hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 10:10:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
56,742 Commits 1,673 Branches 157 Tags
cd1e73bd65d977b6f86367958a37efbcfc430aff
Commit Graph

56742 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
cd1e73bd65 Swift: Add some more test cases. 2023-07-19 08:34:29 +01:00
Geoffrey White
dc5f964ce0 Swift: Modify the test stubs to test flow models more robustly. 2023-07-19 08:34:29 +01:00
Geoffrey White
84f592b8a1 Swift: Add another test case. 2023-07-19 08:34:29 +01:00
Geoffrey White
f8b8c67813 Swift: Clean up and autoformat. 2023-07-19 08:34:27 +01:00
Geoffrey White
3c1f755580 Swift: Support other parse modes. 2023-07-19 08:33:48 +01:00
Geoffrey White
8273fa1a8c Swift: Track parse modes (prototype version). 2023-07-19 08:33:43 +01:00
Geoffrey White
5dea539f3f Swift: Fix QL-for-QL suggestion. 2023-07-18 16:51:12 +01:00
Geoffrey White
96dece3c88 Swift: ReDoS query result changes. 2023-07-18 10:11:22 +01:00
Geoffrey White
86c6960e2a Swift: Add RegexUseFlow and modify the role of StringLiteralUseFlow. 2023-07-18 09:49:47 +01:00
Geoffrey White
c76d85df1b Swift: Create a model for RegexCreation. 2023-07-18 09:49:47 +01:00
Geoffrey White
734a00d616 Swift: Rename so that different data flows will be clear. 2023-07-18 09:49:47 +01:00
Geoffrey White
f243e854ae Swift: Move regex dataflow code into a RegexTracking library (similar to the layout in Ruby and Python). 2023-07-18 09:49:36 +01:00
Geoffrey White
b5a8a8d431 Merge pull request #13715 from geoffw0/parsemode 
Swift: Recognize regular expression parse mode flags
 2023-07-18 09:09:56 +01:00
Jeroen Ketema
a426010b06 Merge pull request #13621 from MathiasVP/deprecate-ast-dataflow 
C++: Deprecate AST dataflow
 2023-07-18 08:13:47 +02:00
Alex Ford
ab1f341aa6 Merge pull request #13566 from alexrford/rb/rack-params 
Ruby: add `Rack::Request` params and cookies as remote input sources
 2023-07-17 14:07:20 +01:00
Mathias Vorreiter Pedersen
11f2681904 Merge pull request #13740 from MathiasVP/unique-entry-point 
C++: Exclude invalid functions from new range analysis
 2023-07-17 13:32:50 +01:00
yoff
d032bf5c0e Merge pull request #13685 from RasmusWL/captured-variables-default-param-value 
Python: Model parameter with default value as `DefinitionNode`
 2023-07-17 14:25:13 +02:00
Mathias Vorreiter Pedersen
be95d29589 Documentation: Update version number. 2023-07-17 11:08:40 +01:00
Mathias Vorreiter Pedersen
8c21699040 C++: Accept test changes. 2023-07-17 10:51:42 +01:00
Mathias Vorreiter Pedersen
f9db6a9868 C++: Don't do range analysis on malformed IR. 2023-07-17 10:15:01 +01:00
Geoffrey White
69b98c769c Merge pull request #13354 from geoffw0/sharedsensitive2 
Swift: Improve SensitiveExprs.qll Heuristics
 2023-07-17 09:16:09 +01:00
Owen Mansel-Chan
0b8353eb64 Merge pull request #13602 from pwntester/ruby/add_gqlgen_support 
Go: Add support for the gqlgen library
 2023-07-15 07:04:09 +01:00
Alvaro Muñoz
0ea0d54050 gofmt -w . 2023-07-14 22:15:40 +02:00
Alex Ford
bdf1aa0807 Merge pull request #13746 from asgerf/rb/fix-rack-todo 
Ruby: Use API graphs asCallable() instead of Proc.new workaround
 2023-07-14 16:29:00 +01:00
Alex Ford
d89c10dd85 Merge pull request #13130 from maikypedia/maikypedia/xpath-injection 
Ruby :  XPath Injection Query (CWE-643)
 2023-07-14 14:10:09 +01:00
Taus
9193de6898 Merge pull request #13730 from github/tausbn/limit-number-of-candidates-in-application-mode 
Java: Limit the number of samples extracted in application mode
 2023-07-14 14:09:59 +02:00
Asger F
2962727f0f Ruby: Use API graphs asCallable() instead of Proc.new workaround 2023-07-14 13:50:07 +02:00
Alex Ford
dbb55ff2b4 Ruby: fix xpathinjection deprecation warnings 2023-07-14 12:45:27 +01:00
Alex Ford
c0009379d1 qlformat 2023-07-14 12:04:03 +01:00
Asger F
31bed36231 Merge pull request #13612 from asgerf/rb/api-graph-explicit-proc-lambda 
Ruby: Improve support for explicit proc-creation
 2023-07-14 13:02:44 +02:00
Geoffrey White
1c8297b91b Merge pull request #13548 from geoffw0/redos 
Swift: Query for REDOS (Regular Expression Denial Of Service)
 2023-07-14 10:44:52 +01:00
Anders Schack-Mulligen
80a799df01 Merge pull request #13735 from aschackmull/dataflow/forcehighprecision-fix 
Dataflow: Fix forceHighPrecision for length-2 prefixes.
 2023-07-14 11:42:35 +02:00
Geoffrey White
1274393c72 Swift: Remove 'cached' annotations. 2023-07-14 10:11:09 +01:00
Chris Smowton
3d8b4d850a Merge pull request #13742 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-07-14 09:00:17 +01:00
github-actions[bot]
b675a1e2fe Add changed framework coverage reports 2023-07-14 00:19:14 +00:00
Alvaro Muñoz
11a915dcd7 Merge branch 'ruby/add_gqlgen_support' of https://github.com/pwntester/codeql into ruby/add_gqlgen_support 2023-07-13 22:16:41 +02:00
Alvaro Muñoz
55366f6743 retab 2023-07-13 22:16:34 +02:00
Alvaro Muñoz
9f6c7efd91 Update go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 22:11:37 +02:00
Alvaro Muñoz
4111ed6653 retab generated.go 2023-07-13 22:10:19 +02:00
Alvaro Muñoz
d681094824 Fixup expected file 2023-07-13 21:42:16 +02:00
Alvaro Muñoz
1dedc0ae55 Update go/ql/test/library-tests/semmle/go/frameworks/gqlgen/graph/schema.resolvers.go 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 21:39:47 +02:00
Alvaro Muñoz
94628edf98 Merge branch 'ruby/add_gqlgen_support' of https://github.com/pwntester/codeql into ruby/add_gqlgen_support 2023-07-13 21:36:49 +02:00
Alvaro Muñoz
730781720d remove unnecessary file 2023-07-13 21:35:11 +02:00
Alvaro Muñoz
7a54755c1b Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 21:32:56 +02:00
Alvaro Muñoz
1b6308e32f Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-07-13 21:32:46 +02:00
Geoffrey White
962c16d918 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-07-13 19:20:49 +01:00
Geoffrey White
2b9d25b317 Swift: Additional test cases. 2023-07-13 17:30:03 +01:00
Asger F
d57276ca35 Merge pull request #13719 from asgerf/js/barrier-inout 
JS: Replace barrier edges with barrier nodes
 2023-07-13 16:36:52 +02:00
Tony Torralba
cafc67e3be Merge pull request #13714 from pwntester/java/langs3_improvements 
[Java] Add missing commons lang3 model for ToStringBuilder.reflectionToString
 2023-07-13 14:45:33 +02:00
Max Schaefer
85991266da Merge pull request #13661 from github/max-schaefer/improve-command-injection-qhelp 
JavaScript: Improve query help for js/command-line-injection
 2023-07-13 13:34:10 +01:00