hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,684 Commits 1,672 Branches 157 Tags
dd31be43e07d901bafb543c8f65be8e9b5abb364
Commit Graph

8654 Commits

Author SHA1 Message Date
Jami Cogswell
b779f9f935 added casting 2022-08-15 15:50:00 -04:00
Jami Cogswell
c010f92811 simplified predicates, removed overridden getFile predicate 2022-08-15 15:50:00 -04:00
Jami Cogswell
6e10fcf519 added predicates in the AndroidManifest library and adjusted tests 2022-08-15 15:50:00 -04:00
Jami Cogswell
229324fde0 updated overview section of help file; also added 'App Manifest Overview' to references 2022-08-15 15:50:00 -04:00
Jami Cogswell
3714a98403 add reference to help file 2022-08-15 15:50:00 -04:00
Jami Cogswell
ead36822be update change note based on review comment 2022-08-15 15:50:00 -04:00
Jami Cogswell
f961540979 added change note 2022-08-15 15:50:00 -04:00
Jami Cogswell
af0a663ee8 remove commented-out code in Test.java file 2022-08-15 15:50:00 -04:00
Jami Cogswell
d1a23ad78c updated to getRelativePath with %build% 2022-08-15 15:50:00 -04:00
Jami Cogswell
15df392fd8 updates to InlineExpectationsTest 2022-08-15 15:50:00 -04:00
Jami Cogswell
d8dbdfcd70 rename expected file, add ql file, delete qlref file 2022-08-15 15:50:00 -04:00
Jami Cogswell
8c4b98c04f rename files 2022-08-15 15:50:00 -04:00
Jami Cogswell
475d67a4df minor updates, removed comments 2022-08-15 15:50:00 -04:00
Jami Cogswell
e2374f816a test commit for new branch 2022-08-15 15:50:00 -04:00
Jami Cogswell
54470c794d updated location part of query to use abs path and /build 2022-08-15 15:49:59 -04:00
Jami Cogswell
54acd0e330 add numeric value for security-severity 2022-08-15 15:49:59 -04:00
Jami Cogswell
fdb437552c clean up android query and tests 2022-08-15 15:49:59 -04:00
Jami Cogswell
cf39cc0909 updates to android debug query 2022-08-15 15:49:59 -04:00
Jami Cogswell
6720dba8e7 draft android debug query 2022-08-15 15:49:59 -04:00
Sid Shankar
02cd7bc7d2 Remove reference to infosecwriters.com 
infosecwriters.com now redirects to a completely unrelated page. The broken link was replaced with a mailing list post from Diabolical Crab (DCrab) diving into HTTP response splitting.
 2022-08-15 14:41:50 -04:00
Sid Shankar
ffbb158570 Update invalid link to devx.com 2022-08-15 14:40:12 -04:00
Ian Lynagh
d06b3a17bb Kotlin: Remove a non-null-expr 2022-08-15 15:01:48 +01:00
Ian Lynagh
48e6b4c01b Kotlin: Remove another not-null-expression 2022-08-15 14:43:59 +01:00
Ian Lynagh
10463e12a7 Kotlin: Add List<T?>.requireNoNullsOrNull(): List<T>? utility 2022-08-15 14:38:09 +01:00
Ian Lynagh
d4517f1266 Kotlin: Refactor away a NotNullExpr in the extractor 2022-08-15 14:17:53 +01:00
Chris Smowton
774e379eb1 Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability 
[JAVA] Partial Path Traversal Vuln Query
 2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen
0adb588fe8 Merge pull request #9712 from erik-krogh/badRange 
JS/RB/PY/Java: add suspicious range query
 2022-08-15 13:55:44 +02:00
Chris Smowton
e27d62b0b4 Fix qldoc wording 2022-08-15 12:08:14 +01:00
Chris Smowton
c40ec728c6 Remove non-ascii char 2022-08-15 12:08:14 +01:00
Chris Smowton
38c0557d90 Adjust test to moved and expanded stubs 2022-08-15 12:08:14 +01:00
Chris Smowton
1a3dc1d6eb Remove extra closing tag 2022-08-15 11:31:53 +01:00
Ian Lynagh
09d249e5d8 Merge pull request #10038 from igfoo/igfoo/java-downgrades 
Java: Add initial downgrades directory
 2022-08-15 10:57:52 +01:00
Chris Smowton
5677e38994 Style edit 2022-08-15 10:37:55 +01:00
Chris Smowton
3cf871e9e5 Apply docs suggestions 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-08-15 10:34:55 +01:00
Anders Schack-Mulligen
a3fb54c9de Merge pull request #10007 from aschackmull/dataflow/source-node-identity 
Dataflow: Fix identification of source PathNodes in the presence of source-to-source flow
 2022-08-15 10:39:17 +02:00
Chris Smowton
ca4ef6578d Spelling 2022-08-13 14:37:08 +01:00
Chris Smowton
c5e46f78ec Add change note 2022-08-13 14:29:17 +01:00
Chris Smowton
8bea2a5f6c Add missing qldoc 2022-08-13 14:20:48 +01:00
Chris Smowton
b62e9dc92c Convert tests to inline expectations and fix one bug revealed doing so 
Specifically Apache sshd defines its sensitive api calls on an inherited interface, and they need to be described that way for us to pick them up.
 2022-08-13 14:02:05 +01:00
Chris Smowton
ddb0846e06 Split up hardcoded creds queries, ready for conversion to inline expectations 2022-08-13 12:39:16 +01:00
Chris Smowton
0a6ccbca45 Add stubs and tests for new hardcoded-credential sinks 2022-08-13 12:39:15 +01:00
Daniel Santos
60e0f09586 Additional hardcoded credentials candidates 3rd-party api calls 2022-08-13 12:39:15 +01:00
erik-krogh
3a4a3437b5 fix some QL-for-QL warnings 2022-08-12 20:38:50 +02:00
erik-krogh
b54f037424 Merge branch 'main' into refacReDoS 2022-08-12 20:28:30 +02:00
erik-krogh
b9e96fb078 sync changes to other languages 2022-08-12 20:28:12 +02:00
Ian Lynagh
254c166f93 Java: Add initial downgrades directory 2022-08-12 16:19:31 +01:00
Tamas Vajk
ccef2f7646 Address review comments 2022-08-12 15:25:46 +02:00
Tamas Vajk
451be6c32c Kotlin: Add explicit CI version number to build script 2022-08-12 14:27:06 +02:00
Tamas Vajk
0bd00ce1db Kotlin: Change handling of version variants in build script 2022-08-12 13:11:33 +02:00
github-actions[bot]
21d0c78376 Post-release preparation for codeql-cli-2.10.3 2022-08-11 23:20:39 +00:00