hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,601 Commits 1,684 Branches 159 Tags
fb84df241a6352d3cf390c807f10a40199cc3d72
Commit Graph

1601 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sauyon Lee
fb84df241a Add change note for goproxy modeling 2021-01-27 17:38:23 +00:00
Sauyon Lee
53b468174f Make InsecureHostnameRegex check for rejecting handlers 2021-01-27 17:38:22 +00:00
Sauyon Lee
4712afae83 Add models for github.com/elazarl/goproxy 2021-01-27 17:38:02 +00:00
Sauyon Lee
b0ddf4b68b Add model for net/http.Error 2021-01-27 17:38:02 +00:00
Sauyon Lee
bf9bba79c2 Add getHeaderValue predicate to HTTP::HeaderWrite 2021-01-27 17:38:01 +00:00
Sauyon Lee
39c33c5db1 Add HTTP handler concept 2021-01-27 17:38:01 +00:00
Owen Mansel-Chan
fbe0474d0c Merge pull request #453 from owen-mc/update-architectures 
Update Architectures.qll
 2021-01-15 16:01:52 +00:00
Owen Mansel-Chan
6219a28b13 Update Architectures.qll 2021-01-15 14:01:01 +00:00
Owen Mansel-Chan
2f9c1a6049 Merge pull request #452 from owen-mc/package-path 
Use `package()` for package paths not in the standard library
 2021-01-15 07:25:06 +00:00
Owen Mansel-Chan
5e2c066e8b Use package() for package paths not in the standard library 
This has the advantage that it deals with versioning. For example,
`package("a.io", "b")` matches "a.io/v2/b"
as well as "a.io/b".

At the same time I have created `packagePath()` predicates where they
seemed useful and tried to standardise them a bit.
 2021-01-14 17:11:23 +00:00
Owen Mansel-Chan
62052a8772 Merge pull request #449 from owen-mc/model-couchbase-gocb 
Model Couchbase Go library
 2021-01-14 17:00:05 +00:00
Owen Mansel-Chan
a6b5e8b1db Remove distinct between package paths for v1 and v2 2021-01-14 15:48:21 +00:00
Owen Mansel-Chan
5cd984f3ca Merge pull request #450 from owen-mc/misc 
Miscellaneous clean-ups
 2021-01-13 12:33:21 +00:00
Owen Mansel-Chan
b5dfef894b Add change note 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
d8105a5be0 Add tests for Couchbase v2 NoSQL queries 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
b02fc16dfc Add tests for Couchbase v1 NoSQL queries 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
2ee20b3026 Add tests for Couchbase v1 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
d2164e16d1 Switch NoSQL tests to use inline expectations 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
a5ac947d16 Model Couchbase v2 NoSQL queries 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
7fc88ad85b Model Couchbase v1 NoSQL query sinks 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
a973ce4539 Model Couchbase gocb v1 2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
9a51de56de Add comment explaining \Q and \E in regex 2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
9236ad752b Improve formatting and style in Gin.qll 2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
71774ed2d4 Remove redundant code 
RawMessage implements Marshaler and Unmarshaler, so these methods are
covered by the two sections below
 2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
57ee3a8a64 Use set literal 2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
fe1f08fb12 Use existing predicate 
There already exists the predicate
implements(string pkg, string tp, string name)
which does exactly what this code does
 2021-01-12 16:55:51 +00:00
Sauyon Lee
3f1197d605 Merge pull request #448 from sauyon/autoformat 
Autoformatter update
 2021-01-12 14:29:45 +00:00
Sauyon Lee
c11028229a Bump codeql version 2021-01-12 13:15:31 +00:00
Sauyon Lee
7a4dbc6fa7 Autoformatter update 2021-01-12 13:13:15 +00:00
Chris Smowton
c79e4f7836 Merge pull request #447 from smowton/smowton/admin/git-change-note 
Add change-note for addition of `git` to the list of known interpreters for the go/command-injection query
 2021-01-12 11:33:49 +00:00
Chris Smowton
a9cff82161 Add change-note for addition of git to the list of known interpreters for the go/command-injection query. 2021-01-11 18:48:54 +00:00
Chris Smowton
45635b67c6 Merge pull request #445 from smowton/smowton/feature/git-as-shell 
Add 'git' as a possible command-interpreter, unless arguments are sanitized using "--"
 2021-01-07 15:01:25 +00:00
Chris Smowton
83cee4a334 Add 'git' as a possible command-interpreter, unless arguments are sanitized using "--" 
This is because some git flags can specify arbitrary commands to execute, but its positional arguments cannot, and "--" like in many commands instructs git to consume no further flags.
 2021-01-07 11:54:41 +00:00
Chris Smowton
2dffd3e261 Merge pull request #443 from smowton/smowton/admin/missing-change-notes-2021-01 
Add change-notes for recent PRs that were missing them
 2021-01-05 11:41:35 +00:00
Chris Smowton
e6327f502c Merge pull request #444 from smowton/smowton/admin/merge-rc-126 
Merge rc/1.26 back into `main`
 2021-01-05 11:40:34 +00:00
Chris Smowton
19921ed115 Add change-notes for recent PRs that were missing them 2021-01-05 11:39:26 +00:00
Chris Smowton
2b608e5822 Merge remote-tracking branch 'origin/rc/1.26' into HEAD 2021-01-04 15:32:15 +00:00
Sauyon Lee
ace9271cc4 Merge pull request #441 from twpayne/contributing-building-and-testing 
Docs: Add building and testing to contributing guide
 2020-12-29 11:13:37 -08:00
Tom Payne
06721ce189 Docs: Add building and testing to contributing guide 2020-12-29 00:28:17 +01:00
Sauyon Lee
2ba26f69c0 Merge pull request #440 from twpayne/regexp-anchors 
Support more regexp anchors
 2020-12-23 11:42:06 -08:00
Tom Payne
9bbdf86487 Support more regexp anchors 2020-12-23 14:04:33 +01:00
Chris Smowton
5647a47bd4 Merge pull request #436 from sauyon/InVisionApp/main 
Refactor HTTP tests
 2020-12-18 12:08:46 +00:00
Jason Rogers
baa169cc77 Refactored HTTP tests 
This will align test location with the library.
 2020-12-17 08:10:06 -08:00
Owen Mansel-Chan
e3d0ccabae Merge pull request #435 from owen-mc/use-implements-where-possible 
Use `implements` for interface methods
 2020-12-17 16:02:14 +00:00
Owen Mansel-Chan
d184f245ed Use implements for interface methods 
This means we will find more things.
 2020-12-17 12:42:18 +00:00
Owen Mansel-Chan
dcb6cc3a7c Merge pull request #434 from owen-mc/model-kubernetes-secret 
Model Secret and SecretList from k8s.io/api/core/v1
 2020-12-16 17:17:21 +00:00
Chris Smowton
8060993b3b Merge pull request #430 from smowton/smowton/feature/model-beego-orm 
Model the Beego ORM subpackage
 2020-12-16 16:08:18 +00:00
Owen Mansel-Chan
0cb0879381 Model Secret and SecretList from k8s.io/api/core/v1 2020-12-16 16:03:48 +00:00
Chris Smowton
44a63b2f94 Model the Beego ORM subpackage 2020-12-16 14:39:58 +00:00
Owen Mansel-Chan
87f2cad475 Merge pull request #427 from owen-mc/model-kubernetes-secret 
Model kubernetes SecretInterface
 2020-12-15 17:12:45 +00:00