hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-02 00:02:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,607 Commits 1,684 Branches 159 Tags
dfbf259e2d6292968cc374fded38b90c22ea9fa3
Commit Graph

54607 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maiky
dfbf259e2d typo 2023-05-26 18:14:49 +02:00
Maiky
9ab6eabd15 add filterTaintStep, qhelp file and test files 2023-05-26 18:13:58 +02:00
Maiky
026d94c457 Add LDAP Injection query (incomplete) 2023-05-25 22:51:25 +02:00
Ian Lynagh
202037e925 Merge pull request #13148 from igfoo/igfoo/arrays 
Kotlin: Add some documentation on arrays, and tweak the tests we use for them
 2023-05-12 18:52:16 +01:00
Max Schaefer
5dfe52afd0 Merge pull request #13152 from github/max-schaefer/unsafe-shell-command-construction-examples-sync 
JavaScript: Use synchronous APIs in examples for js/shell-command-constructed-from-input.
 2023-05-12 16:50:25 +01:00
Jeroen Ketema
ed0524d08c Merge pull request #13155 from jketema/invalid-pointer-deref-fp 
C++: Add FP test case for `cpp/invalid-pointer-deref`
 2023-05-12 17:33:28 +02:00
Max Schaefer
ef659310d3 Merge pull request #13151 from github/max-schaefer-patch-1 
JavaScript: Use gender-neutral language in qhelp for js/user-controlled-bypass
 2023-05-12 15:37:32 +01:00
Jeroen Ketema
eb493a1981 C++: Add FP test case for cpp/invalid-pointer-deref 
Also add reduced range analysis test case that seems to expose the underlying
reason for the FP.
 2023-05-12 16:25:34 +02:00
Max Schaefer
2e7eb50319 JavaScript: Use synchronous APIs in examples for js/shell-command-constructed-from-input. 2023-05-12 14:42:11 +01:00
Kasper Svendsen
d27f84e34e Merge pull request #13143 from kaspersv/kaspersv/java-explicit-this-receivers2 
Java: Make implicit this receivers explicit
 2023-05-12 15:22:15 +02:00
Max Schaefer
a4f6ccf2fc JavaScript: Use gender-neutral language in qhelp for js/user-controlled-bypass 2023-05-12 14:21:40 +01:00
Ian Lynagh
826e87f435 Kotlin: Simplify some array tests 2023-05-12 12:54:08 +01:00
Ian Lynagh
ad51767374 Kotlin: Add comment describing Kotlin array predicates 2023-05-12 12:38:05 +01:00
Harry Maclean
48f22681a5 Merge pull request #13029 from hmac/ruby-autobuilder-refactor 
Shared: Share autobuilder code between Ruby and QL
 2023-05-12 18:24:06 +07:00
Kasper Svendsen
c91d1cf721 Merge pull request #13145 from kaspersv/kaspersv/javascript-implicit-this-receiver3 
JS: Make implicit this receivers explicit
 2023-05-12 13:16:57 +02:00
yoff
72c6919f4e Merge pull request #13095 from yoff/python/interpret-summary-content 
Python: Interpret summary content
 2023-05-12 13:09:14 +02:00
Kasper Svendsen
d40cd0f275 Java: Make implicit this receivers explicit 2023-05-12 12:47:21 +02:00
Kasper Svendsen
8e18627eae Merge pull request #13144 from kaspersv/kaspersv/go-explicit-this-receivers2 
Go: Make implicit this receivers explicit
 2023-05-12 12:44:35 +02:00
Kasper Svendsen
7c5625a4dc Go: Make implicit this receivers explicit 2023-05-12 12:14:13 +02:00
Kasper Svendsen
fe2f36a1fe JS: Make implicit this receivers explicit 2023-05-12 12:12:48 +02:00
Kasper Svendsen
dd7a64d8e9 Merge pull request #13141 from kaspersv/kaspersv/ql-explicit-this-receivers 
QL: Enable implicit this receiver warnings
 2023-05-12 11:54:46 +02:00
Kasper Svendsen
1af1bf8917 QL: Enable implicit this receiver warnings 2023-05-12 11:35:35 +02:00
Kasper Svendsen
3dbc0cf0b6 QL: Make implicit receivers explicit 2023-05-12 11:35:35 +02:00
Kasper Svendsen
a6e8b00c26 Merge pull request #13138 from kaspersv/kaspersv/js-implicit-this-warnings 
JS: Enable implicit this receiver warnings
 2023-05-12 11:23:27 +02:00
Mathias Vorreiter Pedersen
f7924bda0d Merge pull request #13099 from MathiasVP/heuristic-allocation-for-overrun-write 
C++: Use heuristic allocation functions in `cpp/overrun-write`
 2023-05-12 10:15:28 +01:00
Kasper Svendsen
7dd9906e95 JS: Enable implicit this receiver warnings 2023-05-12 09:49:14 +02:00
Kasper Svendsen
189f8515c0 JS: Make implicit this receivers explicit 2023-05-12 09:49:14 +02:00
Tony Torralba
d0451609a7 Merge pull request #13137 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-05-12 09:23:00 +02:00
Kasper Svendsen
2184fefe7f Merge pull request #13121 from kaspersv/kaspersv/javascript-explicit-this-receivers4 
JS: Make implicit this receivers explicit
 2023-05-12 08:21:52 +02:00
github-actions[bot]
996d864e73 Add changed framework coverage reports 2023-05-12 00:15:01 +00:00
Chris Smowton
ee64ea59e1 Merge pull request #12901 from porcupineyhairs/goDsn 
Go: Add query to detect DSN Injection.
 2023-05-11 22:45:43 +01:00
Chris Smowton
820673470e Merge pull request #13119 from porcupineyhairs/goTiming 
Go : Add query to detect potential timing attacks
 2023-05-11 22:38:13 +01:00
Chris Smowton
99f4eef9c5 Fix spelling 2023-05-11 22:12:35 +01:00
Chris Smowton
a10b11e09e Fix spelling and remove dead code 2023-05-11 22:12:17 +01:00
Chris Smowton
b6c2db6baf Fix duplicate query ID 2023-05-11 22:10:09 +01:00
Porcupiney Hairs
2c518c1fa6 Include changes from review 2023-05-12 01:59:42 +05:30
Porcupiney Hairs
ae6fda03b7 Include changes from review 2023-05-11 23:56:50 +05:30
Ian Lynagh
4885e584a0 Merge pull request #13042 from igfoo/igfoo/ODASA_JAVA_LAYOUT 
Kotlin: Remove ODASA_JAVA_LAYOUT support
 2023-05-11 18:35:08 +01:00
Stephan Brandauer
510febf46d Merge pull request #12830 from github/kaeluka/parameter-candidate-extraction 
Java: Automodel Framework Mode Extraction Queries
 2023-05-11 18:00:55 +02:00
Anders Schack-Mulligen
82e780d175 Merge pull request #13128 from aschackmull/java/externalapi-jar 
Java: Fix ExternalApi.jarContainer().
 2023-05-11 16:31:05 +02:00
Owen Mansel-Chan
d570914fdd Merge pull request #13129 from owen-mc/go/identify-environment-output-to-stdout 
Go: --identify-environment output to stdout
 2023-05-11 15:20:50 +01:00
Stephan Brandauer
c31ad01579 squash ql-for-ql warnings 2023-05-11 16:18:52 +02:00
Rasmus Wriedt Larsen
62f0c64a03 Merge pull request #12552 from erik-krogh/py-type-trackers 
Py: refactor regex tracking to type-trackers
 2023-05-11 16:18:34 +02:00
Stephan Brandauer
61b0514b53 Merge pull request #13122 from github/java/update-mad-decls-after-triage-2023-05-11T08-52-07 
Java: Update MaD Declarations after Triage
 2023-05-11 16:04:36 +02:00
Owen Mansel-Chan
1beb348d95 Fix outdated message 2023-05-11 14:29:14 +01:00
Owen Mansel-Chan
02a224c28f --identify-environment should write json to stdout 2023-05-11 14:29:14 +01:00
Tony Torralba
ca6ae26aad Change provenance to ai-manual 2023-05-11 14:56:16 +02:00
Tony Torralba
c17b0e809f Apply suggestions from code review 2023-05-11 14:53:56 +02:00
Michael Nebel
a0a8468071 Merge pull request #13124 from michaelnebel/csharp/dataflowconsistency-identity-only-source 
C#: Only report dataflow inconsistencies (step to itself) in source code.
 2023-05-11 14:47:35 +02:00
Geoffrey White
e402c225f4 Merge pull request #13115 from geoffw0/swift-csv-labels 
Swift: Accept standardized CSV sink labels
 2023-05-11 13:34:48 +01:00