hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 16:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
9cf0a94e4d use some Sanitizer classes that were unused in the query code 2022-03-13 23:54:53 +01:00
Alex Ford
fc232ce55f Ruby: changenote for rb/weak-cryptographic-algorithm 2022-03-13 21:25:28 +00:00
Alex Ford
94d5f3bb1f Ruby: Add rb/weak-cryptographic-algorithm query 2022-03-13 21:25:28 +00:00
Alex Ford
40b87e6df7 Ruby: tests for rb/weak-cryptographic-algorithm 2022-03-13 21:25:24 +00:00
Alex Ford
446141ada3 Ruby: qhelp for rb/weak-cryptographic-algorithm 2022-03-13 21:25:12 +00:00
Alex Ford
4234cfeeec Ruby: model CipherOperations for OpenSSL 2022-03-13 21:21:52 +00:00
Alex Ford
489391eb4c Ruby: add CryptographicOperation concept 2022-03-13 21:21:52 +00:00
Dave Bartolomeo
afa3399e27 Zero diffs between Java AST and Semantic range analysis 2022-03-13 13:38:21 -04:00
jorgectf
ded9663f2b Finish taint steps 2022-03-13 13:59:03 +01:00
Dave Bartolomeo
8b4d6a26ef Performance improvements for semantic layer construction 2022-03-12 11:28:12 -05:00
p0wn4j
ee67d27b56 Java: Add JDBC connection SSRF sinks 2022-03-12 16:35:32 +04:00
Arthur Baars
f59f36b863 Use RUNNER_TEMP instead of runner.temp 2022-03-11 21:13:41 +01:00
Joe Farebrother
b924de631f Add change note, minor docs improvement 2022-03-11 17:58:52 +00:00
Ahmed Farid
3c9de6f488 Update Zip.qll 2022-03-11 18:50:37 +01:00
Joe Farebrother
594d51e84d Exclude constants 2022-03-11 17:45:42 +00:00
Joe Farebrother
06f2c03828 Add tests 2022-03-11 17:44:52 +00:00
Arthur Baars
7da0889813 Update check-qldoc.yml 2022-03-11 17:45:23 +01:00
Arthur Baars
e1f9eca272 Update check-qldoc.yml 2022-03-11 17:44:55 +01:00
Jonathan Leitschuh
50ff2c2c68 Code cleanup from code review 2022-03-11 11:44:15 -05:00
Robert Marsh
5c04516179 Merge pull request #8390 from redsun82/remove-unique-from-uuid 
C++: Remove uniqueness constraint from uuid
 2022-03-11 11:08:34 -05:00
Alex Ford
808cc9cf35 Merge pull request #8396 from alexrford/ruby/charpred-only-field 
Ruby: resolve `ql/field-only-used-in-charpred` alerts
 2022-03-11 15:48:05 +00:00
Erik Krogh Kristensen
fa37ece593 Merge pull request #8408 from erik-krogh/pathProblem 
QL: make a query checking for `edges` relation in a path-problem query
 2022-03-11 16:27:46 +01:00
Erik Krogh Kristensen
14e0d387e7 add a ql/path-problem-query query 2022-03-11 16:06:27 +01:00
Alex Ford
757aa294aa Update ruby/ql/lib/codeql/ruby/ast/internal/Scope.qll 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-03-11 14:53:02 +00:00
Tony Torralba
c49d19eb0f Merge pull request #8407 from smowton/smowton/admin/revert-8325 
Java: Revert #8325, Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
 2022-03-11 14:55:10 +01:00
Arthur Baars
cf4b834536 Address comments 2022-03-11 14:25:34 +01:00
Ahmed Farid
f092cd8d80 Update Zip.qll 2022-03-11 14:15:05 +01:00
Ahmed Farid
eb71cdf7a2 Update ZipSlip.ql 2022-03-11 14:13:28 +01:00
Ahmed Farid
0de1cef26e Update ZipSlip.qll 2022-03-11 14:03:17 +01:00
Chris Smowton
58d4513d84 Change note 2022-03-11 12:51:13 +00:00
Chris Smowton
496cae7742 Revert 8325, Add CharacterLiteral to CompileTimeConstantExpr.getStringValue 
As pointed out in 8325's thread, this breaks the corner case of char-literal addition and the convention that getStringValue only applies to String-typed constants.
 2022-03-11 12:45:53 +00:00
Chris Smowton
579b57cf67 Range analysis: use ranked phi nodes 
This borrows a technique (and the implementing code) off Modulus analysis.
 2022-03-11 12:32:12 +00:00
Erik Krogh Kristensen
1e365611fc fix all other implicit-this warnings introduced by the acronym patch 2022-03-11 13:22:07 +01:00
github-actions[bot]
7ac7657ffc JS: Bump patch version of ML-powered library and query packs post-release 2022-03-11 12:17:13 +00:00
Erik Krogh Kristensen
2e2970128e fix typo in change-note 2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
a5a82a0b58 JS: remove accidential copy-pasted change-note 2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
b63b675169 RB: add explicit-this 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-03-11 13:16:10 +01:00
github-actions[bot]
2f6886642c JS: Bump minor version of ML-powered library and query packs 2022-03-11 12:13:03 +00:00
Jeroen Ketema
a8b2805aeb Merge pull request #8246 from ihsinme/ihsinme-patch-82 
CPP: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf
 2022-03-11 12:54:49 +01:00
Chris Smowton
b1a42816bd Merge pull request #8402 from smowton/smowton/admin/revert-8360 
Java: Revert #8360, "Add CompileTimeConstantExpr.getStringified method"
 2022-03-11 11:54:24 +00:00
Erik Krogh Kristensen
e625d17978 Merge pull request #8374 from erik-krogh/nonDocBlock 
QL: add query detecting block comments in a position where a QLDoc should be
 2022-03-11 12:24:44 +01:00
Jeroen Ketema
93a0da75b6 Fix taint tracking configurations that broke due to interface change 2022-03-11 12:18:04 +01:00
Chris Smowton
46cd85c70b Revert #8360, "Add CompileTimeConstantExpr.getStringified method" 2022-03-11 11:13:21 +00:00
Jeroen Ketema
cd28f09ae0 Extend taint tracking interface with flow states 2022-03-11 11:50:35 +01:00
Jeroen Ketema
80c6253a57 C++: Remove private imports unused after deprecated cleanup 2022-03-11 11:47:44 +01:00
Chris Smowton
f006cd0e37 Merge pull request #8360 from JLLeitschuh/feat/JLL/compile_time_constant_getStringified 
[Java] Add CompileTimeConstantExpr.getStringified method
 2022-03-11 10:34:52 +00:00
Erik Krogh Kristensen
4f8f7cd57d JS: update expected output of test 2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
1a275a32f7 add change-notes 2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
c2787ee18b RB: add missing QLDoc 2022-03-11 11:18:09 +01:00
Erik Krogh Kristensen
8f08b4ccc8 JS: add missing QLDoc 2022-03-11 11:18:01 +01:00