hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-01 15:52:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
1e620c99c6 JS: Bump patch version of ML-powered library and query packs post-release 2022-03-23 11:53:34 +00:00
github-actions[bot]
dc0c8374d2 JS: Bump minor version of ML-powered library and query packs 2022-03-23 11:47:53 +00:00
github-actions[bot]
2b42d84ccd JS: Bump patch version of ML-powered model pack post-release 2022-03-23 11:47:53 +00:00
github-actions[bot]
6fbc0e6e32 JS: Bump ML model pack dependency of ML-powered model building and query packs 2022-03-23 11:47:53 +00:00
github-actions[bot]
8d13662315 JS: Bump minor version of ML-powered model pack 2022-03-23 11:47:08 +00:00
Rasmus Lerchedahl Petersen
93336bcb16 python: allow alternative middleware 
(observed [on LGTM](9d6a7ee180/files/mozillians/settings.py (L96)))
 2022-03-23 12:27:51 +01:00
yoff
647d37492d Merge pull request #8289 from tausbn/python-remove-with-test-syntax-error 
Python: Fix syntax error in `with` test output
 2022-03-23 12:25:11 +01:00
Rasmus Lerchedahl Petersen
6c2449564a python: add concept tests 2022-03-23 12:05:09 +01:00
Mathias Vorreiter Pedersen
a81024a485 Merge pull request #8525 from MathiasVP/more-precise-is-before 
C++: Consider columns in `Location.isBefore`
 2022-03-23 11:04:34 +00:00
Mathias Vorreiter Pedersen
0eab54d385 Merge pull request #8491 from jketema/command-line-injection-with-flow-state 
C++: Use flow states in `cpp/command-line-injection`
 2022-03-23 11:03:29 +00:00
Rasmus Lerchedahl Petersen
441e206cfa python: CSRF -> Csrf 2022-03-23 11:29:27 +01:00
Michael Nebel
b204f783fb C#: Remove special handling of bulk types. 2022-03-23 11:26:49 +01:00
Rasmus Wriedt Larsen
671889372b Ruby: Update wording of change-note 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-03-23 11:26:41 +01:00
Rasmus Wriedt Larsen
e66932c728 Ruby: Make deprecated getURL work with new modeling 
So an "old" query using the deprecated predicate, will still find the
same results, even when the modeling has been updated.
 2022-03-23 11:22:34 +01:00
Tom Hvitved
4bcd4d75a9 Address review comments 2022-03-23 11:22:25 +01:00
Asger Feldthaus
f2285709bd JS: Change note 2022-03-23 10:42:51 +01:00
Asger Feldthaus
59d5c54432 JS: Update test output from knex 2022-03-23 10:42:51 +01:00
Asger Feldthaus
73071bdc08 JS: Change getAParameter to not return the receiver 2022-03-23 10:42:51 +01:00
Asger Feldthaus
6bef5a70b3 JS: Add dedicated API graph label for receiver, instead of parameter -1 2022-03-23 10:42:51 +01:00
Mathias Vorreiter Pedersen
a84ee50af0 Update cpp/ql/src/change-notes/2022-03-21-command-line-injection-with-flow-states.md 2022-03-23 09:35:41 +00:00
Michael Nebel
bbe28bc668 Java: Do not explicitly require python3 when executing the GenerateFlowModel.py. 2022-03-23 10:35:32 +01:00
Michael Nebel
7eddc1e7ec Java: Adjust scripts for new location. 2022-03-23 10:35:32 +01:00
Michael Nebel
7fc11be787 Java: Move generate_flow_model file into a shared models-as-data script folder. 2022-03-23 10:35:32 +01:00
Michael Nebel
bd89de3c43 Java: Make sure to use python3 during workflow execution (required for python string interpolation). 2022-03-23 10:35:32 +01:00
Michael Nebel
6c9d1a3edb Java: Make standalone library for shared functionality. 2022-03-23 10:35:32 +01:00
Michael Nebel
9564f8bf5c Java: Put remainings parts of the generator code into the class. 2022-03-23 10:35:32 +01:00
Michael Nebel
20414c0e56 Java: Move Generator creation into class definition. 2022-03-23 10:35:32 +01:00
Michael Nebel
3f33cdf688 Java: Introduce generator class. 2022-03-23 10:35:32 +01:00
Michael Nebel
6ed1424679 Java: Refactor language specific parts into variable. 2022-03-23 10:35:32 +01:00
Michael Nebel
1ac988323a Java: Add dry-run optional paramteter to generator script. 2022-03-23 10:35:31 +01:00
Michael Nebel
586fd5a43b Java: Rename file for generating flow models. 2022-03-23 10:35:31 +01:00
Rasmus Wriedt Larsen
bbf60b875e Merge pull request #8476 from RasmusWL/shared-concepts-scaffolding 
Python/JS/Ruby: Shared concepts scaffolding
 2022-03-23 10:22:42 +01:00
Paul1nh0
5a1dc61d9d modify arguments check logic 
As far as I can tell, root cause of double-fetech issue is read from the same user mode memory twice, so it makes sense that only check whether user mode pointer is same or not
 2022-03-23 11:20:08 +08:00
Paul1nh0
6a6cd61d83 automated using CodeQL for VSCode extension 2022-03-23 09:37:45 +08:00
Mathias Vorreiter Pedersen
01929d484e Merge pull request #8526 from MathiasVP/internal-diagmetric-queries-ql 
C++: Add internal `ExtractionError` query
 2022-03-22 17:26:38 +00:00
Robert Marsh
12ccf3662a C#: match IR global variable changes 2022-03-22 13:22:37 -04:00
Robert Marsh
6be3db8575 C++: update test expectations for extractor changes 2022-03-22 13:01:56 -04:00
Owen Mansel-Chan
efc0d95535 Merge pull request #8528 from github/smowton/admin/fix-go-doc-links 
Fix broken links
 2022-03-22 16:25:41 +00:00
Taus
f9120167b4 Python: Fix syntax error in with test output 
Depends on an internal PR. The two lines in question were caused by
the insertion of an extra node due to the failure to parse a trailing
comma corrcetly.
 2022-03-22 16:22:03 +00:00
Jonathan Leitschuh
bd87be636a Refactor to conditionCheckArgument deprecate old method 2022-03-22 11:56:43 -04:00
Rasmus Wriedt Larsen
64a5c5d9aa Ruby: Keep getURL predicate for easier deprecation 
Notice that we still don't fully keep our standard deprecation support,
since the new `getAUrlPart` is still abstract, and therefore will cause
compile errors if not implemented.
 2022-03-22 16:48:14 +01:00
Paul1nh0
f2728f5284 delete some unused code 2022-03-22 23:20:30 +08:00
Chris Smowton
b5c05a580d Java: Fix harmless search-replace mistake 2022-03-22 14:42:09 +00:00
yoff
47e062cfb9 Merge pull request #8486 from aibaars/incomplete-hostname-python 
Python: switch to shared implementation of IncompleteHostnameRegExp.ql
 2022-03-22 15:06:14 +01:00
Rasmus Lerchedahl Petersen
53de8287f5 python: rule out test code for CSRF 2022-03-22 14:57:05 +01:00
Erik Krogh Kristensen
8ae04e04d4 Merge pull request #8509 from erik-krogh/fpXss 
JS: filter away reads of .src that end in a URL sink for js/xss-through-dom
 2022-03-22 14:51:17 +01:00
Mathias Vorreiter Pedersen
c35b385383 C++: Fix 'implicit this' warning. 2022-03-22 13:32:46 +00:00
Tom Hvitved
c06508570a Ruby: Cache ConstantReadAccess::getValue 2022-03-22 14:15:07 +01:00
Paul1nh0
afe4a8435f Using globalValueNumber to match same arguments 2022-03-22 21:14:07 +08:00
Rasmus Lerchedahl Petersen
0f2c21c8bd python: require local protection to be absent 
for CSRF to be likely
 2022-03-22 13:42:52 +01:00