hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
28,623 Commits 1,673 Branches 157 Tags
dbdf102ea677f6810bc5f97523dde326486de8a0
Commit Graph

28623 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jorgectf
dbdf102ea6 Make EmailSender an extendable API 2021-11-13 14:23:11 +01:00
jorgectf
63eadc8441 Polish sendgrid modeling 2021-11-13 02:12:58 +01:00
jorgectf
33b6f6fe61 Polish FlaskMail qldocs 2021-11-13 02:12:22 +01:00
jorgectf
1393b5b157 Add django qldocs 2021-11-13 02:11:45 +01:00
jorgectf
5b46b90e10 Fix additional taint step variables 2021-11-09 14:41:35 +01:00
jorgectf
c0a0c5d811 Cover footer and subscription_tracking html injection 2021-11-08 10:51:11 +01:00
jorgectf
5774ce2479 Improve django test 2021-11-08 10:34:16 +01:00
jorgectf
f4a73fcc59 Add RFS to sendgrid test 2021-11-08 10:33:57 +01:00
jorgectf
d316974157 Add HtmlContent additional taint step 2021-11-08 10:23:50 +01:00
jorgectf
356b07112a Cover MimeType.amp as a vulnerable mimetype 2021-10-30 21:19:22 +02:00
jorgectf
3264e7be99 Merge branch 'jty/python/emailInjection' of https://github.com/jty-team/codeql into jty/python/emailInjection 2021-10-30 21:11:30 +02:00
thank_you
d9e4df7f97 Remove unnecessary comment 2021-10-30 14:00:58 -04:00
thank_you
3a4e3d5146 Remove comments from Python example tests 
Besides removing comments, I also reduced the complexity of some of the Python code examples.
 2021-10-30 14:00:51 -04:00
jorgectf
4afcd9d207 [mrthankyou] smtplib partial modeling. 2021-10-28 19:18:59 +02:00
jorgectf
ba3ea700f5 Add Sendgrid dict data html body modeling 2021-10-28 18:47:54 +02:00
jorgectf
dbf5b24b86 Polish Sendgrid.qll qldoc 2021-10-28 18:26:35 +02:00
jorgectf
e8e0f0fea8 Add temporary .expected 2021-10-28 14:22:14 +02:00
jorgectf
bf68495102 Polish FlaskMail qldocs 2021-10-28 14:21:43 +02:00
jorgectf
c9634f3c6f Fix getFlaskMailArgument() 2021-10-28 13:54:14 +02:00
jorgectf
4c2a4226ef Merge remote-tracking branch 'origin/main' into jty/python/emailInjection 2021-10-28 13:26:57 +02:00
Geoffrey White
e8895686f8 Merge pull request #6980 from geoffw0/unusedqhelp 
C++: Remove old and unused qhelp files
 2021-10-28 10:55:31 +01:00
Rasmus Wriedt Larsen
6d09334cba Merge pull request #6330 from porcupineyhairs/pyPathTraversal 
Python : Add Flask sinks for path injection query
 2021-10-28 11:39:40 +02:00
Rasmus Wriedt Larsen
d9e5d179d2 Python: Minor fix to QLDoc 
and auto-formatting
 2021-10-28 11:15:34 +02:00
Rasmus Wriedt Larsen
358663ffbb Python: Fix tests 2021-10-28 11:14:41 +02:00
yoff
9478faf040 Merge pull request #6967 from RasmusWL/ruamel.yaml 
Python: Model `ruamel.yaml` PyPI package
 2021-10-28 10:19:08 +02:00
Tony Torralba
cee80f766f Merge pull request #6983 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-28 08:19:34 +02:00
github-actions[bot]
adfc725225 Add changed framework coverage reports 2021-10-28 00:08:41 +00:00
Porcuiney Hairs
4fd3f212f8 Python : Add Flask sinks for path injection query 2021-10-28 02:12:11 +05:30
Nick Rolfe
0d161bec7a Merge pull request #6982 from github/nickrolfe/also-revert-cargo-lock 
Ruby: also revert Cargo.lock
 2021-10-27 20:33:07 +01:00
Nick Rolfe
f557df6c4e Revert "Ruby: update Cargo.lock" 
This reverts commit 0a89028663.
 2021-10-27 18:38:22 +01:00
Nick Rolfe
f1229ff071 Revert "Ruby: update Cargo.lock" 
This reverts commit 7a5e8f1756.
 2021-10-27 18:38:08 +01:00
Shati Patel
c9b50f3c2f Merge pull request #6981 from github/aibaars/ruby-lgtm-links 
Ruby: update lgtm.com query console links
 2021-10-27 17:18:08 +01:00
Arthur Baars
f496336a0d Ruby: update lgtm.com query console links 2021-10-27 18:08:11 +02:00
Nick Rolfe
06303b103f Merge pull request #6979 from github/nickrolfe/revert-crate-updates 
Ruby: revert crate updates
 2021-10-27 16:53:19 +01:00
Nick Rolfe
7a5e8f1756 Ruby: update Cargo.lock 2021-10-27 16:21:33 +01:00
Nick Rolfe
ff7826dd96 Revert "Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/generator" 
This reverts commit 4cedb43a54.
 2021-10-27 16:21:33 +01:00
Nick Rolfe
fc1f874f92 Revert "Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/extractor" 
This reverts commit e9da027539.
 2021-10-27 16:21:33 +01:00
Geoffrey White
2182bb5c91 C++: Remove unused qhelp files. 2021-10-27 15:47:01 +01:00
Geoffrey White
d990e790e7 C++: Remove unused index.qhelp files. 2021-10-27 15:40:34 +01:00
Arthur Baars
dc24361f89 Merge pull request #6974 from github/nickrolfe/Cargo_lock 
Ruby: update Cargo.lock
 2021-10-27 13:47:22 +02:00
Nick Rolfe
0a89028663 Ruby: update Cargo.lock 2021-10-27 11:43:09 +01:00
Anders Schack-Mulligen
4a67ac5e0b Merge pull request #4991 from JLLeitschuh/feat/JLL/early_ratpack_support 
Java: Simple support for Ratpack HTTP Framework
 2021-10-27 09:25:52 +02:00
Rasmus Wriedt Larsen
89e713a25c Python: Update PyYAML comment with 6.0 release 2021-10-26 17:58:06 +02:00
Rasmus Wriedt Larsen
cd6d73d553 Python: Handle kwarg in PyYAML 
Really surprised that we didn't already :|
 2021-10-26 17:48:10 +02:00
Rasmus Wriedt Larsen
6c0083e584 Python: Add PoC for PyYAML code execution 2021-10-26 17:48:10 +02:00
Rasmus Wriedt Larsen
1ce09afa08 Python: Add modeling of ruamel.yaml PyPI package 2021-10-26 17:48:10 +02:00
Joe Farebrother
02b440b0ed Merge pull request #6599 from joefarebrother/android-sensitive-communication 
Java: Promote android sensitive broadcast query
 2021-10-26 13:48:58 +01:00
CodeQL CI
e5e1046c81 Merge pull request #6962 from asgerf/js/template-db-constraint-err 
Approved by erik-krogh
 2021-10-26 13:43:57 +01:00
Jonathan Leitschuh
21aeee6378 Actually remove the last non-ascii quote from Promise 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-26 08:28:44 -04:00
Alexander Eyers-Taylor
3bae95a93a Merge pull request #6939 from edoardopirovano/bump-version 
Fix version number in language reference
 2021-10-26 13:11:30 +01:00