hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
68,288 Commits 1,741 Branches 165 Tags
dae2aeb7d384e84d2656930c6de2a943190175ea
Commit Graph

68288 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
aegilops
dae2aeb7d3 QLDoc 2024-07-09 18:16:02 +01:00
aegilops
86afd54a9b Moved new query to 'experimental' 
Moved lists of domains to data extensions, including adding those to the overall qlpack.yml

Expanded scope of new query to further domains operated by the untrusted owners of polyfill.io
 2024-07-09 16:38:01 +01:00
aegilops
1fe14e26b1 Split out "compromised" functionality 2024-07-08 10:56:12 +01:00
aegilops
e2b37f97b0 Added dot to end of test message 2024-07-01 17:41:26 +01:00
Paul Hodgkinson
d289fb414e Merge branch 'main' into aegilops/polyfill-io-compromised-script 2024-07-01 17:15:07 +01:00
aegilops
73fc6bcdb1 Added some missing QLDoc 2024-07-01 17:10:24 +01:00
aegilops
b4d8c4889a Fixed wrong name for example HTML 2024-07-01 16:58:03 +01:00
aegilops
c985c9adb3 Added change note for polyfill.io query 2024-07-01 16:56:07 +01:00
aegilops
1744a98017 Added full stop to end of message 2024-07-01 16:53:22 +01:00
aegilops
ceda46e317 Fixed ending <p> tags 2024-07-01 16:52:28 +01:00
Rasmus Wriedt Larsen
2b2c381bf0 Merge pull request #16876 from GeekMasher/py-hardcoded-creds-mad 
Python: Add Hardcoded Credentials MaD support
 2024-07-01 17:25:13 +02:00
aegilops
a1b0703690 Added detection for specific Polyfill.io CDN compromise - edited existing library and added new query and tests 2024-07-01 16:21:34 +01:00
Mathew Payne
96048f962e Update python/ql/src/Security/CWE-798/HardcodedCredentials.ql 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-07-01 14:29:00 +01:00
Taus
d9b337cb2c Merge pull request #16804 from github/tausbn/python-fix-bad-join-in-dataflow-dispatch 
Python: Fix bad join in `DataFlowDispatch`
 2024-07-01 13:14:28 +02:00
Arthur Baars
c6d02e4909 Merge pull request #16878 from github/aibaars/merge-3.14 
Merge rc/3.14 into main
 2024-07-01 11:04:57 +02:00
Owen Mansel-Chan
0db4110449 Merge pull request #16879 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-06-30 13:59:16 +01:00
github-actions[bot]
26194eb65f Add changed framework coverage reports 2024-06-30 00:19:16 +00:00
Owen Mansel-Chan
390fecbef6 Merge pull request #16866 from owen-mc/go/add-go-jose-to-library-coverage-frameworks 
Go: Add Go JOSE to library coverage frameworks
 2024-06-29 07:30:36 +01:00
Arthur Baars
b12b33c8f9 Merge remote-tracking branch 'upstream/main' into 'rc/3.14' 2024-06-28 19:50:35 +02:00
Jeroen Ketema
a85f73972c Merge pull request #16870 from jketema/preproc-more 
C++: Update test expectations
 2024-06-28 19:01:12 +02:00
Mathew Payne
ed314b1799 docs: Add Change Notes 2024-06-28 14:42:35 +01:00
Mathew Payne
1cf9714272 feat(python): Add Hardcoded Credentials MaD support 2024-06-28 14:30:36 +01:00
Jami
42925b56e3 Merge pull request #15921 from jcogs33/jcogs33/unsafe-url-forward-promotion-resource-and-file-methods 
Java: add models for some resource-related methods
 2024-06-28 08:05:50 -04:00
Erik Krogh Kristensen
60811116ab Merge pull request #16332 from erik-krogh/ts55 
JS: upgrade TypeScript to 5.5
 2024-06-28 13:59:52 +02:00
Tamás Vajk
1cf5e89b96 Merge pull request #16747 from tamasvajk/buildless/binary-log-extractor-2 
C#: Add binlog support to buildless with source generator support
 2024-06-28 12:39:54 +02:00
Erik Krogh Kristensen
fd3089ee5a Merge pull request #14342 from maikypedia/maikypedia/javascript-cors 
JS: Add Permissive CORS query (CWE-942)
 2024-06-28 11:27:37 +02:00
Mathias Vorreiter Pedersen
72caadb7db Merge pull request #16869 from hvitved/shared/cfg/mermaid-output 
Shared: Generate mermaid output in `View CFG` query
 2024-06-28 10:21:02 +01:00
Tom Hvitved
e1c1314824 Shared: Generate mermaid output in View CFG query 2024-06-28 09:45:22 +02:00
Tamas Vajk
4db586f17d Add TSP diagnostic for binlog usage 2024-06-28 09:40:41 +02:00
Tamas Vajk
c8927447f5 Record diagnostics in binlog extraction test 2024-06-28 09:40:13 +02:00
Jami Cogswell
85a1e1a972 Java: update change note date 2024-06-27 22:11:01 -04:00
Jami Cogswell
be565288f2 Java: update more test cases due to shifted alert provenance line numbers 2024-06-27 22:08:38 -04:00
Jami Cogswell
c73af7f789 Java: update some test cases due to shifted alert provenance line numbers 2024-06-27 21:07:35 -04:00
Maiky
d0cf2a978c Merge branch 'main' into maikypedia/javascript-cors 2024-06-27 20:24:42 +02:00
Jeroen Ketema
8defd27b49 C++: Update test expectations 2024-06-27 17:45:33 +02:00
yoff
40b7534210 Merge pull request #16860 from yoff/python/MaD-doc-fixup 
Python: fix typo pointed out in review but missed by me
 2024-06-27 17:02:39 +02:00
Owen Mansel-Chan
98b2d1f2d7 Add Go JOSE to library coverage frameworks 2024-06-27 14:52:08 +01:00
Owen Mansel-Chan
5d7a6e3836 Merge pull request #16851 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-06-27 13:57:30 +01:00
Tamas Vajk
1e2d1ef715 Use dedicated API to get generated syntax trees 2024-06-27 14:49:29 +02:00
Tamas Vajk
0b41d5121a Compute unique identifier (folder path) for each compilation 2024-06-27 14:49:24 +02:00
Tamas Vajk
1ae40c95b1 Change binlog test to have colliding generated file locations 2024-06-27 14:49:20 +02:00
Tamas Vajk
b22f5f557a Fix failed extraction handling 2024-06-27 14:49:16 +02:00
Tamas Vajk
fb0520c74a C#: Adjust trap location, database ID and archiving of generated sources 2024-06-27 14:49:10 +02:00
Tamas Vajk
dcd84f47a4 Improve source archiving to handle non-existent files 2024-06-27 14:49:06 +02:00
Tamas Vajk
31ad195dc3 C#: Add binlog support to buildless with source generator support 2024-06-27 14:48:54 +02:00
Tamás Vajk
b2d2f2d0d8 Merge pull request #16858 from tamasvajk/fix/solution 
C#: Fix solution file
 2024-06-27 14:31:15 +02:00
Owen Mansel-Chan
50cc720117 Merge branch 'main' into workflow/coverage/update 2024-06-27 10:51:23 +01:00
Rasmus Lerchedahl Petersen
da03237b32 Python: fix typo pointed out in review but missed by me 2024-06-27 11:21:28 +02:00
Tamás Vajk
6c727b1e7d Merge pull request #16857 from tamasvajk/feature/stringformat 
C#: Change `string.Format` calls to interpolated strings
 2024-06-27 10:55:21 +02:00
Tamas Vajk
3e20d908c4 C#: Fix solution file 2024-06-27 10:53:39 +02:00