hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,033 Commits 1,684 Branches 159 Tags
a9a0cffb016a56c00a34deca3a81baabc09aa677
Commit Graph

712 Commits

Author SHA1 Message Date
Sauyon Lee
ec6ac9db7c Remove useless nodes predicate 2021-08-25 17:16:46 -07:00
Sauyon Lee
630e46e1fd Exclude files with build constraints from the cfg test 2021-08-25 17:16:46 -07:00
Sauyon Lee
5fbed2b219 Uncomment CFG tests 2021-08-25 17:16:46 -07:00
Sauyon Lee
dc00a17fd2 Add Xorm license 2021-08-23 08:15:57 -07:00
sn00py
7fc045e749 Add inline test for xorm 2021-08-23 08:15:57 -07:00
snoopywu
8c608bad21 Add Xorm support 2021-08-23 08:15:56 -07:00
Sauyon Lee
d4aa572109 Add tests for Go 1.17 library changes 2021-08-19 14:02:30 -07:00
Sauyon Lee
c41502de1e Fix tests for go 1.17 2021-08-19 14:02:29 -07:00
Sauyon Lee
ef1238cdd3 Add test for conversion panic 2021-08-19 14:02:29 -07:00
Sauyon Lee
040b166eb2 Add new style build constraints and add test for the old style 2021-08-19 14:00:04 -07:00
Owen Mansel-Chan
9634e8d7b0 Update path in qlref file 2021-08-18 11:54:04 +01:00
Owen Mansel-Chan
ca01d55297 Promote insufficient key size query 
Files were just moved - changes made in next commit
 2021-08-18 11:54:04 +01:00
Sauyon Lee
dc50d73008 Remove accidentally added binary 2021-08-17 10:11:04 -07:00
Sauyon Lee
4c5d3ff344 Move defer in loop query to experimental 2021-08-12 10:13:30 -07:00
Sauyon Lee
02396dbd04 Add database query in loop query 
co-authored-by: Robert <robertbrignull@github.com>
co-authored-by: Sam Partington <sampart@github.com>
 2021-08-11 18:15:23 -07:00
Sauyon Lee
1ffeb26a61 Add query for a GORM error not checked 
co-authored-by: Sam Partington <sampart@github.com>
co-authored-by: Robin Neatherway <rneatherway@github.com>
 2021-08-11 18:15:23 -07:00
Chris Smowton
b03513bcd2 Merge pull request #542 from gagliardetto/cors-misconfig 
Add query to detect CORS misconfiguration
 2021-07-16 16:12:15 +01:00
Chris Smowton
73227f12df Merge pull request #539 from gagliardetto/fiber 
Add web framework: github.com/gofiber/fiber
 2021-07-15 17:53:45 +01:00
Slavomir
d252d6003f Remove Protocol as UntrustedFlowSource 2021-07-15 16:20:33 +02:00
Slavomir
c0f195ba16 Reduce false positives 2021-06-19 22:25:51 +02:00
edvraa
4576b16f30 Use dataflow gettype 2021-06-17 09:23:26 +01:00
edvraa
062acedd49 Unify and make getValueForFieldWrite private 2021-06-17 09:23:26 +01:00
edvraa
236b623f60 Get rid of NetHttpCookieTrackingConfiguration 2021-06-17 09:23:26 +01:00
edvraa
031a79b8f5 Gorilla Store Save sink 2021-06-17 09:23:26 +01:00
edvraa
4d397d9974 Fix tests 2021-06-17 09:23:26 +01:00
edvraa
0b9959e4ef Default stub 2021-06-17 09:23:26 +01:00
edvraa
d32fa19c12 reformat 2021-06-17 09:23:26 +01:00
edvraa
f537c479c9 path tracking 2021-06-17 09:23:26 +01:00
edvraa
cbaad2efb9 Sensitive cookie without HttpOnly 2021-06-17 09:23:26 +01:00
Slavomir
824b5a4b52 Wildcard origin does not allow Access-Control-Allow-Credentials: true 2021-06-05 10:40:28 +02:00
Slavomir
4662358b8d Add flag checks 2021-06-03 12:53:52 +02:00
Erik Krogh Kristensen
47d6412e1c update expected output 2021-05-29 17:56:03 +00:00
Slavomir
f261f34f57 Add query to detect CORS misconfiguration 2021-05-22 18:14:13 +02:00
edvraa
c9c22fd871 Change the message 2021-05-21 12:38:01 +01:00
edvraa
8414759f7d Code review 2021-05-21 12:38:01 +01:00
edvraa
7e1c57689b Insufficient key size 2021-05-21 12:38:01 +01:00
Slavomir
06fac54da3 Add web framework: github.com/gofiber/fiber 2021-05-10 15:12:32 +02:00
Slavomir
5578afa189 Regenerate using latest codemill generator. 2021-04-30 15:39:09 +01:00
Slavomir
36396df271 HttpResponseBody: Move .getAPredecessor*() to the test query. 2021-04-30 15:39:09 +01:00
Slavomir
78b403f42e Stub alternative HTTP::ResponseBody model implementation 2021-04-30 15:39:09 +01:00
Sauyon Lee
bfe6e7510d Evaluate symlinks for the dummy file 2021-04-27 08:32:21 -07:00
Sauyon Lee
d09cb7f228 Remove badpkg.go to make tests location-independent 2021-04-27 01:18:22 -07:00
Sauyon Lee
27b72b53e5 Add diagnostic queries 2021-04-27 01:18:21 -07:00
Sauyon Lee
9f85846980 Add lines of code summary query 2021-04-27 01:18:20 -07:00
Sauyon Lee
b808c187cf Add test with curly braces in filename 2021-04-21 21:14:41 -07:00
Chris Smowton
06c958e61f Extractor: tolerate curly braces in struct field tags, directory names 
These previously produced malformed TRAP. I have checked the other uses of GlobalID and don't see any others that should require escaping.
 2021-04-21 21:14:39 -07:00
Chris Smowton
e50ad90856 Elaborate comment and change-note a little 2021-04-21 12:36:43 +01:00
Chris Smowton
a152eec9f2 Add test for ExtractTupleElementInstruction.getResultType() 2021-04-21 12:33:51 +01:00
Sauyon Lee
50bb6187b8 Revert ReflectedXss.go to example 2021-04-20 23:27:03 -07:00
Sauyon Lee
ba2da6d9a9 Add test exercising channel data flow 2021-04-20 14:23:31 -07:00