hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 06:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
50,855 Commits 1,740 Branches 165 Tags
9dc9925f59ea93da74dfbfc570bedd70d35dddcd
Commit Graph

50855 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Denisov
97d5401118 Swift: extract mangler into a separate class 2023-02-28 15:29:44 +01:00
Michael B. Gale
e3762c7f93 Move Language class to Semmle.Util 2023-02-28 14:16:33 +00:00
Felicity Chapman
a7d221cdab Update docs/codeql/reusables/beta-note-mrva.rst 2023-02-28 14:12:57 +00:00
Michael B. Gale
e60676fbde Fix IDisposable contract violation 2023-02-28 13:56:06 +00:00
Michael Nebel
734001b7c4 Merge pull request #12334 from michaelnebel/csharp/staticinitialisers 
C#: Update query to handle static field writes from properties.
 2023-02-28 14:10:46 +01:00
Geoffrey White
d5952a174e Merge pull request #12329 from geoffw0/network 
Swift: Modernize the cleartext-* queries
 2023-02-28 13:04:10 +00:00
Michael Nebel
51746627d2 C#: Address review comments. 2023-02-28 13:38:34 +01:00
Felicity Chapman
aba7440293 Update docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2023-02-28 12:29:16 +00:00
Felicity Chapman
832dc27b08 Update docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2023-02-28 12:22:26 +00:00
Michael Nebel
4ef866b3a3 C#: Add change note. 2023-02-28 13:21:31 +01:00
Michael Nebel
baea74fa1b C#: Add new testexamples and update expected testoutput. 2023-02-28 13:21:31 +01:00
Michael Nebel
621674e82e C#: Update cs/static/field-written-by-instance to handle properties. 2023-02-28 13:21:30 +01:00
Chris Smowton
687f3c6b2e Merge pull request #12330 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-02-28 11:27:00 +00:00
Felicity Chapman
0af529ed7b Apply suggestions from code review 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2023-02-28 11:12:29 +00:00
Kasper Svendsen
86925646f3 ReflectedXss: Prevent bad join order 2023-02-28 12:06:27 +01:00
Michael Nebel
2db3694015 C#: Add code comment explaining the exclusion of the declared accessibility extraction for file scoped types. 2023-02-28 11:02:38 +01:00
Felicity Chapman
b21253732b Update for review feedback 2023-02-28 09:58:51 +00:00
github-actions[bot]
b6f81fc938 Add changed framework coverage reports 2023-02-28 00:17:14 +00:00
Geoffrey White
5110cf1e02 Swift: Convert some fiddly GRDB database sinks to CSV. 2023-02-27 23:31:48 +00:00
Geoffrey White
f289811473 Swift: Fix and autoformat. 2023-02-27 23:01:05 +00:00
Geoffrey White
ea4c2e4321 Swift: Add CSV extension points. 2023-02-27 23:01:05 +00:00
Geoffrey White
c533334470 Swift: Implementation classes should be private. 2023-02-27 23:01:04 +00:00
Geoffrey White
c21ec1c3f5 Swift: Standardize the taint sources, sinks, sanitizers. 2023-02-27 23:01:04 +00:00
Geoffrey White
6928e62d8b Swift: Split the three sensitive exprs queries into separate QL and QLL files. 2023-02-27 23:01:04 +00:00
Geoffrey White
59a2aa817c Merge branch 'main' into nsstring 2023-02-27 22:34:04 +00:00
Geoffrey White
bb55456885 Merge branch 'main' into taintplusequals2 2023-02-27 22:33:26 +00:00
Arthur Baars
6c57823232 Merge branch 'main' into diagnostics-2 2023-02-27 19:00:03 +01:00
Geoffrey White
36a33bc718 Swift: Delete file that was resurrected by the merge. 2023-02-27 17:33:21 +00:00
Nick Rolfe
0f4df0da99 Merge pull request #12326 from RasmusWL/python-fix-expected 
Python: Fix expected of call-graph after merge
 2023-02-27 17:30:10 +00:00
Geoffrey White
296093ded6 Merge branch 'main' into nsstring 2023-02-27 17:26:57 +00:00
Erik Krogh Kristensen
50aa5e072a Merge pull request #12177 from erik-krogh/alias-html 
JS: More precise type-test sanitizer guards in unsafe-html-construction
 2023-02-27 18:16:11 +01:00
Felicity Chapman
1d13811e46 Revise troubleshooting article 2023-02-27 16:42:07 +00:00
Rasmus Wriedt Larsen
d198b91c82 Python: Fix expected of call-graph after merge 
Since the import resolution was fixed, but tests not rerun, these
expectations were not updated to reflect that we now handle them
properly 💪
 2023-02-27 17:38:28 +01:00
Edward Minnix III
7f607fb46b Merge pull request #12032 from egregius313/egregius313/promote-hardcoded-jwt-credential 
Java: Promote Hardcoded JWT credential query
 2023-02-27 11:33:53 -05:00
Felicity Chapman
8e4eb9ad46 Tweaks to mention variant analysis in related articles 2023-02-27 16:21:09 +00:00
erik-krogh
505168f24b fix upper-case .html.erb files 2023-02-27 17:19:43 +01:00
Felicity Chapman
49ec539b60 Updates following initial PM review 2023-02-27 16:07:28 +00:00
Felicity Chapman
29802af647 Fix typo in heading 2023-02-27 15:06:19 +00:00
Felicity Chapman
9bee9c003a Apply suggestions from code review 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2023-02-27 14:58:17 +00:00
Erik Krogh Kristensen
927c322b7b Merge pull request #11769 from erik-krogh/moreSan 
JS: Sanitizer for `sanitizer(x) === true`
 2023-02-27 15:48:34 +01:00
Mathias Vorreiter Pedersen
332b759873 Merge pull request #12275 from jketema/uniform-ssa 
Make "Detecting a potential buffer overflow" example more uniform
 2023-02-27 14:38:11 +00:00
Mathias Vorreiter Pedersen
1dd95a61c1 Merge pull request #12292 from github/calumgrant/aggregate-domain 
Query and tests for sum without domain
 2023-02-27 14:19:20 +00:00
Tony Torralba
db6cb1ffe3 Remove dubious model after investigating it 2023-02-27 14:57:56 +01:00
yoff
335be21943 Update docs/codeql/codeql-language-guides/using-api-graphs-in-python.rst 
Co-authored-by: Taus <tausbn@github.com>
 2023-02-27 14:53:31 +01:00
Taus
25043f51a4 Merge pull request #11376 from RasmusWL/call-graph-code 
Python: New type-tracking based call-graph
 2023-02-27 14:51:21 +01:00
Paolo Tranquilli
5cb3279816 Merge pull request #12319 from github/redsun82/swift-codegen 
Codegen: make Swift codegen language agnostic
 2023-02-27 14:06:20 +01:00
Felicity Chapman
70ed029d0e More updates 2023-02-27 12:41:53 +00:00
Alex Ford
7c85448cba Merge pull request #12080 from alexrford/js-use-shared-cryptography 
JS: Use shared `CryptographicOperation` concept
 2023-02-27 12:26:38 +00:00
Tony Torralba
0e3f4f6c7c Merge pull request #12305 from pwntester/new_java_net_URL_toURI_taintstep 
Java: Add new java.net.URI taintsteps
 2023-02-27 13:09:46 +01:00
Geoffrey White
8ef6521cc9 Swift: Undo toString changes. 2023-02-27 12:01:02 +00:00