hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-08 00:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
56,293 Commits 1,731 Branches 164 Tags
f905ac10c4e8943e2117f2cf5ba641d38d0406b0
Commit Graph

56293 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
am0o0
f905ac10c4 add jsonWebToken library file to remove duplicate predicate declrations 2024-05-25 13:28:13 +02:00
am0o0
0895f7d971 update qlref files 2024-05-21 22:48:17 +02:00
am0o0
c470c078dc move to experimental 2024-05-21 22:42:16 +02:00
amammad
48a9b107b9 add query to detect strapi CVe too 2023-11-24 10:47:17 +01:00
amammad
5cc4206e00 add a temporary Query file to demonstrate unsuccessful usage of two DataFlow configs 2023-11-22 08:30:59 +01:00
amammad
0652afced3 update tests, updated qldoc and examples, upgrade all libraries to path-problem, update jsonwebtoken source and sinks 2023-11-07 08:25:25 +01:00
amammad
a9c8bc082f delete CWE-321 2023-11-02 16:27:31 +01:00
amammad
faa483a282 move to CWE-347, update comments of tests 2023-11-02 16:24:58 +01:00
amammad
9da815a5c0 move to new CWE-321 directory, make saparate query files for each JWT pkg, create a path query for jsonwebtoken package which is not work correctly 2023-11-02 14:13:52 +01:00
amammad
ee4d87bd96 remove hardcoded JWT secret-key query 2023-10-19 11:57:53 +02:00
amammad
7891e64d3e add sanitizers to hardcoded query 2023-10-17 10:37:27 +02:00
amammad
7a577ddd98 change Source to ConstantString, it seems that we have some duplicate results now, ConstantString is suggested as a better alternative for finding constant sources 2023-08-30 20:47:43 +10:00
amammad
3f64cc82eb fix qhelps 2023-08-29 22:42:21 +10:00
amammad
4f04dc8f6e add test cases 2023-08-29 21:34:02 +10:00
amammad
65b97745c2 V1 2023-08-29 21:23:02 +10:00
amammad
9fc28d5aba Merge branch 'github:main' into amammad-python-WebAppsConstatntSecretKeys 2023-06-30 22:54:22 +10:00
Philip Ginsbach
c977bd13dd Merge pull request #13631 from github/ginsabch/DocumentExtendsFinal 
document final extensions in the language reference
 2023-06-30 13:41:52 +01:00
amammad
6f34c3225b Merge branch 'github:main' into amammad-python-WebAppsConstatntSecretKeys 2023-06-30 22:36:45 +10:00
amammad
a988ccb7d5 Merge branch 'main' of https://github.com/amammad/codeql into amammad-python-WebAppsConstatntSecretKeys 2023-06-30 22:24:08 +10:00
Philip Ginsbach
621eca88e5 Update docs/codeql/ql-language-reference/types.rst 
Co-authored-by: Kasper Svendsen <kaspersv@github.com>
 2023-06-30 13:17:14 +01:00
amammad
816799c4ba upgrade query to detect redash CVE too 2023-06-30 22:14:50 +10:00
AlexDenisov
634c838b45 Merge pull request #13632 from github/alexdenisov/add-buildifier 
Misc: add bazel buildifer pre-commit hook
 2023-06-30 13:52:54 +02:00
Philip Ginsbach
2a8b216b55 update section on class bodies for extends final 2023-06-30 12:49:07 +01:00
Philip Ginsbach
fe93ddbaf1 rename OneTwoFinalExtension to distinguish from other example 2023-06-30 12:43:21 +01:00
Philip Ginsbach
0b4b2d0139 document final extensions in the language reference 2023-06-30 12:40:21 +01:00
Alex Ford
9d36ab9204 Merge pull request #13606 from alexrford/rb/sqlite3-getSql 
Ruby: fix sqlite3 `PreparedStatementExecution.getSql()` predicate
 2023-06-30 12:18:46 +01:00
Alex Denisov
d744b218f6 Misc: add bazel buildifer pre-commit hook 2023-06-30 13:07:04 +02:00
Mathias Vorreiter Pedersen
42356a899a Merge pull request #13603 from MathiasVP/implement-is-unreachable-in-call-2 2023-06-30 12:00:15 +01:00
Tamás Vajk
4e4c5f858e Merge pull request #13619 from tamasvajk/remove-rename-standalone 
C#: Remove the renaming of `Directory.Build.props` from standalone extraction
 2023-06-30 12:24:05 +02:00
Mathias Vorreiter Pedersen
a4d03371e5 Update cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-06-30 11:10:15 +01:00
Asger F
133de56ac2 Merge pull request #13620 from github/revert-13496-rb/tracking-on-demand 
Revert "Ruby: overhaul API graphs"
 2023-06-30 10:41:34 +02:00
Tony Torralba
28a8e48351 Merge pull request #13627 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-06-30 08:51:02 +02:00
github-actions[bot]
cf83baeead Add changed framework coverage reports 2023-06-30 00:17:47 +00:00
Robert Marsh
cf6bdc21d7 Merge pull request #13623 from MathiasVP/speed-up-overrun-write 
C++: Speed up `cpp/overrun-write`
 2023-06-29 15:35:01 -04:00
Mathias Vorreiter Pedersen
97916407c2 C++: Accept test changes. 2023-06-29 16:51:08 +01:00
Mathias Vorreiter Pedersen
59d9c6e3f2 C++: Use the pruning stage in the product-flow configuration. 2023-06-29 16:50:57 +01:00
Mathias Vorreiter Pedersen
90336705e1 C++: Accept test changes after merge. 2023-06-29 14:48:17 +01:00
Jeroen Ketema
f8b1dc9f59 Merge pull request #13617 from jketema/pointer-deref-barrier-fps 
C++: Add more `cpp/invalid-pointer-deref` FP test cases
 2023-06-29 15:48:15 +02:00
Mathias Vorreiter Pedersen
e4126ae6d4 Merge branch 'main' into implement-is-unreachable-in-call-2 2023-06-29 14:46:28 +01:00
Robert Marsh
e428502f4b Merge pull request #13598 from MathiasVP/add-constant-size-array-fp 
C++: Add `cpp/constant-array-overflow` FPs
 2023-06-29 09:44:04 -04:00
Asger F
5d1a437e9c Revert "Ruby: overhaul API graphs" 2023-06-29 15:39:19 +02:00
Kasper Svendsen
f9afea8c48 Merge pull request #13616 from kaspersv/kaspersv/enable-implicit-this 
Enable implicit this warning CI checks
 2023-06-29 15:09:09 +02:00
Tamas Vajk
2de356dbfe C#: Remove the renaming of Directory.Build.props from standalone extraction 2023-06-29 15:06:46 +02:00
Jeroen Ketema
2c8d4724d5 C++: Add more cpp/invalid-pointer-deref FP test cases 2023-06-29 14:45:09 +02:00
Kasper Svendsen
dd548945c7 Enable checks for implicit this warnings 2023-06-29 14:25:44 +02:00
Tony Torralba
b2e8167407 Merge pull request #13587 from github/koesie10/update-java-external-api-name 
Java: Fix external API name for nested types
 2023-06-29 13:23:20 +02:00
Tony Torralba
1f4af5fda5 Merge pull request #13605 from jorgectf/jorgectf/javax-portlet-models 
Java: Add models for `javax.portlet`
 2023-06-29 13:22:46 +02:00
amammad
7a17b99c17 V2 2023-06-29 20:55:51 +10:00
Kasper Svendsen
94e0a986ce Merge pull request #13584 from kaspersv/kaspersv/misc-remaining-implicit-this 
Misc: Enable implicit this warnings for remaining packs
 2023-06-29 12:41:06 +02:00
Koen Vlaswinkel
6806b8750d Java: Use getSourceDeclaration to handle generic types 2023-06-29 11:49:16 +02:00