hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-24 20:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,222 Commits 1,686 Branches 158 Tags
93ade495c2e9bb741b486e4bb1e40384b7be8be8
Commit Graph

3709 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
4f93f2b9ba Merge pull request #10076 from erik-krogh/ql-for-ql-fixes 
various QL-for-QL fixes
 2022-08-18 15:46:48 +02:00
Anders Schack-Mulligen
61a2c0dab5 Merge pull request #10084 from aschackmull/java/numericcasttainted-barrier 
Java: Move sink-constraints into the configuration in NumericCastTainted.ql.
 2022-08-18 15:22:00 +02:00
erik-krogh
9e7c0c6ab9 revert changing imports in java/ 2022-08-18 10:19:12 +02:00
Anders Schack-Mulligen
37e5f0438c Java: Add change note. 2022-08-18 09:19:32 +02:00
erik-krogh
4bc10f9b5c explicitly import required frameworks that were previously implicitly imported 2022-08-18 08:40:46 +02:00
Anders Schack-Mulligen
f6eccd390e Java: Move sink-constraints into the configuration. 2022-08-17 15:06:55 +02:00
erik-krogh
14d83ab1b5 make the framework imports in FlowSources.qll private 2022-08-17 13:50:08 +02:00
erik-krogh
8066e39d07 delete some redundant imports 2022-08-17 13:50:04 +02:00
erik-krogh
2e44fba67d add explicit this 2022-08-17 13:33:31 +02:00
Joe Farebrother
7c188a6b96 Apply doc suggestions 2022-08-17 10:35:16 +01:00
Joe Farebrother
5afc0b0c15 Add security severity 2022-08-17 10:35:15 +01:00
Joe Farebrother
bf32b5a8fd Reiview suggestions - add doc comment, reword description, simplify a part 2022-08-17 10:35:15 +01:00
Joe Farebrother
960a4e58a0 Add change note 2022-08-17 10:35:14 +01:00
Joe Farebrother
c152a27a68 Reword docs 2022-08-17 10:35:14 +01:00
Joe Farebrother
f8f21c7ee6 Move static init vector query and tests from experimental to main 2022-08-17 10:35:13 +01:00
Jami
dd23d48ad2 Merge pull request #9939 from jcogs33/android-debug-query-inline-tests 
Java: query to detect android:debuggable attribute enabled
 2022-08-16 10:07:13 -04:00
Sid Shankar
1e1e2318b7 Merge pull request #10052 from github/task/fix-broken-links 
Docs: Replace HTTP broken links to equivalent HTTPS resources
 2022-08-16 08:45:08 -04:00
Alex Ford
d02ad51d74 Merge pull request #10032 from github/post-release-prep/codeql-cli-2.10.3 
Post-release preparation for codeql-cli-2.10.3
 2022-08-16 12:04:07 +01:00
Erik Krogh Kristensen
f106e064fa Merge pull request #9422 from erik-krogh/refacReDoS 
Refactorizations of the ReDoS libraries
 2022-08-16 09:32:08 +02:00
Jami Cogswell
07e141c5be added commas to help file 2022-08-15 15:50:00 -04:00
Jami Cogswell
b779f9f935 added casting 2022-08-15 15:50:00 -04:00
Jami Cogswell
6e10fcf519 added predicates in the AndroidManifest library and adjusted tests 2022-08-15 15:50:00 -04:00
Jami Cogswell
229324fde0 updated overview section of help file; also added 'App Manifest Overview' to references 2022-08-15 15:50:00 -04:00
Jami Cogswell
3714a98403 add reference to help file 2022-08-15 15:50:00 -04:00
Jami Cogswell
ead36822be update change note based on review comment 2022-08-15 15:50:00 -04:00
Jami Cogswell
f961540979 added change note 2022-08-15 15:50:00 -04:00
Jami Cogswell
d1a23ad78c updated to getRelativePath with %build% 2022-08-15 15:50:00 -04:00
Jami Cogswell
8c4b98c04f rename files 2022-08-15 15:50:00 -04:00
Jami Cogswell
475d67a4df minor updates, removed comments 2022-08-15 15:50:00 -04:00
Jami Cogswell
e2374f816a test commit for new branch 2022-08-15 15:50:00 -04:00
Jami Cogswell
54470c794d updated location part of query to use abs path and /build 2022-08-15 15:49:59 -04:00
Jami Cogswell
54acd0e330 add numeric value for security-severity 2022-08-15 15:49:59 -04:00
Jami Cogswell
fdb437552c clean up android query and tests 2022-08-15 15:49:59 -04:00
Jami Cogswell
cf39cc0909 updates to android debug query 2022-08-15 15:49:59 -04:00
Jami Cogswell
6720dba8e7 draft android debug query 2022-08-15 15:49:59 -04:00
Sid Shankar
02cd7bc7d2 Remove reference to infosecwriters.com 
infosecwriters.com now redirects to a completely unrelated page. The broken link was replaced with a mailing list post from Diabolical Crab (DCrab) diving into HTTP response splitting.
 2022-08-15 14:41:50 -04:00
Sid Shankar
ffbb158570 Update invalid link to devx.com 2022-08-15 14:40:12 -04:00
Chris Smowton
774e379eb1 Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability 
[JAVA] Partial Path Traversal Vuln Query
 2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen
0adb588fe8 Merge pull request #9712 from erik-krogh/badRange 
JS/RB/PY/Java: add suspicious range query
 2022-08-15 13:55:44 +02:00
Chris Smowton
1a3dc1d6eb Remove extra closing tag 2022-08-15 11:31:53 +01:00
Chris Smowton
5677e38994 Style edit 2022-08-15 10:37:55 +01:00
Chris Smowton
3cf871e9e5 Apply docs suggestions 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-08-15 10:34:55 +01:00
erik-krogh
b54f037424 Merge branch 'main' into refacReDoS 2022-08-12 20:28:30 +02:00
github-actions[bot]
21d0c78376 Post-release preparation for codeql-cli-2.10.3 2022-08-11 23:20:39 +00:00
github-actions[bot]
57c4f9145b Release preparation for version 2.10.3 2022-08-11 11:12:15 +00:00
Anders Schack-Mulligen
ecc15a1f95 Java: Remove SensitiveLoggingQuery results that flow through a source. 2022-08-10 14:28:07 +02:00
Chris Smowton
09e4c6b66b Add dataflow path-graph 2022-08-10 10:37:55 +01:00
Chris Smowton
2ca0b0c6b5 Inline qhelp overview 
A <p> at the top isn't allowed, and for some reason the inclusion is required to be a valid qhelp file.
 2022-08-10 10:37:48 +01:00
Erik Krogh Kristensen
559ec7ba56 Merge branch 'main' into repeatedWord 2022-08-09 21:22:47 +02:00
smehta23
cf68a11267 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:28 -07:00