codeql

mirror of https://github.com/github/codeql.git synced 2026-01-08 04:00:26 +01:00

Author	SHA1	Message	Date
am0o0	f06c3fddd9	fix qhelp, fix duplicate query id	2024-05-16 15:12:31 +02:00
Alex Ford	78dc6502f5	Merge branch 'main' into amammad-ruby-bombs	2024-05-16 13:53:31 +01:00
Harry Maclean	b86643fab2	Ruby: doc fixes	2024-02-26 12:57:21 +00:00
Harry Maclean	8a670fe9a2	Ruby: formatting	2024-02-26 12:26:04 +00:00
amammad	32f5667bb6	revert YAML.qll and yaml sinks to previous PR, make a separate experimental query only for yaml	2024-02-26 12:12:03 +00:00
Maiky	c2c4d9e4d1	` change to <code> Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2024-01-27 14:08:55 +01:00
amammad	2097a001b9	apply code review suggestions, fix qldoc, add experimental additional taint steps that can improve performance	2023-11-22 10:01:51 +01:00
Maiky	35d390ad06	Add Insecure Randomness Query (CWE-338)	2023-10-21 17:23:41 +02:00
amammad	2e4e5ef480	fix a comment	2023-10-17 10:42:40 +02:00
Alex Ford	3dd042c38a	Merge remote-tracking branch 'origin/main' into maikypedia/ruby-jwt	2023-10-16 12:42:19 +01:00
amammad	609bb762fe	fix a bug,modularize	2023-10-11 12:04:11 +02:00
amammad	90017712a6	Merge remote-tracking branch 'origin/main' into amammad-ruby-bombs	2023-10-11 10:45:16 +02:00
Alex Ford	9d421ffa8d	Ruby: configsig rb/improper-ldap-auth	2023-09-21 12:24:15 +01:00
Maiky	f08eb3cdf4	Doc change Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2023-09-15 11:51:53 +02:00
Maiky	15b965bb3b	rename `verifies()` to `verifiesSignature()`	2023-09-15 11:45:19 +02:00
Maiky	c43d0866f6	Update ruby/ql/src/experimental/cwe-347/EmptyJWTSecret.ql Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2023-09-15 11:42:43 +02:00
Maiky	d4f6111621	Naming change Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2023-09-15 11:40:51 +02:00
amammad	d44c9d3e74	stash	2023-09-08 05:51:21 +10:00
Alex Ford	5b013dd5d2	Merge branch 'main' into rb/dataflow-query-refactor	2023-09-07 14:57:38 +01:00
Alex Ford	13300a2e2f	Ruby: un-private PathGraph imports	2023-09-07 14:24:46 +01:00
amammad	4191b07b1f	Merge branch 'github:main' into amammad-ruby-bombs	2023-09-06 20:17:49 +10:00
Alex Ford	f24102e0e7	Ruby: configsig rb/weak-params	2023-09-03 17:20:06 +01:00
Alex Ford	6c06def5d7	Ruby: configsig rb/manually-checking-http-verb	2023-09-03 17:20:06 +01:00
Alex Ford	39af2d2870	Ruby: configsig rb/user-controlled-file-decompression	2023-09-03 17:20:06 +01:00
Alex Ford	b6d12f8b1c	Ruby: configsig rb/zip-slip	2023-09-03 17:20:05 +01:00
Alex Ford	ebf2a2e1f5	Ruby: configsig rb/unicode-bypass-validation	2023-09-03 17:20:05 +01:00
Alex Ford	77f3a70376	Ruby: renames for rb/xpath-injection	2023-09-03 17:20:05 +01:00
Alex Ford	3e23a6e021	Ruby: configsig rb/server-side-template-injection	2023-09-03 17:20:05 +01:00
Alex Ford	eb34bbbfd2	Ruby: renames for rb/ldap-injection	2023-09-03 17:20:04 +01:00
Alex Ford	2536f1a0cd	Ruby: configsig rb/user-controlled-bypass	2023-09-03 17:20:04 +01:00
Brandon Stewart	56f0387613	Merge branch 'main' into add-cwe-208	2023-08-29 13:09:59 -04:00
Maiky	17565cde75	Add JWT Security Queries	2023-08-25 21:28:53 +02:00
Maiky	ffd618d6cc	Revert "Add `""` and `nil` as sources" This reverts commit `664c1eba72`.	2023-08-25 15:23:55 +02:00
Maiky	664c1eba72	Add `""` and `nil` as sources	2023-08-22 18:10:33 +02:00
Brandon Stewart	01577dac32	format document	2023-08-10 13:59:47 +00:00
Brandon Stewart	b899b648e5	Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2023-08-10 09:21:16 -04:00
Brandon Stewart	7882cf0bf0	Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2023-08-10 09:21:02 -04:00
Brandon Stewart	74567041a7	remove pathgraph	2023-08-09 19:51:07 +00:00
Brandon Stewart	cca4c35cf8	add pathgraph	2023-08-09 19:23:21 +00:00
Brandon Stewart	7f07422a5d	Merge branch 'main' into add-cwe-208	2023-08-09 14:52:51 -04:00
Brandon Stewart	07d5beca34	run format document	2023-08-09 18:51:55 +00:00
Brandon Stewart	26401fec70	address PR comments	2023-08-09 18:44:42 +00:00
Brandon Stewart	93dd9d0aa4	Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2023-08-08 12:54:54 -04:00
Maiky	c54561e775	Merge branch 'main' into maikypedia/ldap-improper-auth	2023-08-03 16:49:30 +02:00
Tom Hvitved	525ed65b0b	Rename `getNode` to `getAstNode`	2023-08-03 10:56:50 +02:00
Alex Ford	f437a6f729	Merge branch 'main' into maikypedia/ldap-injection	2023-07-31 16:00:41 +01:00
Brandon Stewart	f241498cab	correct additional pascalcase issue	2023-07-26 17:55:56 +00:00
Brandon Stewart	1a83554b0c	correct typo	2023-07-26 17:54:42 +00:00
Brandon Stewart	346a2f269e	Update UnsafeHmacComparison.ql	2023-07-26 13:48:42 -04:00
Brandon Stewart	42adbe0cd4	address linter	2023-07-26 17:43:34 +00:00

1 2 3

150 Commits