hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 14:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
489 Commits 1,684 Branches 159 Tags
ea3a7e8038fbed8ee321eaa3752164976e10e70a
Commit Graph

489 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sauyon Lee
ea3a7e8038 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-04-02 23:58:39 -07:00
Sauyon Lee
e27947e280 Add comment for new url concatenation sanitizer 2020-04-02 23:58:39 -07:00
Sauyon Lee
3c02b3ab74 Add SafeUrlFlowCustomizations doc comment 2020-04-02 23:58:38 -07:00
Sauyon Lee
c68e509508 OpenUrlRedirect: Fix some comments 2020-04-02 23:58:37 -07:00
Sauyon Lee
4e5b17e18d Sanitize hostname if there is a slash and a previous component 2020-04-02 23:58:36 -07:00
Sauyon Lee
4b3982154a Add a SafeUrlFlow configuration 2020-04-02 23:58:35 -07:00
Sauyon Lee
4bcffe2d47 RequestForgery: Add a safe URL sanitizer 2020-04-02 23:58:34 -07:00
Sauyon Lee
1c859a8991 Address review comments 2020-04-02 23:58:33 -07:00
Sauyon Lee
3577d75607 RequestForgery: Add change note 2020-04-02 23:58:17 -07:00
Sauyon Lee
89a03c8b67 RequestForgery: Add high precision 2020-04-02 23:49:58 -07:00
Sauyon Lee
830c3fce2a RequestForgery: Add tests 2020-04-02 23:49:57 -07:00
Sauyon Lee
314787956b Allow write base to be inside an implicit dereference 2020-04-02 23:49:56 -07:00
Sauyon Lee
e9b0f88946 RequestForgery: Add taint step for URL Host assignment 2020-04-02 23:49:55 -07:00
Sauyon Lee
12928d9f17 HTTP: Add model for Client.Do 2020-04-02 23:49:55 -07:00
Sauyon Lee
6876eabf54 RequestForgery: Add query help 2020-04-02 23:49:54 -07:00
Sauyon Lee
b23c75afb6 RequestForgery: move query from experimental 2020-04-02 23:49:53 -07:00
Max Schaefer
77c282824e Merge pull request #81 from gagliardetto/system-executors 
Expand system executors (continuation of #70)
 2020-04-03 07:24:05 +01:00
Sauyon Lee
f9610f22e7 Merge pull request #85 from max-schaefer/codeql-stats 
Use CodeQL for creating stats
 2020-04-02 10:57:20 -07:00
Max Schaefer
b28cd112fe Merge pull request #83 from max-schaefer/max-goroutines 
Introduce official environment variable for goroutine limiting.
 2020-04-02 13:49:21 +01:00
Max Schaefer
325bb7ca23 Merge pull request #84 from shati-patel/move-documentation 
Docs: Move "CodeQL for Go" out of this repo
 2020-04-02 13:48:51 +01:00
Shati Patel
3af3548c30 Remove "learn-ql" folder 2020-04-02 11:56:15 +01:00
Shati Patel
6126d32d82 Remove .rst files from this repo 2020-04-02 11:35:19 +01:00
Shati Patel
3a12c1c2d4 Docs: Add README with links to new docs location 2020-04-02 11:35:14 +01:00
Slavomir
b5f14d1296 Add awk and similar 2020-04-02 13:07:43 +03:00
Slavomir
81bc3c03a9 Add more commands 2020-04-02 13:03:22 +03:00
Max Schaefer
510b6070c9 Introduce official environment variable for goroutine limiting. 
We've had to tell people how to do this, so we should have a name for it that doesn't refer to a defunct company.
 2020-04-02 10:45:52 +01:00
Max Schaefer
ddb6f2ca6a Update stats. 2020-04-02 10:15:20 +01:00
Max Schaefer
17a8c722cd Use CodeQL for creating stats. 2020-04-02 10:15:10 +01:00
Slavomir
32beebd059 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
Co-Authored-By: Sauyon Lee <sauyon@github.com>
 2020-04-02 12:09:06 +03:00
Sauyon Lee
bc59fa40d7 Merge pull request #73 from intrigus-lgtm/make-CWE-643-supported 
Make cwe 643 supported
 2020-04-01 17:45:45 -07:00
Sauyon Lee
eba8dd0a36 Merge pull request #82 from github/max-schaefer-patch-1 
Improve autobuilder logging
 2020-04-01 09:07:55 -07:00
Sauyon Lee
c2eb3f5d6b Merge pull request #80 from max-schaefer/build-command-env-var 
Introduce `CODEQL_GO_EXTRACTOR_BUILD_COMMAND` as an alias for `LGTM_INDEX_BUILD_COMMAND`.
 2020-04-01 09:07:31 -07:00
Max Schaefer
611751a9c3 Improve autobuilder logging 2020-04-01 15:31:50 +01:00
intrigus
be21d49cf2 Add precision to query 2020-04-01 16:15:24 +02:00
intrigus
3a381b2fbf Add change note 2020-04-01 16:15:09 +02:00
intrigus
a524cc4716 Properly match methods defined in classes 2020-04-01 16:04:24 +02:00
intrigus
615fe09ed7 Format go test stubs 2020-04-01 15:52:55 +02:00
Slavomir
a25a21eb11 Add change-note 2020-04-01 15:14:22 +03:00
Slavomir
33c18b0d11 expand system executors 2020-04-01 15:12:48 +03:00
Max Schaefer
efc9ecefc8 Introduce CODEQL_GO_EXTRACTOR_BUILD_COMMAND as an alias for LGTM_INDEX_BUILD_COMMAND. 
We've occasionally had to tell people to set this variable manually, so we might as well have an alias that doesn't refer to a soon-to-be obsolete product.
 2020-04-01 09:35:57 +01:00
intrigus
4924be54a7 Fix one test method 2020-03-31 16:46:29 +02:00
intrigus
0586fe9235 Add missing stubs in vendor/ 2020-03-31 16:46:08 +02:00
Max Schaefer
1c40d6c1ce Merge pull request #78 from sauyon/1.14-change-note 
Add change notes for Go 1.14 support
 2020-03-31 07:34:26 +01:00
intrigus
66451a776d Add test cases for all libraries 
Note: This is currently missing appropriate vendoring
so will probably fail for now.
 2020-03-30 23:44:25 +02:00
intrigus
e18d15070a Switch to jbowtie/gokogiri 2020-03-30 23:42:44 +02:00
intrigus
b097826dd8 Add missing class qualifiers 2020-03-30 23:42:13 +02:00
intrigus
051f17ce67 Fix class name 2020-03-30 23:37:37 +02:00
Sauyon Lee
3d3f35cc48 Add change notes for Go 1.14 support 2020-03-30 13:45:37 -07:00
Max Schaefer
487b1e3f80 Merge pull request #76 from max-schaefer/even-more-qldoc 
Add Qldoc for the last few remaining predicates.
 2020-03-30 11:58:28 +01:00
Max Schaefer
28ed803fae Data flow: Add module doc comment for TaintTrackingImpl.qll 
cf https://github.com/Semmle/ql/pull/3155
 2020-03-30 11:21:53 +01:00