4087 Commits

Author	SHA1	Message	Date
github-actions[bot]	0db6379602	Release preparation for version 2.18.3	2024-08-27 17:50:22 +00:00
Henry Mercer	0f44cd3f62	Revert "Release preparation for version 2.18.3"	2024-08-27 18:19:25 +01:00
github-actions[bot]	17cd9624fb	Release preparation for version 2.18.3	2024-08-21 17:13:52 +00:00
Anders Schack-Mulligen	993bfee096	Merge pull request #17259 from aschackmull/dataflow/remove-srcsink-grouping ... Dataflow: Remove src/sink grouping feature	2024-08-20 14:42:33 +02:00
Anders Schack-Mulligen	8470e91c16	Legacy Dataflow: Sync.	2024-08-20 10:07:57 +02:00
Geoffrey White	4c5c6c6968	Merge pull request #17148 from geoffw0/hardkey ... Swift: Additional test cases for swift/hardcoded-key	2024-08-19 17:45:34 +01:00
Geoffrey White	e3b9b0a9bd	Merge pull request #17210 from geoffw0/mailto ... Swift: Fix false positives in the swift/cleartext-transmission query	2024-08-16 16:23:09 +01:00
Geoffrey White	8646643f0e	Swift: Change note.	2024-08-13 11:23:41 +01:00
Geoffrey White	446c992181	Swift: Exclude tel:, mailto: and similar URLs from the query.	2024-08-13 11:23:40 +01:00
Geoffrey White	897bfb5517	Swift: Convert URL sinks for swift/cleartext-transmission to be defined in QL.	2024-08-13 11:23:39 +01:00
Geoffrey White	345e1840f2	Swift: Add more test cases for swift/cleartext-transmission.	2024-08-13 09:28:23 +01:00
Michael Nebel	4a5c9f0ec4	Merge pull request #17007 from michaelnebel/shared/neutralimplementation ... C#/Java/Go: Neutrals are split into separate classes.	2024-08-12 13:58:12 +02:00
Cornelius Riemenschneider	1689e60445	Merge remote-tracking branch 'origin/main' into criemen/pytest-swift	2024-08-09 11:22:41 +02:00
Cornelius Riemenschneider	9ce8018093	Autobuilder test/unsupported os: Promote to Windows and Linux test. ... This way, we have at least one Windows test, which makes our internal testing easier.	2024-08-08 15:41:48 +02:00
github-actions[bot]	cc6d87c276	Post-release preparation for codeql-cli-2.18.2	2024-08-08 12:56:21 +00:00
Cornelius Riemenschneider	2b0ff17884	Fix test expectations.	2024-08-08 10:28:42 +02:00
Cornelius Riemenschneider	e5261f8bfc	Port Swift integration tests to pytest.	2024-08-08 08:47:49 +02:00
github-actions[bot]	019da8c287	Release preparation for version 2.18.2	2024-08-07 14:02:38 +00:00
Alexander Eyers-Taylor	46577b585e	Revert "Release preparation for version 2.18.2"	2024-08-07 14:24:37 +01:00
github-actions[bot]	c14ba0e4bd	Release preparation for version 2.18.2	2024-08-06 12:46:15 +00:00
Geoffrey White	4225774a3a	Swift: Add test cases for swift/hardcoded-key.	2024-08-05 11:42:18 +01:00
Geoffrey White	0f7598786c	Swift: Test spacing.	2024-08-05 11:23:38 +01:00
Geoffrey White	9794309d2e	Merge pull request #17127 from geoffw0/swiftsql ... Swift: Improve doc for swift/sql-injection	2024-08-02 16:14:57 +01:00
Geoffrey White	0525e9c6ee	Merge pull request #17128 from geoffw0/swiftcmdline ... Swift: Disable some FileManager models	2024-08-02 13:59:59 +01:00
Geoffrey White	b87d832fcb	Merge pull request #17129 from geoffw0/swiftconstsalt ... Swift: Fixes for swift/constant-salt	2024-08-02 13:57:05 +01:00
Geoffrey White	49335e5b63	Merge pull request #17126 from geoffw0/swiftcleartext ... Swift: Improve documentation and examples that use encryption	2024-08-02 13:55:00 +01:00
Geoffrey White	e66cd05f96	Swift: Improve phrasing around robust escape functions.	2024-08-02 13:35:33 +01:00
Geoffrey White	fa898b8489	Update swift/ql/src/queries/Security/CWE-089/SqlInjection.qhelp ... Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2024-08-02 13:11:01 +01:00
Geoffrey White	aae19ab9f5	Swift: Remove quotes from the message.	2024-08-02 12:19:14 +01:00
Geoffrey White	5a5fdb2f6b	Swift: I missed the commas.	2024-08-02 12:11:35 +01:00
Geoffrey White	d3cdffef61	Apply suggestions from code review ... Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2024-08-02 12:07:31 +01:00
Geoffrey White	39411b0780	Swift: Add some test of taint through 'as'.	2024-08-01 17:33:35 +01:00
Geoffrey White	e313fdb392	Swift: Correct a comment in ECBEncryptionQuery.qll.	2024-08-01 17:28:09 +01:00
Geoffrey White	2486c8423b	Swift: Correct mistakes.	2024-08-01 17:02:03 +01:00
Geoffrey White	14763f3bb5	Swift: Change note.	2024-08-01 16:24:53 +01:00
Geoffrey White	8e68e0dfba	Swift: Change note.	2024-08-01 16:17:55 +01:00
Geoffrey White	3f26250967	Swift: Remove the sources instead (more general solution).	2024-08-01 16:14:30 +01:00
Geoffrey White	2b7b1c624d	Swift: Use a barrier as a simple fix.	2024-08-01 15:58:43 +01:00
Geoffrey White	7bf61d1d7e	Swift: Add test cases.	2024-08-01 15:49:33 +01:00
Geoffrey White	683ca2d578	Swift: Test spacing.	2024-08-01 15:32:45 +01:00
Geoffrey White	2ed2a76866	Swift: Add a note about escaping as an alternative way to fix these issues.	2024-08-01 11:52:08 +01:00
Geoffrey White	2fd4b57d74	Swift: Expand the swift/sql-injection qhelp examples by labelling the API that's used, adding SQLite3 C API examples, and adding an example of using a prepared statement incorrectly.	2024-08-01 11:52:06 +01:00
Geoffrey White	9f6a5d9e13	Swift: Fix typo in example.	2024-08-01 11:52:05 +01:00
Geoffrey White	61eb5cd55c	Swift: Put a barrier on the qualifiers as well.	2024-08-01 11:49:10 +01:00
Geoffrey White	0c3e8ced4b	Swift: Make append methods and string interpolation barriers for swift/constant-salt.	2024-08-01 11:49:09 +01:00
Geoffrey White	2543f3ecfb	Swift: Make + a barrier for swift/constant-salt.	2024-08-01 11:49:08 +01:00
Geoffrey White	c8438c38f2	Swift: Tests for string appending with swift/constant-salt.	2024-08-01 11:49:07 +01:00
Geoffrey White	69c18f9cd2	Swift: Use in swift/constant-salt so that the source node is clickable + visible to autofix.	2024-08-01 11:49:06 +01:00
Geoffrey White	b944d47f58	Swift: Fix the example for swift/constant-salt.	2024-08-01 11:49:05 +01:00
Geoffrey White	3d6a889d24	Swift: Make use of CBC blockmode in examples and tests mode accurate.	2024-07-30 16:59:11 +01:00