hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 16:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ahmed Farid
3b8c7e8944 Update ZipSlip.expected 2022-03-07 10:11:34 +01:00
Ahmed Farid
8402d661df Update zipslip_bad.py 2022-03-07 10:11:00 +01:00
Ahmed Farid
6685c6b4b3 Update ZipSlip.qll 2022-03-07 10:09:53 +01:00
Tony Torralba
08ce128d64 Merge pull request #8325 from JLLeitschuh/feat/JLL/improve_compile_time_constant 
[Java] Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
 2022-03-07 09:32:59 +01:00
haby0
7e6666bc63 Merge branch 'main' into py/add-ssrf-sinks 2022-03-07 12:09:14 +08:00
Ahmed Farid
35a1c80ceb Update zipslip_bad.py 2022-03-07 00:24:45 +01:00
Ahmed Farid
0d9436892a Update zipslip_bad.py 2022-03-07 00:24:25 +01:00
Ahmed Farid
6233309028 Update ZipSlip.expected 2022-03-07 00:23:48 +01:00
Ahmed Farid
ce7923c8b3 Update zipslip_bad.py 2022-03-07 00:23:19 +01:00
Ahmed Farid
e8449d8f40 Update zipslip_bad.py 2022-03-07 00:23:03 +01:00
Ahmed Farid
b7d4715c4e Create ZipSlip.expected 2022-03-07 00:06:24 +01:00
Ahmed Farid
b9b52d4c7c Update zipslip_bad.py 2022-03-07 00:02:50 +01:00
Ahmed Farid
d7dacfc6bd Update zipslip_good.py 2022-03-07 00:01:55 +01:00
Ahmed Farid
908db6a05f Update zipslip_bad.py 2022-03-07 00:01:09 +01:00
Ahmed Farid
7f2d242702 Update zipslip_good.py 2022-03-06 23:59:11 +01:00
Ahmed Farid
8649375be3 Update ZipSlip.qll 2022-03-06 23:56:02 +01:00
Ahmed Farid
91b5f2ad34 Update Zip.qll 2022-03-06 23:54:46 +01:00
Ahmed Farid
466f75bad8 Update Concepts.qll 2022-03-06 23:53:00 +01:00
Erik Krogh Kristensen
9c759a987e QL: add query detecting ordering by a constant 2022-03-06 17:02:19 +01:00
Alex Ford
98dbe3aaf3 Ruby: make ActiveRecord Persistence::ModifyAndSaveCall private 2022-03-05 18:22:32 +00:00
Jonathan Leitschuh
523ddb79f3 Cleanup after code review feedback 2022-03-04 15:35:01 -05:00
Jonathan Leitschuh
5243fe3dbf Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-04 15:30:52 -05:00
Tiferet Gazit
bbc712fdb3 Merge pull request #8297 from erik-krogh/atmPerf 
JS: Fix ATM timeout on NodeJS
 2022-03-04 10:41:35 -08:00
Geoffrey White
4316026720 C++: VariableAccess -> Expr. 2022-03-04 18:00:54 +00:00
Alex Ford
8fed9f9aa0 Ruby: ActiveRecord - match OrmWriteAccesses for assignements to the assignment node rather than the setter call 2022-03-04 17:24:24 +00:00
Mathias Vorreiter Pedersen
624795cbbf Merge pull request #8059 from rdmarsh2/rdmarsh2/cpp/insufficient-key-strength 
C++: new query for insufficient key strength
 2022-03-04 17:11:44 +00:00
Robert Marsh
280fdbfc1b C++: accept test output from perf improvement 
The last commit removed some source nodes from the dataflow graph, which
changed the test expectations slightly. No result changes occurred.
 2022-03-04 11:39:10 -05:00
Jorge
5552834e0f Merge pull request #9 from RasmusWL/WIP 
Rasmus' rewrite of https://github.com/github/codeql/pull/6112

See https://github.com/github/codeql/pull/6112#pullrequestreview-898959413
 2022-03-04 17:18:54 +01:00
Taus
b35718e0d5 Python: Remove uses of getAQlClass 2022-03-04 15:39:27 +00:00
Erik Krogh Kristensen
7691807713 delete the getLastParameter predicate from ApiGraphs 2022-03-04 16:24:54 +01:00
Jonathan Leitschuh
38897f2ec1 Fixup tests from code review changes 2022-03-04 09:33:51 -05:00
Jonathan Leitschuh
17b6e66814 Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-03-04 09:29:57 -05:00
ihsinme
5c801392d1 Merge pull request #2 from geoffw0/fix_tests 
Fix tests.
 2022-03-04 15:41:41 +03:00
Arthur Baars
71e393c6e1 Merge pull request #8330 from aibaars/cache-regExpSource 
Ruby: cache regExpSource/1 instead of isInterpretedAsRegExp
 2022-03-04 13:38:11 +01:00
Taus
095f27f294 Python: Remove deprecated annotations 2022-03-04 12:30:26 +00:00
Geoffrey White
17cd4d86f1 Fix tests. 2022-03-04 12:27:48 +00:00
Taus
20710616c5 Python: Fix "use set literal" warnings 2022-03-04 12:26:36 +00:00
Geoffrey White
1cb104418f Update ExposureSensitiveInformationUnauthorizedActor.expected 
Fix test.
 2022-03-04 12:25:22 +00:00
Geoffrey White
a34a61c16f Update ExposureSensitiveInformationUnauthorizedActor.expected 
Fix test.
 2022-03-04 12:25:05 +00:00
Taus
821de636af Python: Remove redundant inline casts 
These are all implied by the return type of the other side of the
equality.
 2022-03-04 12:21:31 +00:00
Taus
74f0bdfc79 Python: Fix "unused disjunct" warnings 
For the most part, these boil down to "some global property holds, and
so this relation contains all instances of class `X`". The fix is to
explicitly build the cartesian product (which we were already building
implicitly anyway) by adding `and exists(var)` to the disjunct that did
not mention `var`.

Note that these cartesian products are always with singletons on one
side, and so should be unproblematic.
 2022-03-04 12:14:57 +00:00
Mathias Vorreiter Pedersen
9a91e66714 Merge pull request #8321 from MathiasVP/improve-using-expired-address-query 
C++: More TPs from `cpp/using-expired-stack-address`
 2022-03-04 12:07:55 +00:00
Rasmus Lerchedahl Petersen
93750fe17f python: minimal CSRF implementation 
- currectly only looks for custom django middleware
 2022-03-04 12:47:23 +01:00
tombolton
2ffa6771ff replace endpoint type name with encoding in mapping query 2022-03-04 11:00:31 +00:00
Rasmus Wriedt Larsen
3f48916e95 Merge pull request #7915 from yoff/python/promote-xpath-injection 
Python: promote XPath injection query
 2022-03-04 11:59:39 +01:00
Rasmus Wriedt Larsen
f620e2599d Merge branch 'main' into py/add-ssrf-sinks 2022-03-04 11:50:12 +01:00
Rasmus Wriedt Larsen
e47f726e74 Python: Add change-note 2022-03-04 11:48:17 +01:00
Rasmus Wriedt Larsen
d86284bf32 Python: Update frameworks.rst 2022-03-04 11:48:06 +01:00
Rasmus Wriedt Larsen
75bc532d10 Python: Avoid toString usage :O 2022-03-04 11:41:22 +01:00
Rasmus Wriedt Larsen
866e615689 Python: Add PyPI links in qldocs 2022-03-04 11:40:03 +01:00