hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,183 Commits 1,673 Branches 157 Tags
929d9dbdfa330c85297c709daf23c035faaa5033
Commit Graph

4029 Commits

Author SHA1 Message Date
github-actions[bot]
981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
github-actions[bot]
fe4d27e8cc Release preparation for version 2.12.5 2023-03-16 12:58:50 +00:00
erik-krogh
6a5d6eb5c2 lower precision of py/shell-command-constructed-from-input to medium 2023-03-13 14:56:42 +01:00
erik-krogh
d001cc40d3 Merge branch 'main' into py-shell 2023-03-13 14:56:04 +01:00
Anders Schack-Mulligen
21d5fa836b Python: Autoformat 2023-03-10 09:41:17 +01:00
Asger F
6e744093e2 Merge pull request #12398 from github/post-release-prep/codeql-cli-2.12.4 
Post-release preparation for codeql-cli-2.12.4
 2023-03-09 15:38:21 +01:00
Rasmus Lerchedahl Petersen
072df5dbc0 python: remove protocol family 
this concept was due to my confusion between
TLS and SSL23, but they are aliases.

We might want to bring back the concept if we model DTLS.

Also, model what exactly creations allow,
bring this back from the unrestrictions they used to be.

We accept the changes regarding sources being reported differently.
 2023-03-07 14:41:13 +01:00
Rasmus Lerchedahl Petersen
8160f742a5 Python: small clean-up 
- no need for th 2-suffix
- context creations are no longer unrestrictions
 2023-03-06 19:47:53 +01:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
github-actions[bot]
462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Anders Schack-Mulligen
34cc93846b Python: Adjust InsecureProtocol query. 2023-03-01 13:36:10 +01:00
Ahmed Farid
6a578c62b0 Update TimingAttack.qll 2023-02-27 22:16:09 +01:00
Taus
25043f51a4 Merge pull request #11376 from RasmusWL/call-graph-code 
Python: New type-tracking based call-graph
 2023-02-27 14:51:21 +01:00
Rasmus Lerchedahl Petersen
9e97877938 python: lower precision as discussed 2023-02-20 12:06:19 +01:00
Nick Rolfe
3e5534f0ba Merge branch 'main' into post-release-prep/codeql-cli-2.12.3 2023-02-17 14:39:26 +00:00
Calum Grant
35a53fa990 Merge pull request #12183 from RasmusWL/example-update 
Python: Update a few examples so queries work on them
 2023-02-17 14:21:38 +00:00
yoff
2f8dddabb6 Merge pull request #11570 from Sim4n6/UnsafeUnpack 
Python: Unsafe unpacking using `shutil.unpack_archive()` query and tests
 2023-02-17 09:48:05 +01:00
github-actions[bot]
8eb8daa4d4 Post-release preparation for codeql-cli-2.12.3 2023-02-16 17:23:25 +00:00
amammad
54582031d8 v1 2023-02-16 17:14:32 +01:00
Ahmed Farid
ccbb58966f Update TimingAttack.qll 2023-02-16 14:15:04 +01:00
Ahmed Farid
a421e3a3a3 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 14:14:43 +01:00
Ahmed Farid
f57861b6a3 Update TimingAttack.qll 2023-02-16 14:14:13 +01:00
Ahmed Farid
f70f5c7935 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 14:03:26 +01:00
Ahmed Farid
4b3efa87dc Update TimingAttack.qll 2023-02-16 14:01:29 +01:00
Ahmed Farid
005839b462 Update TimingAttack.qll 2023-02-16 12:49:40 +01:00
github-actions[bot]
b0315119c6 Release preparation for version 2.12.3 2023-02-16 11:49:06 +00:00
Ahmed Farid
01b865f75b Update TimingAttack.qll 2023-02-16 01:36:06 +01:00
Ahmed Farid
fbfe23b7c4 Update TimingAttack.qll 2023-02-16 01:21:50 +01:00
Ahmed Farid
b8f9b2b424 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 01:11:41 +01:00
Ahmed Farid
016136a2e3 Update TimingAttack.qll 2023-02-16 01:10:36 +01:00
erik-krogh
759854991a fix various nits based on feedback 2023-02-15 11:10:43 +01:00
Rasmus Wriedt Larsen
dc5bb4fb77 Python: Update a few examples so queries work on them 
Fixes problem highlighted in https://github.com/github/codeql/issues/12156
 2023-02-14 11:54:18 +01:00
Sim4n6
eed19a3e15 Fix autoformatting issues 2023-02-10 21:58:29 +01:00
Sim4n6
09df055d86 Fix the exists cast warning 2023-02-09 15:25:54 +01:00
Sim4n6
16ef50401b Update python/ql/src/experimental/Security/UnsafeUnpackQuery.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-02-09 14:59:28 +01:00
Sim4n6
4196230a8a use if-then-else rather than nested exists 2023-02-08 21:46:50 +01:00
Sim4n6
9e285020a1 Comment modif + remove redundant cast 2023-02-08 21:14:53 +01:00
Rasmus Wriedt Larsen
23144f584a Merge branch 'main' into call-graph-code 2023-02-08 16:17:34 +01:00
Sim4n6
ec82d61991 Add another frequently used step 2023-02-05 14:36:17 +01:00
erik-krogh
c5350ca6a0 add change-note 2023-02-03 14:47:58 +01:00
erik-krogh
7fcc548665 add py/shell-command-constructed-from-input, but without a source. 
It's a very direct port from Ruby, with only minor adjustments to fit the Python APIs
 2023-02-03 14:47:55 +01:00
github-actions[bot]
faf21f3edb Post-release preparation for codeql-cli-2.12.2 2023-02-02 23:01:04 +00:00
Sim4n6
1a8c9abee2 Incorporate Sink & Source as steps from TarSlipQry 2023-02-02 21:09:40 +01:00
github-actions[bot]
a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
Sim4n6
7079def7ce Add an S3 source with Session or download_fileobj 2023-01-30 00:49:23 +01:00
Sim4n6
0707064ab5 Constrain the save/path step 2023-01-28 10:14:24 +01:00
Sim4n6
a4aaf0ec6f Remove a write step & update the builtin open step 2023-01-28 09:53:54 +01:00
Sim4n6
0e2f37825d Organize steps to correspond to the sample code 2023-01-27 23:58:03 +01:00
Sim4n6
ee213123ac Add builtin open as an additional step 2023-01-27 18:16:11 +01:00