hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,841 Commits 1,672 Branches 157 Tags
cdb8f6760120411bc5a90b51c63ce8e1e741ec57
Commit Graph

8519 Commits

Author SHA1 Message Date
github-actions[bot]
cdb8f67601 Post-release preparation for codeql-cli-2.12.0 2023-01-06 10:36:34 +00:00
Jeroen Ketema
170242f79c Apply suggestions from code review 2023-01-05 17:57:19 +01:00
Nick Rolfe
6e07076151 tweak wording in 2.12 release notes 2023-01-05 16:46:44 +00:00
github-actions[bot]
b6a8193785 Release preparation for version 2.12.0 2023-01-05 16:32:14 +00:00
Aditya Sharad
ed73875fac Merge pull request #11747 from adityasharad/tutorial/library-pack 
Tutorial: Move QL detective tutorial library into shared `codeql/tutorial` library pack
 2023-01-04 08:24:53 -08:00
Erik Krogh Kristensen
cedc9c0bff Merge pull request #11582 from erik-krogh/heuristics 
JS: Add experimental variants of common security queries with more sources
 2023-01-04 10:46:19 +01:00
Aditya Sharad
9988c19a42 Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
Calum Grant
ad55706527 Merge branch 'main' into calumgrant/remove-lgtm 2023-01-03 10:27:30 +00:00
Arthur Baars
98c5b81456 Merge pull request #11723 from aibaars/alert-suppression 
CodeQL alert suppression
 2022-12-21 10:59:57 +01:00
Arthur Baars
035ad65e43 AlertSuppression: move library into util folder 2022-12-21 10:39:57 +01:00
Jacques
b99c500435 Fix associated test 2022-12-20 12:51:13 +09:00
Jacques
97b8126385 Fix javascript 2022-12-20 12:45:59 +09:00
Aditya Sharad
ed29b3e4d6 Shared packs: Depend on codeql/tutorial from all language libraries 
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
 2022-12-19 15:52:11 -08:00
Calum Grant
e982e144a4 JS: Update qltest output 2022-12-19 17:22:51 +00:00
Arthur Baars
a8be5d7274 AlertSuppression: add change notes 2022-12-19 17:02:52 +01:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Calum Grant
4a37c01c5f JavaScript: Remove references to LGTM 2022-12-19 15:15:17 +00:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Arthur Baars
016c7a8ca7 Merge pull request #11719 from aibaars/alert-suppression-shared 
Shared AlertSuppression library
 2022-12-19 16:04:44 +01:00
Henning Makholm
ca1c46331a Merge pull request #11731 from github/hmakholm/pr/no-option 
remove com.semmle.util.data.Option from from extractor code interface II
 2022-12-19 15:36:51 +01:00
erik-krogh
66be8cda06 remove more of the implementation into ConditionalBypassQuery.qll 2022-12-19 14:37:19 +01:00
Arthur Baars
8be882f815 Update javascript/ql/src/AlertSuppression.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-19 14:35:16 +01:00
Arthur Baars
682bf6d3a7 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-19 14:16:05 +01:00
yoff
d4eb2b964c Merge pull request #11699 from erik-krogh/shareHost 
Dynamic: Share more regexp code
 2022-12-19 13:29:53 +01:00
Arthur Baars
23f595bea1 JavaScript: use shared AlertSuppression.qll 2022-12-19 12:25:17 +01:00
erik-krogh
442749bb7f JS: add heuristic variants of queries that use RemoteFlowSource 2022-12-19 12:01:22 +01:00
Jean Helie
31f7702a04 Merge pull request #11726 from github/jhelie/fix-endpoint-large-scale-script 
ATM: fix script updating endpoint large scale test data
 2022-12-19 10:55:30 +01:00
erik-krogh
35e8d6afd4 move getACommonTld into a utility module without parameters 2022-12-18 17:23:45 +01:00
erik-krogh
26c5480ee6 share {js,rb}/regex/missing-regexp-anchor 2022-12-18 17:23:41 +01:00
erik-krogh
355499ea52 move getACommonTld to the shared pack 2022-12-17 17:26:18 +01:00
erik-krogh
f67d0bc8c0 put the shared HostnameRegexp code in the shared regex pack 2022-12-17 17:26:18 +01:00
Henning Makholm
3e85e9f7d9 remove com.semmle.util.data.Option from from extractor code interface II 
com.semmle.util.data.Option is going away. Switch the single
cross-repo call that mentions it to use the new Option-less overload
that was introduced in semmle-code PR 44626.
 2022-12-16 19:03:20 +01:00
Henry Mercer
30451ee950 Merge pull request #11681 from github/henrymercer/mergeback-3.8 
Merge `rc/3.8` back to `main`
 2022-12-16 17:43:12 +00:00
Jean Helie
938a7e828c update tests 2022-12-16 15:31:43 +01:00
Jean Helie
cd0220b248 update autogenerated data for endpoint_large_scale 2022-12-16 14:03:01 +01:00
Jean Helie
904a4bd48b fix script updating endpoint_large_scale test data 2022-12-16 14:03:00 +01:00
Erik Krogh Kristensen
1500fa5f67 Merge pull request #10663 from pwntester/restify_improvements 
Javascript: Improve Restify support and add new Spife support
 2022-12-15 11:08:22 +01:00
Erik Krogh Kristensen
55558120d9 add explicit this 2022-12-14 20:59:28 +01:00
Alvaro Muñoz
f46a8faf00 port RouteSetup API-based implementation to DataFlow one 2022-12-14 17:37:32 +01:00
Asger F
a92acf5218 Merge pull request #11689 from asgerf/js/missing-csrf-qhelp 
JS: Update MissingCsrfMiddleware after 'csurf' deprecation
 2022-12-14 15:50:32 +01:00
Alvaro Muñoz
818c2da1aa fix Spife tests (without heuristics) 2022-12-14 15:42:27 +01:00
Alvaro Muñoz
4cf7299d79 restore Spife.qll to working status 2022-12-14 15:41:53 +01:00
Alvaro Muñoz
14faff4477 fix restify tests 2022-12-14 15:38:35 +01:00
Alvaro Muñoz
e1f05e960d Merge branch 'restify_improvements' of https://github.com/pwntester/codeql into restify_improvements 2022-12-14 13:11:13 +01:00
Alvaro Muñoz
a71fc930a6 add tests 2022-12-14 13:11:02 +01:00
Asger F
b63c658e3b JS: recognize tiny-csrf 2022-12-14 12:30:15 +01:00
Asger F
162419138d JS: Replace csurf -> lusca.csrf from example and qhelp 2022-12-14 12:30:15 +01:00
Henry Mercer
6023a1225c Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4 
JS: Bump version numbers of ML-powered packs after 0.4.4 release
 2022-12-14 10:27:00 +00:00
Alvaro Muñoz
701676eea1 Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-14 10:18:47 +01:00
Erik Krogh Kristensen
8a89849476 Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00