hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,672 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

310 Commits

Author SHA1 Message Date
erik-krogh
6c3ed6cd0e update alert-messages to follow the style-guide 2022-09-23 12:23:40 +02:00
Mathias Vorreiter Pedersen
90f24d3e82 Merge pull request #10430 from geoffw0/cleartextmissing 
Swift: Fix missing results in swift/cleartext-storage-database
 2022-09-20 14:23:29 +01:00
Geoffrey White
3573dd6728 Swift: Address review comments. 2022-09-20 12:17:21 +01:00
Erik Krogh Kristensen
a4cd913aea Merge pull request #10312 from erik-krogh/fix-caseDiff 
ensure consistent casing of names
 2022-09-19 10:43:12 +02:00
Geoffrey White
c3c86a79ee Swift: Update comment. 2022-09-14 21:08:52 +01:00
Geoffrey White
dc47771937 Swift: Fix locationless results. 2022-09-14 20:43:24 +01:00
Geoffrey White
25840996f6 Swift: Use a slightly different approach to fix false positive. 2022-09-14 20:43:23 +01:00
Geoffrey White
7b96cb071a Swift: Remove the original sink cases as they are no longer required. 2022-09-14 20:43:22 +01:00
Geoffrey White
e0100d7b98 Swift: Expand sinks and fix issue with post-update notes to catch the missing test results. 2022-09-14 20:43:22 +01:00
Dave Bartolomeo
c5622135a6 Add lock files for Swift packs 2022-09-14 10:21:40 -04:00
Mathias Vorreiter Pedersen
6074f22d3f Merge pull request #10335 from github/redsun82/swift-weak-hashing-phase-1 
Swift: first version of query targeting weak hashing
 2022-09-14 08:29:47 +01:00
Paolo Tranquilli
c3320a3afe Apply suggestions from code review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-14 08:21:58 +02:00
AlexDenisov
be21b26d46 Merge pull request #10045 from github/alexdenisov/swift-cwe-757 
Swift: CWE-757: insecure TLS configuration
 2022-09-12 15:25:15 +02:00
AlexDenisov
568eb3a118 Update swift/ql/src/queries/Security/CWE-757/InsecureTLS.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-09-12 14:00:29 +02:00
Paolo Tranquilli
a8a34addde Merge branch 'main' into redsun82/swift-weak-hashing-phase-1 2022-09-09 11:07:41 +02:00
Paolo Tranquilli
fccf07c5bc Swift: tweak qhelp file for WeakSensitiveDataHashing 2022-09-09 11:01:24 +02:00
Paolo Tranquilli
c739bbb051 Swift: bake in isProbablySafe in SensitiveExpr 
Also restructured the code a bit in the weak hashing query.
 2022-09-09 11:00:02 +02:00
erik-krogh
26d8553f6e ensure consistent casing of names 2022-09-09 10:34:14 +02:00
Alex Denisov
a8a2c9e212 Swift: CWE-757: update severity 2022-09-08 10:40:16 +02:00
Alex Denisov
d455a557be Swift: CWE-757: update docs and user facing text 2022-09-08 10:31:23 +02:00
Alex Denisov
d18ad665b6 Swift: CWE-757: Insecure TLS configuration 2022-09-08 09:34:04 +02:00
Mathias Vorreiter Pedersen
417b2152d8 Merge pull request #10319 from geoffw0/cleartextbarrier 2022-09-08 00:30:57 +01:00
Paolo Tranquilli
a5233c0d01 Swift: fix @id 2022-09-07 16:17:45 +02:00
Paolo Tranquilli
19b13ee4e3 Swift: first draft of query targeting weak hashing 2022-09-07 15:58:35 +02:00
Geoffrey White
0741266cea Swift: Switch from isSanitizerIn to isSanitizer. 2022-09-06 13:37:49 +01:00
Geoffrey White
8281d92e71 Swift: Add barriers for encryption. 2022-09-06 13:37:49 +01:00
Geoffrey White
a14efcfb69 Merge branch 'main' into stringlengthcleanup 2022-09-02 19:26:28 +01:00
Geoffrey White
e96e965bf9 Swift: Rename 'member' -> 'memberRef' for readability. 2022-09-02 19:21:58 +01:00
Geoffrey White
361ddb844e Swift: Simplify isSource (behaviour preserving). 2022-09-02 19:21:52 +01:00
Geoffrey White
5b528573ce Swift: Update similar cases. 2022-09-02 19:21:51 +01:00
Geoffrey White
c3a8da4570 Swift: Use getABaseTypeDecl() to improve StringLengthConflation.ql. 2022-09-02 19:21:50 +01:00
Geoffrey White
aad77c2388 Swift: Use TypeDecl.getABaseTypeDecl(). 2022-09-01 10:42:09 +01:00
Geoffrey White
d3250a7e16 Swift: Fix finding base classes. 2022-09-01 09:01:56 +01:00
Geoffrey White
92a927efa7 Swift: Remove special case (no longer required). 2022-09-01 08:53:51 +01:00
Geoffrey White
129ed426a0 Swift: Use allowImplicitRead as a better solution replacing one of the special flow cases. 2022-08-31 17:58:18 +01:00
Geoffrey White
60fad4d652 Merge remote-tracking branch 'upstream/main' into swiftcleanup 2022-08-31 16:04:39 +01:00
Paolo Tranquilli
bb845c6d7f Swift: rename printast.ql->printAst.ql 2022-08-31 08:55:40 +02:00
Paolo Tranquilli
cd632dcfee Swift: minor tweaks 
Replace string singleton with a newtype-based one, and fix some doc
comment cosmetics.
 2022-08-31 06:39:35 +02:00
Geoffrey White
430a8e141d Swift: Fix issues. 2022-08-30 18:04:12 +01:00
Paolo Tranquilli
47b905bfaf Swift: add PrintAst 2022-08-30 18:04:55 +02:00
Geoffrey White
4984d8f6f2 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-08-30 12:26:06 +01:00
Geoffrey White
645364e8b8 Update swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-08-30 12:24:49 +01:00
Geoffrey White
2d57786dae Merge branch 'main' into cleartext 2022-08-25 23:10:36 +01:00
Geoffrey White
7fd64f1d9c Swift: Make QL-for-QL happy. 2022-08-25 23:06:03 +01:00
Geoffrey White
926da4bedc Swift: Query descriptions and metadata. 2022-08-25 22:52:19 +01:00
Geoffrey White
9a53a40ac6 Swift: Qhelp and examples for both queries. 2022-08-25 22:52:18 +01:00
Geoffrey White
2690732c75 Swift: Special cases to get taint flow working. 2022-08-25 22:15:19 +01:00
Geoffrey White
698a9e2e2e Swift: Realm database support. 2022-08-25 22:15:18 +01:00
Geoffrey White
3126fb930d Swift: Core Data support. 2022-08-25 22:15:18 +01:00
Geoffrey White
456ab980a5 Swift: Fix duplicate results. 2022-08-25 22:15:17 +01:00