hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-21 06:55:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
59,558 Commits 1,741 Branches 165 Tags
85bb14f04f281a2e74987a238130ff2ca3748076
Commit Graph

476 Commits

Author SHA1 Message Date
Geoffrey White
62b0ebf2fe Merge pull request #14407 from geoffw0/grdbsinks 
Swift: Add sinks for the GRDB database library to swift/hardcoded-key
 2023-10-09 12:58:17 +01:00
Geoffrey White
8a7325268a Swift: Change note. 2023-10-07 23:19:24 +01:00
Geoffrey White
6bea7f89a8 Merge branch 'main' into sqlpathinject2 2023-10-05 16:15:37 +01:00
Henry Mercer
99646ba2a3 Merge pull request #14367 from github/henrymercer/rc-3.11-mergeback 
Merge `rc/3.11` into `main`
 2023-10-04 10:05:38 +01:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Geoffrey White
8e9ca7bc26 Swift: Improve RegexEvals.ql and summary regex reporting. 2023-09-28 08:31:45 +01:00
Geoffrey White
e4e4c5be61 Swift: Make QL-for-QL happy. 2023-09-27 19:12:04 +01:00
Geoffrey White
87696e58ab Swift: Break the 'taint reach' metric off into its own query (it's expensive to compute). 2023-09-27 18:34:55 +01:00
Geoffrey White
ec573bdda8 Swift: Clean up and improve consistency. 2023-09-27 18:34:40 +01:00
Geoffrey White
ee83ad730b Swift: Add a summary query for regex evals. 2023-09-27 18:34:32 +01:00
Geoffrey White
9f1332bdb2 Swift: Add a summary query for query sinks. 2023-09-27 18:34:32 +01:00
Geoffrey White
f9a617c714 Swift: Change note. 2023-09-25 20:31:00 +01:00
github-actions[bot]
3acf5244b0 Post-release preparation for codeql-cli-2.14.6 2023-09-20 10:25:10 +00:00
Geoffrey White
ae159924a3 Swift: Add numeric barrier to the regular expression injection query as well. 2023-09-19 16:21:43 +01:00
Geoffrey White
e011951e1f Swift: Added change note for the new barriers. 2023-09-19 14:59:27 +01:00
github-actions[bot]
0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
Geoffrey White
535a69cd8b Merge branch 'main' into logfix 2023-09-13 19:01:52 +01:00
Geoffrey White
e109892388 Merge pull request #14189 from geoffw0/protocol2 
Swift: Consistent additional taint steps between the cleartext-* queries
 2023-09-13 18:44:20 +01:00
Geoffrey White
3bf0d66d6c Merge pull request #13906 from geoffw0/commandinject2 
Swift: Add tests and develop command injection query
 2023-09-13 08:59:06 +01:00
Geoffrey White
d65f2b4fa9 Swift: Change note. 2023-09-12 14:36:37 +01:00
Geoffrey White
1cde183005 Merge branch 'main' into logfix 2023-09-11 13:14:58 +01:00
Geoffrey White
3fd5de83cb Merge branch 'main' into sqlpathinject 2023-09-11 12:42:49 +01:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
github-actions[bot]
abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Alex Denisov
35e949945d Swift: add queries for unresolved AST nodes 2023-09-05 13:29:11 +02:00
Mathias Vorreiter Pedersen
6a21fa04cd Merge pull request #14034 from geoffw0/hostname 
Swift: New query: Incomplete regular expression for hostnames
 2023-08-30 11:33:36 +01:00
Geoffrey White
39b45fa24f Merge pull request #13943 from geoffw0/weakhashexample 
Swift: Update the weak sensitive data hashing examples and qhelp
 2023-08-30 10:36:23 +01:00
Geoffrey White
125629a7e2 Swift: Delete 'usually'. 2023-08-29 23:25:22 +01:00
Geoffrey White
210a5bfff2 Update swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-29 23:24:12 +01:00
Geoffrey White
7006cfd8f8 Swif: Fix paragraph breaks. 2023-08-29 23:00:17 +01:00
github-actions[bot]
3eba77421a Post-release preparation for codeql-cli-2.14.3 2023-08-28 15:53:49 +00:00
Geoffrey White
415d9e0674 Swift: Address review comments. 2023-08-24 18:41:48 +01:00
Geoffrey White
242a49e6f1 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-24 17:19:01 +01:00
Geoffrey White
02fbb47b64 Swift: Change note. 2023-08-23 13:04:49 +01:00
Geoffrey White
03ca29ab96 Swift: Adapt the IncompleteHostnameRegex qhelp for Swift. 2023-08-23 13:04:49 +01:00
Geoffrey White
efcadbda69 Swift: Get the IncompleteHostnameRegex query working for Swift. 2023-08-23 10:32:10 +01:00
Geoffrey White
6fb1058e73 Swift: Copy IncompleteHostnameRegex query from JS. 2023-08-23 08:46:13 +01:00
github-actions[bot]
098dfb4242 Release preparation for version 2.14.3 2023-08-18 14:48:15 +00:00
Geoffrey White
c9e26678d0 Swift: Change notes. 2023-08-16 10:58:04 +01:00
Geoffrey White
94a5aa450c Swift: Edit the weak sensitive data hashing examples and qhelp to encourage use of HMAC and key derivation algorithms where appropriate. 2023-08-10 18:21:25 +01:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
github-actions[bot]
79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Geoffrey White
2664c306d3 Swift: Qhelp / examples. 2023-08-04 17:01:04 +01:00
Geoffrey White
048daa9a57 Swift: QLDoc comments and metadata. 2023-08-04 17:01:03 +01:00
Geoffrey White
f921076fca Swift: Autoformat. 2023-07-31 10:25:25 +01:00
Geoffrey White
e534afe634 Merge pull request #13726 from maikypedia/maikypedia/swift-command-injection 
Swift: Add Command Injection query (CWE-078)
 2023-07-31 10:06:22 +01:00
Maiky
90ac5b905b 2023-07-28 00:21:02 +02:00
Maiky
2a49219127 Move query to experimental 2023-07-28 00:15:33 +02:00
Maiky
d9800c7bb6 Update CommandInjection.ql 2023-07-27 22:45:50 +02:00