hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,013 Commits 1,672 Branches 157 Tags
c7816ea1806b2fa22412cf0c33eda0f55eac41bf
Commit Graph

8981 Commits

Author SHA1 Message Date
Ed Minnix
c7816ea180 Conform Config modules to naming convention 2023-03-20 12:26:54 -04:00
Ed Minnix
8856730843 Refactor CWE-614/InsecureCookie 2023-03-20 12:26:54 -04:00
Ed Minnix
de6959c688 Refactor CWE-209/StackTraceExposure 2023-03-20 12:26:54 -04:00
Ed Minnix
73a17536f5 Refactor CWE-129 queries 2023-03-20 12:26:54 -04:00
Ed Minnix
ae57807359 Refactor CWE-089 Sql queries 2023-03-20 12:26:54 -04:00
Ed Minnix
e6e974a752 Refactor CWE-079/SqlConcatenated 2023-03-20 12:26:54 -04:00
Ed Minnix
c1ee2dce61 Refactor CWE-078/ExecTaintedLocal 2023-03-20 12:26:54 -04:00
Edward Minnix III
ac58299d9e Merge pull request #12541 from egregius313/egregius313/refactor-queries-to-new-dataflow-api 
Java: Refactor more queries to the new DataFlow module API
 2023-03-20 12:24:26 -04:00
Tony Torralba
fa60fa0ae2 Merge pull request #12572 from github/java/update-mad-decls-after-triage-2023-03-17T15-01-35 
Java: Update MaD Declarations after Triage
 2023-03-20 17:02:27 +01:00
Anders Schack-Mulligen
3876e4335f Merge pull request #12420 from kaspersv/kaspersv/dataflow-remove-alias-preds 
Dataflow: Remove revFlowAlias and revFlowApAlias predicates
 2023-03-20 16:30:15 +01:00
Michael Nebel
17b3383043 Merge pull request #12556 from michaelnebel/java/argumentthis 
Java: Argument[-1] -> Argument[this]
 2023-03-20 15:59:59 +01:00
Erik Krogh Kristensen
a9d40d39d9 Merge pull request #12550 from erik-krogh/useNumberUtil 
Java/Python: use Number.qll to parse hex numbers in regex parsing
 2023-03-20 15:50:31 +01:00
Stephan Brandauer
39726a54ec fix suggestion 2023-03-20 14:12:46 +01:00
Kasper Svendsen
1d2f1b6ae6 Address comments 2023-03-20 13:34:14 +01:00
Ed Minnix
83b0d073f0 Fix typo in QLDoc 2023-03-20 08:11:01 -04:00
Ed Minnix
1c661fd3ac Add missing QLDocs 2023-03-20 08:10:07 -04:00
Kasper Svendsen
e0e3a1d621 Dataflow: remove revFlowApAlias trick 2023-03-20 13:04:13 +01:00
Ed Minnix
84fd5f7ee0 Fix naming of ZipSlip configuration 2023-03-20 07:55:23 -04:00
Ed Minnix
60a4a79537 Make the Config module of public Flow modules public 
This is to make things easier for the CodeML/ATM team once these
configurations are moved from `src/` to `lib/`.
 2023-03-20 07:47:55 -04:00
Edward Minnix III
1c06afffe5 Merge pull request #12578 from egregius313/egregius313/conform-dataflow-configs-to-config-naming-convention 
Conform dataflow config modules to follow `*Config` naming convention
 2023-03-20 07:25:10 -04:00
Tony Torralba
27fc14236f Add change note 2023-03-20 10:48:56 +01:00
Tony Torralba
bff8bbfe33 Apply suggestions from code review 2023-03-20 10:43:46 +01:00
Michael Nebel
01ade878ea Java: Update test comments to use this instead of -1. 2023-03-20 10:14:20 +01:00
Michael Nebel
ba711ab849 Java: Update expected test-output (different sorting). 2023-03-20 10:14:20 +01:00
Michael Nebel
ae12510d8d Java: Add change-note. 2023-03-20 10:14:20 +01:00
Michael Nebel
9039a468cb Java: Update models that uses -1 in a range. 2023-03-20 10:14:20 +01:00
Michael Nebel
e86f1e4961 Java: Replace Argument[-1] with Argument[this]. 2023-03-20 10:14:20 +01:00
Michael Nebel
0ec56203f9 Java: Introduce index validation. 2023-03-20 09:38:40 +01:00
Michael Nebel
9a3c2d3fbe Java: Update summary parsing to use this instead of -1 and adjust the model generator. 2023-03-20 09:38:40 +01:00
Michael Nebel
abd9f673e1 Java: Update the java internal documentation for models. 2023-03-20 09:38:39 +01:00
Kasper Svendsen
9630feb5e4 Dataflow: Remove revFlowAlias trick 2023-03-20 09:04:35 +01:00
github-actions[bot]
0d36a5a733 Add changed framework coverage reports 2023-03-20 00:17:11 +00:00
Ed Minnix
c852d3a541 Rename configurations from "Conf" to "Config" 2023-03-19 17:55:53 -04:00
Ed Minnix
2d5944fb0e Refactor DataFlow configurations to use "Config" naming convention 2023-03-19 17:44:07 -04:00
Ed Minnix
7eb3fd2ff7 Conform queries to Config naming convention 2023-03-17 15:17:18 -04:00
Ed Minnix
d317de14c9 XXE Configuration Deprecation messages 2023-03-17 15:17:18 -04:00
Ed Minnix
310af99843 Refactor Security.CWE.CWE-807.TaintedPermissionsCheck 2023-03-17 15:17:18 -04:00
Ed Minnix
a9561a97c3 Refactor Security.CWE.CWE-643.XPathInjection 2023-03-17 15:17:18 -04:00
Ed Minnix
271d50ba99 Refactor Security.CWE.CWE-611 Xxe queries 2023-03-17 15:17:18 -04:00
Ed Minnix
80012b190d Refactor Security.CWE.CWE-601.UrlRedirect 2023-03-17 15:17:18 -04:00
Ed Minnix
481d1f9b15 Refactor Security.CWE.CWE-297.UnsafeHostnameVerification 2023-03-17 15:17:18 -04:00
Ed Minnix
7bd7ecd9e6 Refactor Security.CWE.CWE-190 Arithmetic queries 2023-03-17 15:17:18 -04:00
Ed Minnix
4a202b430f Security.CWE.CWE-200.AndroidWebViewSettingsAllowsContentAccess 2023-03-17 15:17:18 -04:00
Ed Minnix
d34dbbc96f Refactor Security.CWE.CWE-134.ExternallyControlledFormatString 2023-03-17 15:17:18 -04:00
Ed Minnix
ac223ea57f Refactor Security.CWE.CWE-094.InsecureBeanValidation 2023-03-17 15:17:18 -04:00
Ed Minnix
7aecefc4aa Refactor Security.CWE.CWE-090.LdapInjectionLib 2023-03-17 15:17:18 -04:00
Ed Minnix
07fdcf2d04 Refactor Security.CWE.CWE-022.ZipSlip 2023-03-17 15:17:18 -04:00
Ed Minnix
e60e1a2ba9 Refactor Security.CWE.CWE-022.TaintedPathLocal 2023-03-17 15:17:18 -04:00
Stephan Brandauer
dce81cf0ae Merge pull request #12463 from github/java/update-mad-decls-after-triage-2023-03-09T10-41-58 
Java: Add MaD declarations after triage
 2023-03-17 17:02:42 +01:00
Stephan Brandauer
8f565f5023 Update MaD Declarations after Triage 2023-03-17 16:01:36 +01:00