hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,809 Commits 1,671 Branches 157 Tags
b22227d0f4b084d41eb7a026975a8562f926fd2c
Commit Graph

82809 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys Klicius
7affcf40c2 JS: Add variableValues to the previous summaryModel to enchance the flow. 2025-09-17 12:24:14 +02:00
Napalys Klicius
6c18b4de40 JS: Add test case for graph ql variableValues injection 2025-09-17 12:21:21 +02:00
github-actions[bot]
4e8343664f Post-release preparation for codeql-cli-2.23.1 2025-09-17 10:13:40 +00:00
Anders Schack-Mulligen
5e76d5ff3f C#: Rename predicate as per review, and fixup qltest. 2025-09-17 11:58:39 +02:00
Napalys Klicius
6d461d6b50 JS: Add change note 2025-09-17 11:48:49 +02:00
Napalys Klicius
4282005e32 JS: Add summary model for graphql's rootValue 2025-09-17 11:48:44 +02:00
Simon Friis Vindum
05d5c1dda7 Merge pull request #20398 from paldepind/rust/warp-model 
Rust: Add tests and models for Warp
 2025-09-17 11:37:56 +02:00
Ian Lynagh
ce9c8e6e9f Merge pull request #20447 from github/release-prep/2.23.1 
Release preparation for version 2.23.1
codeql-cli/v2.23.1 		2025-09-17 10:26:24 +01:00
Napalys Klicius
a6d728a66d JS: Add test case with missing alert using graphql 2025-09-17 11:23:49 +02:00
Napalys Klicius
e1d27f340e Merge pull request #20135 from Napalys/js/dynamodb 
JS: Modeling of `aws-sdk` clients*
 2025-09-17 10:47:39 +02:00
Simon Friis Vindum
c1ebe920a1 Rust: Update expected file 2025-09-17 10:38:00 +02:00
Napalys Klicius
ca667b5131 JS: fix test expectations from rebasing 2025-09-17 10:24:45 +02:00
Napalys Klicius
4df8db0d7e Renamed AWS-V3-Common to @aws-sdk/client.Client 2025-09-17 10:21:29 +02:00
Napalys Klicius
10f3a83fcb Fixed model type names 
Co-authored-by: asgerf <asgerf@users.noreply.github.com>
 2025-09-17 10:21:23 +02:00
Napalys Klicius
9ca4773227 Added modeling for CreatePreparedStatementCommand 2025-09-17 10:21:10 +02:00
Napalys Klicius
872b6d8bee Added test case for CreatePreparedStatementCommand 2025-09-17 10:21:01 +02:00
Napalys Klicius
b89e70b5a0 Added test cases for aws sources 2025-09-17 10:20:52 +02:00
Napalys Klicius
801a34f6a1 Moved typeModel at the start of the file 2025-09-17 10:20:24 +02:00
Napalys Klicius
9beac51586 Unified aws-db modeling into singular file 2025-09-17 10:20:10 +02:00
Napalys Klicius
5b31350e83 Added tests and modeling of database-access-result 2025-09-17 10:20:01 +02:00
Napalys Klicius
93d9ae73b7 Updated change note 2025-09-17 10:19:52 +02:00
Napalys Klicius
e5f02852e1 Added modeling of rds v2 and v3 for sql injections 2025-09-17 10:19:22 +02:00
Napalys Klicius
5b5c17100c Added test cases for client-rds-data for sql injections 2025-09-17 10:19:10 +02:00
Napalys Klicius
0e6bac73a7 Added modeling of athena v2 and v3 for sql injections 2025-09-17 10:18:58 +02:00
Napalys Klicius
af97b0edc2 Added test cases for athena v2 and v3 for sql injections 2025-09-17 10:16:38 +02:00
Napalys Klicius
ee1af432fe Added modeling of client-s3 v2 and v3 2025-09-17 10:16:25 +02:00
Napalys Klicius
5e6118ef3f Added test cases for client-s v2 and v3 sql injection 2025-09-17 10:15:43 +02:00
Napalys Klicius
1149617f7b Added change note 2025-09-17 10:15:32 +02:00
Napalys Klicius
06ab918985 Added modeling for V2 of dynamoDB 2025-09-17 10:15:19 +02:00
Napalys Klicius
ae2e8b1292 Added modeling of dynamodb v3 for sql injections 2025-09-17 10:13:24 +02:00
Napalys Klicius
0a3343a07d Added test cases for v2 and v3 sql injection of dynamodb 2025-09-17 10:11:31 +02:00
Simon Friis Vindum
e80c192cf2 Rust: Use async closure instead of async block 2025-09-17 10:01:51 +02:00
Anders Schack-Mulligen
62c8f28e74 C#: Bugfix for nullguards for complex patterns. 2025-09-17 09:28:54 +02:00
Tom Hvitved
a7173e0c05 Merge pull request #20443 from hvitved/rust/ssa-adjust-write-note 
Rust: Adjust SSA write node for (compound) assignments
 2025-09-17 09:25:50 +02:00
Simon Friis Vindum
46cd62bd51 Rust: Use .. notation in model 2025-09-17 09:18:41 +02:00
Simon Friis Vindum
f432498574 Rust: Use comma notation in Warp model 2025-09-17 09:18:40 +02:00
Simon Friis Vindum
1af6b37fc4 Rust: Add models for Warp 2025-09-17 09:18:39 +02:00
Simon Friis Vindum
bfe934118d Rust: Add web framework tests for Warp 2025-09-17 09:18:37 +02:00
Taus
8fd62252fd Python: Fix bad join in globalVariableNestedFieldJumpStep 2025-09-16 18:12:29 +02:00
Napalys Klicius
431fc8880e Python: Add change note 2025-09-16 18:08:53 +02:00
Napalys Klicius
e82fe9d919 Python: Updated doc string and removed redundant predicate. 2025-09-16 18:08:53 +02:00
Taus
e228aac61f Python: Use AttrWrite.writes 
Also applies @napalys' fix to the base case.
 2025-09-16 18:08:53 +02:00
Taus
6f9e06c59e Python: Add AttrWrite.writes and AttrRead.reads 
The latter of these is identical to `AttrRef.accesses`, but makes the
API a bit more intuitive.
 2025-09-16 18:08:53 +02:00
Napalys Klicius
8393ccf39d Python: Update globalVariableAttrPathAtDepth base case 2025-09-16 18:08:53 +02:00
Taus
6133f01c81 Python: Rewrite access path computation 2025-09-16 18:08:53 +02:00
Taus
69b5853477 Python: Keep track of access path 2025-09-16 18:08:53 +02:00
Napalys Klicius
e60d0c88f1 Python: Add global variable nested field jump steps 2025-09-16 18:08:53 +02:00
Napalys Klicius
9d4b168977 Python: Added extra test for global variable nested attribute reads/writes. 2025-09-16 18:08:53 +02:00
Napalys Klicius
6c779c7fa5 Python: Added extra test cases for path injection with FastAPI 2025-09-16 18:08:53 +02:00
Napalys Klicius
f209e3a0fe Python: Updated PathInjection tests to use inline test expectations 2025-09-16 18:08:53 +02:00