codeql

mirror of https://github.com/github/codeql.git synced 2026-05-21 06:37:10 +02:00

Author	SHA1	Message	Date
Esben Sparre Andreasen	df34784834	Apply suggestions from code review Co-authored-by: Henry Mercer <henrymercer@github.com>	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	cd2761b8f2	fix semantic merge conflict	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	446fbcdbe1	rename new features	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	b3f09e0203	add more features	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	c466fab22d	improve feature documentation	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	c74857f44d	improve feature tests with more cases	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	b65db6c07c	improve access path strings	2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen	1cea33d80e	support import in getSimpleAccessPath	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	09a273927a	support await in getSimpleAccessPath	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	aa37ae6b70	avoid using new feautes by default	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	5f9d3e1e58	add CompareFeatures.ql	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	bf708b9181	add generic tests for features	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	6277650a0d	Document EndpointFeatures.qll	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	3baa9de45d	add ParameterAccessPathSimpleFromArgumentTraversal	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	e5ddc57aa6	improve getSimpleAccessPath	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	62bf841c5d	refactor calleeAccessPath feature to class	2022-04-22 14:39:43 +02:00
Stephan Brandauer	b14feb0022	refactor getACallBasedTokenFeature to class-use	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	09db824078	Add CalleeAccessPathSimpleFromArgumentTraversal	2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen	eaba3c120f	refactor EndpointFeatures.ql to use classes	2022-04-22 14:39:43 +02:00
Jean Helie	d094bbc06d	Merge pull request #8546 from github/jhelie/enforce-unknown-incompatibiliy-with-notasink ML: add defensive check to ensure Unknown endpoints cannot also be NotASink	2022-04-14 11:21:18 +02:00
Jean Helie	1e39a9caae	ML: update regression test output following fix to getAnUnknown predicate	2022-04-13 18:14:16 +02:00
Jean Helie	f87cd164ce	ML: add defensive check to ensure Unknown endpoints cannot also be NotASink	2022-04-13 18:14:16 +02:00
Jean Helie	f2b813a6e7	ML: add regression test for effective sink that is also NotASink	2022-04-13 18:14:16 +02:00
Jean Helie	407a8a7715	ML: fix ATM expected tests outputs	2022-04-13 14:02:12 +02:00
Erik Krogh Kristensen	67e1ffdd3e	fix isKnownStepSrc such that it actually includes taint/dataflow-steps	2022-03-31 09:46:01 +02:00
Erik Krogh Kristensen	e038baed36	add .gitignore ignoring test dbs	2022-03-31 09:45:28 +02:00
Chuan-kai Lin	a8dabb238d	JS: Fix expected test output for ATM queries	2022-03-30 11:35:17 -07:00
github-actions[bot]	1e620c99c6	JS: Bump patch version of ML-powered library and query packs post-release	2022-03-23 11:53:34 +00:00
github-actions[bot]	dc0c8374d2	JS: Bump minor version of ML-powered library and query packs	2022-03-23 11:47:53 +00:00
github-actions[bot]	2b42d84ccd	JS: Bump patch version of ML-powered model pack post-release	2022-03-23 11:47:53 +00:00
github-actions[bot]	6fbc0e6e32	JS: Bump ML model pack dependency of ML-powered model building and query packs	2022-03-23 11:47:53 +00:00
github-actions[bot]	8d13662315	JS: Bump minor version of ML-powered model pack	2022-03-23 11:47:08 +00:00
Erik Krogh Kristensen	cd9d61c1fc	Merge pull request #8450 from erik-krogh/importAs disallow lowercase import-as aliases	2022-03-16 11:32:37 +01:00
Erik Krogh Kristensen	b0fc958b32	simplify imports Co-authored-by: Henry Mercer <henry.mercer@me.com>	2022-03-15 15:10:04 +01:00
Erik Krogh Kristensen	89af50f6d5	rename all lower-case import-as statements	2022-03-15 14:40:38 +01:00
Anna Railton	739d94e8f9	Add docstring to `ExtractEndpointMapping.ql`	2022-03-15 12:50:51 +00:00
Henry Mercer	f38b498eed	Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries	2022-03-15 10:04:30 +00:00
Henry Mercer	5102cadf8e	Merge pull request #8404 from github/codeql-ci/js-atm-new-release JS: Bump version numbers of ML-powered packs after 0.1.0 release	2022-03-14 17:32:37 +00:00
Henry Mercer	8b1b2af2d8	JS: Remove `isEffectiveSinkWithOverridingScore` This was previously used in the ATM external API query, but is now dead code.	2022-03-14 14:25:36 +00:00
github-actions[bot]	7ac7657ffc	JS: Bump patch version of ML-powered library and query packs post-release	2022-03-11 12:17:13 +00:00
github-actions[bot]	2f6886642c	JS: Bump minor version of ML-powered library and query packs	2022-03-11 12:13:03 +00:00
Erik Krogh Kristensen	69353bb014	patch upper-case acronyms to be PascalCase	2022-03-11 11:10:33 +01:00
Tom Bolton	173f45f316	Merge pull request #8334 from github/tombolton/add-mapping-query JS: Add query that maps queries to sink type	2022-03-07 10:35:37 +00:00
tombolton	2ffa6771ff	replace endpoint type name with encoding in mapping query	2022-03-04 11:00:31 +00:00
tombolton	bd9e845aea	update column names and remove encoding value	2022-03-03 15:59:10 +00:00
tombolton	f1f1526237	add query-sink mapping query	2022-03-03 15:20:06 +00:00
Erik Krogh Kristensen	1b5c7392f0	restrict the size of the `getASubexpressionWithinQuery` predicate, and remove double-recursion	2022-03-01 11:18:42 +01:00
Tom Bolton	8dfc0d25d1	Merge pull request #8232 from github/tombolton/use-updated-counting-query Add new xss queries to result counting query	2022-02-24 16:38:53 +00:00
tombolton	d80ef6566d	add new xss queries to result counting query	2022-02-24 13:31:40 +00:00
Stephan Brandauer	517d6969e1	Merge pull request #8171 from kaeluka/js/update-atm-query-docs-for-nosql-sql-injection update ATM NosqlInjection and SqlInjection query docs	2022-02-23 10:54:37 +01:00

1 2 3

133 Commits