hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
33,062 Commits 1,773 Branches 168 Tags
a62825f32c9a246b67b202001cee825fbf5fa349
Commit Graph

33062 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
a62825f32c Remove additional Xss sinks 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
4643095161 Remove additional SQL sinks 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
420fdd2906 Remove additional path-injection sinks 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
28b2f90971 Add benjamin-button.md 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
d49245d97c Remove pseudo-properties 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
75f81135c6 Remove 2020 sinks from SqlInjection.ql 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
85007cd5ed Remove 2020 sinks from Xss.ql 2022-03-01 23:01:12 +00:00
Esben Sparre Andreasen
5e6af36327 Remove 2020 sinks from TaintedPath.ql 2022-03-01 23:01:12 +00:00
Erik Krogh Kristensen
dfc74d728b fix duplicate words in qldoc 2022-03-01 11:22:58 +01:00
Erik Krogh Kristensen
1b5c7392f0 restrict the size of the getASubexpressionWithinQuery predicate, and remove double-recursion 2022-03-01 11:18:42 +01:00
Erik Krogh Kristensen
bdd07de7ed improve performance of getTestFile by finding possible test files first 2022-03-01 11:18:22 +01:00
Arthur Baars
5ce6b847d1 Merge pull request #8166 from aibaars/regex-char-sequence-1 
Ruby/Python: regex parser: group sequences of 'normal' characters
 2022-02-28 17:47:53 +01:00
Tamás Vajk
d3e36038a0 Merge pull request #8152 from tamasvajk/fix/useless-dynamic-cast 
C# Exclude dynamic casts from useless casts check
 2022-02-28 17:00:28 +01:00
yoff
d953382df9 Merge pull request #7807 from RasmusWL/dataflow-improvements 
Python: Dataflow improvements
 2022-02-28 16:24:00 +01:00
Tom Hvitved
5cba505514 Merge pull request #8284 from hvitved/csharp/move-csharp9-standalone-tests 
C#: Move C# 9 standalone tests
 2022-02-28 15:15:47 +01:00
Tamas Vajk
efb876192f Add change note 2022-02-28 14:58:59 +01:00
Tamas Vajk
4748d2c6e2 C# Exclude dynamic casts from useless casts check 2022-02-28 14:58:59 +01:00
Ian Lynagh
1e62b485a5 Merge pull request #8241 from igfoo/igfoo/stats4 
Java: Update stats and make some performance tweaks
 2022-02-28 12:58:06 +00:00
Tom Hvitved
4ecd843c05 C#: Move C# 9 standalone tests 2022-02-28 13:43:20 +01:00
Rasmus Wriedt Larsen
0e0f159891 Python: Use Python 3 for investigation tests 
Apparently there are minor differences with `test-6-max-import-depth-2`
where under Python 2 `isfile_no_problem.py` still works as before
 2022-02-28 11:33:31 +01:00
Rasmus Wriedt Larsen
01d426dc58 Python: Replace rest of from testlib import * 
I think we should write our tests in a way that puts points-to in the
best condition to resolve calls. Although this specific change did not
change much, it should help set us up for success in the future 👍
 2022-02-28 10:58:44 +01:00
Rasmus Wriedt Larsen
ead0b658d2 Python: Fix fieldflow tests by increasing max-import-depth 2022-02-28 10:58:44 +01:00
Rasmus Wriedt Larsen
a0d1cea490 Python: Add investigation of field-flow problem 
TL;DR; we used a too low value for `--max-import-depth` :(
 2022-02-28 10:58:44 +01:00
Chris Smowton
958fd9b3ea Merge pull request #7867 from ahmed532009/timing-attacks 
Java: Timing attacks while comparing the headers value
 2022-02-25 21:55:13 +00:00
Chris Smowton
f981fee37d Adjust test expectation 2022-02-25 20:05:06 +00:00
Chris Smowton
ff5d680837 Add missing substitution description 2022-02-25 19:12:25 +00:00
Ian Lynagh
0bf1370cd5 Java: Autoformat QL 2022-02-25 19:08:08 +00:00
Alexander Eyers-Taylor
d38cd4a0d7 Merge pull request #8156 from alexet/alexet/expression-pragma-doc 
QLSpeciifcation: Add documentation for expression pragmas
 2022-02-25 18:59:49 +00:00
Arthur Baars
0c23f5815f Add change note 2022-02-25 18:43:43 +01:00
Arthur Baars
5044f89105 Ruby/Python re-introduce normalCharacterSequence 2022-02-25 18:43:43 +01:00
Chris Smowton
8fbd8c52dd Fix test expectations 2022-02-25 17:35:52 +00:00
Chris Smowton
ff303db034 Autoformat and fix qhelp 2022-02-25 17:33:08 +00:00
Chris Smowton
303927c9c9 Fix qhelp 2022-02-25 17:33:08 +00:00
Chris Smowton
e02a3d0ddd Rename qlref file 2022-02-25 17:33:08 +00:00
Ahmed Farid
3a2d514b18 Create ComparingValueOfSensetiveHeader.qlref 2022-02-25 17:33:08 +00:00
Ahmed Farid
0d278f6d61 Create Test.java 2022-02-25 17:33:08 +00:00
Ahmed Farid
1bc5fe13eb Update and rename java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstHeader.expected to java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstHeader/TimingAttackAgainstHeader.expected 2022-02-25 17:33:08 +00:00
Ahmed Farid
63133f7e8b Update TimingAttackAgainstHeader.expected 2022-02-25 17:33:08 +00:00
Ahmed Farid
f2457dafb5 Create TimingAttackAgainstHeader.expected 2022-02-25 17:33:08 +00:00
Ahmed Farid
35abc3f9a3 Update and rename ComparingValueOfSensetiveHeader.java to Test.java 2022-02-25 17:33:08 +00:00
Chris Smowton
091227982c Delete unnecessary test files 2022-02-25 17:33:08 +00:00
Ahmed Farid
899b8d03b2 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
308f86f66f Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
2eee6b4f69 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
7859288040 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
d83444cb18 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
e79c0eaa71 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
36cf1010f8 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
8e6f76d47a Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
Ahmed Farid
fa8af6bf70 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00