hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,617 Commits 1,672 Branches 157 Tags
fd649c1702a11748d090321b69ff6160ed46e48c
Commit Graph

3321 Commits

Author SHA1 Message Date
Maiky
fd649c1702 Fix getHost() (ldap.host = ip is not covered) 2023-08-03 16:37:48 +02:00
Maiky
f7a662814d simplify usesSsl() 2023-08-03 16:20:20 +02:00
Maiky
2d87489dfa change useSsl() to usesSsl() 2023-08-03 16:18:44 +02:00
Maiky
345f43fbae fix concepts 2023-05-29 21:17:48 +02:00
Maiky
62353122c0 Add Improper LDAP Authentication query (CWE-287) 2023-05-29 21:16:13 +02:00
Maiky
2d8318dc02 remove unnecessary imports and edit .qhelp 2023-05-28 17:40:31 +02:00
Maiky
065b69460d remove space 2023-05-28 17:34:16 +02:00
Maiky
5e33f14ff1 Undo Concepts changes 2023-05-28 17:33:05 +02:00
Maiky
d45d046fa7 Add test file and .expected 2023-05-28 17:29:34 +02:00
Maiky
d8bc818d5a add Change note 2023-05-28 16:50:36 +02:00
Maiky
dfbf259e2d typo 2023-05-26 18:14:49 +02:00
Maiky
9ab6eabd15 add filterTaintStep, qhelp file and test files 2023-05-26 18:13:58 +02:00
Maiky
026d94c457 Add LDAP Injection query (incomplete) 2023-05-25 22:51:25 +02:00
Harry Maclean
48f22681a5 Merge pull request #13029 from hmac/ruby-autobuilder-refactor 
Shared: Share autobuilder code between Ruby and QL
 2023-05-12 18:24:06 +07:00
Kasper Svendsen
e6ca3fe272 Ruby: Enable implicit this warnings 2023-05-10 13:03:39 +02:00
Kasper Svendsen
6b8a7c2f6f Ruby: Make implicit this receivers explicit 2023-05-10 13:03:39 +02:00
Calum Grant
3d713ed4a9 Merge pull request #13067 from hvitved/ruby/no-self-flow 
Ruby: Remove local identity flow steps
 2023-05-09 09:33:35 +01:00
Michael Nebel
4ac0396b67 Go/Python/Ruby/Swift: Sync files and make dummy implementation. 2023-05-08 16:18:59 +02:00
Tom Hvitved
2f95af8ef2 Ruby: Remove self edges 2023-05-08 10:26:01 +02:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
Harry Maclean
9203efbdc4 Shared: Share autobuilder code between Ruby and QL 2023-05-05 07:20:14 +00:00
Mathias Vorreiter Pedersen
77001a070b Merge branch 'main' into identity-consistency-check 2023-05-03 22:01:06 +01:00
Mathias Vorreiter Pedersen
924854c6dc Ruby: Accept consistency changes. 2023-05-03 20:32:33 +01:00
Alex Ford
e7213e92cf Merge remote-tracking branch 'origin/main' into rb/sqlite3 2023-05-03 15:18:07 +01:00
Alex Ford
6e6eee2dab Ruby: add test case for instance variable flow with sqlite3 2023-05-03 15:16:16 +01:00
Alex Ford
a26f9736f1 Ruby: add change note for sqlite3 support 2023-05-03 15:12:06 +01:00
Erik Krogh Kristensen
f29db40371 Merge pull request #13011 from kaspersv/kaspersv/explicit-this-receivers-shared2 
JS, Python, Ruby: Make implicit this receivers explicit
 2023-05-03 15:34:59 +02:00
Kasper Svendsen
ea75996932 Merge pull request #13005 from kaspersv/kaspersv/ruby-explicit-this-receivers 
Ruby: Make implicit this receivers explicit
 2023-05-03 14:57:43 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Kasper Svendsen
aca2ace843 JS, Python, Ruby: Make implicit this receivers explicit 2023-05-03 13:51:51 +02:00
Kasper Svendsen
68cf33e791 Ruby: Make implicit this receivers explicit 2023-05-03 12:25:01 +02:00
Alex Ford
82c025020d Merge remote-tracking branch 'origin/main' into maikypedia/ruby-ssti 2023-05-02 16:18:41 +01:00
Alex Ford
a571bc64ac ruby: regenerate TemplateInjection.expected 2023-05-02 16:14:20 +01:00
Anders Schack-Mulligen
353d5f82a6 Merge pull request #12984 from aschackmull/dataflow/instanceof-node 
Dataflow: Replace "extends Node" with "instanceof Node".
 2023-05-02 13:52:33 +02:00
github-actions[bot]
18d4af994d Post-release preparation for codeql-cli-2.13.1 2023-05-02 10:50:20 +00:00
Anders Schack-Mulligen
ca09649679 Dataflow: Forward hasLocationInfo. 2023-05-02 10:48:32 +02:00
Asger F
f59c149bae Ruby: add SQL injection sinks to meta query 2023-05-02 10:46:55 +02:00
Anders Schack-Mulligen
5927bb2030 Dataflow: Replace "extends Node" with "instanceof Node". 2023-05-02 09:48:34 +02:00
Maiky
5d15ec99c8 Change expected file to new 2023-05-02 09:26:41 +02:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Mathias Vorreiter Pedersen
e506f638fc DataFlow: Sync identical files. 2023-04-27 18:40:33 +01:00
Anders Schack-Mulligen
71ae0909d8 Dataflow: Enforce type pruning in all forward stages. 2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen
9140cbefc0 Dataflow: Sync. 2023-04-27 14:55:23 +02:00
Anders Schack-Mulligen
246d904712 Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring 
Dataflow: Add type to PathNode.toString.
 2023-04-27 14:14:10 +02:00
Tom Hvitved
f888382d35 Merge pull request #12906 from hvitved/ruby/track-block-no-self 
Ruby: Prevent flow into `self` in `trackBlock`
 2023-04-27 12:48:05 +02:00
Tom Hvitved
fc66aacf92 Merge pull request #12922 from hvitved/ruby/controller-template-file-join 
Ruby: Fix bad join in `controllerTemplateFile`
 2023-04-26 21:26:54 +02:00
Anders Schack-Mulligen
d681671356 Dataflow: Sync. 2023-04-26 14:45:07 +02:00
Anders Schack-Mulligen
09d4fe21e8 Ruby: Update more expected output. 2023-04-26 13:37:07 +02:00
Anders Schack-Mulligen
90f84bb516 Ruby: Update expected output. 2023-04-26 13:08:16 +02:00
Anders Schack-Mulligen
81ce6c7779 Ruby: Remove empty string DataFlowType in PathNode. 2023-04-26 12:54:41 +02:00