hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,689 Branches 160 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
693baae1ba C++: Add test cases with false positives due to missing range analysis in 'cpp/overrunning-write'. 2021-11-04 21:13:28 +00:00
Alex Ford
5f78bbbf52 add missing documentation 2021-11-04 21:07:54 +00:00
Ethan Palm
f1ac23eff5 Merge pull request #7040 from ethanpalm/extractor-options-docs 
New docs for extractor options
 2021-11-04 13:53:22 -07:00
Ethan P
fab3479f68 Fix numbered lists 2021-11-04 13:41:59 -07:00
Ethan P
457ece152a Fix list formatting 2021-11-04 13:31:52 -07:00
Ethan P
5bfe0fff89 Test using dash for LIs 2021-11-04 13:20:00 -07:00
Ethan P
10e5a8b3e5 Adjust spacing 2021-11-04 13:18:37 -07:00
Alex Ford
543bd28b03 add a change note for rb/csrf-protection-disabled 2021-11-04 20:14:54 +00:00
Ethan P
ad2b068429 fix list formatting 2021-11-04 13:05:22 -07:00
Alex Ford
d324f9397c qhelp for rb/csrf-protection-disabled 2021-11-04 19:56:56 +00:00
Alex Ford
25da904314 test cases for rb/csrf-protection-disabled 2021-11-04 19:56:56 +00:00
Alex Ford
4666024419 model some ways to configure Rails 2021-11-04 19:56:56 +00:00
Alex Ford
91f99ed2a1 model skip_forgery_protection calls in ActionController classes 2021-11-04 19:56:56 +00:00
Alex Ford
fad7e9489b Add a query to detect instances of CSRF protection being disabled 2021-11-04 19:56:55 +00:00
Ethan P
f3fda42b83 Fix link 2021-11-04 12:53:03 -07:00
Ethan Palm
f41c4702c3 Apply suggestions from code review 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
 2021-11-04 12:41:07 -07:00
Alex Ford
8a412dc5fd Add CSRFProtectionSetting concept 2021-11-04 18:18:29 +00:00
Chris Smowton
d1a2fbe96b Merge pull request #573 from npesaresi/feature/SSRF 
Yet another SSRF query for Golang
 2021-11-04 17:36:21 +00:00
Chris Smowton
233269869c Tidy sanitizers, using instanceof not extends or a charpred where possible 2021-11-04 16:26:14 +00:00
Chris Smowton
23855979d5 Include UntrustedFlowSource into ServerSideRequestForgery::Source but not vice versa 2021-11-04 16:19:22 +00:00
Rasmus Lerchedahl Petersen
624b794980 Python: separate taint sources in with 2021-11-04 17:06:36 +01:00
Chris Smowton
9e218a70bb Make imports private 2021-11-04 15:32:37 +00:00
Chris Smowton
18028dca2d Share repeated regex 2021-11-04 15:30:34 +00:00
Chris Smowton
648a70945d Copyedit docs and improve naming 2021-11-04 15:30:29 +00:00
james
5ea93d6447 further imrpovements 2021-11-04 14:54:30 +00:00
Chris Smowton
a9c853257d Fix qhelp good example 2021-11-04 14:42:54 +00:00
Chris Smowton
5256725359 Copyedit qhelp 2021-11-04 14:41:38 +00:00
Rasmus Wriedt Larsen
9e2bc41648 Python: Improve hashlib.new modeling 
By using a backwards type-tracker to find possible hashing algorithm
names.
 2021-11-04 15:36:32 +01:00
Rasmus Wriedt Larsen
9e91f3a341 Python: Highlight shortcomings of hashlib.new modeling 2021-11-04 15:29:40 +01:00
Ian Wright
95f21b5308 Merge pull request #7027 from github/z80coder/faster-callee-api-name-feature 
more efficient implementation of calleeApiName
 2021-11-04 14:23:13 +00:00
Tom Hvitved
3544c85445 Ruby: Make the target of basicStoreStep the post-update node 2021-11-04 14:21:22 +01:00
Tom Hvitved
1101b1054d Ruby: Make target of basicStoreStep a normal data flow node 2021-11-04 14:20:07 +01:00
Tom Hvitved
a56a5e4e7d Ruby: Add type tracker tests 2021-11-04 14:19:16 +01:00
valeria-meli
b84f31e918 format 2021-11-04 10:01:38 -03:00
Valeria
9f52a6654e Merge branch 'main' into feature/SSRF 2021-11-04 09:56:10 -03:00
james
7236f3b4b6 improve description of new option 2021-11-04 12:41:30 +00:00
james
af0f32fdb6 further changes for query help in sarif 2021-11-04 12:36:27 +00:00
Ian Wright
b8d7f52d3e format code 2021-11-04 12:28:08 +00:00
Erik Krogh Kristensen
a19627c72f optionally ignore everything after a dash 2021-11-04 13:19:44 +01:00
Erik Krogh Kristensen
02f500b9c2 Merge branch 'main' into htmlReg 2021-11-04 12:58:42 +01:00
Erik Krogh Kristensen
99f5f70345 Merge branch 'main' into protoLib 2021-11-04 12:53:53 +01:00
Erik Krogh Kristensen
bf5e36e9d4 fix docstring 
Co-authored-by: Asger F <asgerf@github.com>
 2021-11-04 12:46:24 +01:00
Mathias Vorreiter Pedersen
58f6058a63 Merge pull request #7051 from MathiasVP/better-paths-in-tests 
C++: Better `InlineExpectation` tests for path-explanations
 2021-11-04 11:35:10 +00:00
Erik Krogh Kristensen
4ba5ae09b0 add js/sensitive-get-query query 2021-11-04 12:30:44 +01:00
Arthur Baars
061fc16730 Merge pull request #7038 from aibaars/aibaars/merge-3.3-main 
Merge rc/3.3 into main
 2021-11-04 12:23:23 +01:00
Mathias Vorreiter Pedersen
0d1ff4d2ee C++: Respond to review comments and accept test changes. 2021-11-04 11:13:23 +00:00
Arthur Baars
27bbddf035 Merge pull request #6995 from aibaars/aibaars/pr-qhelp-check 
Rewrite qhelp-pr-preview.yml
 2021-11-04 11:51:14 +01:00
CodeQL CI
2895428d5b Merge pull request #6714 from valeria-meli/javascript/ssrf 
Approved by asgerf
 2021-11-04 03:10:27 -07:00
james
3bfa868105 add new option to database analyze tutorial 2021-11-04 09:53:32 +00:00
CodeQL CI
5515256e53 Merge pull request #7044 from asgerf/js/proto-pollution-fps 
Approved by erik-krogh
 2021-11-04 02:45:46 -07:00