Asger Feldthaus
|
91c64152d2
|
JS: Rephrase the qhelp for SSRF query
|
2022-02-16 13:35:01 +01:00 |
|
Asger Feldthaus
|
cf66d01e80
|
JS: Add consistency test
|
2022-02-16 13:35:01 +01:00 |
|
Asger Feldthaus
|
3103cfd925
|
JS: Rename to tests to clientSide.js and serverSide.js
|
2022-02-16 13:35:01 +01:00 |
|
Asger Feldthaus
|
3fbc3a4d70
|
JS: Add ClientSideRequestForgery to RequestForgery test
|
2022-02-16 13:35:01 +01:00 |
|
Asger Feldthaus
|
260638c68b
|
JS: Add ClientSideRequestForgery and split request-forgery results between the two
|
2022-02-16 13:35:01 +01:00 |
|
Asger Feldthaus
|
f7108506f2
|
JS: Raise precision tag of js/request-forgery
|
2022-02-14 14:20:41 +01:00 |
|
Arthur Baars
|
a85b2093d6
|
Merge pull request #7969 from github/doc-remove-filter-queries
Docs: remove mention of 'filter queries'
|
2022-02-11 12:48:34 +01:00 |
|
Taus
|
327e0dad72
|
Merge pull request #7674 from erik-krogh/dbTypeInNonLib
QL: Use of db-type outside language core.
|
2022-02-11 12:00:14 +01:00 |
|
Arthur Baars
|
47eb96d223
|
Docs: remove mention of 'filter queries'
|
2022-02-11 11:45:34 +01:00 |
|
Erik Krogh Kristensen
|
36e02ae9ac
|
Merge pull request #7912 from erik-krogh/moarApi
JS: convert more type-trackers to API-graphs
|
2022-02-11 10:32:45 +01:00 |
|
Tom Hvitved
|
0f60401919
|
Merge pull request #2513 from hvitved/csharp/null-maybe-capture
C#: Remove FPs from `cs/dereferenced-value-may-be-null`
|
2022-02-11 10:21:15 +01:00 |
|
Erik Krogh Kristensen
|
3791b159fb
|
Merge pull request #7892 from erik-krogh/nanSan
JS: Add a `isNaN` sanitizer, and use it in queries that already had a typeof check
|
2022-02-11 10:13:06 +01:00 |
|
Erik Krogh Kristensen
|
2ffd79d451
|
Merge pull request #7921 from erik-krogh/snapdragon
JS: add model for the snapdragon library
|
2022-02-11 10:10:55 +01:00 |
|
Tom Hvitved
|
987b11c362
|
Merge pull request #7926 from hvitved/csharp/brotli
C#: Use Brotli instead of Gzip
|
2022-02-11 09:29:04 +01:00 |
|
Esben Sparre Andreasen
|
a4447ce372
|
Update javascript/ql/lib/semmle/javascript/frameworks/Snapdragon.qll
|
2022-02-11 08:20:02 +01:00 |
|
Harry Maclean
|
017183e7f3
|
Merge pull request #7919 from github/hmac/open-uri
Ruby: recognise additional form for OpenURI
|
2022-02-11 14:03:26 +13:00 |
|
Erik Krogh Kristensen
|
f41bc64e30
|
add change-note
|
2022-02-10 22:41:35 +01:00 |
|
Arthur Baars
|
c9f898745c
|
Merge pull request #7943 from github/aibaars/cpp-move-note
C++: move change note
|
2022-02-10 22:32:31 +01:00 |
|
Arthur Baars
|
6cba49abe3
|
C++: move change note
|
2022-02-10 22:13:54 +01:00 |
|
Arthur Baars
|
1fb3cbfeee
|
Merge pull request #7940 from github/aibaars/js-move-note
Javascript: move change note
|
2022-02-10 21:20:06 +01:00 |
|
Arthur Baars
|
61ba896343
|
Javascript: move change note
|
2022-02-10 20:58:49 +01:00 |
|
Tom Hvitved
|
2b2196d638
|
Merge pull request #7927 from github/hvitved-patch-1
Add C# 10 and .NET 6 to `versions-compilers.rst`
|
2022-02-10 20:43:33 +01:00 |
|
Erik Krogh Kristensen
|
eb56a5aef3
|
support more patterns that recognize valid numbers
|
2022-02-10 19:50:35 +01:00 |
|
yoff
|
a2532a86ea
|
Merge pull request #7894 from tausbn/python-normalise-prefixes
Python: Normalise string prefixes
|
2022-02-10 17:57:11 +01:00 |
|
Tom Hvitved
|
a3d631f2df
|
Add C# 10 and .NET 6 to versions-compilers.rst
|
2022-02-10 15:45:00 +01:00 |
|
Tom Hvitved
|
1c66444a61
|
C#: Use Brotli instead of Gzip
|
2022-02-10 14:30:24 +01:00 |
|
Felicity Chapman
|
efed21b99a
|
Merge pull request #7885 from Marcono1234/marcono1234/extractor-doc-improvements
Fix and improve Extractor options documentation formatting
|
2022-02-10 12:59:45 +00:00 |
|
CodeQL CI
|
9ebbd9efa1
|
Merge pull request #7591 from asgerf/js/mysql-sinks
Approved by esbena
|
2022-02-10 12:50:36 +00:00 |
|
Felicity Chapman
|
5ec1fc11f9
|
Apply suggestions from code review
|
2022-02-10 12:41:37 +00:00 |
|
CodeQL CI
|
a57ee019c2
|
Merge pull request #7819 from asgerf/asgerf/ruby-def-nodes
Approved by hvitved
|
2022-02-10 12:37:34 +00:00 |
|
Taus Brock-Nannestad
|
be323bafaf
|
Merge remote-tracking branch 'upstream/main' into python-normalise-prefixes
|
2022-02-10 12:55:49 +01:00 |
|
CodeQL CI
|
1a91a79b5b
|
Merge pull request #5841 from erik-krogh/libCode
Approved by esbena, ethanpalm
|
2022-02-10 11:36:45 +00:00 |
|
Mathias Vorreiter Pedersen
|
d05dbb285c
|
Merge pull request #7841 from jketema/structured-bindings-fix
C++: Update C++ variable hiding test
|
2022-02-10 11:29:38 +00:00 |
|
Erik Krogh Kristensen
|
d55920ad27
|
add model for the snapdragon library
|
2022-02-10 11:32:59 +01:00 |
|
Jeroen Ketema
|
46821fe136
|
Update C++ variable hiding test
Structured bindings are now handled better, so the false negative
related to structured bindings is now a true positive.
|
2022-02-10 10:58:32 +01:00 |
|
Erik Krogh Kristensen
|
12d31d750a
|
convert more type-trackers to API-graphs
|
2022-02-10 09:54:52 +01:00 |
|
Stephan Brandauer
|
a73cdf3527
|
Merge pull request #7911 from kaeluka/javascript/add-getFlowLabel-to-PathNode
JS: add a getFlowLabel method to the PathNode class
|
2022-02-10 09:10:08 +01:00 |
|
Harry Maclean
|
d966ca8466
|
Ruby: recognise additional form for OpenURI
|
2022-02-10 15:42:15 +13:00 |
|
Harry Maclean
|
f30222256f
|
Merge pull request #7061 from github/hmac/actiondispatch
Ruby: Rails route resolution
|
2022-02-10 09:46:36 +13:00 |
|
Ethan Palm
|
2f7f9d9032
|
Move explanation of example above sample code
|
2022-02-09 10:45:24 -08:00 |
|
Stephan Brandauer
|
3e88d46e0f
|
add a getFlowLabel method to the PathNode class
|
2022-02-09 17:28:25 +01:00 |
|
Tamás Vajk
|
6483a92587
|
Merge pull request #7865 from github/post-release-prep/codeql-cli-2.8.0
Post-release preparation for codeql-cli-2.8.0
|
2022-02-09 16:42:38 +01:00 |
|
Tom Hvitved
|
c695388c29
|
Merge pull request #7891 from hvitved/ruby/dataflow/hide-ssa-nodes
Ruby: Hide more SSA nodes from data-flow path explanations
|
2022-02-09 15:56:15 +01:00 |
|
Tom Hvitved
|
0bd8411cb6
|
Ruby: Hide more SSA nodes from data-flow path explanations
|
2022-02-09 15:31:10 +01:00 |
|
Mathias Vorreiter Pedersen
|
336c25d929
|
Merge pull request #7913 from RasmusWL/ql-qlpacks
QL: Streamline qlpacks
|
2022-02-09 13:37:19 +00:00 |
|
Rasmus Wriedt Larsen
|
1f50624cf4
|
QL: Streamline qlpacks
So they follow the same format as the other languages.
`git grep codeql-ql` in the ql/ subfolder does not yield any results
now.
|
2022-02-09 14:08:36 +01:00 |
|
Rasmus Wriedt Larsen
|
9d5e8d5bd8
|
Merge pull request #7842 from RasmusWL/consistency-queires
Misc: Streamline `consistency-queries/qlpack.yml`
|
2022-02-09 13:42:18 +01:00 |
|
Nick Rolfe
|
1eba8277ee
|
Merge pull request #7614 from github/nickrolfe/array_flow_summaries
Ruby: add more Array/Enumerable flow summaries
|
2022-02-09 09:57:59 +00:00 |
|
Harry Maclean
|
f276904fa9
|
Ruby: Add nomagic pragma to helper
|
2022-02-09 22:38:35 +13:00 |
|
Michael Nebel
|
ff369f2a36
|
Merge pull request #7846 from michaelnebel/csharp/deconstruction
C# 10: Tuple deconstruction.
|
2022-02-09 10:08:16 +01:00 |
|