hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-28 01:51:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
35,005 Commits 1,761 Branches 168 Tags
a67eea3fd7702d505f84fbae58b883609535fc23
Commit Graph

35005 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henry Mercer
a67eea3fd7 Remove NoSQL sinks since September 2018 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
f9f23397d7 Remove additional Xss sinks 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
5f8c50a64b Remove additional SQL sinks 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
66337dcf61 Remove additional path-injection sinks 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
9d3feeef1b Remove pseudo-properties 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
a3d1ad077c Remove 2020 sinks from SqlInjection.ql 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
d673a4c9c2 Remove 2020 sinks from Xss.ql 2022-04-27 13:07:22 +00:00
Esben Sparre Andreasen
4c03a81cb5 Remove 2020 sinks from TaintedPath.ql 2022-04-27 13:07:22 +00:00
yoff
39753d5a0b Merge pull request #8693 from erik-krogh/pyApi 
PY: more API-graphs refactorings
 2022-04-27 13:19:50 +02:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
yoff
9d774463f5 Merge pull request #8859 from tausbn/python-fix-bad-essa-joins 
Python: Fix a bunch of bad joins
 2022-04-27 12:27:50 +02:00
Tom Hvitved
597424809f Merge pull request #8893 from hvitved/ruby/simplify-fetch-summary 
Ruby: Simplify flow summary for `fetch`
 2022-04-27 11:47:11 +02:00
Tom Hvitved
3b7fe06858 Ruby: Simplify flow summary for fetch 2022-04-27 08:26:24 +02:00
Nick Rolfe
2d05ea3519 Merge pull request #8885 from SukkaW/replace-git-io-link 2022-04-26 20:29:32 +01:00
Mathias Vorreiter Pedersen
800e4ea7df Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars 
C++: generate IR for global variables with initializers
 2022-04-26 18:17:13 +01:00
Geoffrey White
7ce040f331 Merge pull request #8736 from geoffw0/xxe 
C++: New query for CWE-611 / XML External Entity Expansion (XXE)
 2022-04-26 17:21:06 +01:00
Nick Rolfe
649d7dd022 Merge pull request #8607 from github/nickrolfe/incomplete_sanitization 
Ruby: port of `js/incomplete-sanitization`
 2022-04-26 17:10:24 +01:00
Geoffrey White
742949154b C++: Apply code style suggestion. 2022-04-26 16:53:24 +01:00
Taus
7d736952db Python: Update expected output 2022-04-26 15:49:40 +00:00
Anna Railton
eacfceb6ce Merge pull request #8605 from github/annarailton/new-query-label-mappings 
Experimental (ATM): update query label mappings
 2022-04-26 16:39:06 +01:00
SukkaW
0c4885caa7 Replace git.io link with the actual URL 2022-04-26 23:28:34 +08:00
Nick Rolfe
2a4d65f917 Merge pull request #8881 from github/nickrolfe/graph_ordering_typo 2022-04-26 14:30:49 +01:00
Nick Rolfe
a7185e8a75 Ruby: fix typo in edge key for graph query 2022-04-26 13:56:38 +01:00
Erik Krogh Kristensen
7dba2b5868 PY: revert deletion of redundant-import in ClientSuppliedIpUsedInSecurityCheckLib.qll 2022-04-26 14:51:21 +02:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
Nick Rolfe
3737248deb Merge pull request #8879 from github/nickrolfe/graph_ordering 
Ruby: fix graph query tests by defining total ordering
 2022-04-26 13:22:53 +01:00
yoff
76f2eca1ee Merge pull request #8560 from erik-krogh/movePolyTest 
PY: move the polynomialbacktracking-test to the test folder
 2022-04-26 14:21:30 +02:00
Nick Rolfe
a2f66e8631 Ruby: specify total ordering for test graph queries 2022-04-26 12:58:44 +01:00
Anders Schack-Mulligen
e5eef51e9d Merge pull request #8875 from aschackmull/java/useless-imports 
Java: Remove some useless imports.
 2022-04-26 13:32:09 +02:00
Anders Schack-Mulligen
8cd506e513 Merge pull request #8874 from smowton/smowton/fix/insecure-cookies-look-through-named-constants 
Java insecure cookies query: look through named constants
 2022-04-26 12:52:12 +02:00
Erik Krogh Kristensen
881e5e16b5 Java: revert deletion of redundant imports 2022-04-26 12:47:39 +02:00
Anders Schack-Mulligen
7002f49abc Java: Remove some useless imports. 2022-04-26 12:37:03 +02:00
Chris Smowton
2a8f179d6f Merge pull request #8865 from smowton/smowton/admin/claim-java-18-support 
Claim Java 18 support
 2022-04-26 11:25:26 +01:00
Chris Smowton
8d7098245b Add change note 2022-04-26 10:38:20 +01:00
Chris Smowton
7d4767a4f5 Java insecure cookies query: look through named constants 2022-04-26 10:32:13 +01:00
Mathias Vorreiter Pedersen
3719875861 Merge pull request #8871 from erik-krogh/qlDeleteSyncScript 
QL: delete old copy of the identical files scripts
 2022-04-26 10:08:34 +01:00
Erik Krogh Kristensen
ba3aa4f186 QL: delete old copy of the identical files scripts 2022-04-26 10:37:14 +02:00
Erik Krogh Kristensen
6738270b65 Merge pull request #8229 from erik-krogh/parenSan 
JS: step through parentheses in barrier functions
 2022-04-26 10:30:21 +02:00
Anders Schack-Mulligen
59aedc2872 Merge pull request #8853 from aschackmull/dataflow/fix-join 
Dataflow: Fix join-on-config producing a CP.
 2022-04-26 09:52:50 +02:00
Jeroen Ketema
e7580b68d8 Merge pull request #8852 from jketema/frontend-update 
Fix test regressions due to C++ frontend  update
 2022-04-26 09:52:34 +02:00
Mathias Vorreiter Pedersen
8d2bd66d85 Merge pull request #8861 from MathiasVP/update-schema 
Swift: Update `schema.yml` and regenerate files
 2022-04-26 08:45:54 +01:00
Anders Schack-Mulligen
d5fcb4342e Merge pull request #8868 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-04-26 08:55:38 +02:00
github-actions[bot]
51b2eb78a9 Add changed framework coverage reports 2022-04-26 00:15:54 +00:00
Mathias Vorreiter Pedersen
aca4c8727f Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0 
Post-release preparation for codeql-cli-2.9.0
 2022-04-25 22:52:55 +01:00
Chris Smowton
9cebbaa370 Claim Java 18 support 2022-04-25 21:21:03 +01:00
Jeroen Ketema
73e4f0c044 C++: Set clang_version to the default from previous frontend version 
This ensures that `__atomic_fetch_min` parses and that the number of
builtins does not changed compared to the previous version of the
frontend.
 2022-04-25 21:15:28 +02:00
Jeroen Ketema
ccd545336c C++: Fix tests where float128 error message has changed 2022-04-25 21:14:20 +02:00
Jeroen Ketema
8e7066600a C++: Fix test failures where location of reference dereference in lambda changed 2022-04-25 21:14:17 +02:00
Jeroen Ketema
6c1e21cd91 C++: Fix test where variable access position is more accurate in frontend 2022-04-25 21:14:06 +02:00
Jeroen Ketema
5b0603a5b9 C++: Artificial block insertion for loops and switches has changed in frontend 
There are now more artificial blocks containing more than one instruction
(artificial blocks containing a single instruction have the extractor only
emit that instruction and not the block). The second instruction in each case
is the label for breaking out of a loop or switch.
 2022-04-25 21:13:52 +02:00