hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 18:34:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,683 Branches 158 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Soref
061d1ee9fe spelling: presence 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
71b0613f9a spelling: parenthesized 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
ba0f34afed spelling: owasp 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
0919507565 spelling: outside 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
7e0bbf1bdb spelling: optimization 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:25 -04:00
Josh Soref
114653162c spelling: operator 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:25 -04:00
Josh Soref
c77f685c0c spelling: operations 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:25 -04:00
Asger F
e55be83645 Ruby: add 'render file:' as file system access 2022-10-12 09:47:04 +02:00
Jami Cogswell
29de0c6748 make one config for asymm with flow states; seems to work... 2022-10-11 22:29:48 -04:00
Jami Cogswell
3e8748e639 add path-graph back to query alerts 2022-10-11 16:56:11 -04:00
Jami Cogswell
26f4abf12b remove globalflow for key(pair)gen 2022-10-11 16:56:11 -04:00
Jami Cogswell
e64825ff7a fix code-scanning bot problems 2022-10-11 16:56:11 -04:00
Jami Cogswell
b6a8c27d48 delete experimental files 2022-10-11 16:56:11 -04:00
Jami Cogswell
bd76b1fcc0 clean-up and update configurations to have specs as sink 2022-10-11 16:56:10 -04:00
Jami Cogswell
0c2cff253f updates from discussing with Tony 2022-10-11 16:56:10 -04:00
Jami Cogswell
3cc7f143b2 clean up code somewhat 2022-10-11 16:56:10 -04:00
Jami Cogswell
f5a2fef7a3 update tests for non-path version 2022-10-11 16:56:10 -04:00
Jami Cogswell
b0af9f936c added kg taintracking config to all 2022-10-11 16:56:10 -04:00
Jami Cogswell
b7123c17f8 draft of adding kpg tracking into dataflow config 2022-10-11 16:56:10 -04:00
Jami Cogswell
cdac0e2b52 add local algo name tracking, still need to add ability to track algo name when KeyGen obj is param to other method 2022-10-11 16:56:10 -04:00
Jami Cogswell
c414ee0e25 add ECC dataflow config; passes all test cases; still don't have algo name tracking 2022-10-11 16:56:10 -04:00
Jami Cogswell
5e2ef66014 refactoring to use both dataflow configs; commit before deleting unused code 2022-10-11 16:56:10 -04:00
Jami Cogswell
ac707198d5 commit before adding taint flow back (since no taint flow doesn't capture all cases) 2022-10-11 16:56:10 -04:00
Jami Cogswell
8ffd2522e7 add draft code to find algo type to replace tainttracking configs 2022-10-11 16:56:10 -04:00
Jami Cogswell
d3b1a04c13 handle FN case with simple VarAccess; add draft of dataflow config to handle complex VarAccess 2022-10-11 16:56:10 -04:00
Jami Cogswell
7de9c05c9d use CompileTimeConstantExpr for FN with VarAccess, and remove KeyGeneratorInitConfiguration 2022-10-11 16:56:10 -04:00
Jami Cogswell
75794ec7a7 false negative testing - before rewrite for variable dataflow 2022-10-11 16:56:10 -04:00
Jami Cogswell
7d94590d79 add change note 2022-10-11 16:56:10 -04:00
Jami Cogswell
9eb45c3787 refactor tests and code, update help file 2022-10-11 16:56:10 -04:00
Jami Cogswell
657e1e62ca start refactoring query logic into lib file 2022-10-11 16:56:10 -04:00
Jami Cogswell
3643c9e658 update metadata 2022-10-11 16:56:10 -04:00
Jami Cogswell
9b7df354e6 move files 2022-10-11 16:56:10 -04:00
Alex Ford
bf4dac78c5 Ruby: remove some singleton set literals 2022-10-11 21:44:52 +01:00
Alex Ford
d3c8ce3f48 Ruby: ActiveSupport extends Pathname with an existence method that may return itself 2022-10-11 21:35:58 +01:00
Henry Mercer
bfa9765a6d Merge branch 'main' into codeql-ci/js/ml-powered-pack-release-0.3.5 2022-10-11 19:06:01 +01:00
github-actions[bot]
06bbede92b JS: Bump version of ML-powered library and query packs to 0.3.6 2022-10-11 17:58:33 +00:00
github-actions[bot]
4e3a6e60b2 JS: Bump patch version of ML-powered library and query packs 2022-10-11 17:48:46 +00:00
Asger F
ed165c6194 Ruby: bugfix in self-resolution in type-tracking 2022-10-11 18:53:20 +02:00
Asger F
a64286b664 Ruby: add test for singleton class instance field 
incorrect test output
 2022-10-11 18:53:20 +02:00
Tony Torralba
4b2aa93a05 Update test expectations after rebase 2022-10-11 17:54:59 +02:00
Mathias Vorreiter Pedersen
fc810ddbf4 Merge pull request #10775 from atorralba/atorralba/swift/custom-url-scheme-sources 
Swift: Add taint sources for custom URL scheme URLs
 2022-10-11 16:47:52 +01:00
Tony Torralba
8525db5af6 Add summaries for tainted URL fields 2022-10-11 17:24:26 +02:00
Tony Torralba
f4d43deec4 Add taint sources for custom URL scheme URLs 2022-10-11 17:19:04 +02:00
Mathias Vorreiter Pedersen
f88aaf37a5 C++: Add 'UninitializedNode' to IR dataflow. 2022-10-11 16:08:06 +01:00
Ed Minnix
80cc3fc518 Reword first sentence of documentation 2022-10-11 11:02:37 -04:00
Edward Minnix III
1f0a48de28 Documentation suggestion 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-11 10:59:00 -04:00
Mathias Vorreiter Pedersen
af79139c30 Merge pull request #10772 from atorralba/atorralba/swift/subscriptexpr-taint-step 
Swift: Add taint step for subscript expressions
 2022-10-11 15:45:54 +01:00
Alex Ford
3d08a2954d Ruby: add rb/unsafe-deserialization sinks for const_get args 2022-10-11 15:45:51 +01:00
Alex Ford
a3f096a6bc Ruby: rb/unsafe-deserialization test realignment 2022-10-11 15:44:00 +01:00
Tamas Vajk
41a54f2a98 Add change note 2022-10-11 16:40:08 +02:00