hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 23:56:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
72,198 Commits 1,703 Branches 162 Tags
faef9dd8774358c6bdca232bbbb7220cb0556ae4
Commit Graph

72198 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys
faef9dd877 JS: protyte poluting now treats unknownFlags as potentially good sanitization. 2024-11-28 11:26:38 +01:00
Napalys
41fef0f2b3 JS: Added test cases which cover new RegExp creation with replace on protytpe pulluting 2024-11-28 11:26:37 +01:00
Napalys
18c7b18f82 JS: Now BadHtmlSanitizers new RegExp with unknown flags is also flagged. 2024-11-28 11:26:36 +01:00
Napalys
89f3b6f8d3 JS: Added test case for bad sanitizer with unknown flags, currently not flagged. 2024-11-28 11:26:35 +01:00
Napalys
38be0e4c0a JS: Now BadHtmlSanitizers also flags new RegExp as potential issue 2024-11-28 11:26:34 +01:00
Napalys
41f21d429b JS: Added test case which is not flagged but should be abusing new RegExp with global flag 2024-11-28 11:26:33 +01:00
Napalys Klicius
d6372aebc7 Update javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-11-25 12:12:12 +01:00
Napalys
e38b63ebcd JS: previously js/case-sensitive-middleware-path was not taking into consideration unknown flags 2024-11-25 11:56:06 +01:00
Napalys
178da21fb8 JS: Added test case for CWE-178 RegExp with unknown flags 2024-11-25 11:53:00 +01:00
Jami
f0045692a7 Merge pull request #17869 from jcogs33/jcogs33/improve-weak-crypto 
Java: Improve weak crypto query
 2024-11-24 12:04:00 -05:00
Calum Grant
7baaa2373f Merge pull request #18080 from github/revert-18072-revert-18009-calumgrant/bmn/record-build-mode 
C++: Implement compilation_build_mode
 2024-11-22 17:15:26 +00:00
Calum Grant
b1b62f2362 Merge pull request #17919 from github/calumgrant/bmn/too-few-arguments 
C++: Remove FPs from cpp/too-few-arguments
 2024-11-22 16:40:07 +00:00
Calum Grant
4dab0390c9 C++: Update expected output 2024-11-22 16:10:23 +00:00
Calum Grant
fcf16848d2 Revert "Revert "C++: Implement compilation_build_mode"" 2024-11-22 15:48:50 +00:00
Calum Grant
3b4fdb3fc2 Update cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/test.c 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-11-22 15:39:28 +00:00
Calum Grant
60155ce205 C++: Address review comments 2024-11-22 15:30:24 +00:00
Calum Grant
4fa8c6ae65 C++: Add change note 2024-11-22 15:12:09 +00:00
Calum Grant
227f9c7c1b C++: Update the test.c comments 2024-11-22 15:12:07 +00:00
Calum Grant
4d851440b6 C++: Remove FPs from cpp/too-few-arguments 2024-11-22 15:12:05 +00:00
Paolo Tranquilli
86c25d0396 Merge pull request #18074 from github/redsun82/rust-format-parent-child 
Rust: fix regression in `getFormat` indexing
 2024-11-22 14:37:50 +01:00
Paolo Tranquilli
28d517da59 Rust: fix regression in getFormat indexing 2024-11-22 14:13:15 +01:00
Paolo Tranquilli
626b1cef17 Merge pull request #18071 from github/redsun82/rust-format-parent-child 
Rust: fix parent/child relationship for format entities
 2024-11-22 14:03:53 +01:00
Paolo Tranquilli
2e90c80a6f Rust: accept test changes 2024-11-22 13:45:00 +01:00
Tom Hvitved
faabc9982e Merge pull request #18056 from paldepind/rust-df-global 
Rust: Extend data flow library instantiation for global data flow
 2024-11-22 13:23:02 +01:00
Jeroen Ketema
cdfb085e99 Merge pull request #18072 from github/revert-18009-calumgrant/bmn/record-build-mode 
Revert "C++: Implement compilation_build_mode"
 2024-11-22 13:03:43 +01:00
Calum Grant
169671ad93 Revert "C++: Implement compilation_build_mode" 2024-11-22 11:42:39 +00:00
Paolo Tranquilli
9a07b3c3d4 Rust: remove obsolete expected files 2024-11-22 12:24:44 +01:00
Paolo Tranquilli
e49a5be62f Rust: fix parent/child relationship for format entities 2024-11-22 12:20:49 +01:00
Calum Grant
ab9a2bdf9a Merge pull request #18009 from github/calumgrant/bmn/record-build-mode 
C++: Implement compilation_build_mode
 2024-11-22 11:00:17 +00:00
yoff
44c94e02fe Merge pull request #18037 from joefarebrother/pythob-test-global-capture 
Python: Add some test cases for flow involving global and captured variables
 2024-11-22 11:33:31 +01:00
Simon Friis Vindum
e81c3483db Rust: Apply suggestions from PR comments 2024-11-22 10:19:13 +01:00
Stephan Brandauer
30581d7c1d Merge pull request #18022 from github/kaeluka/4648-remove-automodel-queries 
Delete Automodel Queries
 2024-11-22 10:13:11 +01:00
Geoffrey White
b6cdae20d8 Merge pull request #18025 from geoffw0/sql1 
Rust: SQL Injection Query
 2024-11-21 22:48:54 +00:00
Tom Hvitved
d3dd94433b Merge pull request #18053 from hvitved/compile-queries-ram 
CI: Set `--ram` in `compile-queries.yml`
 2024-11-21 19:22:40 +01:00
Napalys Klicius
61e00861e5 Merge pull request #18008 from Napalys/napalys/ES2024-group-functions 
JS: Added support for [Object, Map].groupBy ES2024 feature
 2024-11-21 19:03:57 +01:00
Geoffrey White
01cddcc042 Rust: Suggestions from docs review. 2024-11-21 17:08:51 +00:00
Geoffrey White
f8fff4b18c Update rust/ql/src/queries/security/CWE-089/SqlInjection.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-11-21 17:06:32 +00:00
Geoffrey White
b7c7a9ee7c Rust: Accept consistency check failures. 2024-11-21 14:23:51 +00:00
Geoffrey White
ae6b7b0277 Merge branch 'main' into sql1 2024-11-21 14:18:04 +00:00
Simon Friis Vindum
fffeac6a13 Rust: Extend data flow library instantiation for global data flow 2024-11-21 15:11:25 +01:00
Geoffrey White
49e002843e Rust: Restore some documentation. 2024-11-21 14:05:24 +00:00
Simon Friis Vindum
bb70bfce43 Rust: Tweak global data flow test and add inline flow test 2024-11-21 15:03:58 +01:00
Geoffrey White
636c047c41 Rust: Use final class. 2024-11-21 13:57:33 +00:00
Calum Grant
0836c3d6a5 C++: Update stats 2024-11-21 13:45:22 +00:00
Calum Grant
38fa3c10d6 Update cpp/downgrades/f0156f5f88ab5967c79162012c20f30600ca5ebf/upgrade.properties 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-11-21 13:45:20 +00:00
Calum Grant
d3e44028ea C++: Fix upgrade.properties 2024-11-21 13:45:18 +00:00
Calum Grant
8050b8246b C++: Update stats 2024-11-21 13:45:17 +00:00
Calum Grant
10f692b57c C++: DB upgrade scripts 2024-11-21 13:45:16 +00:00
Calum Grant
d3e8292db9 C++: Update dbscheme 2024-11-21 13:45:15 +00:00
Calum Grant
ac4121dd6c C++: Describe compilation_build_mode using a case 2024-11-21 13:45:14 +00:00