tiferet
13cb0ab554
Fix CodeQL warning
2022-11-15 17:32:30 -08:00
tiferet
2ecdfd1ff6
Delete some code that's no longer in use
2022-11-15 17:29:03 -08:00
tiferet
fedb98ddb5
Implement the standard getAReasonSinkExcluded using StandardEndpointFilterCharacteristics
2022-11-15 17:22:00 -08:00
tiferet
cf4e37a0ab
Implement the standard endpoint filters as EndpointCharacteristics
2022-11-15 17:20:20 -08:00
tiferet
cb632b3534
Delete the file ExtractEndpointData.expected which was leftover in the last PR
2022-11-15 17:11:34 -08:00
Harry Maclean
ed3270fb04
Ruby: Update for upstream changes
2022-11-16 14:06:32 +13:00
Harry Maclean
2e2fcd49bf
Ruby: Consider Object#inspect a log sanitizer
...
The behaviour of `Object#inspect` depends on whether it has been
overridden by a subclass, but it will typically produce output on a
single line. Calling `inspect` on a String will replace newlines with
`\n`, which is then safe for interpolation into a log line.
2022-11-16 13:46:51 +13:00
Harry Maclean
762ebad66e
Ruby: Add change note
2022-11-16 13:46:51 +13:00
Harry Maclean
d0521f15f1
Ruby: Update tests
2022-11-16 13:46:51 +13:00
Harry Maclean
d2c0250b41
Ruby: Model ActionDispatch::Request#body_stream
2022-11-16 13:46:51 +13:00
Harry Maclean
9f357837fa
Ruby: Model send_data as an HTTP response
2022-11-16 13:46:51 +13:00
Harry Maclean
5cfc494e16
Ruby: Test render inside redirect_to
...
This test shows that we correctly identify redirect_to and render calls
inside respond_to blocks.
2022-11-16 13:46:51 +13:00
Harry Maclean
155b64d3fc
Ruby: Add test for render calls
2022-11-16 13:46:51 +13:00
Harry Maclean
b7e14311be
Ruby: Model ActionController logger
2022-11-16 13:46:50 +13:00
Harry Maclean
27681ac987
Ruby: Move ActionController tests to own directory
2022-11-16 13:46:49 +13:00
Erik Krogh Kristensen
c70f3d35d0
Merge pull request #11256 from erik-krogh/ts49
...
JS: Add support for TypeScript 4.9
2022-11-16 01:05:40 +01:00
Mauro Baluda
ec04f0c88f
hapi/glue tests
2022-11-15 23:45:27 +01:00
erik-krogh
8cb68b79c1
bump extractor version
2022-11-15 22:09:09 +01:00
erik-krogh
b0b5761a8c
update TS from 4.9.2-rc to 4.9.3
2022-11-15 22:08:54 +01:00
erik-krogh
364336e22a
add downgrade script
2022-11-15 22:07:25 +01:00
erik-krogh
1f90f7dd4d
add upgrade script
2022-11-15 22:07:25 +01:00
erik-krogh
d4c6f873af
add test for auto-accessors
2022-11-15 22:07:25 +01:00
erik-krogh
65567fa1ce
add test for the more precise type-narrowing with the in operator
2022-11-15 22:07:25 +01:00
erik-krogh
e98d1df5f4
add dataflow support
2022-11-15 22:07:25 +01:00
erik-krogh
a8973c1147
add test for dataflow
2022-11-15 22:07:24 +01:00
erik-krogh
75ef5b1b0b
add support for satisfies-expressions
2022-11-15 22:07:24 +01:00
erik-krogh
30c66303ba
initial skeleton for TypeScript 4.9
2022-11-15 22:07:24 +01:00
Nora Dimitrijević
09b669a584
Swift: Add direct call to remote source to a test
...
Strangely, there are two separate paths to each of the JSEvaluateScript
sinks: one passing through the JSString constructor, one omitting this
step.
2022-11-15 21:57:46 +01:00
Nora Dimitrijević
52e5d541ef
Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
...
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com >
2022-11-15 21:15:04 +01:00
Nora Dimitrijević
fccb581765
Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
...
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com >
2022-11-15 21:14:56 +01:00
Nora Dimitrijević
cb7d9d5f3f
Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
...
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com >
2022-11-15 21:14:50 +01:00
Nora Dimitrijević
8db8f14f99
Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
...
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com >
2022-11-15 21:14:37 +01:00
Nora Dimitrijević
b42482c960
Update swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
...
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com >
2022-11-15 21:14:18 +01:00
Tiferet Gazit
710b215c38
Merge pull request #11263 from github/tiferet/extract-training-data
...
ATM: Extract training data
2022-11-15 12:08:13 -08:00
tiferet
fc078a47fd
Apply suggestion from code review
2022-11-15 11:14:01 -08:00
Ed Minnix
013ff79d17
Java: Check the value of parameter in WebView file access query
2022-11-15 13:50:56 -05:00
Ed Minnix
10875568ec
Java: add negative test cases for WebView file access query
2022-11-15 13:50:31 -05:00
Tiferet Gazit
092e019de9
Apply suggestions from code review
...
Co-authored-by: Stephan Brandauer <kaeluka@github.com >
2022-11-15 10:48:32 -08:00
Andrew Eisenberg
2ffb4b6480
Merge pull request #11279 from github/aeisenberg/atm-readme
...
Add more information about ATM queries for external users
2022-11-15 10:46:03 -08:00
Geoffrey White
e81c62e402
Swift: Correct comment.
2022-11-15 18:34:51 +00:00
Geoffrey White
7c1fb5d4a6
Swift: Add qldoc for AutoClosureExpr.
2022-11-15 18:31:30 +00:00
Geoffrey White
4eee375296
Swift: Add AutoClosureExpr.getExpr.
2022-11-15 18:31:30 +00:00
Geoffrey White
13d6deb9c4
Swift: Make similar enhancements to unary operations.
2022-11-15 18:31:30 +00:00
Geoffrey White
70075e2832
Swift: Add qldoc for BinaryExpr.
2022-11-15 18:31:21 +00:00
Andrew Eisenberg
88750a7000
Add more information about ATM queries for external users
2022-11-15 10:17:56 -08:00
Geoffrey White
3c46b0cad1
Swift: Add BinaryExpr.getOperator().
2022-11-15 18:04:48 +00:00
Geoffrey White
fa86e75330
Update swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-11-15 17:49:23 +00:00
Ed Minnix
1d71c38a8f
Java: Fix formatting of WebView file access query
2022-11-15 12:43:20 -05:00
Ed Minnix
694930556b
Java: documentation cleanup
2022-11-15 12:35:57 -05:00
AlexDenisov
f069802abb
Merge pull request #11277 from github/redsun82/swift-remove-ipa-from-dbscheme-cpp
...
Swift: remove IPA classes from `cppgen`
2022-11-15 18:34:59 +01:00
