hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 18:21:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,691 Branches 160 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
bb3fb0325b Ruby: Add InsecureDownload query 
This query finds cases where a potentially unsafe file is downloaded
over an unsecured connection.
 2022-04-27 12:47:09 +12:00
Harry Maclean
ce7675ef43 Ruby: Identify domain in Net::HTTP requests 2022-04-27 12:47:09 +12:00
Harry Maclean
bbc3043836 Add change note for rb/regex/missing-regexp-anchor 2022-04-27 10:12:33 +12:00
Harry Maclean
af2965c2a0 Explain anchors in MissingRegExpAnchor qlhelp 2022-04-27 10:12:33 +12:00
Harry Maclean
6f9dc5eb7e Ruby: Update import for file move 2022-04-27 10:12:33 +12:00
Harry Maclean
2feb4a48be Ruby: Add hasMisleadingAnchorPrecedence to MissingRegExpAnchor 2022-04-27 10:12:33 +12:00
Harry Maclean
3f8b27c0cd Ruby: Add RegExpNonWordBoundary to RegExpTreeView 2022-04-27 10:12:33 +12:00
Harry Maclean
e3c3c00c68 Ruby: Add MissingRegExpAnchor query 2022-04-27 10:12:33 +12:00
Harry Maclean
debc57b417 Ruby: Add RegExpAnchor to RegExpTreeView 2022-04-27 10:12:33 +12:00
Harry Maclean
d95f533d19 Ruby: Add getLastChild to RegExpParent 2022-04-27 10:12:33 +12:00
Nick Rolfe
2d05ea3519 Merge pull request #8885 from SukkaW/replace-git-io-link 2022-04-26 20:29:32 +01:00
Mathias Vorreiter Pedersen
800e4ea7df Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars 
C++: generate IR for global variables with initializers
 2022-04-26 18:17:13 +01:00
Geoffrey White
7ce040f331 Merge pull request #8736 from geoffw0/xxe 
C++: New query for CWE-611 / XML External Entity Expansion (XXE)
 2022-04-26 17:21:06 +01:00
Nick Rolfe
649d7dd022 Merge pull request #8607 from github/nickrolfe/incomplete_sanitization 
Ruby: port of `js/incomplete-sanitization`
 2022-04-26 17:10:24 +01:00
Geoffrey White
742949154b C++: Apply code style suggestion. 2022-04-26 16:53:24 +01:00
Taus
7d736952db Python: Update expected output 2022-04-26 15:49:40 +00:00
Anna Railton
eacfceb6ce Merge pull request #8605 from github/annarailton/new-query-label-mappings 
Experimental (ATM): update query label mappings
 2022-04-26 16:39:06 +01:00
SukkaW
0c4885caa7 Replace git.io link with the actual URL 2022-04-26 23:28:34 +08:00
Jonathan Leitschuh
2565cdb964 Add additional File taint value flow models 
Adds
 - File::getAbsoluteFile
 - File::getCanonicalFile
 - File::getAbsolutePath
 - File::getCanonicalPath
 2022-04-26 10:42:53 -04:00
Nick Rolfe
2a4d65f917 Merge pull request #8881 from github/nickrolfe/graph_ordering_typo 2022-04-26 14:30:49 +01:00
Nick Rolfe
a7185e8a75 Ruby: fix typo in edge key for graph query 2022-04-26 13:56:38 +01:00
Erik Krogh Kristensen
7dba2b5868 PY: revert deletion of redundant-import in ClientSuppliedIpUsedInSecurityCheckLib.qll 2022-04-26 14:51:21 +02:00
Chris Smowton
d01c847839 Make import private 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-04-26 13:34:24 +01:00
Chris Smowton
c0c50147b3 Replace singleton set 2022-04-26 13:34:24 +01:00
Artem Smotrakov
03d86306b2 Use doc-comment in JMS.qll 2022-04-26 13:34:24 +01:00
Artem Smotrakov
12ca1f0b11 Fixed library-tests/frameworks/guava/handwritten/flow.ql 2022-04-26 13:34:24 +01:00
Artem Smotrakov
52b7fbf484 Removed non-ASCII characters 2022-04-26 13:34:24 +01:00
Artem Smotrakov
e86fd72529 Moved RabbitMQ tests to java/ql/test/library-tests/frameworks/rabbitmq 2022-04-26 13:34:23 +01:00
Artem Smotrakov
3369ffc3c2 Removed RabbitMQ import in FlowSteps.qll 2022-04-26 13:34:23 +01:00
Artem Smotrakov
d7ad13b8de Fixed typos in JMS.qll 2022-04-26 13:34:23 +01:00
Artem Smotrakov
20f185e772 Use tainted tag in JMS tests 2022-04-26 13:34:23 +01:00
Artem Smotrakov
7158fd1ce8 minorAnalysis in 2022-04-17-jms.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-04-26 13:34:23 +01:00
Artem Smotrakov
152de1533e Added a change note for JMS 2022-04-26 13:34:23 +01:00
Artem Smotrakov
b6bd4f92d1 Added sources and steps for JMS API 2022-04-26 13:34:21 +01:00
Artem Smotrakov
5c6aa15fe5 Fixed model for DataInput 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2022-04-26 13:34:05 +01:00
Artem Smotrakov
269143a19f Java: Added sources and flow steps for RabbitMQ 2022-04-26 13:34:04 +01:00
Artem Smotrakov
fb39e0f577 Java: Added flow steps for DataInput and ObjectInput 2022-04-26 13:32:48 +01:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
Nick Rolfe
3737248deb Merge pull request #8879 from github/nickrolfe/graph_ordering 
Ruby: fix graph query tests by defining total ordering
 2022-04-26 13:22:53 +01:00
yoff
76f2eca1ee Merge pull request #8560 from erik-krogh/movePolyTest 
PY: move the polynomialbacktracking-test to the test folder
 2022-04-26 14:21:30 +02:00
Tony Torralba
75b7234a77 Add missing QLDoc 2022-04-26 14:07:07 +02:00
Nick Rolfe
a2f66e8631 Ruby: specify total ordering for test graph queries 2022-04-26 12:58:44 +01:00
Tony Torralba
b69d81ce24 Make all imports of ExternalFlow private 2022-04-26 13:48:44 +02:00
Anders Schack-Mulligen
ff1c6ca4d6 Java: Fix join-order. 2022-04-26 13:43:41 +02:00
Alex Denisov
5db18bb845 Swift: add a comment clarifying swift::FrontendObserver 2022-04-26 13:35:10 +02:00
Tony Torralba
2ee83e2ba2 Add Editable.toString flow step 2022-04-26 13:34:16 +02:00
Alex Denisov
e2332fc5ec Swift: Replace SwiftExtractor class with a function 2022-04-26 13:32:14 +02:00
Anders Schack-Mulligen
e5eef51e9d Merge pull request #8875 from aschackmull/java/useless-imports 
Java: Remove some useless imports.
 2022-04-26 13:32:09 +02:00
Anders Schack-Mulligen
8cd506e513 Merge pull request #8874 from smowton/smowton/fix/insecure-cookies-look-through-named-constants 
Java insecure cookies query: look through named constants
 2022-04-26 12:52:12 +02:00
Erik Krogh Kristensen
881e5e16b5 Java: revert deletion of redundant imports 2022-04-26 12:47:39 +02:00