hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,707 Commits 1,740 Branches 165 Tags
eb35fa0d5e0d290d378eae4a2e8ffa174ca8686d
Commit Graph

811 Commits

Author SHA1 Message Date
Nick Rolfe
74cd982aca Tweak changenotes 2025-07-22 09:51:52 +01:00
github-actions[bot]
c8632b70b7 Release preparation for version 2.22.2 2025-07-21 16:45:45 +00:00
Nick Rolfe
ad9b637bec Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" 
This reverts commit e5b4a15e35, reversing
changes made to 33e63109bb.
 2025-07-21 15:18:59 +01:00
Nora Dimitrijević
8824677e87 [DIFF-INFORMED] Go: BadRedirectCheck 2025-07-17 11:46:54 +02:00
Nora Dimitrijević
b4010ac2b4 [DIFF-INFORMED] Go: InsecureHostKeyCallback 2025-07-17 11:46:53 +02:00
Nora Dimitrijević
188fc0d933 [DIFF-INFORMED] Go: UnhandledCloseWritableHandle 2025-07-17 11:46:51 +02:00
Nora Dimitrijević
7b759f44f8 [DIFF-INFORMED] Go: AuthCookie 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql#L97
 2025-07-17 11:46:49 +02:00
Nora Dimitrijević
a1fe72c423 [DIFF-INFORMED] Go: SSRF 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/go/ql/src/experimental/CWE-918/SSRF.ql#L23
 2025-07-17 11:46:47 +02:00
Nora Dimitrijević
7bd6703f19 [DIFF-INFORMED] Go: ConditionalBypass 2025-07-17 11:46:46 +02:00
Nora Dimitrijević
19b373aa90 [DIFF-INFORMED] Go: SensitiveConditionBypass 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.ql#L33
 2025-07-17 11:46:44 +02:00
Chris Smowton
ac72f8523a Change note 2025-07-15 14:51:19 +01:00
github-actions[bot]
24a0ac1223 Post-release preparation for codeql-cli-2.22.2 2025-07-07 18:15:04 +00:00
github-actions[bot]
f12daefabe Release preparation for version 2.22.2 2025-07-07 14:00:26 +00:00
Michael Nebel
d926a6a47d Go: Freeze the quality queries in the security-and-quality suite. 2025-06-26 14:35:21 +02:00
github-actions[bot]
6972c7a872 Post-release preparation for codeql-cli-2.22.1 2025-06-24 12:55:14 +00:00
github-actions[bot]
3e074b2425 Release preparation for version 2.22.1 2025-06-24 08:55:31 +00:00
Nora Dimitrijević
b62a6db314 Merge pull request #19760 from d10c/d10c/go/diff-informed-2 
Go: mass-enable diff-informed queries phase 2 - `getASelected{Source,Sink}Location() { none() }`
 2025-06-19 14:44:56 +02:00
Owen Mansel-Chan
a26610a05c Add change note 2025-06-19 10:34:01 +01:00
Owen Mansel-Chan
a2ff045a7a Update tags for high precision quality queries 2025-06-19 10:33:58 +01:00
Tamas Vajk
40274dcd69 Add code-quality-extended query suites 2025-06-18 13:10:34 +02:00
Nora Dimitrijević
51826c72d0 Go: mass-add none() location overrides 2025-06-17 17:02:08 +02:00
Nora Dimitrijević
a8dc3008ef Merge pull request #19660 from d10c/d10c/go/diff-informed 
Go: mass enable diff-informed data flow
 2025-06-17 14:52:46 +02:00
Jon Janego
6ec48117b5 Merge pull request #19739 from github/changedocs-2.22.0 
fixing some improperly escaped URLs
 2025-06-11 16:24:29 -05:00
Jon Janego
6336e3d44b fixing another bracket 2025-06-11 16:02:28 -05:00
Jon Janego
8f55dcdd67 removing brackets around a url 2025-06-11 15:36:30 -05:00
Nora Dimitrijević
e233501144 Go: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18345 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:44:24 +02:00
github-actions[bot]
21463a9653 Post-release preparation for codeql-cli-2.22.0 2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8 Release preparation for version 2.22.0 2025-06-09 18:14:51 +00:00
Chuan-kai Lin
631502e129 Merge branch 'main' into cklin/rc-3.18-mergeback 2025-06-09 07:19:40 -07:00
Owen Mansel-Chan
ef5e605cc4 Merge pull request #19386 from owen-mc/go/promote/html-template-escaping-bypass-xss 
Go: promote `html-template-escaping-bypass-xss`
 2025-06-06 12:36:27 +01:00
github-actions[bot]
d2c6875eac Post-release preparation for codeql-cli-2.21.4 2025-05-27 18:16:21 +00:00
github-actions[bot]
bfb91e95e3 Release preparation for version 2.21.4 2025-05-27 17:22:05 +00:00
Michael Nebel
dabeddb62d Add change-notes. 2025-05-19 09:26:49 +02:00
Michael Nebel
03ecd24469 Lower the precision of a range of harcoded password queries to remove them from query suites. 2025-05-19 09:26:45 +02:00
github-actions[bot]
5f9dd75d7d Post-release preparation for codeql-cli-2.21.3 2025-05-13 21:49:43 +00:00
github-actions[bot]
2de4a01c86 Release preparation for version 2.21.3 2025-05-13 21:14:27 +00:00
Owen Mansel-Chan
c933ab4ae2 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2025-05-12 16:24:56 -04:00
Tamás Vajk
cb1c3736fe Merge pull request #19413 from tamasvajk/quality/query-suite-selector 
Add code quality suite selector and use that in the code quality suites
 2025-05-02 08:18:48 +02:00
Owen Mansel-Chan
bef38a4dce Add change note 2025-05-01 16:06:32 +01:00
Owen Mansel-Chan
8283d30d94 Avoid deprecated function in qhelp examples in same folder 2025-05-01 16:06:31 +01:00
Owen Mansel-Chan
00cc430ac3 Make examples in qhelp shorter and more realistic 2025-05-01 16:06:29 +01:00
Owen Mansel-Chan
6e3b959f61 Reword qhelp slightly 2025-05-01 16:06:28 +01:00
Owen Mansel-Chan
f8791861c7 Add missing metadata 2025-05-01 16:06:19 +01:00
Owen Mansel-Chan
38dcc1cb84 Fix QLDoc 2025-05-01 15:40:17 +01:00
Owen Mansel-Chan
3b934b8898 Add comment on importance of Function.getACall() 2025-05-01 15:40:15 +01:00
Owen Mansel-Chan
cba0bec3c6 Rename files 2025-05-01 15:40:12 +01:00
Owen Mansel-Chan
3cce4ba437 Improve QLDocs 2025-05-01 15:40:10 +01:00
Owen Mansel-Chan
7f007e10c4 Minor refactor - removed unused argument 2025-05-01 15:40:09 +01:00
Owen Mansel-Chan
b90aba291e Refactor class for unescaped types 2025-05-01 15:40:07 +01:00
Owen Mansel-Chan
4e5a865337 Manually fix copilot's mistakes and get query working 2025-05-01 15:40:04 +01:00