hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 12:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,688 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jorgectf
d316974157 Add HtmlContent additional taint step 2021-11-08 10:23:50 +01:00
Tom Hvitved
77aca0a365 Merge pull request #7041 from hvitved/csharp/consistent-ids 
C#: Use `cs/` prefix in all query IDs
 2021-11-08 09:55:11 +01:00
Anders Schack-Mulligen
85fdbda16f Merge pull request #7002 from aschackmull/java/field-node 
Java: Add FieldValueNode to break up cartesian step relation.
 2021-11-08 09:31:42 +01:00
Mathias Vorreiter Pedersen
021d9415b8 Merge branch 'main' into use-range-analysis-in-buffer-write 2021-11-08 08:22:49 +00:00
Anders Schack-Mulligen
e0b121cd90 Merge pull request #7047 from hvitved/csharp/ssa/dominance-frontier 
Shared SSA: Improved dominance frontier calculation
 2021-11-08 08:50:46 +01:00
Pierre
4af3775b72 Add requirements for Apple Silicon 2021-11-08 01:37:31 +01:00
jorgectf
83e3de1fed Polish documentation. 2021-11-05 21:05:33 +01:00
jorgectf
ed74bd6800 Merge remote-tracking branch 'origin/main' into jorgectf/python/insecure-cookie 2021-11-05 20:14:06 +01:00
jorgectf
86aac7c215 Add/Update .expected files. 2021-11-05 20:13:12 +01:00
jorgectf
a420e6e18d Add CookieInjection.qlref 2021-11-05 20:12:56 +01:00
jorgectf
cf47e8eb9c Fix endpoints' naming 2021-11-05 20:12:35 +01:00
jorgectf
b3258ce20f Add CookieInjection sample and .qhelp 2021-11-05 20:12:05 +01:00
jorgectf
d7a79469e6 Improve tests 2021-11-05 20:08:52 +01:00
jorgectf
4cb78ac654 Fix typo 2021-11-05 20:08:37 +01:00
Chris Smowton
b639e82d79 Merge pull request #7064 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-11-05 09:27:25 +00:00
ihsinme
cedc5fd743 Update InsecureTemporaryFile.ql 2021-11-05 09:42:06 +03:00
pupiles
c97d0c6ce5 Remove redundant code 2021-11-05 13:14:28 +08:00
github-actions[bot]
d7bfaec0f5 Add changed framework coverage reports 2021-11-05 00:09:28 +00:00
Mathias Vorreiter Pedersen
34aa4981be Merge pull request #7018 from geoffw0/nullterm3 
C++: Further performance improvement for the null termination queries
 2021-11-04 21:37:58 +00:00
Mathias Vorreiter Pedersen
a9b7fed537 C++: Accept test changes. 2021-11-04 21:25:37 +00:00
Mathias Vorreiter Pedersen
ac90259906 C++: Teach 'getMaxConvertedLength' to use 'SimpleRangeAnalysis'. 2021-11-04 21:25:28 +00:00
Mathias Vorreiter Pedersen
693baae1ba C++: Add test cases with false positives due to missing range analysis in 'cpp/overrunning-write'. 2021-11-04 21:13:28 +00:00
Alex Ford
5f78bbbf52 add missing documentation 2021-11-04 21:07:54 +00:00
Ethan Palm
f1ac23eff5 Merge pull request #7040 from ethanpalm/extractor-options-docs 
New docs for extractor options
 2021-11-04 13:53:22 -07:00
Ethan P
fab3479f68 Fix numbered lists 2021-11-04 13:41:59 -07:00
Ethan P
457ece152a Fix list formatting 2021-11-04 13:31:52 -07:00
Ethan P
5bfe0fff89 Test using dash for LIs 2021-11-04 13:20:00 -07:00
Ethan P
10e5a8b3e5 Adjust spacing 2021-11-04 13:18:37 -07:00
Alex Ford
543bd28b03 add a change note for rb/csrf-protection-disabled 2021-11-04 20:14:54 +00:00
Ethan P
ad2b068429 fix list formatting 2021-11-04 13:05:22 -07:00
Alex Ford
d324f9397c qhelp for rb/csrf-protection-disabled 2021-11-04 19:56:56 +00:00
Alex Ford
25da904314 test cases for rb/csrf-protection-disabled 2021-11-04 19:56:56 +00:00
Alex Ford
4666024419 model some ways to configure Rails 2021-11-04 19:56:56 +00:00
Alex Ford
91f99ed2a1 model skip_forgery_protection calls in ActionController classes 2021-11-04 19:56:56 +00:00
Alex Ford
fad7e9489b Add a query to detect instances of CSRF protection being disabled 2021-11-04 19:56:55 +00:00
Ethan P
f3fda42b83 Fix link 2021-11-04 12:53:03 -07:00
Ethan Palm
f41c4702c3 Apply suggestions from code review 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
 2021-11-04 12:41:07 -07:00
Alex Ford
8a412dc5fd Add CSRFProtectionSetting concept 2021-11-04 18:18:29 +00:00
Chris Smowton
d1a2fbe96b Merge pull request #573 from npesaresi/feature/SSRF 
Yet another SSRF query for Golang
 2021-11-04 17:36:21 +00:00
Chris Smowton
233269869c Tidy sanitizers, using instanceof not extends or a charpred where possible 2021-11-04 16:26:14 +00:00
Chris Smowton
23855979d5 Include UntrustedFlowSource into ServerSideRequestForgery::Source but not vice versa 2021-11-04 16:19:22 +00:00
Rasmus Lerchedahl Petersen
624b794980 Python: separate taint sources in with 2021-11-04 17:06:36 +01:00
Chris Smowton
9e218a70bb Make imports private 2021-11-04 15:32:37 +00:00
Chris Smowton
18028dca2d Share repeated regex 2021-11-04 15:30:34 +00:00
Chris Smowton
648a70945d Copyedit docs and improve naming 2021-11-04 15:30:29 +00:00
james
5ea93d6447 further imrpovements 2021-11-04 14:54:30 +00:00
Chris Smowton
a9c853257d Fix qhelp good example 2021-11-04 14:42:54 +00:00
Chris Smowton
5256725359 Copyedit qhelp 2021-11-04 14:41:38 +00:00
Rasmus Wriedt Larsen
9e2bc41648 Python: Improve hashlib.new modeling 
By using a backwards type-tracker to find possible hashing algorithm
names.
 2021-11-04 15:36:32 +01:00
Rasmus Wriedt Larsen
9e91f3a341 Python: Highlight shortcomings of hashlib.new modeling 2021-11-04 15:29:40 +01:00