hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-02 13:48:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,728 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
amammad
9245e1c2a4 remove CLI sources Library file & qldoc warnings 2023-10-01 00:37:56 +10:00
amammad
95363455af fix tests, and review suggestions. 2023-09-30 22:50:08 +10:00
amammad
f0f60c3b7d move JWT.qll to experimental 2023-09-30 22:30:30 +10:00
amammad
8ef969fcb9 fix a mistake: replaces tests after gofmt 2023-09-30 22:16:59 +10:00
amammad
863fa364e2 remove CLI sources Library file & unused file system sinks 2023-09-30 20:11:14 +10:00
Aditya Sharad
cf98b84279 ATM/JS: Remove test workflow 
These queries are deprecated, and upcoming nightly CLIs will no longer support their experimental functionality. To avoid test breakage, remove this workflow.

The code and tests can be cleaned up as future follow-up.
 2023-09-29 15:19:45 -07:00
amammad
bb8063c0f4 remove CLI sources & unused imports 2023-09-30 06:07:44 +10:00
amammad
2ab10262fc V3: better sinks, replace sinks arguments to sinks method accesses 2023-09-30 06:06:34 +10:00
amammad
83cffea1a1 v3 2023-09-30 05:56:39 +10:00
amammad
3e9c3e6987 remove inputStream and its subclasses module which has no impact on query now! 2023-09-30 04:28:37 +10:00
amammad
c1b9310ec2 add comments for modules & remote local sources 2023-09-30 04:28:02 +10:00
amammad
2961b79fb9 add multipart sources 2023-09-30 03:09:02 +10:00
amammad
2e7529cc70 remove local sources 2023-09-30 02:41:47 +10:00
Maiky
142ab01b48 Remove comment line 2023-09-29 18:32:12 +02:00
Maiky
e171123589 Add initial query for CWE-942 2023-09-29 18:25:58 +02:00
Sarita Iyer
178b5c1c30 Merge pull request #14282 from github/saritai/update-language-display-names 
Update language display names
 2023-09-29 11:15:56 -04:00
Sarita Iyer
f29063bca3 Update codeql-for-java.rst 2023-09-29 10:44:27 -04:00
Rasmus Wriedt Larsen
3162033d56 Python: Make tests run for django rest framework 2023-09-29 16:21:04 +02:00
Sarita Iyer
b6b554f384 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-09-29 10:07:22 -04:00
Sarita Iyer
c0653adc85 remove trailing space 2023-09-29 09:57:48 -04:00
Sarita Iyer
925d8e21ce Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-09-29 09:45:34 -04:00
Mathew Payne
41bb8377d9 Add change notes 2023-09-29 14:44:36 +01:00
Mathew Payne
19c93b0228 Add RestFramework tests 2023-09-29 14:41:57 +01:00
Michael Nebel
81e4cddf9f Merge pull request #14333 from michaelnebel/csharp/windowsunittests 
C#: Also run extractor unit tests on a windows runner.
 2023-09-29 15:28:26 +02:00
Rasmus Lerchedahl Petersen
177db998c7 Python: add change note 2023-09-29 15:28:08 +02:00
Mathew Payne
eb9b32473e Add support for ModelViewSet functions 2023-09-29 14:26:39 +01:00
Rasmus Lerchedahl Petersen
ed3ffde5e6 Python: modules are now possibly non-unique 
We should consider if this is the right way..
 2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
be506c64ba Python: update test-expectations 
These are semantic differences.
They generally look good, except perhaps
we should exclude illegal package names?
(It passes `legalShortName`, though).
 2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
4f35a62583 Python: broaden search for imports 
This now finds vulnerabilities in
https://github.com/github/field-security-codeql/issues/100
 2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
d9854eb409 Python: Add QLDoc 2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
1d4832cbfe python: allow namespace packages as packages 
remove the logic around isPotentialPackage
 2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
362cf107a4 python: add tests for module import 
- `--max-import-depth=3` to give points-to a chance
- `not_root` dir to force namespace package logic
- add usage in `example.py` to get files extracted
 2023-09-29 15:10:19 +02:00
yoff
dbecb1bd0f Merge pull request #14070 from yoff/python/promote-nosql-query 
Python: promote nosql query
 2023-09-29 14:21:22 +02:00
Rasmus Wriedt Larsen
9b73bbfc31 Python: Add keyword argument support 
and a fair bit of refactoring
 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d6d13f84a9 Python: -> NoSQL in QLDocs 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
3676262313 Python: Clean trailing whitespace 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d7ad5a0f23 Python: List NoSQL injection sinks 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
16e1a00e88 Python: NoSQLInjection -> NoSqlInjection 2023-09-29 13:52:51 +02:00
Rasmus Lerchedahl Petersen
97696680e6 Python: require dict sinks be dangerous. 2023-09-29 13:45:23 +02:00
Rasmus Lerchedahl Petersen
f3a01612e8 Python: rename flow states 
Close to being a revert of
3043633d9c
but with slightly shorter names and added comments.
 2023-09-29 13:23:36 +02:00
Rasmus Lerchedahl Petersen
e1708054a4 Python: fix QL alert 2023-09-29 12:06:51 +02:00
Anders Schack-Mulligen
efb49fcd3e Merge pull request #14336 from aschackmull/java/switch-rule-stmt-cfg 
Java: Fix CFG for case rule statements.
 2023-09-29 12:02:48 +02:00
Rasmus Lerchedahl Petersen
2d845e3e55 Python: nicer paths 
turn "the long jump" that would end up
straight at the argument into a short jump
that ends up at the dictionary being written to.
Dataflow takes care of the rest of the path.
 2023-09-29 12:02:16 +02:00
Rasmus Lerchedahl Petersen
74d6f37467 Python: update meta query TaintSinks 2023-09-29 12:02:16 +02:00
yoff
2e028a41ee Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-29 11:32:51 +02:00
Michael Nebel
c25113ae46 C#: Execute tests via the bash shell to ensure that we stop on error. 2023-09-29 09:35:43 +02:00
Michael Nebel
3fd083b249 C#: Enable the stub generator tests. 2023-09-29 09:35:43 +02:00
Michael Nebel
086588982e C#: Ensure that always use the same newline symbol for stub generation. 2023-09-29 09:35:42 +02:00
Michael Nebel
e42741e8ed C#: Also run extractor unit tests on a windows runner. 2023-09-29 09:33:33 +02:00
Stephan Brandauer
d7beda79ab Merge pull request #14197 from github/kaeluka/framework-mode-source-candidates 
Java: Framework mode source candidates
 2023-09-28 21:09:54 +02:00