hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 02:01:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,690 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sim4n6
f5ff50880c Updated qhelp for the use of html_escape() 2023-05-20 17:58:24 +01:00
Sim4n6
cc3cc1faef Merge branch 'ruby-UBV' of https://github.com/sim4n6/codeql-pun into ruby-UBV 2023-05-20 12:59:50 +01:00
Sim4n6
d11cb9195c Use of CGI.escapeHTML() in test samples 2023-05-20 12:57:50 +01:00
Sim4n6
e345d7dca4 Update ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-05-20 12:54:03 +01:00
Sim4n6
7cd1fd4bbf CWE-179 and CWE-180 are included in metadata 2023-05-20 12:51:45 +01:00
Sim4n6
957023ec44 nfd and nfkd are considered 2023-05-20 12:51:24 +01:00
Sim4n6
c9c7179a0b Deleted the ugly flowchart. 2023-05-20 12:49:46 +01:00
Sim4n6
c3c65ca712 Qhelp formatting 2023-05-20 12:48:26 +01:00
Sim4n6
8dcf139b45 Update ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-05-20 12:46:54 +01:00
Sim4n6
eb7e1de65b Update ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-05-20 12:43:05 +01:00
Sim4n6
69ca49f168 Deleted the UBV query change note. 2023-05-20 12:39:54 +01:00
Sim4n6
be3f59afab Replaced StringMethod() with a restrained String method calls 2023-05-20 12:17:33 +01:00
Sim4n6
d939f192d5 Deleted the UBV query change note. 2023-05-20 11:46:18 +01:00
Sim4n6
21e99d52c7 Fix a redundant import 2023-05-20 10:23:04 +01:00
Sim4n6
b8969707c5 Delete the vulnerability flow image from the QHelp file. 2023-05-20 10:21:38 +01:00
Sim4n6
16ce024429 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:13:23 +01:00
Sim4n6
8462b14b54 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:12:55 +01:00
Sim4n6
2a8645c447 Fix 'Singleton set literal' warning 2023-05-20 10:11:26 +01:00
Sim4n6
58be109a70 Moved UnicodeBypassValidation Customizations & Query.qll to src/experimental 2023-05-20 10:08:56 +01:00
Robert Marsh
bf07b0f97b C++: fix cxartesian product in constant off-by-one query 2023-05-19 18:32:09 -04:00
Geoffrey White
b6122d01fc Swift: Clean up the query somewhat. 2023-05-19 22:40:53 +01:00
Geoffrey White
2028b5ef95 Swift: Fix imprecise sinks. 2023-05-19 22:23:26 +01:00
Geoffrey White
19080333b9 Swift: Add a few test cases. 2023-05-19 22:18:34 +01:00
Mathias Vorreiter Pedersen
58f4b7696d Merge pull request #13223 from geoffw0/useasnominaltypedecl 
Swift: Use asNominalTypeDecl more.
 2023-05-19 16:53:28 +01:00
Tony Torralba
b58eb3a92c Java: Add TemplateEngine.createTemplate as a groovy injection sink 2023-05-19 17:45:47 +02:00
Mathias Vorreiter Pedersen
c15ebf83ee C++: Add testcase with FP (and also fix an incorrect test annotation). 2023-05-19 16:38:18 +01:00
Philip Ginsbach
999e7f96c7 Merge pull request #13222 from github/ginsbach/SignatureSyntax 
add syntax for signature definitions to QL specification
 2023-05-19 16:22:45 +01:00
Geoffrey White
881134a6f5 Swift: Add warning note to Decl.getMember. 2023-05-19 16:12:09 +01:00
Alexandre Boulgakov
f943502e41 Merge pull request #13224 from github/sashabu/tsp-empty-help-links 
Swift: Drop support for plaintext diagnostics (and `helpLinks`).
 2023-05-19 15:44:44 +01:00
Alexandre Boulgakov
b3e76d6052 Swift: Drop support for plaintext diagnostics (and helpLinks). 
The recommended option is Markdown diagnostics, and we have already migrated everything to emit them. The empty help link we're currently emitting everywhere is a bug.
 2023-05-19 15:16:02 +01:00
Alexandre Boulgakov
a1beaa6300 Merge pull request #13186 from github/redsun82/swift-diagnostics-wording 
Swift: reword TSP diagnostics after doc team review
 2023-05-19 15:15:46 +01:00
Geoffrey White
5ffde7a762 Update swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-05-19 14:55:39 +01:00
Alexandre Boulgakov
110b766770 Swift: Add a . to a test message to match the logging API change in this PR. 2023-05-19 14:46:12 +01:00
Philip Ginsbach
6957857773 add syntax for signature declarations to QL specification 2023-05-19 14:44:29 +01:00
Alexandre Boulgakov
1e9b849e93 Merge branch 'main' into redsun82/swift-diagnostics-wording 2023-05-19 14:43:01 +01:00
Alexandre Boulgakov
8f7279ee05 Swift: TSP message wording changes. 2023-05-19 14:39:57 +01:00
Alexandre Boulgakov
5bb2eb4155 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:37:18 +01:00
Alexandre Boulgakov
137b4a99ef Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:24 +01:00
Alexandre Boulgakov
ddcac20a94 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:14 +01:00
Alexandre Boulgakov
8a15af5614 Swift: TSP message wording changes. 
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
 2023-05-19 14:36:04 +01:00
Geoffrey White
68bdd51dd3 Swift: Add QLDoc encouraging this pattern. 2023-05-19 14:35:08 +01:00
Geoffrey White
0d8aa825d9 Swift: Use asNominalType() more widely to include things declared in extensions. 2023-05-19 14:19:32 +01:00
Geoffrey White
ccbd041875 Swift: Use asNominalTypeDecl() to simplify models. 2023-05-19 14:04:49 +01:00
Mathias Vorreiter Pedersen
2206216dbb Merge pull request #13221 from geoffw0/filepath 
Swift: Taint model for FilePath
 2023-05-19 14:01:22 +01:00
Geoffrey White
c8dfc87dae Swift: getName -> getFullName. 2023-05-19 12:18:17 +01:00
Geoffrey White
13755ad5f5 Swift: Remove placeholder lines I had left in. 2023-05-19 11:42:00 +01:00
Tony Torralba
babf429c9a Merge pull request #13220 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-05-19 08:57:15 +02:00
github-actions[bot]
66f2579437 Add changed framework coverage reports 2023-05-19 00:15:25 +00:00
Geoffrey White
6dfad79972 Swift: Model FilePath. 2023-05-18 18:56:08 +01:00
Geoffrey White
371bcc55fa Swift: Consolidate and extend tests of taint flow through FilePath. 2023-05-18 18:01:38 +01:00