hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 18:34:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,021 Commits 1,683 Branches 158 Tags
7ba18e64a041e06bae723681d4c9dee985ee29fa
Commit Graph

62021 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
7ba18e64a0 Swift: Add sinks for algorithms that are OK for sensitive data hashing but not for password hashing. 2023-12-14 18:04:34 +00:00
Geoffrey White
c2d49c0fff Swift: Address a weakness in the sensitive data regexs. 2023-12-14 18:04:34 +00:00
Geoffrey White
87eb96ed3b Swift: Add more cases to test. 2023-12-14 18:04:34 +00:00
Geoffrey White
22ed20dd7c Swift: Upgrade SecKeyCopyExternalRepresentation source to be considered a password / key rather than a miscellaneous credential. 2023-12-14 18:04:34 +00:00
Geoffrey White
10b4c98e80 Swift: Move password sources to be reported by the new query. 2023-12-14 16:09:47 +00:00
Geoffrey White
5faa25fc6c Swift: Make passwords their own sensitive data type. 2023-12-14 16:09:47 +00:00
Geoffrey White
b5a45c64ff Swift: Define barriers, additional flow steps and sinks. 2023-12-14 16:09:47 +00:00
Geoffrey White
e5bf929cdb Swift: Split off WeakPasswordHashingExtensions.qll as we normally do. 2023-12-14 16:09:46 +00:00
Geoffrey White
db1508d108 Swift: Trivial changes - query ID / metadata, imports. 2023-12-14 16:09:46 +00:00
Geoffrey White
9774c3cb4f Swift: Copy WeakPasswordHashing query from csharp. 2023-12-14 16:09:45 +00:00
Geoffrey White
be7d0acfea Swift: Minor fixes for the existing weak sensitive data hashing query (naming consistency, remove unused import). 2023-12-14 16:09:45 +00:00
Erik Krogh Kristensen
063f69c10e Merge pull request #15072 from erik-krogh/ts-various 
JS: Various TypeScript extraction fixes.
 2023-12-14 14:17:42 +01:00
Koen Vlaswinkel
7c141b9239 Merge pull request #15089 from github/koesie10/csharp-model-editor-generics 
C#: Fix names of generic types/methods in model editor queries
 2023-12-14 14:17:14 +01:00
erik-krogh
72e99b5b9d rename extractor environment variable to CODEQL_EXTRACTOR_JAVASCRIPT_OPTION_SKIP_TYPES 2023-12-14 12:52:49 +01:00
Tom Hvitved
c8b4a215bc Merge pull request #14573 from hvitved/flow-summary-impl-param 
Move `FlowSummaryImpl.qll` to `dataflow` pack
 2023-12-14 12:24:15 +01:00
Tom Hvitved
8f0e0b6559 Merge pull request #15090 from hvitved/inline-flow-test-get-arg-string 
InlineFlowTest: Allow for custom `getArgString`
 2023-12-14 10:53:55 +01:00
Tamás Vajk
3487f9d143 Merge pull request #15070 from tamasvajk/standalone/exclusions 
C#: Remove unneeded options and add support for `paths/paths-ignore` in standalone
 2023-12-14 10:41:53 +01:00
Tom Hvitved
7da10e0013 Merge pull request #15095 from hvitved/dataflow/boolean-class 
Data flow: Use `Boolean` class
 2023-12-14 10:29:52 +01:00
Tamas Vajk
ee70de8879 Fix code review findings 2023-12-14 10:15:22 +01:00
Tom Hvitved
8fc6fb1ec0 Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-12-14 10:10:53 +01:00
Koen Vlaswinkel
96feb2c787 C#: Rename getMethodName to getEndpointName 2023-12-14 10:04:46 +01:00
Tom Hvitved
098afb935b Address more review comments 2023-12-14 09:48:45 +01:00
Tamas Vajk
728229e6e1 Fix code review findings 2023-12-14 09:44:20 +01:00
yoff
b78ceb61a3 Merge pull request #15099 from fossilet/fix-qll-typo 
Fix typo in qll.
 2023-12-14 09:43:26 +01:00
Chris Smowton
d884726490 Merge pull request #15098 from fossilet/fix-signature-doc 
Fix typo.
 2023-12-14 08:35:56 +00:00
fossilet
1cc2f073c4 Fix typo in qll. 2023-12-14 16:05:14 +08:00
Tom Hvitved
5a426d1800 Data flow: Use Boolean class 2023-12-14 09:04:16 +01:00
Michael Nebel
1653433f39 Merge pull request #15096 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-12-14 08:51:34 +01:00
fossilet
9157dde4e2 Fix typo. 2023-12-14 15:35:13 +08:00
github-actions[bot]
c1325d798f Add changed framework coverage reports 2023-12-14 00:16:18 +00:00
Edward Minnix III
14a76278b8 Merge pull request #14802 from egregius313/egregius313/java/update-ql-integration-test 
Java: Add `.properties` file references in integration tests
 2023-12-13 18:40:03 -05:00
Ed Minnix
717e69ac0e Add properties file references 2023-12-13 16:54:55 -05:00
Paolo Tranquilli
307da3417d Merge pull request #15091 from github/redsun82/fix-cmake-bazel-version 
Bazel/CMake: use bazelisk to use correct bazel version
 2023-12-13 19:06:37 +01:00
Jeroen Ketema
4d922ddb0c Merge pull request #15092 from jketema/mb12 
Merge back `rc/3.12` into main
 2023-12-13 17:45:58 +01:00
Paolo Tranquilli
9e300a9906 Merge branch 'main' into redsun82/fix-cmake-bazel-version 2023-12-13 17:36:07 +01:00
Jeroen Ketema
25a1b0532e Merge pull request #15094 from github/revert-13870-commoncrypto1 
Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query"
 2023-12-13 17:21:44 +01:00
Mathias Vorreiter Pedersen
a478980e48 Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query" 2023-12-13 15:40:09 +00:00
Mathias Vorreiter Pedersen
5ddfb1f7c3 Merge pull request #15088 from MathiasVP/debug-mode-for-dataflow-printing 
C++: Easier debugging of dataflow node `toString` output
 2023-12-13 15:15:41 +00:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
Paolo Tranquilli
819fc52854 Bazel/CMake: use bazelisk to use correct bazel version 2023-12-13 15:32:06 +01:00
Mathias Vorreiter Pedersen
401ab3b035 C++: Fix 'isDebugMode'. It was computing 'isNotDebugMode' (oops). 2023-12-13 14:31:45 +00:00
Mathias Vorreiter Pedersen
fcc3113bfc C++: Privately import 'Node0ToString'. 2023-12-13 14:31:02 +00:00
Michael Nebel
b765ba387f Merge pull request #13110 from GeekMasher/csharp-aws 
[CSharp] AWS Lambda Modelling
 2023-12-13 15:14:58 +01:00
Tamas Vajk
c870b0d4e9 Add more logging to the file filtering 2023-12-13 14:14:07 +01:00
Tamas Vajk
694be29311 Remove uneeded option from the help 2023-12-13 14:13:41 +01:00
Tom Hvitved
28a2d05cf8 InlineFlowTest: Allow for custom getArgString 2023-12-13 13:58:44 +01:00
Koen Vlaswinkel
e177f8783a C#: Share qualified name module for model editor queries 2023-12-13 13:48:44 +01:00
Koen Vlaswinkel
ea504cddd1 C#: Use correct names for generic types/methods in model editor queries 2023-12-13 13:48:23 +01:00
Michael Nebel
ffc36e4ccd Merge pull request #15085 from michaelnebel/csharp/telemetrycalls 
C#: Telemetry should only count calls in source.
 2023-12-13 13:46:16 +01:00
Koen Vlaswinkel
79f5a6acab C#: Add test model for generic method 2023-12-13 13:46:06 +01:00