codeql

mirror of https://github.com/github/codeql.git synced 2026-04-12 02:24:00 +02:00

Author	SHA1	Message	Date
Harry Maclean	a9c00a05fe	HTTP -> Http Change the capitalisation of HTTP to Http, to conform to the QL style guide. Leave the HTTP module in Concepts alone, so it remains consistent with the Concepts in other language libraries.	2021-09-29 13:50:05 +01:00
Harry Maclean	6d7a04a222	Move Files test to its own folder This prevents it picking up fixtures from other tests.	2021-09-28 10:06:53 +01:00
Harry Maclean	b34fcc65d1	Model the Typhoeus http client	2021-09-28 10:06:53 +01:00
Harry Maclean	b5dec5e8cf	Model the OpenURI http client	2021-09-28 10:06:53 +01:00
Harry Maclean	ca1fc44f21	Model the HTTPClient http client	2021-09-27 14:44:25 +01:00
Harry Maclean	3a4ddc4b4e	Model the HTTParty http client We currently model direct calls like HTTParty.get("http://example.com") but we don't yet handle calls on other classes that have included the `HTTParty` module, like class MyClient include HTTParty end MyClient.get("http://example.com")	2021-09-27 14:44:04 +01:00
Arthur Baars	2a4747b27e	Merge pull request #313 from github/hmac-remove-unicode-char Remove unicode character from doc string	2021-09-27 12:57:21 +02:00
Harry Maclean	3e100bc2a9	Remove unicode character from doc string We require that all source code is in ASCII.	2021-09-27 11:40:04 +01:00
Harry Maclean	74982cb3aa	Merge pull request #307 from github/hmac-outgoing-http-2 Model some more HTTP clients	2021-09-24 12:30:48 +01:00
Tom Hvitved	141f5f7605	Merge pull request #308 from github/hvitved/operation-method-call Make `{Unary,Binary}Operation` a sub class of `MethodCall`	2021-09-24 12:51:07 +02:00
Tom Hvitved	30d2df53c6	Include `MethodCall.getAChild` in `{Unary,Binary}Operation.getAChild`	2021-09-24 12:08:54 +02:00
Tom Hvitved	edfdfb1fa4	Make `{Unary,Binary}Operation` a sub class of `MethodCall`	2021-09-23 19:13:55 +02:00
Harry Maclean	88885a222e	Model the RestClient HTTP client	2021-09-23 16:32:15 +01:00
Harry Maclean	4cf520c2df	Model the Faraday HTTP client	2021-09-23 16:32:15 +01:00
Harry Maclean	ee51298633	Model the Excon HTTP client	2021-09-23 16:32:15 +01:00
Tom Hvitved	ca2ff9a863	Merge pull request #305 from github/hvitved/desugar/array-literals Desugar array literals to `::Array.[]`	2021-09-23 17:30:34 +02:00
Arthur Baars	40f0112e8a	Merge pull request #297 from github/aibaars/alert-suppression Alert suppression and file classifier query	2021-09-23 15:37:19 +02:00
Harry Maclean	4f9518a9c6	Merge pull request #293 from github/hmac-code-injection Add query for Code Injection	2021-09-23 13:50:48 +01:00
Tom Hvitved	f347505542	Merge pull request #277 from github/hvitved/flow-summaries Add support for flow summaries	2021-09-23 14:31:52 +02:00
Harry Maclean	41608ef47b	Address review comments	2021-09-23 12:26:54 +01:00
Tom Hvitved	68d41f9f12	Address review comments	2021-09-23 12:39:47 +02:00
Harry Maclean	83705c5787	Merge pull request #306 from github/hmac-outgoing-http Model outgoing HTTP requests as remote flow sources	2021-09-23 09:34:44 +01:00
Harry Maclean	5826f2c279	Move Net::HTTP modelling into http_clients module This seems a more convenient place to keep all the HTTP client modelling.	2021-09-23 09:04:20 +01:00
Harry Maclean	b658bacab3	Simplify Net::HTTP modelling	2021-09-23 09:04:01 +01:00
Harry Maclean	3000587849	Add Net::HTTP request modelling	2021-09-23 09:04:01 +01:00
Harry Maclean	2bdea01c8a	Add HTTP::Client concept	2021-09-23 09:04:01 +01:00
Alex Ford	21e31a47d9	Merge pull request #283 from github/file-system-sources Start modelling some file system access concepts	2021-09-22 16:45:13 +01:00
Alex Ford	b769aa67c2	test for IO.open as a way of creating an IO instance	2021-09-22 16:29:10 +01:00
Alex Ford	0092c0279b	Apply suggestions from code review Co-authored-by: Nick Rolfe <nickrolfe@github.com>	2021-09-22 14:28:15 +01:00
Tom Hvitved	e670fdbb82	Move two predicates in `FlowSummaryImplSpecific.qll`	2021-09-22 14:12:46 +02:00
Tom Hvitved	a37737d065	Replace `string kind` with `boolean preservesValue`	2021-09-22 09:28:55 +02:00
Tom Hvitved	888183f26d	Desugar array literals to `::Array.[]`	2021-09-21 21:27:29 +02:00
Alex Ford	70c2be8ca3	Files library tests	2021-09-21 19:08:03 +01:00
Alex Ford	05a04f4835	Files.qll library implementation	2021-09-21 19:07:55 +01:00
Alex Ford	6315621b16	use instanceof extensions for some filesystem concepts	2021-09-21 19:02:11 +01:00
Alex Ford	d1f2258d45	revamp weak file permissions query	2021-09-21 19:02:11 +01:00
Alex Ford	25300cb2b4	start modelling some file access concepts	2021-09-21 19:02:11 +01:00
Nick Rolfe	dd31473dff	Merge pull request #301 from github/fix_source_archive Fix filenames in source archives	2021-09-21 11:37:02 +01:00
Tom Hvitved	cdc359527a	Resolve semantic conflicts after rebase	2021-09-21 11:14:11 +02:00
Tom Hvitved	564c76c41f	Address review comments	2021-09-21 11:04:53 +02:00
Tom Hvitved	08dc6d79ef	Add support for flow summaries	2021-09-21 11:04:53 +02:00
Nick Rolfe	143256e673	Fix filenames in source archives	2021-09-20 22:17:45 +01:00
Nick Rolfe	c183e05c49	Merge pull request #300 from github/fix_tests Fix tests	2021-09-20 16:19:40 +01:00
Nick Rolfe	d27f8a6d24	Add empty subpaths section to expected test output	2021-09-20 15:56:58 +01:00
Tom Hvitved	8aaabe8b1e	Merge pull request #299 from github/hvitved/actions-reuse Add two 'composite' actions for reusing logic	2021-09-20 15:55:28 +02:00
Nick Rolfe	6f7d4fef70	Merge pull request #287 from github/unsafe-deserialization rb/unsafe-deserialization query	2021-09-20 14:23:30 +01:00
Nick Rolfe	8af12a164a	Merge pull request #298 from github/trap_extension Fix trap extension for source files without extensions	2021-09-20 14:23:01 +01:00
Tom Hvitved	e201dae672	Add two 'composite' actions for reusing logic	2021-09-20 14:52:02 +02:00
Nick Rolfe	c30c7b380d	Replace `if let` with `match`.	2021-09-20 12:22:55 +01:00
Nick Rolfe	0936c4cd7b	Fix trap extension for source files without extensions We were writing files with names like `Gemfile..trap.gz`. Now fixed to `Gemfile.trap.gz`.	2021-09-20 12:11:00 +01:00

1 2 3 4 5 ...

1308 Commits