hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-14 22:21:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,690 Branches 160 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
068beeff56 Move create-extractor-pack Action 2021-10-25 16:12:08 +02:00
Arthur Baars
d2ea732539 Remove CodeSpaces configuration 2021-10-25 16:12:08 +02:00
Arthur Baars
ba32c54038 Move files to ruby subfolder 2021-10-25 16:11:59 +02:00
CodeQL CI
b5554da496 Merge pull request #6924 from asgerf/js/skip-files-with-unsupported-encoding 
Approved by esbena
 2021-10-25 14:48:38 +01:00
Nick Rolfe
7308f75b78 Merge pull request #6951 from github/nickrolfe/remove-workspace 
Ruby: remove VS Code workspace
 2021-10-25 14:29:06 +01:00
Rasmus Wriedt Larsen
7619d0fc33 Python: FastAPI: Model WebSocket usage 2021-10-25 15:23:33 +02:00
Rasmus Wriedt Larsen
b69977b37a Python: FastAPI: Ignore scheme as tainted 
reasoning highlighted in the comment
 2021-10-25 15:23:33 +02:00
Rasmus Wriedt Larsen
bd8eec8475 Python: FastAPI: Add websocket test 2021-10-25 15:23:33 +02:00
Rasmus Wriedt Larsen
54ab5d4bc8 Python: Fix date for FastAPI change-note 2021-10-25 15:23:33 +02:00
Rasmus Wriedt Larsen
7e7a6464ec Python: FastAPI: Model extra-taint for pydantic models 
It feels a bit strange to add it to `frameworks.rst` since we only
support a little bit of it, but if I don't do it now, we will most
likely forget to do it later on (since it has already been added to
`frameworks.qll`).
 2021-10-25 15:22:50 +02:00
Joe Farebrother
6dac86b9be Fix unneeded import and spelling mistake 2021-10-25 14:11:00 +01:00
Arthur Baars
dcf71c4f9a Ruby: update generate-code-scanning-query-list.py 2021-10-25 15:04:34 +02:00
Arthur Baars
a6ac2e73a1 Speed up generate-code-scanning-query-list.py 
Use 'codeql execute cli-server' to avoid repeated JVM startup overhead
 2021-10-25 15:03:28 +02:00
Nick Rolfe
779e24eb73 Ruby: remove VS Code workspace 2021-10-25 13:12:31 +01:00
Nick Rolfe
fb79886fe7 Merge pull request #6944 from github/dependabot/cargo/ruby/extractor/tracing-subscriber-0.3 
Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/extractor
 2021-10-25 12:50:48 +01:00
Nick Rolfe
b93be42421 Merge pull request #6943 from github/dependabot/cargo/ruby/generator/tracing-subscriber-0.3 
Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/generator
 2021-10-25 12:50:26 +01:00
ihsinme
8a1d271328 Add files via upload 2021-10-25 14:48:19 +03:00
ihsinme
1dacd2ea76 Add files via upload 2021-10-25 14:47:25 +03:00
Anders Schack-Mulligen
c48dd57d85 Merge pull request #6938 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-25 13:43:54 +02:00
Rasmus Lerchedahl Petersen
149b235c7a Python: delete unused predicate 2021-10-25 13:41:29 +02:00
Rasmus Lerchedahl Petersen
cb61f87aa3 Python: rewrite "clever" reverse lookup 2021-10-25 13:40:45 +02:00
ihsinme
a33c076f5f Add files via upload 2021-10-25 14:40:35 +03:00
ihsinme
6173b11274 Add files via upload 2021-10-25 14:39:43 +03:00
ihsinme
5d5d6bcc69 Add files via upload 2021-10-25 14:34:10 +03:00
ihsinme
baec186359 Add files via upload 2021-10-25 14:33:01 +03:00
Rasmus Lerchedahl Petersen
5a02b3880e Python: use SqlConstruction in SqlAlchemy and 
`SqlInjection`
 2021-10-25 13:30:14 +02:00
ihsinme
3f3988ce1c Add files via upload 2021-10-25 14:24:35 +03:00
ihsinme
8e8a324fa6 Add files via upload 2021-10-25 14:23:19 +03:00
Joe Farebrother
0c1af2411b Write intent in lowercase consistently 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-10-25 12:22:49 +01:00
Anders Schack-Mulligen
5709365c0f Merge pull request #6921 from igfoo/igfoo/types 
Java: Replace @type with more specific types
 2021-10-25 13:15:12 +02:00
Rasmus Lerchedahl Petersen
e5b68d68cb Python: Use SqlConstruction in Asyncpg.qll 2021-10-25 13:15:09 +02:00
Rasmus Lerchedahl Petersen
03ada6e97a Python: Add concept test for SqlConstruction 2021-10-25 13:09:43 +02:00
Rasmus Lerchedahl Petersen
ed5a386618 Python: add concept SqlCopnstruction 2021-10-25 12:48:24 +02:00
dependabot[bot]
e9da027539 Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/extractor 
Updates the requirements on [tracing-subscriber](https://github.com/tokio-rs/tracing) to permit the latest version.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.2.0...tracing-subscriber-0.3.0)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-25 10:40:34 +00:00
dependabot[bot]
4cedb43a54 Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/generator 
Updates the requirements on [tracing-subscriber](https://github.com/tokio-rs/tracing) to permit the latest version.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.2.0...tracing-subscriber-0.3.0)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-25 10:40:28 +00:00
Arthur Baars
afc7867c98 Merge pull request #6942 from github/aibaars/patch-10 
Merge codeql-ruby into codeql
 2021-10-25 12:33:34 +02:00
Asger Feldthaus
bfb1da55d6 JS: Bump extractor version string 2021-10-25 11:49:56 +02:00
Asger Feldthaus
f3e2b0b946 JS: Avoid using non-existent attribute as parent 2021-10-25 11:49:56 +02:00
Asger Feldthaus
ac62379b17 JS: Add TRAP test 2021-10-25 11:49:39 +02:00
Rasmus Wriedt Larsen
f5464b79e4 Merge branch 'main' into fastapi 2021-10-25 09:49:42 +02:00
github-actions[bot]
2257d0475a Add changed framework coverage reports 2021-10-25 00:09:34 +00:00
Arthur Baars
4f79398342 Merge branch 'main' of github.com:github/codeql into 'main' 
Conflicts:
	docs/codeql/query-help/codeql-cwe-coverage.rst
 2021-10-22 21:51:25 +02:00
Tom Hvitved
f020b2e437 Merge pull request #335 from github/hmac/self-flow 2021-10-22 19:14:20 +02:00
Jonathan Leitschuh
5eb28398f0 Remove non-ASCII characters from Promise.java 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-22 10:52:46 -04:00
Nick Rolfe
3851a27fc1 Merge pull request #358 from github/external-control-file-path 
Add rb/path-injection query
 2021-10-22 15:38:39 +01:00
Tom Hvitved
7648815f1f Merge pull request #6936 from hvitved/csharp/delegate-conversion-join-order 
C#: Improve join-order in `defaultDelegateConversion`
 2021-10-22 15:10:20 +02:00
Tom Hvitved
61d7cdeec0 Data flow: Assign empty locations to summary nodes 2021-10-22 14:48:33 +02:00
Harry Maclean
87df3a0a99 Minor refactor 2021-10-22 11:44:38 +01:00
hubwriter
12e56ec9e6 Merge pull request #6887 from github/hubwriter/codeql-ruby-support 
Docs: Updates for Ruby support
 2021-10-22 11:21:49 +01:00
Nick Rolfe
d4cee73720 Add taint summaries for ActiveStorage::Filename 2021-10-22 11:15:42 +01:00