codeql

mirror of https://github.com/github/codeql.git synced 2026-02-24 10:53:49 +01:00

Author	SHA1	Message	Date
erik-krogh	c652f3e3dd	update grammar after https://github.com/tree-sitter/tree-sitter-ql/pull/17 has been merged	2022-08-15 14:10:10 +02:00
Jeroen Ketema	6b94cdbd8d	Merge pull request #10047 from jketema/fix-ir-comment C++: Fix block assignment evaluation order comment in IR translation	2022-08-15 14:01:48 +02:00
Chris Smowton	774e379eb1	Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability [JAVA] Partial Path Traversal Vuln Query	2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen	0adb588fe8	Merge pull request #9712 from erik-krogh/badRange JS/RB/PY/Java: add suspicious range query	2022-08-15 13:55:44 +02:00
Michael Nebel	15906338dc	Merge pull request #9923 from michaelnebel/csharp/webgoat C#: SQL Injection improvements for SQLite.	2022-08-15 13:22:25 +02:00
Chris Smowton	e27d62b0b4	Fix qldoc wording	2022-08-15 12:08:14 +01:00
Chris Smowton	c40ec728c6	Remove non-ascii char	2022-08-15 12:08:14 +01:00
Chris Smowton	38c0557d90	Adjust test to moved and expanded stubs	2022-08-15 12:08:14 +01:00
Asger F	3c41f28519	JS: Use explicit this	2022-08-15 12:49:23 +02:00
Asger F	671573633b	JS: Simplify getMain()	2022-08-15 12:48:41 +02:00
Chris Smowton	9f82088f5d	Remove unnecessary casts	2022-08-15 11:47:58 +01:00
Chris Smowton	1a3dc1d6eb	Remove extra closing tag	2022-08-15 11:31:53 +01:00
Ahmed Farid	18b103dbd5	Update TimingAttackAgainstHash.py	2022-08-15 11:29:29 +01:00
Ahmed Farid	7d23b80582	Update TimingAttackAgainstHash.py	2022-08-15 11:29:09 +01:00
Ahmed Farid	521dbd0e82	Update TimingAttackAgainstSensitiveInfo.py	2022-08-15 11:28:51 +01:00
Ahmed Farid	5de103303d	Update TimingAttackAgainstHeader.py	2022-08-15 11:26:34 +01:00
Ahmed Farid	7cb1683f5b	Update TimingAttackAgainstSensitiveInfo.py	2022-08-15 11:21:40 +01:00
Ahmed Farid	0e0c6e08b5	Update TimingAttack.qll	2022-08-15 11:18:31 +01:00
Michael Nebel	79a716488b	Merge pull request #10003 from michaelnebel/csharp/stubsenum C#: Stub generator improvements.	2022-08-15 12:14:06 +02:00
Asger F	80a37c5863	JS: More precise handling of "exports"	2022-08-15 11:59:40 +02:00
Jeroen Ketema	6c4685e538	C++: Fix block assignment evaluation order comment in IR translation	2022-08-15 11:58:57 +02:00
Erik Krogh Kristensen	51a724315f	Merge pull request #10017 from erik-krogh/forAwait JS: support top-level for await statements	2022-08-15 11:58:56 +02:00
Ian Lynagh	09d249e5d8	Merge pull request #10038 from igfoo/igfoo/java-downgrades Java: Add initial downgrades directory	2022-08-15 10:57:52 +01:00
Paolo Tranquilli	6dc90bc46c	Swift: accept test change	2022-08-15 11:53:18 +02:00
Chris Smowton	5677e38994	Style edit	2022-08-15 10:37:55 +01:00
Chris Smowton	3cf871e9e5	Apply docs suggestions Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2022-08-15 10:34:55 +01:00
Mathias Vorreiter Pedersen	dfde5712a3	Merge pull request #10031 from jketema/block-assign C++: Handle block assignments	2022-08-15 10:29:23 +01:00
erik-krogh	a28948e836	add change note	2022-08-15 10:53:33 +02:00
Anders Schack-Mulligen	a3fb54c9de	Merge pull request #10007 from aschackmull/dataflow/source-node-identity Dataflow: Fix identification of source PathNodes in the presence of source-to-source flow	2022-08-15 10:39:17 +02:00
Paolo Tranquilli	176009ca88	Merge branch 'main' into redsun82/swift-first-prototype-of-generated-ipa-layer	2022-08-15 10:18:41 +02:00
Chris Smowton	ca4ef6578d	Spelling	2022-08-13 14:37:08 +01:00
Chris Smowton	c5e46f78ec	Add change note	2022-08-13 14:29:17 +01:00
Chris Smowton	8bea2a5f6c	Add missing qldoc	2022-08-13 14:20:48 +01:00
Jeroen Ketema	40334a21ce	C++: add upgrade and downgrade scripts	2022-08-13 15:09:06 +02:00
Chris Smowton	b62e9dc92c	Convert tests to inline expectations and fix one bug revealed doing so Specifically Apache sshd defines its sensitive api calls on an inherited interface, and they need to be described that way for us to pick them up.	2022-08-13 14:02:05 +01:00
Chris Smowton	ddb0846e06	Split up hardcoded creds queries, ready for conversion to inline expectations	2022-08-13 12:39:16 +01:00
Chris Smowton	0a6ccbca45	Add stubs and tests for new hardcoded-credential sinks	2022-08-13 12:39:15 +01:00
Daniel Santos	60e0f09586	Additional hardcoded credentials candidates 3rd-party api calls	2022-08-13 12:39:15 +01:00
Jeroen Ketema	cac6bd57ab	C++: Update DB scheme stats file	2022-08-13 01:01:30 +02:00
erik-krogh	3a4a3437b5	fix some QL-for-QL warnings	2022-08-12 20:38:50 +02:00
erik-krogh	b54f037424	Merge branch 'main' into refacReDoS	2022-08-12 20:28:30 +02:00
erik-krogh	b9e96fb078	sync changes to other languages	2022-08-12 20:28:12 +02:00
erik-krogh	97681ea219	simplify code after review	2022-08-12 20:27:50 +02:00
erik-krogh	3403e2f325	apply suggestions from code review	2022-08-12 20:25:55 +02:00
Robert Marsh	5450681ade	C++: Autoformat and fix a test	2022-08-12 13:49:16 -04:00
Raul Garcia	e5f5d461f4	addressing feedback from PR review	2022-08-12 10:16:10 -07:00
Jeroen Ketema	0449d914c4	C++: Add change note	2022-08-12 18:43:24 +02:00
Jeroen Ketema	4d76fd198e	C++: Handle block assignments in the IR	2022-08-12 18:43:23 +02:00
Jeroen Ketema	5c905b76b4	C++: Expose block assignment operations in the QL library	2022-08-12 18:43:23 +02:00
Jeroen Ketema	ebf8161f1b	C++: Add block assignment expression to the database schema These can under some circumstances be generated by the frontend as part of compiler generated copy constructors and assignment operators.	2022-08-12 18:43:23 +02:00

... 484 485 486 487 488 ...

66447 Commits