hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,347 Commits 1,773 Branches 168 Tags
7db5b09532df8e11bb4ee090d494036f80975f9e
Commit Graph

34347 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan Brandauer
7db5b09532 add assignedToPropName feature to let the model improve number of false positives for XSS query 2022-06-30 08:32:50 +02:00
Stephan Brandauer
4494864d15 fix bug in InputArgumentIndex feature 2022-06-30 08:32:50 +02:00
Stephan Brandauer
f605f45cfd performance fixes 2022-06-30 08:32:49 +02:00
Stephan Brandauer
3400b31d7c use ? for unknown parameternames 2022-06-30 08:32:49 +02:00
Stephan Brandauer
11ed0f2d7b add documentations and rename a feature 2022-06-30 08:32:49 +02:00
Stephan Brandauer
ed0b18c8cd add functionInterfacesInFile and surroundingFunctionParameters features 2022-06-30 08:32:48 +02:00
Stephan Brandauer
8d59dceb53 documentation for calleeImports ATM feature 2022-06-30 08:32:48 +02:00
Stephan Brandauer
e26bc59863 documentation for new feature 2022-06-30 08:32:48 +02:00
Stephan Brandauer
d2580d8cb5 ATM: new feature to list all imports in an endpoint's file 2022-06-30 08:32:48 +02:00
Esben Sparre Andreasen
ba308e27e8 use proper import instead of inlining 2022-06-30 08:32:47 +02:00
Esben Sparre Andreasen
ca8a6003f3 remove Input_ArgumentIndexAndAccessPathFromCallee 2022-06-30 08:32:47 +02:00
Esben Sparre Andreasen
5f0658756a add docstring examples 2022-06-30 08:32:47 +02:00
Esben Sparre Andreasen
710cfdfcb6 address review comments 2022-06-30 08:32:46 +02:00
Esben Sparre Andreasen
511eae1f1c Apply suggestions from code review 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-06-30 08:32:46 +02:00
Esben Sparre Andreasen
1a97f65454 fix semantic merge conflict 2022-06-30 08:32:46 +02:00
Esben Sparre Andreasen
09cc6c8dd7 rename new features 2022-06-30 08:32:45 +02:00
Esben Sparre Andreasen
624f254417 add more features 2022-06-30 08:32:45 +02:00
Esben Sparre Andreasen
dc9721db2d improve feature documentation 2022-06-30 08:32:45 +02:00
Esben Sparre Andreasen
6b33c940fe improve feature tests with more cases 2022-06-30 08:32:45 +02:00
Esben Sparre Andreasen
55697c5a3f improve access path strings 2022-06-30 08:32:44 +02:00
Esben Sparre Andreasen
294bcd1117 support import in getSimpleAccessPath 2022-06-30 08:32:44 +02:00
Esben Sparre Andreasen
6f8cafff42 support await in getSimpleAccessPath 2022-06-30 08:32:44 +02:00
Esben Sparre Andreasen
65475c9b2d avoid using new feautes by default 2022-06-30 08:32:43 +02:00
Esben Sparre Andreasen
b524cebdd2 add CompareFeatures.ql 2022-06-30 08:32:43 +02:00
Esben Sparre Andreasen
50cf5e23a8 add generic tests for features 2022-06-30 08:32:43 +02:00
Esben Sparre Andreasen
45a9bb8769 Document EndpointFeatures.qll 2022-06-30 08:32:43 +02:00
Esben Sparre Andreasen
a05c475cc0 add ParameterAccessPathSimpleFromArgumentTraversal 2022-06-30 08:32:42 +02:00
Esben Sparre Andreasen
e21b2f4dc1 improve getSimpleAccessPath 2022-06-30 08:32:42 +02:00
Esben Sparre Andreasen
a676cf62a6 refactor calleeAccessPath feature to class 2022-06-30 08:32:42 +02:00
Stephan Brandauer
e73b50a3f4 refactor getACallBasedTokenFeature to class-use 2022-06-30 08:32:41 +02:00
Esben Sparre Andreasen
e5e3bb4247 Add CalleeAccessPathSimpleFromArgumentTraversal 2022-06-30 08:32:41 +02:00
Esben Sparre Andreasen
592959048e refactor EndpointFeatures.ql to use classes 2022-06-30 08:32:41 +02:00
Anders Schack-Mulligen
f1ec2e3260 Merge pull request #8426 from atorralba/atorralba/missing-severities 
Java: Add missing security-severity scores
 2022-03-31 14:53:47 +02:00
Chris Smowton
fa8791f1d5 Merge pull request #8620 from jketema/doc-typo-fix 
CLI docs: make the running text match the example
 2022-03-31 12:36:51 +01:00
Anders Schack-Mulligen
8d9ce5fb4c Merge pull request #8625 from aschackmull/java/qldoc-casing-fix 
Java: Fix acronym casing in qldoc referring to Java class names.
 2022-03-31 13:33:11 +02:00
Tom Hvitved
9c90385846 Merge pull request #8624 from hvitved/ruby/fix-import 
Ruby: Fix broken import
 2022-03-31 12:51:50 +02:00
Anders Schack-Mulligen
f28da00ec4 Java: Fix qldoc as followup to https://github.com/github/codeql/pull/8323 2022-03-31 12:50:36 +02:00
Tom Hvitved
40986bfcb1 Ruby: Fix broken import 2022-03-31 12:32:03 +02:00
Michael Nebel
27b1d1e1e0 Merge pull request #8348 from michaelnebel/csharp/externalapi-telemetry 
C#: ExternalAPI implementation for Telemetry.
 2022-03-31 11:36:07 +02:00
Geoffrey White
146318dbc1 Merge pull request #8580 from geoffw0/privdata 
C++: Port PrivateData.qll from C# and use it in cpp/cleartext-transmission
 2022-03-31 10:12:46 +01:00
Arthur Baars
15c54f6100 Merge pull request #8354 from aibaars/incomplete-url-string-sanitization 
Incomplete url string sanitization
 2022-03-31 10:59:51 +02:00
Jeroen Ketema
85e2367769 CLI docs: make the running text match the example 2022-03-31 10:14:30 +02:00
Arthur Baars
7e866ed376 Merge pull request #8617 from cklin/qldoc-coverage-new-language 
QLdoc check: handle new languages gracefully
 2022-03-31 10:00:36 +02:00
Chuan-kai Lin
1ff0fda5d1 QLdoc check: handle new languages gracefully 2022-03-30 14:58:13 -07:00
Chuan-kai Lin
48015e5a2e Merge pull request #8597 from cklin/run-js-ml-tests 
JS: Fix expected test output for ATM queries
 2022-03-30 13:10:02 -07:00
Chuan-kai Lin
a8dabb238d JS: Fix expected test output for ATM queries 2022-03-30 11:35:17 -07:00
Nick Rolfe
fa1bb82701 Merge pull request #8610 from github/nickrolfe/re-fix-location-join-order 
Ruby: undo accidental revert of #8538
 2022-03-30 16:31:52 +01:00
Nick Rolfe
10b75bff76 Ruby: undo accidental revert of 13be9919 2022-03-30 16:02:12 +01:00
Chris Smowton
9675f34cf5 Merge pull request #8257 from luchua-bc/java/insecure-webview-resource-response 
Java: CWE-200 Query to detect insecure WebResourceResponse implementation
 2022-03-30 15:56:27 +01:00
Arthur Baars
031d183bdf Merge pull request #8532 from aibaars/regex-refactor-2 
JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll
 2022-03-30 16:38:47 +02:00