codeql

mirror of https://github.com/github/codeql.git synced 2026-02-04 01:01:07 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	4c58f9781b	add support for TypeScript 4.6	2022-03-01 09:56:21 +01:00
Mathias Vorreiter Pedersen	3719353338	Merge pull request #8172 from github/redsun82/pre-commit add pre-commit configuration	2022-03-01 08:54:54 +00:00
Erik Krogh Kristensen	2b7c819135	fix extension of change-note	2022-03-01 09:54:19 +01:00
Michael Nebel	7bde1cbfb3	Java: Add case for Synthetic Fields in isRelevantTaintStep.	2022-03-01 09:15:01 +01:00
ihsinme	d772ea0efe	Apply suggestions from code review Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2022-03-01 10:49:36 +03:00
ihsinme	bc22b9b208	Update test.cpp	2022-03-01 09:43:15 +03:00
ihsinme	c6083a6f95	Apply suggestions from code review Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2022-03-01 09:37:57 +03:00
Ahmed Farid	70c0c7e461	Update zipslip_bad.py	2022-03-01 00:24:33 +01:00
Ahmed Farid	85bcaa96ce	Update Concepts.qll	2022-03-01 00:23:06 +01:00
Ahmed Farid	c22b032bbe	Update Zip.qll	2022-03-01 00:11:33 +01:00
Ahmed Farid	67d3498891	Update ZipSlip.ql	2022-03-01 00:07:37 +01:00
Ahmed Farid	b29936716d	Update Frameworks.qll	2022-03-01 00:06:22 +01:00
Ahmed Farid	76bd3317eb	Create Zip.qll	2022-03-01 00:05:30 +01:00
Ahmed Farid	abe25da3df	Create ZipSlip.qll	2022-03-01 00:04:02 +01:00
Ahmed Farid	3eae13161f	Delete ZipSlipCheckLib.ql	2022-03-01 00:01:34 +01:00
Ahmed Farid	21f6ad5190	Update and rename ZipSlipCheck.ql to ZipSlip.ql	2022-03-01 00:01:06 +01:00
Tamas Vajk	1538e89bd9	Use generate-report.py from base SHA	2022-02-28 20:36:23 +01:00
Tamas Vajk	bd30c63aa1	Fix expected file comparer to handle missing files better in MaD workflows	2022-02-28 20:16:20 +01:00
Tamas Vajk	714659c706	Change `cp` to `mv` in CSV coverage PR job	2022-02-28 20:07:23 +01:00
Jeroen Ketema	0c2cfa1307	C++: Add comment on the existence of reference types	2022-02-28 19:14:54 +01:00
Arthur Baars	5ce6b847d1	Merge pull request #8166 from aibaars/regex-char-sequence-1 Ruby/Python: regex parser: group sequences of 'normal' characters	2022-02-28 17:47:53 +01:00
Tamás Vajk	d3e36038a0	Merge pull request #8152 from tamasvajk/fix/useless-dynamic-cast C# Exclude dynamic casts from useless casts check	2022-02-28 17:00:28 +01:00
Michael Nebel	24640c3670	Java: Make a testcase for wrappers of sources.	2022-02-28 16:57:36 +01:00
Michael Nebel	66fe0e74b5	Java: Don't require that the source is directly within the TargetApi itself (in that case wrappers get excluded).	2022-02-28 16:48:23 +01:00
Michael Nebel	4a0b2b64b3	Java: Explicitly tie ReturnNode to TargetApi before calling returnNodeAsOutput.	2022-02-28 16:48:23 +01:00
Tom Hvitved	44949b6353	Java: Add `bindingset` to `returnNodeAsOutput`	2022-02-28 16:48:23 +01:00
Anders Schack-Mulligen	908cc40c9f	Java: Fix bug in model flow sanitizer.	2022-02-28 16:48:23 +01:00
Anders Schack-Mulligen	16a5ccddea	Java: Simplify model generator query using flow state.	2022-02-28 16:48:23 +01:00
Rasmus Wriedt Larsen	8afd560c64	Python: ORM: Handle load of PolymorphicModels	2022-02-28 16:38:41 +01:00
Rasmus Wriedt Larsen	48fba87273	Python: ORM: add flow to base-class	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	6b9dd49499	Python: ORM: Model `polymorphic.models.PolymorphicModel` as Django ORM class	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	e1191cf63c	Python: ORM: Add tests for inheritance	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	092cfceb18	Python: Add dataflow consistency checks to ORM tests Luckily they passed :phew:	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	d7ff00e615	Python: Add change-note	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	ed36ff1570	Python: ORM: Handle `<Model>.objects.[<QuerySet>].update()`	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	fea46b642d	Python: ORM: Handle `<Model>.objects.create` and friends	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	9b458b54aa	Python: ORM: Add flow to collection/dict queries	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	9cff4cbd1c	Python: ORM: Add a few more tests There were a few methods I had overlooked	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	ae057c74cc	Python: ORM: Store step for constructor	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	f8a51bb994	Python: ORM: Add data-flow steps for Django ORM Added dummy-whitespace to `orm_security_tests.py` so it would be possible to see what the reflected XSS results are in the diff	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	ef39968a56	Python: ORM: Add data-flow plumbing for ORM modeling The idea is that we will do `save ==> synthetic` and `synthetic ==> load`, so we don't need to do CP between save/load. This setup with synthetic node in the middle, also allows for a limited amount of the field-flow we can do with real flow-summary support.	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	d3f07cdc10	Python: ORM: Add qltests Which shows that there is no flow yet, which is not really a surprise :D	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	c78fed6594	Python: ORM: Add raw python test files no ql test files yet though, will come in next commit.	2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen	f89fb50eb5	Python: ORM: Add boilerplate django project By doing ``` django-admin startproject testproj django-admin startapp testapp ```	2022-02-28 16:38:40 +01:00
yoff	d953382df9	Merge pull request #7807 from RasmusWL/dataflow-improvements Python: Dataflow improvements	2022-02-28 16:24:00 +01:00
Jeroen Ketema	497991b6b1	C++: Improve change note	2022-02-28 16:08:23 +01:00
Erik Krogh Kristensen	5130929358	remove comment suggesting that the receiver is parameter -1	2022-02-28 15:25:34 +01:00
Erik Krogh Kristensen	843ed8fca5	rename `pw` to `aw` Co-authored-by: yoff <lerchedahl@gmail.com>	2022-02-28 15:25:25 +01:00
Tom Hvitved	5cba505514	Merge pull request #8284 from hvitved/csharp/move-csharp9-standalone-tests C#: Move C# 9 standalone tests	2022-02-28 15:15:47 +01:00
Tamas Vajk	efb876192f	Add change note	2022-02-28 14:58:59 +01:00

... 134 135 136 137 138 ...

42524 Commits