hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-19 01:14:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
75ef5b1b0b add support for satisfies-expressions 2022-11-15 22:07:24 +01:00
erik-krogh
30c66303ba initial skeleton for TypeScript 4.9 2022-11-15 22:07:24 +01:00
Nora Dimitrijević
09b669a584 Swift: Add direct call to remote source to a test 
Strangely, there are two separate paths to each of the JSEvaluateScript
sinks: one passing through the JSString constructor, one omitting this
step.
 2022-11-15 21:57:46 +01:00
Nora Dimitrijević
52e5d541ef Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2022-11-15 21:15:04 +01:00
Nora Dimitrijević
fccb581765 Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2022-11-15 21:14:56 +01:00
Nora Dimitrijević
cb7d9d5f3f Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2022-11-15 21:14:50 +01:00
Nora Dimitrijević
8db8f14f99 Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2022-11-15 21:14:37 +01:00
Nora Dimitrijević
b42482c960 Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2022-11-15 21:14:18 +01:00
Tiferet Gazit
710b215c38 Merge pull request #11263 from github/tiferet/extract-training-data 
ATM: Extract training data
 2022-11-15 12:08:13 -08:00
tiferet
fc078a47fd Apply suggestion from code review 2022-11-15 11:14:01 -08:00
Ed Minnix
013ff79d17 Java: Check the value of parameter in WebView file access query 2022-11-15 13:50:56 -05:00
Ed Minnix
10875568ec Java: add negative test cases for WebView file access query 2022-11-15 13:50:31 -05:00
Tiferet Gazit
092e019de9 Apply suggestions from code review 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-11-15 10:48:32 -08:00
Andrew Eisenberg
2ffb4b6480 Merge pull request #11279 from github/aeisenberg/atm-readme 
Add more information about ATM queries for external users
 2022-11-15 10:46:03 -08:00
Geoffrey White
e81c62e402 Swift: Correct comment. 2022-11-15 18:34:51 +00:00
Geoffrey White
7c1fb5d4a6 Swift: Add qldoc for AutoClosureExpr. 2022-11-15 18:31:30 +00:00
Geoffrey White
4eee375296 Swift: Add AutoClosureExpr.getExpr. 2022-11-15 18:31:30 +00:00
Geoffrey White
13d6deb9c4 Swift: Make similar enhancements to unary operations. 2022-11-15 18:31:30 +00:00
Geoffrey White
70075e2832 Swift: Add qldoc for BinaryExpr. 2022-11-15 18:31:21 +00:00
Andrew Eisenberg
88750a7000 Add more information about ATM queries for external users 2022-11-15 10:17:56 -08:00
Geoffrey White
3c46b0cad1 Swift: Add BinaryExpr.getOperator(). 2022-11-15 18:04:48 +00:00
Geoffrey White
fa86e75330 Update swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-11-15 17:49:23 +00:00
Ed Minnix
1d71c38a8f Java: Fix formatting of WebView file access query 2022-11-15 12:43:20 -05:00
Ed Minnix
694930556b Java: documentation cleanup 2022-11-15 12:35:57 -05:00
AlexDenisov
f069802abb Merge pull request #11277 from github/redsun82/swift-remove-ipa-from-dbscheme-cpp 
Swift: remove IPA classes from `cppgen`
 2022-11-15 18:34:59 +01:00
AlexDenisov
eb2f1ff559 Merge pull request #11274 from github/redsun82/swift-remove-double-newlines-in-schema 
Swift: remove double newlines in schema
 2022-11-15 18:34:32 +01:00
Erik Krogh Kristensen
6f4fd3ef72 Merge pull request #11175 from erik-krogh/erb 
JS: extract .erb files as html
 2022-11-15 18:21:48 +01:00
Arthur Baars
0ce4500b48 Apply suggestions from code review 
Co-authored-by: Pierre <turbo@github.com>
 2022-11-15 18:20:28 +01:00
Geoffrey White
1b6317d584 Update swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-11-15 17:19:32 +00:00
Jeroen Ketema
d79c722d95 Merge pull request #11278 from jketema/dataflow-test-typo 
C++: Fix typo in dataflow test comment
 2022-11-15 17:33:06 +01:00
Jeroen Ketema
98176007d8 C++: Fix type in dataflow test comment 2022-11-15 17:18:08 +01:00
erik-krogh
cec5045b52 Merge branch 'main' into erb 2022-11-15 17:16:05 +01:00
erik-krogh
e4dbf0acff use instead of a fixed version number 2022-11-15 17:14:38 +01:00
erik-krogh
39938b4dad add change-note 2022-11-15 17:14:38 +01:00
erik-krogh
29cf695b07 update expected output of the queries (some sorting changed due to locations being used slightly differently in the shared pack) 2022-11-15 17:14:38 +01:00
erik-krogh
e18ceba49e port the JS regex/redos queries to use the shared pack 2022-11-15 17:14:38 +01:00
erik-krogh
031a910989 add a JS implementation of RegexTreeViewSig 2022-11-15 17:14:38 +01:00
erik-krogh
4a2472a078 add hasLocationInfo predicate to regexp terms 2022-11-15 17:14:37 +01:00
erik-krogh
e928777cb7 add codeql/regex as a dependency 2022-11-15 17:14:37 +01:00
erik-krogh
f6255e497b Merge branch 'main' into rb-redosMod 2022-11-15 17:14:19 +01:00
Erik Krogh Kristensen
68e513c6a4 Merge pull request #11246 from erik-krogh/java-redosMod 
Java: use the shared regex pack
 2022-11-15 17:12:52 +01:00
Paolo Tranquilli
56b207e41f Swift: remove IPA classes from cppgen 2022-11-15 17:07:52 +01:00
Arthur Baars
da7788dd64 CodeQL: add 'False positive' issue template 2022-11-15 16:53:53 +01:00
Tony Torralba
89a8ccb828 Merge pull request #11273 from atorralba/atorralba/swift/string-utf8-step 
Swift: Add `AdditionalTaintStep`
 2022-11-15 16:46:26 +01:00
Tony Torralba
0570610765 Merge pull request #11138 from atorralba/atorralba/swift/xxe-query-aexml-sinks 
Swift: Add AEXML sinks to XXE query
 2022-11-15 16:42:17 +01:00
Mauro Baluda
8109a7b67a Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-15 16:27:21 +01:00
Mauro Baluda
e5e3bb3705 Generalize the server definition in plugin registration 2022-11-15 16:27:14 +01:00
Erik Krogh Kristensen
f7b5a4d170 Merge pull request #11203 from erik-krogh/shouldBePath 
C#: update cs/assembly-path-injection cs/hardcoded-key to path-problems
 2022-11-15 16:24:05 +01:00
Tony Torralba
8ca004fde1 Add AdditionalTaintStep 2022-11-15 16:14:22 +01:00
Mauro Baluda
563a56af9d Update Hapi.qll 2022-11-15 15:46:34 +01:00