codeql

mirror of https://github.com/github/codeql.git synced 2026-02-03 16:51:07 +01:00

Author	SHA1	Message	Date
Kasper Svendsen	68cf33e791	Ruby: Make implicit this receivers explicit	2023-05-03 12:25:01 +02:00
Kasper Svendsen	3eb5a95ee3	Python: Make implicit this receivers explicit	2023-05-03 12:16:21 +02:00
Geoffrey White	9590dde1e6	Merge branch 'main' into swiftoddsends	2023-05-03 11:13:38 +01:00
Owen Mansel-Chan	27fb42db76	Env var for path to environment file	2023-05-03 11:11:09 +01:00
Felicity Chapman	dff6f17978	Merge branch 'main' into felicitymay-9916-update-links	2023-05-03 11:05:10 +01:00
Erik Krogh Kristensen	e9c25949fa	Merge pull request #13002 from kaspersv/kaspersv/javascript-explicit-this-receiver JS: Make implicit this receivers explicit	2023-05-03 11:55:22 +02:00
Kasper Svendsen	be08b97418	Merge pull request #12999 from kaspersv/kaspersv/cpp-explicit-this-receiver C++: Make implicit this receivers explicit	2023-05-03 11:51:21 +02:00
Kasper Svendsen	a92a55f437	Merge pull request #13001 from kaspersv/kaspersv/csharp-explicit-this-receiver C#: Make implicit this receivers explicit	2023-05-03 11:39:31 +02:00
Stephan Brandauer	05bf13b020	use getCallable predicate	2023-05-03 11:27:14 +02:00
Kasper Svendsen	efdaffedee	JS: Make implicit this receivers explicit	2023-05-03 10:49:46 +02:00
Asger F	b9ad4177f9	JS: List safe environment variables in IndirectCommandInjection	2023-05-03 10:48:14 +02:00
Kasper Svendsen	bfc48efdaa	C#: Make implicit this receivers explicit	2023-05-03 10:48:00 +02:00
Kasper Svendsen	c9fba18c48	C++: Make implicit this receivers explicit	2023-05-03 10:31:01 +02:00
Asger F	4c6711d007	JS: Clarify the difference between context and input sources	2023-05-03 10:30:04 +02:00
Stephan Brandauer	09f3296134	export related locations using notation	2023-05-03 10:27:46 +02:00
Asger F	bdcda7ffe6	JS: Move change note to right location	2023-05-03 10:22:40 +02:00
tyage	22f5b7a18b	JS: check scoped package and normal package	2023-05-03 13:19:59 +09:00
Robert Marsh	df1a7b8b83	C++: change note	2023-05-02 16:19:00 -04:00
Sim4n6	6d3fdc3a07	all forms considered+ more unicode normalize sink	2023-05-02 21:18:37 +01:00
Robert Marsh	8c992fb437	C++: added change note	2023-05-02 16:13:33 -04:00
Edward Minnix III	733a00039e	Merge pull request #12864 from egregius313/egregius313/java/mad/update-typeAsModel Java: Erase generics in `typeAsModel` predicate used in model generator	2023-05-02 15:28:51 -04:00
Geoffrey White	54a4b898a3	Swift: Re-run codegen.	2023-05-02 17:46:59 +01:00
Geoffrey White	a698f3fcb9	Merge branch 'main' into modernsec3	2023-05-02 17:35:08 +01:00
Owen Mansel-Chan	0c6efb8c84	Add telemetry-only diagnostics	2023-05-02 17:17:06 +01:00
Owen Mansel-Chan	3bfcbbf7af	Add unit test	2023-05-02 17:17:05 +01:00
Owen Mansel-Chan	0710ed97db	Refactor to be more easily testable	2023-05-02 17:17:05 +01:00
Owen Mansel-Chan	2db304edee	Choose which version to install and write file	2023-05-02 17:17:04 +01:00
Mathias Vorreiter Pedersen	7fa6894aaf	C++: Ensure that product dataflow library enters/leaves through the same call.	2023-05-02 17:13:36 +01:00
Geoffrey White	bb6aa11ce5	Swift: Additional test case.	2023-05-02 17:12:44 +01:00
Geoffrey White	ca50f1117e	Swift: Hide locationless results in the inlineexpectations test (there's no way to make them expected).	2023-05-02 16:57:29 +01:00
Alex Ford	388b2abf68	Merge pull request #12821 from maikypedia/maikypedia/ruby-ssti Ruby: Add Rails `render inline:` as Template Injection Sink	2023-05-02 16:56:27 +01:00
Alex Ford	82c025020d	Merge remote-tracking branch 'origin/main' into maikypedia/ruby-ssti	2023-05-02 16:18:41 +01:00
Alex Ford	a571bc64ac	ruby: regenerate TemplateInjection.expected	2023-05-02 16:14:20 +01:00
Sim4n6	019b85beb6	Add Unicode Bypass Validation query, test and help file	2023-05-02 15:36:39 +01:00
Sim4n6	083cd612cd	add a change note markdown	2023-05-02 15:17:03 +01:00
Sim4n6	1fa1a4e268	Add Unicode Bypass Validation query tests and help	2023-05-02 15:09:16 +01:00
Robert Marsh	2bfa8b661b	C++: a some QLDoc to new range analysis wrapper	2023-05-02 09:43:25 -04:00
Mathias Vorreiter Pedersen	2e5a04854e	Merge pull request #12989 from MathiasVP/add-fp-overrun-write-product-flow C++: Add testcase with `cpp/overrun-write` FP	2023-05-02 14:33:34 +01:00
Tony Torralba	ec44aa2597	Add change note	2023-05-02 15:31:20 +02:00
Tony Torralba	34f978ed26	Move manual models out of the generated directory	2023-05-02 15:29:28 +02:00
Owen Mansel-Chan	644d7f18c2	Factor out tryReadGoDirective()	2023-05-02 14:15:03 +01:00
Owen Mansel-Chan	5e87111a8b	Stop using deprecate `io/ioutil` package	2023-05-02 14:15:02 +01:00
Owen Mansel-Chan	1e2bdd88b1	Add --identify-environment flag	2023-05-02 14:15:01 +01:00
Mathias Vorreiter Pedersen	635d290504	C++: Add testcase with FP.	2023-05-02 13:51:16 +01:00
Rasmus Wriedt Larsen	c89b57997a	Python: Change variable capture tests to use fresh variable names Instead of reusing `nonSink0` for both captureOut1NotCalled and captureOut2NotCalled tests (I used 1/2 naming scheme to match things up nicely). I also added a comment highlighting that `m` is the function that is not called (since I overlooked that initially :O)	2023-05-02 14:13:56 +02:00
Asger F	67afbee06d	Merge pull request #12825 from smiddy007/JS-Allow-Truncated-Hash-Forge-NonKeyCipher JS: Allow NonKeyCiphers to include truncated SHA-512 MDs in Forge JS libr…	2023-05-02 13:59:30 +02:00
Anders Schack-Mulligen	353d5f82a6	Merge pull request #12984 from aschackmull/dataflow/instanceof-node Dataflow: Replace "extends Node" with "instanceof Node".	2023-05-02 13:52:33 +02:00
Asger F	0ce27d13a7	Merge pull request #12985 from asgerf/rb/meta-query-sql-injection Ruby: add SQL injection sinks to meta query	2023-05-02 13:35:06 +02:00
Stephan Brandauer	f1644adca9	add internal tag to extraction queries; use 'ml' in query ids, instead of 'ml-powered'	2023-05-02 13:30:22 +02:00
Stephan Brandauer	bb7e473cbf	use the name callable, instead of callee for methods, functions	2023-05-02 13:22:31 +02:00

... 243 244 245 246 247 ...

66447 Commits