hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-20 18:04:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,683 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
588fe2792c C#: Update/Add some hand-written stubs for CWE-079 and CWE-611. 2023-12-15 10:02:02 +01:00
Michael Nebel
597a47b2d5 C#: Modify System.Web.cs manual stub to avoid overlap with generated stub. 2023-12-15 10:02:02 +01:00
Michael Nebel
0e6399e1cc C#: Make manual adjustments to the generated stubs. 2023-12-15 10:02:02 +01:00
Michael Nebel
8967a0996b C#: Update all generated stubs. 2023-12-15 10:02:02 +01:00
yoff
c395d2d957 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-12-15 09:58:27 +01:00
erik-krogh
ad4f464850 add warnOnImplicitThis 2023-12-15 09:55:30 +01:00
erik-krogh
9cc708b122 add integration test for the new extractor option to disable type extraction 2023-12-15 09:53:13 +01:00
Erik Krogh Kristensen
9543c23aba Merge pull request #15111 from erik-krogh/mergeback-ts-extractor 
JS: TypeScript extractor fixes into rc/3.12
 2023-12-15 09:21:20 +01:00
Michael Nebel
5bc2183fc3 Merge pull request #15108 from michaelnebel/csharp/stubgenscripts 
C#: Stub generator scripts.
 2023-12-15 09:16:36 +01:00
yoff
72430438f3 Merge pull request #15109 from RasmusWL/consistency-cleanup 
Python: Delete old copy of DataFlowImplConsistency.qll
 2023-12-15 08:58:32 +01:00
Anders Schack-Mulligen
337e5e458c Update java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-15 08:48:50 +01:00
Yunus AYDIN
8a7c3c19fe Merge branch 'main' into main 2023-12-15 09:05:50 +03:00
fossilet
795668ddaf Fix sphinx.add_lexer. 2023-12-15 09:58:46 +08:00
Rasmus Lerchedahl Petersen
abd544d96c Python: consistency failure gone 2023-12-15 00:38:58 +01:00
Rasmus Lerchedahl Petersen
b6123de518 Python: simplify assignments to captured variables 2023-12-15 00:34:52 +01:00
Yunus AYDIN
ec5a8b49c8 add httprouter example code and stub.go 2023-12-15 00:54:39 +03:00
Erik Krogh Kristensen
a700aa4cde Merge pull request #15110 from rvermeulen/rvermeulen/xml-attr-data-flow-node 
JavaScript: Add support for XML attributes in the data flow graph
 2023-12-14 21:45:57 +01:00
Geoffrey White
363ec0a917 Swift: Update swift/summary/query-sinks. 2023-12-14 20:22:36 +00:00
erik-krogh
c752f26f91 use direct string comparison instead, that doesn't crash on invalid values 2023-12-14 20:43:16 +01:00
erik-krogh
5bbf79bf26 fix the parsing of boolean environment variables in the TypeScript extractor 2023-12-14 20:43:16 +01:00
erik-krogh
1a0d29ba8a rename extractor environment variable to CODEQL_EXTRACTOR_JAVASCRIPT_OPTION_SKIP_TYPES 2023-12-14 20:43:16 +01:00
erik-krogh
62205f6a7f add environment variable to skip extraction of types in TypeScript 2023-12-14 20:43:16 +01:00
erik-krogh
b5fe0e5709 make sure reset() is called when manually invoking the TS extractor, so environment-variables are read 2023-12-14 20:43:16 +01:00
erik-krogh
96d1573978 move TypeVarDepth further up, so its declared before it's used 2023-12-14 20:43:15 +01:00
erik-krogh
10cf53b8d3 fix a this reference 
`this` didn't refer to anything specific, and it was in fact `undefined` in the context it was invoked. There was already a  `let typeTable = this;` further up (where `this` refers to the class instance), so I used `typeTable`.
 2023-12-14 20:43:15 +01:00
erik-krogh
43b228dbb4 exclude all the lib.d.ts files when running the TS extractor directly 
e.g. the `lib.es5.d.ts` file was not excluded
 2023-12-14 20:43:15 +01:00
Erik Krogh Kristensen
e838562591 Merge pull request #15105 from erik-krogh/fix-boolean-parse 
JS: fix the parsing of boolean environment variables in the TypeScript extractor
 2023-12-14 20:41:14 +01:00
Remco Vermeulen
133a243298 Add support for XML attributes in the data flow graph 2023-12-14 11:33:53 -08:00
Tom Hvitved
25a676ac6a Ruby: Model simple pattern matching as value steps instead of taint steps 2023-12-14 20:18:24 +01:00
Geoffrey White
9ec08c1c4b Swift: Add a couple of sinks missing from sensitive data hashing as well. 2023-12-14 18:04:35 +00:00
Geoffrey White
3a900f1f8b Swift: Fix some inconsistencies in the test cases. 2023-12-14 18:04:34 +00:00
Geoffrey White
7ba18e64a0 Swift: Add sinks for algorithms that are OK for sensitive data hashing but not for password hashing. 2023-12-14 18:04:34 +00:00
Geoffrey White
c2d49c0fff Swift: Address a weakness in the sensitive data regexs. 2023-12-14 18:04:34 +00:00
Geoffrey White
87eb96ed3b Swift: Add more cases to test. 2023-12-14 18:04:34 +00:00
Geoffrey White
22ed20dd7c Swift: Upgrade SecKeyCopyExternalRepresentation source to be considered a password / key rather than a miscellaneous credential. 2023-12-14 18:04:34 +00:00
Rasmus Wriedt Larsen
2a98a7e615 Python: Delete old copy of DataFlowImplConsistency.qll 
We forgot to delete that file in https://github.com/github/codeql/pull/8457
 2023-12-14 18:18:25 +01:00
Mathias Vorreiter Pedersen
7af6496a71 C++: Add change note. 2023-12-14 17:13:23 +00:00
Robert Marsh
3738e19db6 Swift: fix compilation failures outside CFG code 2023-12-14 16:39:51 +00:00
Geoffrey White
10b4c98e80 Swift: Move password sources to be reported by the new query. 2023-12-14 16:09:47 +00:00
Geoffrey White
5faa25fc6c Swift: Make passwords their own sensitive data type. 2023-12-14 16:09:47 +00:00
Geoffrey White
b5a45c64ff Swift: Define barriers, additional flow steps and sinks. 2023-12-14 16:09:47 +00:00
Geoffrey White
e5bf929cdb Swift: Split off WeakPasswordHashingExtensions.qll as we normally do. 2023-12-14 16:09:46 +00:00
Geoffrey White
db1508d108 Swift: Trivial changes - query ID / metadata, imports. 2023-12-14 16:09:46 +00:00
Geoffrey White
9774c3cb4f Swift: Copy WeakPasswordHashing query from csharp. 2023-12-14 16:09:45 +00:00
Geoffrey White
be7d0acfea Swift: Minor fixes for the existing weak sensitive data hashing query (naming consistency, remove unused import). 2023-12-14 16:09:45 +00:00
amammad
4d9aad92a1 remove a duplicate test 2023-12-14 17:08:18 +01:00
Mathias Vorreiter Pedersen
04ca36f9b0 Merge pull request #15106 from geoffw0/revrevtest 
Swift: Revert:Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query"
 2023-12-14 15:56:46 +00:00
Mathias Vorreiter Pedersen
61e30b9ff8 C++: Accept more test changes. 2023-12-14 15:25:29 +00:00
Michael Nebel
82784b4364 C#: Add a script for generating stubs for all packages needed for testing. 2023-12-14 16:11:17 +01:00
Geoffrey White
7e6ff7c826 Swift: Disable the part of the test that triggers an extraction issue. 2023-12-14 15:04:48 +00:00