hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-17 15:33:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,692 Branches 160 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
zhouxufeng
89a03d46ea add ldap inject source 2021-10-29 11:27:48 +08:00
Ethan P
5f73fb21b8 Add new article to ref page 2021-10-28 10:55:44 -07:00
jorgectf
066b40098c Add lxml.etree.XMLParser missing resolve_entities dangerous case 2021-10-28 19:34:15 +02:00
jorgectf
4afcd9d207 [mrthankyou] smtplib partial modeling. 2021-10-28 19:18:59 +02:00
Rasmus Lerchedahl Petersen
0f2f68bcbb Python: rename file 2021-10-28 19:14:02 +02:00
yoff
8f9741ae72 Update python/ql/lib/semmle/python/internal/Awaited.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-10-28 19:13:08 +02:00
jorgectf
ba3ea700f5 Add Sendgrid dict data html body modeling 2021-10-28 18:47:54 +02:00
jorgectf
dbf5b24b86 Polish Sendgrid.qll qldoc 2021-10-28 18:26:35 +02:00
Mathias Vorreiter Pedersen
490156d7db C++: Remove the 'isIndirection' predicate on 'SourceVariable' and move the rootdef of 'getIRVariable' into the two subclasses. 2021-10-28 17:26:28 +01:00
Erik Krogh Kristensen
cfc5629435 apply all doc fixes 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-10-28 18:19:37 +02:00
Mathias Vorreiter Pedersen
05900cda87 C++: Rename 'Ssa' to 'SsaInternals' and move definitions from 'SSaImplSpecific' to 'SsaInternals'. Now we can avoid cyclic imports. 2021-10-28 17:10:48 +01:00
Erik Krogh Kristensen
15c90adec5 remove redundant cast where the type is enforced by an equality comparison 2021-10-28 18:08:20 +02:00
hubwriter
2096c0aab1 Merge pull request #6856 from github/hubwriter/typo-fix 
Docs: Fix one-word typo
 2021-10-28 17:05:17 +01:00
jorgectf
47b14f1adc Polish Concepts.qll qldocs 2021-10-28 17:55:34 +02:00
jorgectf
b3ec82cd36 Merge branch 'jorgectf/python/jwt-queries' of https://github.com/jorgectf/codeql into jorgectf/python/jwt-queries 2021-10-28 17:40:33 +02:00
jorgectf
a6c285ad32 Apply getItem(_) and extend verifiesSignature readability 2021-10-28 17:40:27 +02:00
Jorge
f4d63cc5e7 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-10-28 17:34:11 +02:00
jorgectf
ef4a27ff8c Apply code review suggestions 2021-10-28 17:31:52 +02:00
Erik Krogh Kristensen
e75448ebb0 remove redundant inline casts 2021-10-28 16:35:53 +02:00
Ian Lynagh
d425b3782e Merge pull request #6992 from igfoo/igfoo/patterns 
Java: instanceof pattern matching is no longer a preview feature
 2021-10-28 15:05:53 +01:00
Erik Krogh Kristensen
c34b089bc5 autoformat 2021-10-28 16:02:36 +02:00
Mathias Vorreiter Pedersen
675e284c0e C++: A 'LoadInstruction' in a store chain always sets 'certain = false'. 2021-10-28 14:52:57 +01:00
Ian Lynagh
246a515175 Java: instanceof pattern matching is no longer a preview feature 2021-10-28 14:19:30 +01:00
Mathias Vorreiter Pedersen
ee2541c3bc C++: Fix QLDoc on 'getDestinationAddress'. 2021-10-28 14:12:22 +01:00
Mathias Vorreiter Pedersen
cde80ccf83 Replace 'hasLocationInfo' with 'getLocation'. 2021-10-28 14:09:26 +01:00
Mathias Vorreiter Pedersen
387c96d1e2 Rename 'SourceVariable.getVariable' to 'SourceVariable.getIRVariable' and replace 'Def.getVariable' to 'Def.getSourceVariable'. 2021-10-28 14:00:50 +01:00
Rasmus Lerchedahl Petersen
8c72cc0cdd Python: update change note 2021-10-28 14:53:46 +02:00
Rasmus Lerchedahl Petersen
7201b3e116 Python: add changenote 2021-10-28 14:48:48 +02:00
zhouxufeng
bcdf17d16f feat ldap inject 2021-10-28 20:42:06 +08:00
Rasmus Lerchedahl Petersen
8536f5f5a2 Python: remember to update refs... 2021-10-28 14:32:53 +02:00
Erik Krogh Kristensen
4f6e5c903b filter out writes to number indexes 2021-10-28 14:27:07 +02:00
yoff
beb0902db5 Merge pull request #6989 from RasmusWL/flask-file-sending-fixup 
Python: Small fixup for `flask.send_from_directory`
 2021-10-28 14:24:29 +02:00
jorgectf
e8e0f0fea8 Add temporary .expected 2021-10-28 14:22:14 +02:00
jorgectf
bf68495102 Polish FlaskMail qldocs 2021-10-28 14:21:43 +02:00
valeria-meli
434571067f Merge branch 'main' into feature/SSRF 2021-10-28 09:06:58 -03:00
valeria-meli
9615544092 Merge commit 'e784c356916468d4f40b8f47899970c4e75dada9' into main 2021-10-28 09:06:17 -03:00
Rasmus Lerchedahl Petersen
c92249525b Python: update test expectations 2021-10-28 14:03:09 +02:00
Rasmus Wriedt Larsen
a33a8fd518 Python: Support flask.blueprints.Blueprint 
Thanks to @haby0 who originally proposed this as part of
https://github.com/github/codeql/pull/6977
 2021-10-28 14:02:03 +02:00
Nick Rolfe
f3977ea3d7 Merge pull request #6987 from github/nickrolfe/cleanup-ruby-docs 
Ruby: clean up docs
 2021-10-28 13:00:02 +01:00
Rasmus Lerchedahl Petersen
3abe3e43d0 Python: autoformat 2021-10-28 13:58:01 +02:00
jorgectf
c9634f3c6f Fix getFlaskMailArgument() 2021-10-28 13:54:14 +02:00
Rasmus Wriedt Larsen
0acf6aaec8 Python: Add change-note 2021-10-28 13:45:34 +02:00
Rasmus Wriedt Larsen
8c3349f40f Python: Properly model flask.send_from_directory 
To not include `filename` as path-injection sink.
 2021-10-28 13:41:39 +02:00
Mathias Vorreiter Pedersen
12e0185b0d C++: Sync identical files. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
7197216185 Add a copy of SsaImplCommon to the identical-files script. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
fc3ff41d65 Merge branch 'main' into use-shared-ssa-in-ir-dataflow 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
2cd23e5ee0 Accept test changes. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
8135dcefdd Merge branch 'main' into use-shared-ssa-in-ir-dataflow 2021-10-28 12:36:25 +01:00
Rasmus Wriedt Larsen
228e9e973a Python: Minor flask refactor 2021-10-28 13:36:03 +02:00
Mathias Vorreiter Pedersen
521d863429 C++: Autoformat. 2021-10-28 12:35:01 +01:00