triage
 2023-12-20 15:37:19 +01:00
Tony Torralba
39708524e7 Minor fixes 
- Query ID
- MethodAccess -> MethodCall
- Redundant import
- Formatting
 2023-12-20 15:31:09 +01:00
Rasmus Lerchedahl Petersen
d039ceb689 Python: add test for fields 2023-12-20 15:23:45 +01:00
Rasmus Lerchedahl Petersen
706e9dc896 Python: fix compilation 2023-12-20 15:23:33 +01:00
Tony Torralba
e744d974e8 Merge pull request #14580 from github/java/update-mad-decls-after-triage-2023-10-24T15-42-01 
Java: Update MaD Declarations after Triage
 2023-12-20 15:01:24 +01:00
Tony Torralba
2df8bcb9dc Update java/ql/lib/change-notes/2023-10-31-new-models.md 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-12-20 14:59:07 +01:00
Rasmus Lerchedahl Petersen
45411f4a93 Python: make it a real consistency check 2023-12-20 14:53:37 +01:00
Rasmus Lerchedahl Petersen
215b146f06 Python: remove unused member predicate 2023-12-20 14:45:00 +01:00
Rasmus Lerchedahl Petersen
491ca3f1e6 Python: hide synthetic variable node 2023-12-20 14:42:45 +01:00
Rasmus Lerchedahl Petersen
afb3d1da6f Python: move capture node to DataFlowPrivate 2023-12-20 14:41:17 +01:00
Rasmus Lerchedahl Petersen
3cea46fe7b Python: fix typos 2023-12-20 14:35:10 +01:00
Rasmus Lerchedahl Petersen
f8417b0dd8 Merge branch 'main' of https://github.com/github/codeql into python/captured-variables-basic 2023-12-20 13:16:42 +01:00