hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-28 12:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,697 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
91f7d33044 add change note 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
101d4358a9 detect DOM nodes from event callbacks 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
be9636491b add source for react-hook-form in xss-through-dom 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
65d93c9061 detect for DOM elements from DOM events in React 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
458dda9d25 add xss-through-dom source from react-final-form 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
ff3950ce98 add model for formik 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
d1087d4e41 move sources from XssThroughDom into a customizations file 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
4969a1ef4f add change note 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
0ca2310594 add model for htmlparser2 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
e2a66bf3ed add model for xml-js 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
73f7cd149f add model for sax 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
c43025d7b3 add model for xml2js 2021-02-10 14:16:30 +01:00
Erik Krogh Kristensen
44ca2e26a6 add taint-step to XML parsers 2021-02-10 14:16:08 +01:00
intrigus
5c82ff83de Java: Fix qhelp, fix CWE reference 2021-02-10 13:57:51 +01:00
Anders Schack-Mulligen
3a6fa9d99b Java: Add support for framework modelling through csv data. 2021-02-10 13:25:03 +01:00
Alvaro Muñoz
645b021845 Add support for the Preconditions Class in the Guava framework 2021-02-10 13:20:29 +01:00
Alvaro Muñoz
0cf3a29429 Add support for Apache Commons Lang ArrayUtils 2021-02-10 13:09:57 +01:00
Shati Patel
18225fa254 Merge pull request #4997 from github/shati-patel/cwe-coverage-docs 
Docs: Add outline for CWE coverage page
 2021-02-10 11:45:09 +00:00
Alvaro Muñoz
3b4357792b Remove sanitizing condition which does not prevent 
vulnerability.
 2021-02-10 12:21:48 +01:00
Anders Schack-Mulligen
66d0bf6b5e Merge pull request #5128 from hvitved/dataflow/exploration-clears-content 
Data flow: Take `clearsContent()` into account in flow exploration
 2021-02-10 11:52:24 +01:00
yoff
9930d59aca Merge pull request #5124 from RasmusWL/typetracking-with-decorator 
Python: Add test for type-tracking through decorators
 2021-02-10 09:34:54 +01:00
Chris Smowton
617b5510d9 Merge pull request #465 from smowton/smowton/feature/less-equality-test-panic-edges 
Remove panicking edges leading from an equality test where possible
 2021-02-10 08:20:27 +00:00
user
c29ab8958f tests and docs updated 2021-02-10 00:26:46 +03:00
Your Name
4b24e5641e formatting + example 
fix

test fix

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:46 +03:00
Your Name
bd09868686 test fixed, comments added 
Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:46 +03:00
Your Name
8c5e0a42b3 test fixed 
Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:40 +03:00
Your Name
41e808dab4 conversion detect + tests 2021-02-10 00:26:40 +03:00
Your Name
a77f36fba8 formatting fix 
Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:33 +03:00
Chris Smowton
ef658b292a Fix join order for ListOfConstantsComparisonSanitizerGuard 2021-02-09 19:42:23 +00:00
Arthur Baars
d4ebcbf18f Merge pull request #118 from github/aibaars/dataflow 
More dataflow steps
 2021-02-09 20:36:28 +01:00
Tom Hvitved
1f9b42f9ab Data flow: Sync files 2021-02-09 20:10:23 +01:00
Tom Hvitved
e5970f4c65 Data flow: Take clearsContent() into account in flow exploration 2021-02-09 20:09:24 +01:00
Tom Hvitved
9cfc08319d Use Generated::AstNode in ExprChildMapping 2021-02-09 19:32:41 +01:00
Chris Smowton
1b9abc5310 Merge pull request #470 from sauyon/go116flagadd 
Add -overlay to recognized go build flags
 2021-02-09 18:31:41 +00:00
Arthur Baars
1e64b264ba Fix compilation errors after merge 2021-02-09 18:50:30 +01:00
Arthur Baars
3e0b7c491a Merge remote-tracking branch 'origin/main' into aibaars/dataflow 2021-02-09 18:49:53 +01:00
Sauyon Lee
8c60c614db Add -overlay to recognized go build flags 2021-02-09 17:09:48 +00:00
Owen Mansel-Chan
abf59ec98f Merge pull request #469 from github/owen-mc-code-owners-file 
Create CODEOWNERS
 2021-02-09 17:04:29 +00:00
Owen Mansel-Chan
5cab5b2912 Create CODEOWNERS 
This is so that `@codeql-go` is automatically suggested as a reviewer for PRs
 2021-02-09 17:02:29 +00:00
Tom Hvitved
248f5cd648 Merge pull request #119 from github/hvitved/ast-range 
Rangify `AstNode`
 2021-02-09 16:47:50 +01:00
Tom Hvitved
85c13a1190 Make entries in RemoveWhenFullCoverage explicit 2021-02-09 16:34:25 +01:00
Geoffrey White
d475e55ec0 Update cpp/ql/test/README.md 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-02-09 15:20:03 +00:00
Geoffrey White
cc031118dd Update CONTRIBUTING.md 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-02-09 15:19:30 +00:00
yo-h
e5331a4735 Java: accept changes in expected output 2021-02-09 09:17:35 -05:00
yo-h
e194411cfa Java: fix javac errors in test code 2021-02-09 09:16:57 -05:00
luchua-bc
cb01613aa6 Exclude FP token patterns 2021-02-09 13:53:23 +00:00
Tamas Vajk
9854b95c30 Fix query performance 2021-02-09 14:45:22 +01:00
Alexander Eyers-Taylor
1c43505d30 Merge pull request #5121 from alexet/fix-js-jdoc 
Javascript Extractor: Update <tt> tages to <code>
 2021-02-09 13:07:19 +00:00
Arthur Baars
daa7bd7fd4 Move ReturningStmt::getValue implementation to internal library 2021-02-09 14:01:08 +01:00
Arthur Baars
e398837bdc Rename Statement to Stmt 2021-02-09 13:55:06 +01:00