hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 17:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,689 Branches 160 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Muskalla
2f94356899 Run daily 2022-02-07 12:12:29 +01:00
Benjamin Muskalla
bd417769ce Add workflow to upload metrics 2022-02-07 12:08:18 +01:00
Benjamin Muskalla
a1432c47dc Exclude framework coverage query from suites 
We don't want to run this query on any database but rather
in a specific setup. Exclude from suites by default.
 2022-02-07 12:08:18 +01:00
Benjamin Muskalla
9af50f5216 Turn framework coverage into metric query 2022-02-07 12:08:18 +01:00
Jeroen Ketema
1f2865c7cc Merge pull request #7798 from jketema/missing-open-arg 
C++: Add query for missing mode argument in `open`/`openat` calls
 2022-02-07 12:01:44 +01:00
BACK Yonah
61dc9ef12e C/C++: AutoFormat fix 2022-02-07 11:41:17 +01:00
Rasmus Wriedt Larsen
32cd7d6fa7 Add groups to all consistency-queries/qlpack.yml 
as discussed in PR review
 2022-02-07 11:15:48 +01:00
Tom Hvitved
dc09e87cb2 Ruby: Use SimpleSummarizedCallable in a few more places 2022-02-07 11:05:32 +01:00
Erik Krogh Kristensen
0584a6acaf recognize a nodejs re-exports in a loop 2022-02-07 10:12:38 +01:00
Erik Krogh Kristensen
4c317f5753 apply suggestions from doc review 
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
 2022-02-07 09:43:49 +01:00
Michael Nebel
b2e18ebae1 C#: Lambda improvements change note. 2022-02-07 09:22:46 +01:00
Michael Nebel
782d6da754 C#: Support for lambda expression explicit return types and lambda attributes. 2022-02-07 09:19:47 +01:00
github-actions[bot]
b4ab86c020 Post-release preparation for codeql-cli-2.8.0 2022-02-06 23:34:07 +00:00
Arthur Baars
ac03fab986 Merge pull request #7753 from aibaars/ruby-3.1 
Ruby 3.1 features
 2022-02-06 21:06:16 +01:00
Artem Smotrakov
f53b2fcc62 Updated IgnoredHostnameVerification.ql to cover more uses of HostnameVerifier.verify() 2022-02-06 11:23:20 +00:00
jorgectf
d2f07e4df2 Merge branch 'jorgectf/python/deserialization' of https://github.com/jorgectf/codeql into jorgectf/python/deserialization 2022-02-05 16:20:17 +01:00
Jorge
99e14d16bc Merge branch 'github:main' into jorgectf/python/deserialization 2022-02-05 16:20:09 +01:00
Jonathan Leitschuh
1f47ea5164 Update to new change note format 2022-02-04 17:16:12 -05:00
Jonathan Leitschuh
0268dd9f0a Add file creation sanitizer 2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
9299c7996d Add information disclosure test fix suggestions 2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
0a621c2801 Fix the formatting in TempDirLocalInformationDisclosureFromMethodCall 2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
79db76dcf8 Fix test failures TempDirLocalInformationDisclosureFromSystemProperty 2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
d5c9af31b2 Fixup documentation/code from PR feedback 2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
f7a4aac525 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
a4b5573f53 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
a8d25b63ac Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-02-04 17:10:26 -05:00
Chris Smowton
e795823d97 Autoformat TempDirUtils.qll 2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
7e514e9ef9 Add QLdoc and fix Compiler Errors in Tests 2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
cb30385684 Update java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
df716cbaa0 Revert changes to MethodAccessSystemGetProperty 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
66831989b7 Add QLdoc to TempDirUtils 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
7e55c92eb4 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
c19f52cd04 Add release notes for "Temporary Directory Local information disclosure" 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
f6067d28f9 Fix file names and formatting from PR feedback 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
41b5011b81 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
7929faedc0 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
f910fd4719 Remove path flow tracking in 'TempDirLocalInformationDisclosureFromMethodCall' 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
e4c017e888 Apply suggestions from code review 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
13fed0e9b6 Temp Dir Info Disclosure: Final pass and add documentation 2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
bc12e994b0 Add java.nio.file.Files API checks 2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
ecad7534ae Add mkdirs check 2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
cf0ed81575 Add TempDir taint tracking for Files.write 2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
3a15678b1e Java: CWE-200: Temp directory local information disclosure vulnerability 2022-02-04 17:10:23 -05:00
Erik Krogh Kristensen
ab2d3a7ca0 Merge pull request #7828 from Naman-ntc/main 
JS: Adding model for `.get` function of `Map` in Unvalidated Dynamic Method Call
 2022-02-04 20:19:02 +01:00
Erik Krogh Kristensen
f00d723c49 Merge pull request #7843 from erik-krogh/CVE-2021-23484 
JS: add file sources from `jszip` to `js/zip-slip`
 2022-02-04 20:17:43 +01:00
BACK Yonah
21fdc53d62 C/C++: Using UnspecifiedType instead of Type 2022-02-04 19:12:15 +01:00
Nick Rolfe
9744cf2457 Ruby: apply suggested simplification from review 2022-02-04 17:14:47 +00:00
Nick Rolfe
aaff3226c9 Ruby: prefer ...isInt(x) over x = ...getInt() 2022-02-04 17:10:22 +00:00
BACK Yonah
b2ca25abef Merge branch 'main' of https://github.com/github/codeql 2022-02-04 18:09:19 +01:00
BACK Yonah
f4a1d1d5e6 C/C++: Useless Test Fully converted verification 2022-02-04 18:05:03 +01:00