codeql

mirror of https://github.com/github/codeql.git synced 2026-01-18 17:04:50 +01:00

Author	SHA1	Message	Date
tyage	06925681b0	add test for context.params	2022-10-26 10:53:11 +09:00
github-actions[bot]	5454f9a738	Add changed framework coverage reports	2022-10-26 00:20:29 +00:00
Jami Cogswell	1e80fa118c	add modules	2022-10-25 18:26:00 -04:00
Daniel Santos	f7ace6f801	Update javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-10-25 14:27:03 -05:00
Geoffrey White	1e8b4bdd6f	Merge pull request #10973 from geoffw0/comment Swift: Fix UrlRemoteFlowSource name clash	2022-10-25 18:51:51 +01:00
thiggy1342	9c1fbfd330	Merge branch 'main' into expand-ruby-ssrf-sinks-faraday-connection-new	2022-10-25 13:09:17 -04:00
Chris Smowton	004f4be5fb	Kotlin: don't try to call nonexistent `j.l.Number.toChar` Previously we thought this could be callable because Kotlin's view of `j.l.Integer` inherits `k.Number` which defines `toChar`.	2022-10-25 17:09:05 +01:00
Geoffrey White	53fa91f8ba	Swift: Add comment.	2022-10-25 16:51:57 +01:00
Daniel Santos	feece6f7b4	Merge branch 'github:main' into main	2022-10-25 10:43:20 -05:00
Geoffrey White	a67bd4d903	Swift: Fix name clash.	2022-10-25 16:40:27 +01:00
Ian Lynagh	4050801a17	Kotlin: Autoformat query	2022-10-25 16:26:12 +01:00
Ian Lynagh	52cfc33576	Kotlin: Accept test changes	2022-10-25 16:26:12 +01:00
Ian Lynagh	63b64e4daa	Kotlin: Test tweaks for the diags consistency query	2022-10-25 16:26:11 +01:00
Ian Lynagh	caf7ebc634	Java/Kotlin: Add a diagnostic consistency query	2022-10-25 16:26:11 +01:00
Ian Lynagh	185d43a7b0	Kotlin: Turn warnings into trace messages This is normal behaviour, nothing to be concerned about.	2022-10-25 16:26:11 +01:00
Daniel Santos	5b080481aa	TokenBuiltFromUuid formatting	2022-10-25 09:51:48 -05:00
Daniel Santos	b8d60edb49	TokenBuiltFromUuid isAdditionalTaintStep refactor	2022-10-25 09:51:07 -05:00
Daniel Santos	375edf7455	TokenAssignmentValueSink refactor	2022-10-25 09:50:04 -05:00
thiggy1342	3659eaa780	add markdown file extension	2022-10-25 10:13:19 -04:00
Geoffrey White	257748d82b	C++: Rename predicate.	2022-10-25 14:52:22 +01:00
Geoffrey White	3d025ea77e	Merge pull request #10903 from geoffw0/review Swift: Add some summary queries.	2022-10-25 14:47:09 +01:00
yo-h	01a67adb49	Merge pull request #10738 from github/yo-h-patch-1 Java: update framework list	2022-10-25 09:42:18 -04:00
Tamás Vajk	3264bbc1db	Merge pull request #10962 from tamasvajk/kotlin-unreachable-catch Kotlin: Exclude .kt files from `java/unreachable-catch-clause`	2022-10-25 15:01:25 +02:00
Tamás Vajk	7013663d13	Merge pull request #10881 from tamasvajk/kotlin-constant-expr Kotlin: Exclude constructs in serialization constructors from `java/evaluation-to-constant`	2022-10-25 15:00:58 +02:00
erik-krogh	e8dce25cc2	fix rb/code-injection	2022-10-25 14:44:23 +02:00
Geoffrey White	b59f01f968	Swift: Use UnknownFile.	2022-10-25 13:44:13 +01:00
Mathias Vorreiter Pedersen	6a7bcd384a	Merge pull request #10939 from rdmarsh2/rdmarsh2/cpp/modulus-analysis-comments C++: additional comments for modulus analysis	2022-10-25 14:29:54 +02:00
Karim Ali	18dd0f650c	update iterations threshold to most recent OWASP recommendation which is at least 120,000 iterations for secure password hashing	2022-10-25 14:01:40 +02:00
Tamas Vajk	80fa45fd8e	Fix expected fest file after rebase	2022-10-25 13:52:25 +02:00
Tamas Vajk	f1e6b756e3	Add integration test with constant expression in a generated constructor	2022-10-25 13:52:25 +02:00
Tamas Vajk	eaa04b72f1	Apply code review findings	2022-10-25 13:49:54 +02:00
Tamas Vajk	78c23c2657	Kotlin: Exclude constructs in serialization constructors from `java/evaluation-to-constant`	2022-10-25 13:49:54 +02:00
Tamás Vajk	30fc6acb19	Merge pull request #10961 from tamasvajk/kotlin-abstract-collection-cast Kotlin: Improve `java/abstract-to-concrete-cast` to handle `when` branches	2022-10-25 13:27:19 +02:00
Karim Ali	408c7bebe5	fix .expected file	2022-10-25 13:24:37 +02:00
Karim Ali	e8f55b9f0d	update output message	2022-10-25 13:24:37 +02:00
Karim Ali	c0ac29db16	clarify qhelp + add references to it	2022-10-25 13:24:37 +02:00
Karim Ali	4b7cb706f6	fix error in checking # of iterations plus also simplify the pattern matching of the sink classes	2022-10-25 13:24:37 +02:00
Karim Ali	0d2e7d43b9	add expected output	2022-10-25 13:24:37 +02:00
Karim Ali	5179a99abb	fix test cases to use the correct class name	2022-10-25 13:24:37 +02:00
Karim Ali	c4b2519e6c	initial draft of the Swift query for CWE-916	2022-10-25 13:24:37 +02:00
Henry Mercer	7e2c06de80	Merge pull request #10963 from github/codeql-ci/js/ml-powered-pack-release-0.3.6 JS: Bump version numbers of ML-powered packs after 0.3.6 release	2022-10-25 12:12:15 +01:00
yoff	9d542f1be9	Merge pull request #10887 from Sim4n6/TarSlipImprov Python: Add TarSlip Improv query	2022-10-25 13:02:52 +02:00
Chris Smowton	b9f4856d47	Merge pull request #10876 from smowton/smowton/feature/kotlin-default-method-auto-mad Java models-as-data: infer Kotlin $default models from that of its parent function	2022-10-25 11:58:54 +01:00
Alvaro Muñoz	9830d2bebc	Format Restify.qll	2022-10-25 12:53:44 +02:00
Paolo Tranquilli	a4258ea390	Merge pull request #10953 from github/redsun82/cmake-generator Bazel/CMake: make cmake runnable from outside the workspace	2022-10-25 12:47:10 +02:00
Chris Smowton	c4ba644dfd	Merge pull request #10952 from smowton/smowton/fix/java-interface-redeclares-tostring Kotlin: extract interface redeclarations of `Object` methods	2022-10-25 11:29:10 +01:00
Henry Mercer	1dc14bcaee	Merge branch 'main' into codeql-ci/js/ml-powered-pack-release-0.3.6	2022-10-25 10:54:08 +01:00
Alvaro Muñoz	a80b691358	Remove unnecessary TaggedTemplateEntryPoint	2022-10-25 11:44:45 +02:00
Alvaro Muñoz	37ea3f23f1	Refactored `ReplySource` to `ReplyCall`. Got rid of unnecessary `ref()`	2022-10-25 11:42:48 +02:00
github-actions[bot]	caf3a098c8	JS: Bump version of ML-powered library and query packs to 0.3.7	2022-10-25 09:12:00 +00:00

... 68 69 70 71 72 ...

49367 Commits