hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,672 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

6590 Commits

Author SHA1 Message Date
ALJI Mohamed
9336f4f1a2 Considering the use of contextlib.closing() method 2022-12-08 12:26:59 +01:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
Rasmus Wriedt Larsen
d684dbdf5c Merge pull request #10656 from porcupineyhairs/PyPamImprove 
Python: Improve the PAM authentication bypass query
 2022-12-08 11:59:10 +01:00
Rasmus Wriedt Larsen
a826c4f48b Merge branch 'main' into call-graph-code 2022-12-08 11:39:30 +01:00
Jami Cogswell
aa7e6d7811 Java: add negative numbers 2022-12-07 17:17:35 -05:00
Jami
5e694b5983 Merge pull request #11192 from jcogs33/jcogs33/share-key-sizes 
Share encryption key sizes between Java and Python
 2022-12-07 08:08:24 -05:00
Asger F
5af1b367c7 Support data extensions 2022-12-07 11:35:05 +01:00
Jami Cogswell
b82f9b1911 Java: add draft of generated vs manual MaD metrics query 2022-12-06 22:15:19 -05:00
ALJI Mohamed
2801b8495a A fix of the tag name 2022-12-06 14:50:47 +01:00
ALJI Mohamed
4896e62117 Use of more generic terms 2022-12-06 14:44:52 +01:00
Sim4n6
58570b4d2c Update python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.ql 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-12-06 14:40:48 +01:00
Sim4n6
9a60202de6 Update python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-12-06 14:40:35 +01:00
Sim4n6
c22c0b5029 Update python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-12-06 14:39:16 +01:00
ALJI Mohamed
a5849eb9b0 Improved the additional taint step using InstanceSource 2022-12-06 14:00:08 +01:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
ALJI Mohamed
054c06be65 Update UnsafeUnpack.ql 2022-12-06 02:51:07 +01:00
Henry Mercer
5b040a9476 Python: Fix duplicate query IDs 2022-12-05 19:04:10 +00:00
ALJI Mohamed
68fd75ca34 UnpackUnsafe query and tests 2022-12-05 17:20:22 +01:00
Tom Hvitved
8f701cf1cb Python: Update expected test output 2022-12-05 14:33:06 +01:00
Tom Hvitved
52f3a48638 Data flow: Sync files 2022-12-05 12:57:27 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Alvaro Muñoz
7fe4108a0b add change note 2022-12-03 16:37:14 +01:00
Alvaro Muñoz
fc56843c04 improve predicate QLdoc 2022-12-03 16:34:14 +01:00
Alvaro Muñoz
7e0e56dadc Added two new CMDi sinks fot python's stdlib 2022-12-02 22:16:40 +01:00
github-actions[bot]
5e35785fd0 Post-release preparation for codeql-cli-2.11.5 2022-12-02 11:37:44 +00:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
github-actions[bot]
31ab22e3a0 Release preparation for version 2.11.5 2022-12-01 20:05:14 +00:00
Rasmus Wriedt Larsen
315ceb57e9 Python: Add change-note 2022-12-01 11:56:44 -05:00
Jami Cogswell
1f4bd00993 split rsa/dsa/dh 2022-12-01 11:56:44 -05:00
Jami Cogswell
25f0a13e15 update python test cases 2022-12-01 11:56:44 -05:00
Jami Cogswell
4d99cd1b7a update EC key size in help file 2022-12-01 11:56:44 -05:00
Jami Cogswell
0fa05d47e3 add shared key sizes 2022-12-01 11:56:44 -05:00
Rasmus Wriedt Larsen
d47b3265c4 Python: Fix py/meta/points-to-call-graph 2022-12-01 14:56:10 +01:00
Rasmus Wriedt Larsen
e7264fb495 Merge pull request #11480 from RasmusWL/sink-meta-query 
Python: Add taint-sinks meta query
 2022-12-01 10:23:33 +01:00
Tom Hvitved
b33f5925bb Data flow: Sync files 2022-11-30 13:39:25 +01:00
Owen Mansel-Chan
55c4643b20 Dataflow: Sync. 2022-11-30 11:00:07 +00:00
porcupineyhairs
346dd864b5 Update python/ql/lib/change-notes/2022-11-17-py-pam-improve.md 
fix typo

Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-11-30 05:21:11 +05:30
Rasmus Wriedt Larsen
607639c100 Python: restrict py/meta/points-to-call-graph to non-ignored files 2022-11-29 15:10:45 +01:00
Rasmus Wriedt Larsen
d7aea228ce Python: Add taint-sinks meta query 
Inspired by the one they have in JS:
097d5189e9/javascript/ql/src/meta/alerts/TaintSinks.ql
 2022-11-29 15:10:09 +01:00
Rasmus Wriedt Larsen
544de5232c Python: Use ' instead of ` in select text 2022-11-29 14:47:45 +01:00
Arthur Baars
cf7ebe2fa8 Merge pull request #11471 from github/rc/3.8 
Merge rc/3.8 into main
 2022-11-29 12:57:34 +01:00
Tom Hvitved
f3dca95958 Merge pull request #11087 from hvitved/dataflow/summary-ctx 
Data flow: Add summary/return context to pruning stages 2-4
 2022-11-29 10:36:53 +01:00
Rasmus Wriedt Larsen
8694119c3c Python: Update py/pam-auth-bypass change-note wording 2022-11-28 16:16:34 +01:00
Rasmus Wriedt Larsen
4e67ec19d0 Python: Adjust alert text of py/pam-auth-bypass 2022-11-28 16:14:38 +01:00
Rasmus Wriedt Larsen
f8442ccb0e Python: Adjust PAM Auth bypass test slightly 2022-11-28 16:08:44 +01:00
Rasmus Wriedt Larsen
fef06679e5 Python: Remove options file for PAM Auth Bypass 
Should not be needed
 2022-11-28 16:03:32 +01:00
Rasmus Wriedt Larsen
3d9556e5a3 Python: Use proper Query suffix 2022-11-28 16:03:17 +01:00
Rasmus Wriedt Larsen
c310948521 Python: Remove enclosing module for PAM Auth Bypass.qll 2022-11-28 16:02:38 +01:00
Rasmus Wriedt Larsen
479a9e4156 Python: Update .expected 2022-11-28 16:01:42 +01:00
Felicity Chapman
a76d47681d Replace references in Qhelp files 2022-11-28 15:25:37 +01:00