codeql

mirror of https://github.com/github/codeql.git synced 2026-01-03 01:30:19 +01:00

Author	SHA1	Message	Date
Sarita Iyer	f6b6a988ca	Update supported-frameworks.rst	2023-07-28 17:21:55 -04:00
Robert Marsh	22ae430e65	Swift: accept more test changes from hiding InOutExpr	2023-07-28 20:43:25 +00:00
Robert Marsh	bb4fe2002f	Merge branch 'main' into rdmarsh2/swift/array-content-flow	2023-07-28 20:41:23 +00:00
Alexandre Boulgakov	3e7a7fe54e	Swift: Mangle `ArchetypeType`s with different constraints in different extensions.	2023-07-28 21:39:52 +01:00
Ian Lynagh	01a512b677	Kotlin: Pass on a parentId	2023-07-28 17:46:05 +01:00
Owen Mansel-Chan	0895853a23	Delete unused testing predicate	2023-07-28 17:09:53 +01:00
Ian Lynagh	e8f4aee1cf	Kotlin: Remove some redundant braces	2023-07-28 17:02:24 +01:00
Owen Mansel-Chan	00d5cb737c	Different approach to avoiding getTarget()	2023-07-28 17:00:36 +01:00
Owen Mansel-Chan	d2b8d836e9	Avoid using getTarget() as it may not exist Try to also deal with the case that we are calling a function through a variable that it has been assigned to.	2023-07-28 17:00:34 +01:00
Stephan Brandauer	40eab180cc	Merge pull request #13823 from github/kaeluka/support-argument-this-in-frameworkmode-metadata-extraction Java: Support Argument[this] and parameters of bodiless interface methods in framework mode metadata extraction	2023-07-28 17:38:39 +02:00
Tony Torralba	08cba7dc5f	Merge pull request #13713 from pwntester/java/struts2_source_taint_inheriting [Java] Implement field taint inheritance for Struts2 unmarshalled objects	2023-07-28 16:46:27 +02:00
Robert Marsh	6039af0087	Swift: autoformat	2023-07-28 14:34:57 +00:00
Robert Marsh	7ed520ab54	Swift: update test expectations after hiding InOutExpr	2023-07-28 14:29:24 +00:00
Owen Mansel-Chan	a020189895	Merge pull request #13822 from owen-mc/dataflow/mergepathgraph3-signature-fix Dataflow: MergePathGraph3 signature fix	2023-07-28 15:15:43 +01:00
Chris Smowton	f08879a2df	Format; add change note	2023-07-28 14:16:30 +01:00
Chris Smowton	6fa2d2764d	Don't treat logrus' WithContext method as a logging function This isn't output by the default formatters (though a custom formatter could potentially output things stored in it)	2023-07-28 14:11:03 +01:00
Shati Patel	a98ae8941c	Merge pull request #13832 from github/shati-patel/docs-indentation Docs: Fix indentation in tutorial examples	2023-07-28 14:07:16 +01:00
Tony Torralba	2dff0ce5b4	Merge pull request #13712 from pwntester/java/new_struts2_models [Java] New models for Struts2 framework	2023-07-28 14:31:25 +02:00
Stephan Brandauer	8bf960bd44	Java: fix QL-for-QL alert	2023-07-28 14:28:47 +02:00
Stephan Brandauer	021eedfdf1	Java: format	2023-07-28 14:26:34 +02:00
Owen Mansel-Chan	84dacbfbfd	Compiler error messages changed in Go 1.20.6	2023-07-28 13:13:01 +01:00
Stephan Brandauer	82fd0e45aa	Java: support Argument[this] in NotAModelApiParameter	2023-07-28 14:04:53 +02:00
Stephan Brandauer	a9d2f43538	Java: use a newtype for framework mode candidates	2023-07-28 13:51:25 +02:00
Stephan Brandauer	8ed773b240	Java: Framework mode extraction now uses a custom class for endpoints, so we can support both Argument[this] and interface-method parameters	2023-07-28 12:56:39 +02:00
Stephan Brandauer	09c64e8fee	Java: Support Argument[this] in framework mode metadata extraction	2023-07-28 12:55:26 +02:00
shati-patel	1694915535	Docs: Fix indentation in tutorial examples	2023-07-28 11:45:39 +01:00
Ian Lynagh	499bd970d3	Merge pull request #13412 from igfoo/igfoo/json_escape Kotlin: Tweak our JSON escaping	2023-07-28 11:13:51 +01:00
Alvaro Muñoz	c3a2ae2943	Account for public fields/setters	2023-07-28 12:12:07 +02:00
Alvaro Muñoz	c089368557	Merge branch 'java/struts2_source_taint_inheriting' of https://github.com/pwntester/codeql into java/struts2_source_taint_inheriting	2023-07-28 12:05:38 +02:00
Maiky	90ac5b905b		2023-07-28 00:21:02 +02:00
Maiky	2a49219127	Move query to experimental	2023-07-28 00:15:33 +02:00
Geoffrey White	beacade499	Swift: Autoformat.	2023-07-27 22:48:23 +01:00
Geoffrey White	15244e0ee1	Swift: Expand NominalType.getFullName to Type.getFullName (so it is a suitble substitute for the old Type.getName behaviour).	2023-07-27 22:41:46 +01:00
Maiky	2d88ac1846	Suggested Changes	2023-07-27 23:40:52 +02:00
Geoffrey White	e2740fef73	Swift: Add explanatory comment.	2023-07-27 22:12:49 +01:00
Maiky	f5e17d7d39	Add additional Filter Methods	2023-07-27 23:04:55 +02:00
Geoffrey White	2ba983bf4a	Swift: Change note.	2023-07-27 22:04:07 +01:00
Maiky	d9800c7bb6	Update CommandInjection.ql	2023-07-27 22:45:50 +02:00
Maiky	d0a912fb02	Update swift/ql/src/queries/Security/CWE-078/CommandInjection.ql Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2023-07-27 22:45:05 +02:00
Geoffrey White	57a55eda75	Swift: QL solution (arguably clearer, seems more performant).	2023-07-27 20:51:49 +01:00
Geoffrey White	82057513c5	Swift: Implement Type.getName() as different from Type.getFullName() (regex solution).	2023-07-27 20:50:21 +01:00
Robert Marsh	c36ce785d8	Merge branch 'main' into rdmarsh2/swift/array-content-flow	2023-07-27 19:18:03 +00:00
Geoffrey White	aa6d7c088b	Swift: Add some more diverse test cases.	2023-07-27 19:35:13 +01:00
Geoffrey White	9588e68115	Swift: Add detail and spacing to the NoominalType tests.	2023-07-27 19:17:51 +01:00
Geoffrey White	3eb1bac9df	Swift: Update consistency test failure (line numbers).	2023-07-27 16:11:59 +01:00
Geoffrey White	44d785fabf	Swift: Make QL-for-QL happy.	2023-07-27 15:37:13 +01:00
Tony Torralba	c239a4399c	Changed Struts2ActionSupportClassFieldReadSource to be a FieldValueNode instead of a field read	2023-07-27 10:39:06 +02:00
Alvaro Muñoz	97a4230d5d	add change note	2023-07-27 10:39:06 +02:00
Alvaro Muñoz	f3fc56294e	implement field taint inheritance for Struts2 unmarshalled objects	2023-07-27 10:39:06 +02:00
Charis Kyriakou	8438fb2310	Merge pull request #13821 from github/charisk/remove-last-updated Remove last updated information and sorting from MRVA views	2023-07-27 08:31:00 +01:00

... 10 11 12 13 14 ...

57744 Commits