hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-02 00:02:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
9f014be7c7 Merge pull request #8447 from MathiasVP/add-missing-security-severity 
C++: Add missing `security-severity` tags
 2022-03-15 11:29:28 +00:00
Geoffrey White
28315df405 Merge branch 'main' into cwe497b 2022-03-15 11:23:00 +00:00
Joe Farebrother
8acd8ea01f Merge pull request #8446 from joefarebrother/sensitive-logging 
Java: Add security severity to sensitive logging query
 2022-03-15 11:17:46 +00:00
Jeroen Ketema
157a36bc4f Use node variable in all disjuncts 2022-03-15 11:55:35 +01:00
Jeroen Ketema
9a0e94f389 Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard 2022-03-15 11:55:34 +01:00
Mathias Vorreiter Pedersen
7337ebd569 C++: Add missing 'security-severity' tags. 2022-03-15 10:54:36 +00:00
Mathias Vorreiter Pedersen
9642e59349 Merge pull request #8382 from MathiasVP/use-taint-configuration-in-three-more-queries 
C++: Use a `TaintTracking::Configuration` in three more queries
 2022-03-15 10:43:05 +00:00
Joe Farebrother
e4a16cc700 Add security severity 2022-03-15 10:42:41 +00:00
Tony Torralba
6d5414281e Merge pull request #8437 from atorralba/atorralba/missing-security-severity-query 
Added MissingSecurityMetadata query
 2022-03-15 11:42:41 +01:00
Dave Bartolomeo
72725875a5 Undo debugging changes 2022-03-15 06:05:33 -04:00
Henry Mercer
f38b498eed Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore 
JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries
 2022-03-15 10:04:30 +00:00
Dave Bartolomeo
c9fbf83c1c Working range analysis for C++ 2022-03-15 06:02:54 -04:00
Tony Torralba
6f484d3d64 Merge pull request #8440 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-03-15 10:58:27 +01:00
Asger Feldthaus
d628dc0b52 Ruby: sync ApiGraphModels.qll 2022-03-15 10:52:41 +01:00
Asger Feldthaus
82750638c6 JS: Verify models even if package is not used in database 2022-03-15 10:51:44 +01:00
Tony Torralba
fd4c9fd543 Cover a missing @tag security when @security-severity is used 2022-03-15 10:39:42 +01:00
Asger Feldthaus
a19f06ffc0 JS: Port checks to JS 2022-03-15 10:35:49 +01:00
Asger Feldthaus
7f8205684e Ruby: verify tokens in identifying access path 2022-03-15 10:25:59 +01:00
Tony Torralba
82b2fd2d23 Exclude queries without precision 2022-03-15 10:22:10 +01:00
Dave Bartolomeo
f53a66b52a Add working sign and modulus analysis 2022-03-15 05:16:23 -04:00
Mathias Vorreiter Pedersen
7e0e7d5004 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-15 09:06:55 +00:00
Asger Feldthaus
97ca1155c3 JS: Sync ApiGraphModels.qll and test 2022-03-15 09:29:34 +01:00
Asger Feldthaus
65249dabd3 Ruby: add warning for wrong number of columns in CSV row 2022-03-15 09:28:21 +01:00
Erik Krogh Kristensen
c7509c4dd3 Merge branch 'main' into deadCode 2022-03-15 09:19:14 +01:00
Tony Torralba
18165cbb46 Exclude examples folder 2022-03-15 09:14:11 +01:00
Michael Nebel
ba67ea0445 C#: Fix performance issue with UselessNullCoalescingExpression query. 2022-03-15 09:09:45 +01:00
Jonas Jensen
d89c52f4b0 Merge pull request #8403 from erik-krogh/noUpper 
Rename all upper-case variables, and all lower-case modules
 2022-03-15 09:00:37 +01:00
haby0
e11c74c580 Delete redundant comments 2022-03-15 15:25:08 +08:00
haby0
4195eef9ba Add CSV injection model 2022-03-15 15:15:38 +08:00
Asger Feldthaus
f28acbf3dc Ruby: autoformat 2022-03-15 08:15:18 +01:00
ihsinme
62ecf54aaa Update DangerousUseOfExceptionBlocks.cpp 2022-03-15 08:53:38 +03:00
ihsinme
e99eaeb256 Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-03-15 08:53:00 +03:00
github-actions[bot]
b10adfc8da Add changed framework coverage reports 2022-03-15 00:13:15 +00:00
Arthur Baars
3311fedda7 Merge pull request #8365 from aibaars/qldoc-test 
CI: add QLdoc test
 2022-03-14 23:36:01 +01:00
Robert Marsh
143b79c0cc C++/WIP: Generate IR for global variables 2022-03-14 17:12:30 -04:00
jorgectf
f10dac31f9 Format some tests 2022-03-14 22:12:22 +01:00
Robert Marsh
bf21a471ed C++: add some global variables to IR tests 2022-03-14 17:11:36 -04:00
jorgectf
b62b8c8d28 Use SummaryModelCsv for the toString taint step 2022-03-14 21:47:06 +01:00
jorgectf
c683b48af7 Add MyBatisInjectionSink's QLDoc 2022-03-14 21:41:36 +01:00
jorgectf
8482c01959 Make MyBatisProviderStep an AdditionalValueStep 2022-03-14 21:35:26 +01:00
Erik Krogh Kristensen
195ce9c58a add some API-nodes to js/disabling-certificate-validation 2022-03-14 21:33:13 +01:00
jorgectf
32f494eba1 Use SummaryModelCsv in MyBatisAbstractSQLMethodsStep 2022-03-14 21:32:55 +01:00
jorgectf
d47fcedd21 Add tests 2022-03-14 21:31:51 +01:00
Jorge
158366ab46 Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-03-14 21:27:37 +01:00
Arthur Baars
6a74e761c8 Merge pull request #8398 from github/post-release-prep/codeql-cli-2.8.3 
Post-release preparation for codeql-cli-2.8.3
 2022-03-14 21:05:09 +01:00
Arthur Baars
be412b1b5d Merge pull request #702 from github/post-release-prep/codeql-cli-2.8.3 
Post-release preparation for codeql-cli-2.8.3
 2022-03-14 21:04:37 +01:00
Geoffrey White
73710e9edb C++: Fix QLDoc. 2022-03-14 19:11:43 +00:00
Tom Hvitved
d3d20c69dd Merge pull request #8425 from hvitved/csharp/structural-comparision-fix 
C#: Avoid combinatorial explosion in structural comparison library
 2022-03-14 20:10:40 +01:00
Geoffrey White
7c93eb1eaf C++: Fix large newtype. 2022-03-14 19:06:41 +00:00
Geoffrey White
d1b04b4e07 C++: Use asDefiningArgument() where appropriate. 2022-03-14 17:53:47 +00:00