hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-18 16:03:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
68,007 Commits 1,692 Branches 160 Tags
dff3ce2a9f655ad85efafdb4d2f322003eaae6d9
Commit Graph

4422 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
8160f742a5 Python: small clean-up 
- no need for th 2-suffix
- context creations are no longer unrestrictions
 2023-03-06 19:47:53 +01:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
github-actions[bot]
462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Anders Schack-Mulligen
34cc93846b Python: Adjust InsecureProtocol query. 2023-03-01 13:36:10 +01:00
Ahmed Farid
6a578c62b0 Update TimingAttack.qll 2023-02-27 22:16:09 +01:00
Taus
25043f51a4 Merge pull request #11376 from RasmusWL/call-graph-code 
Python: New type-tracking based call-graph
 2023-02-27 14:51:21 +01:00
Rasmus Lerchedahl Petersen
9e97877938 python: lower precision as discussed 2023-02-20 12:06:19 +01:00
Nick Rolfe
3e5534f0ba Merge branch 'main' into post-release-prep/codeql-cli-2.12.3 2023-02-17 14:39:26 +00:00
Calum Grant
35a53fa990 Merge pull request #12183 from RasmusWL/example-update 
Python: Update a few examples so queries work on them
 2023-02-17 14:21:38 +00:00
yoff
2f8dddabb6 Merge pull request #11570 from Sim4n6/UnsafeUnpack 
Python: Unsafe unpacking using `shutil.unpack_archive()` query and tests
 2023-02-17 09:48:05 +01:00
github-actions[bot]
8eb8daa4d4 Post-release preparation for codeql-cli-2.12.3 2023-02-16 17:23:25 +00:00
amammad
54582031d8 v1 2023-02-16 17:14:32 +01:00
Ahmed Farid
ccbb58966f Update TimingAttack.qll 2023-02-16 14:15:04 +01:00
Ahmed Farid
a421e3a3a3 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 14:14:43 +01:00
Ahmed Farid
f57861b6a3 Update TimingAttack.qll 2023-02-16 14:14:13 +01:00
Ahmed Farid
f70f5c7935 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 14:03:26 +01:00
Ahmed Farid
4b3efa87dc Update TimingAttack.qll 2023-02-16 14:01:29 +01:00
Ahmed Farid
005839b462 Update TimingAttack.qll 2023-02-16 12:49:40 +01:00
github-actions[bot]
b0315119c6 Release preparation for version 2.12.3 2023-02-16 11:49:06 +00:00
Ahmed Farid
01b865f75b Update TimingAttack.qll 2023-02-16 01:36:06 +01:00
Ahmed Farid
fbfe23b7c4 Update TimingAttack.qll 2023-02-16 01:21:50 +01:00
Ahmed Farid
b8f9b2b424 Update TimingAttackAgainstHeaderValue.ql 2023-02-16 01:11:41 +01:00
Ahmed Farid
016136a2e3 Update TimingAttack.qll 2023-02-16 01:10:36 +01:00
erik-krogh
759854991a fix various nits based on feedback 2023-02-15 11:10:43 +01:00
Rasmus Wriedt Larsen
dc5bb4fb77 Python: Update a few examples so queries work on them 
Fixes problem highlighted in https://github.com/github/codeql/issues/12156
 2023-02-14 11:54:18 +01:00
Sim4n6
eed19a3e15 Fix autoformatting issues 2023-02-10 21:58:29 +01:00
Sim4n6
09df055d86 Fix the exists cast warning 2023-02-09 15:25:54 +01:00
Sim4n6
16ef50401b Update python/ql/src/experimental/Security/UnsafeUnpackQuery.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-02-09 14:59:28 +01:00
Sim4n6
4196230a8a use if-then-else rather than nested exists 2023-02-08 21:46:50 +01:00
Sim4n6
9e285020a1 Comment modif + remove redundant cast 2023-02-08 21:14:53 +01:00
Rasmus Wriedt Larsen
23144f584a Merge branch 'main' into call-graph-code 2023-02-08 16:17:34 +01:00
Sim4n6
ec82d61991 Add another frequently used step 2023-02-05 14:36:17 +01:00
erik-krogh
c5350ca6a0 add change-note 2023-02-03 14:47:58 +01:00
erik-krogh
7fcc548665 add py/shell-command-constructed-from-input, but without a source. 
It's a very direct port from Ruby, with only minor adjustments to fit the Python APIs
 2023-02-03 14:47:55 +01:00
github-actions[bot]
faf21f3edb Post-release preparation for codeql-cli-2.12.2 2023-02-02 23:01:04 +00:00
Sim4n6
1a8c9abee2 Incorporate Sink & Source as steps from TarSlipQry 2023-02-02 21:09:40 +01:00
github-actions[bot]
a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
Sim4n6
7079def7ce Add an S3 source with Session or download_fileobj 2023-01-30 00:49:23 +01:00
Sim4n6
0707064ab5 Constrain the save/path step 2023-01-28 10:14:24 +01:00
Sim4n6
a4aaf0ec6f Remove a write step & update the builtin open step 2023-01-28 09:53:54 +01:00
Sim4n6
0e2f37825d Organize steps to correspond to the sample code 2023-01-27 23:58:03 +01:00
Sim4n6
ee213123ac Add builtin open as an additional step 2023-01-27 18:16:11 +01:00
Sim4n6
0b27b1314a Update python/ql/src/experimental/Security/UnsafeUnpackQuery.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-01-27 16:12:08 +01:00
Sim4n6
8ef2aa00e7 Update python/ql/src/experimental/Security/UnsafeUnpackQuery.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-01-27 16:07:39 +01:00
Sim4n6
207ed3da9c Constrain the object & the call 2023-01-27 15:07:20 +01:00
Sim4n6
e41042418a Update the import relative to the dataflow config 2023-01-27 13:46:57 +01:00
Sim4n6
bca053f855 Move the config query to the parent directory 2023-01-27 13:42:14 +01:00
Sim4n6
998f1bf215 Some reformatting 2023-01-26 18:54:36 +01:00
Sim4n6
1a211485a4 Restrain the source and add two steps. 2023-01-26 17:07:59 +01:00