hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,975 Commits 1,671 Branches 157 Tags
ae0b997c3150615b219b13549252d85a743c0f69
Commit Graph

716 Commits

Author SHA1 Message Date
Joe Farebrother
ae0b997c31 Add system.web tests for httponly cookie 2025-11-10 14:13:14 +00:00
Joe Farebrother
a9b97f7065 Add tests for insecure cookie using system.web 2025-11-10 14:13:09 +00:00
Joe Farebrother
bb010fee6b Add tests for secure cookie using aspnetcore 2025-11-10 14:13:04 +00:00
Anders Schack-Mulligen
900d0d2477 C#: Accept test changes for assert split removal. 2025-10-29 15:17:34 +01:00
Anders Schack-Mulligen
7241bedf05 C#: Replace Guards with the new implementation. 2025-10-29 13:03:50 +01:00
Anders Schack-Mulligen
84b8b1c01f C#: Minor test tweak. 2025-10-29 13:02:08 +01:00
Anders Schack-Mulligen
dc4abc952f C#: Replace references to getANullCheck. 2025-10-29 13:02:08 +01:00
Anders Schack-Mulligen
46fc006c5f C#: Update NullCheck test to reflect what nullness use. 2025-10-29 13:02:07 +01:00
Anders Schack-Mulligen
e3fc3192ac C#: Remove tests referencing impliesStep. 2025-10-29 13:02:06 +01:00
Paolo Tranquilli
105f810654 Merge pull request #20658 from github/redsun82/csharp-fix-xframe-options-in-location 
Csharp: fix `cs/web/missing-x-frame-options` to also consider `location` elements
 2025-10-27 13:49:09 +01:00
Paolo Tranquilli
c3fd06c8a4 Csharp: fix cs/web/missing-x-frame-options to also consider location elements 
As explained in

https://learn.microsoft.com/en-us/previous-versions/aspnet/ms178692(v=vs.100),

it is possible to add `system.webServer` elements nested inside
`location` elements in `Web.config`.
 2025-10-17 11:27:31 +02:00
Anders Schack-Mulligen
b392767252 C#: Accept qltest changes. 2025-10-03 15:29:35 +02:00
Anders Schack-Mulligen
df6172b1f3 C#: Update nullness qltest 2025-10-03 15:29:35 +02:00
Michael Nebel
191dae47fd C#: Add a stub for the System.Uri class for the CWE-611 test. 2025-10-01 14:44:54 -07:00
Anders Schack-Mulligen
5e76d5ff3f C#: Rename predicate as per review, and fixup qltest. 2025-09-17 11:58:39 +02:00
Michael Nebel
be123cf2bc C#: Update test expected output. 2025-08-25 14:52:41 +02:00
Michael Nebel
70bf61dc57 C#: Convert Deserialization tests to use inline expectations. 2025-07-16 08:41:58 +02:00
Michael Nebel
8ee16f68a7 C#: Update test expected output. 2025-07-16 08:41:48 +02:00
Michael Nebel
4036140f4b C#: Add Deserialize testcase. 2025-07-16 08:41:45 +02:00
Michael Nebel
becd46a47e C#: Add MaD models for Microsoft.Data.SqlClient. 2025-06-26 08:51:10 +02:00
Michael Nebel
f3eafd33ff C#: Exclude Microsoft.Data.SqlClient.SqlCommand from the best effort SqlSink creation. 2025-06-26 08:46:49 +02:00
Michael Nebel
ed7f68279f C#: Add cs/sql-injection tests for APIs in Microsoft.Data.SqlClient. 2025-06-26 08:44:50 +02:00
Michael Nebel
bb85e24121 C#: Convert SQL injection test to use inline expectations. 2025-06-25 14:53:09 +02:00
Tom Hvitved
84e93e2dc5 C#: Add another test for MissingAccessControl.ql 2025-06-20 11:49:30 +02:00
Michael Nebel
7a63c7d2a5 C#: Update test expected output. 2025-06-03 13:24:59 +02:00
Michael Nebel
0355ea8733 C#: Add some synthetic library extensions methods and tests for cs/dereferenced-value-is-always-null. 2025-06-03 13:24:56 +02:00
Michael Nebel
76c12a5c69 C#: Convert tests for cs/dereferenced-value-may-be-null to use inline expectations. 2025-06-03 13:24:54 +02:00
Michael Nebel
46c02e7fa8 C#: Convert tests for cs/dereferenced-value-is-always-null to use inline expectations. 2025-06-03 13:24:52 +02:00
Michael Nebel
008d5b7081 C#: Update test expected output. 2025-05-21 15:20:15 +02:00
Michael Nebel
28cd8a827a C#: Add more test examples for cs/missing-readonly-modifier. 2025-05-21 15:18:32 +02:00
Michael Nebel
5941b3081c C#: Convert tests for cs/missed-readonly-modifier to inline expectatations. 2025-05-21 11:34:38 +02:00
Michael Nebel
3080dfafb6 C#: Update test expected output. 2025-05-15 14:04:40 +02:00
Michael Nebel
4b2d323cb6 C#: Add some more test cases. 2025-05-15 13:48:51 +02:00
Michael Nebel
2c5d85e186 C#: Convert cs/gethashcode-is-not-defined to inline expectations tests. 2025-05-15 13:35:08 +02:00
Michael Nebel
7531a95d22 Merge pull request #19271 from michaelnebel/csharp/uncontrolled-format-string 
C#: Improve precision of `cs/uncontrolled-format-string`.
 2025-05-14 10:39:38 +02:00
Michael Nebel
05dc9b6d34 C#: Remove dependency to ASP.NET in the System.Web.cs stub file. 2025-05-12 17:36:10 -04:00
Michael Nebel
ffd6b2677c C#: Cleanup test options files. 2025-05-12 17:33:21 -04:00
Michael Nebel
c96003f265 C#: Update test expected output. 2025-05-12 15:45:01 +02:00
Michael Nebel
3838a7b0d6 C#: Add a testcase for CompositeFormat.Parse for cs/uncontrolled-format-string. 2025-05-12 15:44:58 +02:00
Michael Nebel
c16be43f15 C#: Convert cs/uncontrolled-format-string tests to use test inline expectations. 2025-05-12 15:44:56 +02:00
Sid Gawri
4e3ac93f70 fix unit tests part 2 2025-05-09 16:24:42 -04:00
Sid Gawri
d600eb42cf add new stubs 2025-05-02 17:25:02 -04:00
Michael Nebel
65ac951964 C#: Remove all Sink tags after rebase. 2025-04-24 08:54:53 +02:00
Michael Nebel
dcf11c2d4b C#: Match up sources, alerts and sinks in the tests. 2025-04-24 08:54:51 +02:00
Michael Nebel
6de5920172 C#: Update test expected output. 2025-04-24 08:54:45 +02:00
Michael Nebel
930bb6b515 C#: Add FP for string.Format using params collection. 2025-04-24 08:54:42 +02:00
Michael Nebel
39abd5c004 C#: Update test expected output. 2025-04-24 08:54:40 +02:00
Michael Nebel
11dffc6647 C#: Add more invalid-string-formatting testcases. 2025-04-24 08:54:37 +02:00
Michael Nebel
8fb5fe97aa C#: Update test expected output. 2025-04-24 08:54:36 +02:00
Michael Nebel
f73b7429c6 C#: Remove false positive example. 2025-04-24 08:54:33 +02:00