hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-17 16:34:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
91840c613e Java: Convert unsafe-url-forward to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
aed5ee4edc Java: Convert thread-resource-abuse to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
07578f11d4 Java: Convert hardcoded-jwt-key models to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
ab12b6cc2b Java: Convert android-web-resource-response to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
5c15ad412c Java: Convert log4j-injection to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
665d40dc4b Java: Convert file-path-injection to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
b61f515af2 Jave: Make support for query specific models. 2022-11-28 12:30:35 +01:00
Michael Nebel
805430983c Java: Convert commons-io to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
d7aafbfe64 Java: Add model generator script that emits data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
9c93402b26 Java: Convert integration test to use data extensions instead of inlined models. 2022-11-28 12:30:35 +01:00
Michael Nebel
157a228088 Java: Add query packs with names to enable dependency resolution. 2022-11-28 12:30:35 +01:00
Michael Nebel
2d309bb8f8 Java: Include the library query pack to get the data extensions included. 2022-11-28 12:30:35 +01:00
Michael Nebel
b3a3b676ba Java: Remove manual models from QL code. 2022-11-28 12:30:34 +01:00
Michael Nebel
f4e1867d28 Java: Define extensible predicates to at least be empty. 2022-11-28 12:30:34 +01:00
Michael Nebel
0abeb831c7 Java: Move summaryModel predicate, which constructs a CSV row to the testcode where it is used. 2022-11-28 12:30:34 +01:00
Michael Nebel
663d091776 Java: Invert dependencies and use the extensible predicates. 2022-11-28 12:30:34 +01:00
Michael Nebel
9cb5ff1cdc Java: Add data extensions for all manual models. 2022-11-28 12:30:34 +01:00
Michael Nebel
8e25cac653 Java: Add extensible predicates. 2022-11-28 12:30:34 +01:00
Michael Nebel
7b6f202f23 Java: Renaming. 2022-11-28 12:30:34 +01:00
Michael Nebel
63e2206d16 Java: Prepare QL pack for data extensions. 2022-11-28 12:30:34 +01:00
Michael Nebel
fc4b9827b9 Java: Add script for converting extensions. 2022-11-28 12:30:34 +01:00
Michael Nebel
9f7103c4fb Java: Add queries for extracting sources, sinks and summaries. 2022-11-28 12:30:34 +01:00
Michael Nebel
a8ee878356 Java: Add bi-directional import of FragmentInjection. 2022-11-28 12:30:33 +01:00
Michael Nebel
663112576a Java: Update commons-io models. 2022-11-28 12:30:33 +01:00
Erik Krogh Kristensen
7a3898168f Update README.md 2022-11-28 12:12:36 +01:00
Tom Hvitved
cde05e1190 Data flow: Sync files 2022-11-28 12:11:38 +01:00
Tom Hvitved
c65780ee99 Data flow: Inline revFlowInNotToReturn 2022-11-28 12:11:18 +01:00
Tom Hvitved
bdb205a318 Data flow: Track return kind instead of return position in pruning stages 2-4 2022-11-28 12:11:18 +01:00
Tom Hvitved
4346a7f426 Data flow: Inline fwdFlowOutNotFromArg 2022-11-28 12:11:18 +01:00
Tom Hvitved
70d2a0df8a Data flow: Track parameter position instead of parameter in pruning stages 2-4 2022-11-28 12:11:12 +01:00
Taus
530b795eaa Merge pull request #11402 from yoff/python/port-super-not-enclosing-class 
Python: port `py/super-not-enclosing-class`
 2022-11-28 11:52:57 +01:00
Nick Rolfe
8a94cabdbf Merge pull request #11250 from github/nickrolfe/stack-trace-exposure 
Ruby: add stack-trace exposure query
 2022-11-28 10:45:59 +00:00
Asger F
e99571baae Update javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-28 11:45:08 +01:00
Geoffrey White
dc02fa0386 Swift: Make ql-for-ql happy. 2022-11-28 10:17:11 +00:00
Geoffrey White
b3d2e759a6 Swift: Update swift/sql-injection to include local flow sources. 2022-11-28 10:11:44 +00:00
Geoffrey White
a5a459fe0a Swift: Update swift/unsafe-js-eval to include local flow sources. 2022-11-28 10:11:44 +00:00
Michael Nebel
7456f3750d Merge pull request #11432 from michaelnebel/java/flowtestgeneratortools 
Java: Flow test case generator
 2022-11-28 10:41:42 +01:00
erik-krogh
0c2ff98dc2 add flow from the first splat argument to the first splat parameter 2022-11-28 09:54:05 +01:00
erik-krogh
d5725255fe add failing test for splat parameter flow 2022-11-28 09:53:03 +01:00
Michael Nebel
24e830f91d Java: Fix some minor bugs in the CSV printing of summaries for flow test generation. 2022-11-28 09:07:40 +01:00
Michael Nebel
abe4d99e12 Java: Make some rudimentary tooling for testing the flow test case generator script. 2022-11-28 09:07:40 +01:00
Chris Smowton
5a0cce2a18 Merge pull request #11430 from erik-krogh/go-go 
GO: get the Go CI to go fast!
 2022-11-26 11:47:04 +00:00
erik-krogh
2b0ecec0c8 only run other-os on non-ql changes 2022-11-26 10:43:33 +01:00
erik-krogh
dcfa0b38c1 use a non-xl mac runner because the XL runners keep queing 2022-11-26 10:43:33 +01:00
erik-krogh
2b996f11cc use query compilation cache 2022-11-26 10:43:33 +01:00
erik-krogh
1e732ad4d7 use XL workers, and update the windows runner 2022-11-26 10:43:33 +01:00
erik-krogh
d7763f236f use more threads for codeql test 2022-11-26 10:43:33 +01:00
erik-krogh
b6034b4935 delete language specific format check 2022-11-26 10:43:30 +01:00
Chris Smowton
fb1f22144d Merge pull request #11352 from smowton/smowton/admin/kotlin-tests-1.7.20 
Kotlin: bump default CI version to 1.7.20
 2022-11-25 21:05:10 +00:00
Chris Smowton
0879f02db6 Adapt custom_plugin test to Kotlin 1.7.20 2022-11-25 17:54:53 +00:00