hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 21:44:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
79,598 Commits 1,740 Branches 165 Tags
d1869941c298962e97a5b9d2230839bfafefbbf3
Commit Graph

79598 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys Klicius
d1869941c2 Renamed UnhandledStreamPipe.ql to a better fitting name and ID 
As a side effect of merge `security-and-quality` does not contain anymore related new query.

Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-03 13:57:10 +02:00
Napalys Klicius
f6e7059589 Merge branch 'main' into js/quality/stream_pipe 2025-06-03 13:48:41 +02:00
Napalys Klicius
8ba1f3f265 Update javascript/ql/src/Quality/UnhandledStreamPipe.qhelp 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-03 13:43:45 +02:00
Asger F
9ea4410592 Merge pull request #19587 from asgerf/js/angular2-client-side 
JS: Mark AngularJS $location as client-side remote flow source
 2025-06-03 13:40:01 +02:00
Jeroen Ketema
5e84c71b69 Merge pull request #19652 from jketema/down-typo 
C++: Fix typo in downgrade script
 2025-06-03 12:55:28 +02:00
Jeroen Ketema
41bdaa3d3c C++: Fix typo in downgrade script 2025-06-03 12:25:46 +02:00
Arthur Baars
4de3817b16 Merge pull request #19616 from github/aibaars/rust-fix-stats 
Rust: restrict line and file counts to include only extracted source files
 2025-06-03 11:31:54 +02:00
Tom Hvitved
ae4a425608 Merge pull request #19605 from hvitved/rust/jump-to-def-extensions 
Rust: Extend jump-to-def to include paths and `mod file;` imports
 2025-06-03 10:19:28 +02:00
Tom Hvitved
3781de7b92 Rust: Reorder columns in Definitions.ql test 2025-06-03 09:53:45 +02:00
Nicolas Will
7d7ea72516 Merge pull request #19632 from bdrodes/openssl_keyagreement_instances_and_consumers 
Quantum: Add OpenSSL key agreement instances and consumers
 2025-06-02 20:55:05 +02:00
Nicolas Will
7e7dfeb40b Merge branch 'main' into openssl_keyagreement_instances_and_consumers 2025-06-02 20:02:53 +02:00
REDMOND\brodes
8b770bfb4d Crypto: Remove old crypto stubs, now part of experimental/stubs. 2025-06-02 14:00:30 -04:00
Napalys Klicius
7993f7d8c8 Update qhelp example to more accurately demonstrate flagged cases 2025-06-02 19:08:33 +02:00
REDMOND\brodes
23b6c78a23 Crypto: Revert CODEOWNERS change and remove redundant cast. 2025-06-02 13:07:31 -04:00
Tom Hvitved
52aa7e3c7d Merge pull request #19624 from paldepind/type-inference-experiment 
Rust: Refactor type equality
 2025-06-02 19:06:18 +02:00
Napalys Klicius
bf2f19da56 Update UnhandledStreamPipe.ql 
Address comments

Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-02 19:02:48 +02:00
Nicolas Will
8b9e5b477c Merge pull request #19623 from trailofbits/fegge/quantum-signatures 
Quantum: Added signature input nodes to signature verify operation nodes
 2025-06-02 18:07:48 +02:00
Paolo Tranquilli
51ef76a3c4 Merge pull request #19642 from github/redsun82/rm-windows-2019 
CI: remove deprecated `windows-2019` usage
 2025-06-02 18:05:19 +02:00
Napalys Klicius
ae74edb033 Update javascript/ql/src/Quality/UnhandledStreamPipe.ql 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 17:53:54 +02:00
Napalys Klicius
d43695c929 Update javascript/ql/src/Quality/UnhandledStreamPipe.qhelp 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 17:52:42 +02:00
Napalys Klicius
7198372ae5 Update javascript/ql/src/Quality/UnhandledStreamPipe.qhelp 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 17:52:41 +02:00
Napalys Klicius
abd446ae77 Update javascript/ql/src/Quality/UnhandledStreamPipe.ql 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 17:52:40 +02:00
Napalys Klicius
64f00fd0f2 Update javascript/ql/src/Quality/UnhandledStreamPipe.ql 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 17:52:34 +02:00
Napalys Klicius
3cbc4142f0 Update javascript/ql/src/Quality/UnhandledStreamPipe.ql 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 17:40:06 +02:00
Napalys Klicius
aed9e9c883 Merge pull request #19634 from Napalys/js/url_obj_propagation 
JS: Add URL constructor taint tracking for request forgery
 2025-06-02 17:32:44 +02:00
Paolo Tranquilli
baac2eecb0 Ripunzip: update default workflow versions 2025-06-02 17:30:34 +02:00
Paolo Tranquilli
b1afa6681c CI: remove deprecated windows-2019 usage 2025-06-02 17:26:42 +02:00
Nicolas Will
5a822462ad Merge branch 'main' into openssl_keyagreement_instances_and_consumers 2025-06-02 16:54:22 +02:00
Nicolas Will
806fc6ae6a Merge pull request #19564 from bdrodes/initial_openssl_tests 
Quantum: Add initial qltests for OpenSSL modeling
 2025-06-02 16:52:27 +02:00
REDMOND\brodes
f5d24c5a7b Crypto: Fix UnknownKeyAgreementType to OthernKeyAgreementType for JCA. 2025-06-02 10:11:53 -04:00
REDMOND\brodes
a473c96a9c Crypto: Move crypto test stubs under experimental/stubs and remove special CODEOWNERS assignments for crypto stubs. 2025-06-02 16:10:35 +02:00
REDMOND\brodes
6b267479be Crypto: Update crypto stubs location under 'crypto' and associate codeowners on any test/stubs/crypto. Minor fix to HashAlgorithmValueConsumer (remove library detector logic). 2025-06-02 16:10:35 +02:00
REDMOND\brodes
a9bdcc72eb Crypto: Move openssl stubs to a shared stubs location. Include openssl apache license and a readme for future stub creation. Modify existing test case to reference stubs location. 2025-06-02 16:10:35 +02:00
REDMOND\brodes
0de6647927 Crypto: Adding initial openssl tests, fixing a bug in hash modeling found through tests, and updating CODEOWNERS for quantum tests 2025-06-02 16:10:35 +02:00
Arthur Baars
5c21c01ad0 Update rust/ql/src/queries/summary/Stats.qll 2025-06-02 15:42:43 +02:00
Fredrik Dahlgren
d0739b21e5 Restricted signature input nodes to verify nodes 2025-06-02 15:37:33 +02:00
Michael Nebel
21cb8b2172 Merge pull request #19638 from martincostello/dotnet-branding 
Fix user-facing casing of NuGet
 2025-06-02 14:06:35 +02:00
Taus
9fe031d8eb Merge pull request #19594 from sylwia-budzynska/pandas-sqli 
Python: Add Pandas SQLi sinks
 2025-06-02 13:40:14 +02:00
Napalys Klicius
c981c4fe30 Update javascript/ql/lib/change-notes/2025-05-30-url-package-taint-step.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-02 13:34:47 +02:00
Tom Hvitved
bf39058573 Merge pull request #19611 from hvitved/rust/path-resolution-std-prelude 
Rust: Also take the `std` prelude into account when resolving paths
 2025-06-02 13:04:57 +02:00
Paolo Tranquilli
2561f3c081 Merge pull request #19585 from github/redsun82/rust-skip-unexpanded-in-libraries 
Rust: skip unexpanded stuff in library emission
 2025-06-02 12:10:37 +02:00
Napalys Klicius
298ef9ab12 Now able to track error handler registration via instance properties 2025-06-02 11:01:41 +02:00
Martin Costello
77a6a2d442 Fix user-facing casing of NuGet 
Fix user-facing strings to use "NuGet" instead of "Nuget" and "dotnet" instead of "Dotnet".
 2025-06-02 09:30:16 +01:00
Paolo Tranquilli
fa3fcf0f95 Rust: skip all token trees in library mode 2025-06-02 09:32:39 +02:00
Paolo Tranquilli
7be44d2fe8 Merge branch 'main' into redsun82/rust-skip-unexpanded-in-libraries 2025-06-02 09:27:56 +02:00
Napalys Klicius
0b6a747737 Added change note 2025-05-30 18:33:59 +02:00
Napalys Klicius
b9b62fa1c1 JS: Add URL from url package constructor taint step for request forgery detection 2025-05-30 18:32:02 +02:00
Napalys Klicius
19cc3e335f JS: Add test case for RequestForgery with url wrapped via package URL 2025-05-30 18:26:47 +02:00
Napalys Klicius
f843cc02f6 Fix false positives in stream pipe analysis by improving error handler tracking via property access. 2025-05-30 18:08:04 +02:00
REDMOND\brodes
cf015d18f1 Crypto: Add openssl key agreement instances and consumers (KEM and KEY_EXCH). Fix for raw algorithm names in all current instances. Update constants to include key agreement algorithms, previously missing. Note added in model for the possibility of ESDH. 2025-05-30 11:29:34 -04:00