hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-07 08:04:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,734 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
38cca08a86 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-06-14 13:27:33 +02:00
Asger F
f737054216 Merge pull request #13380 from asgerf/js/fix-sink-kind 
JS: Fix invalid source kind in test
 2023-06-14 12:56:58 +02:00
Tony Torralba
5e3d9d8136 Java: Model the Stapler framework 2023-06-14 12:34:52 +02:00
Tony Torralba
182513a981 Merge pull request #13235 from atorralba/atorralba/java/hudson-models 
Java: Add Hudson models
 2023-06-14 12:33:18 +02:00
Taus
e5b17af9b5 Java: Fix bad tool output 2023-06-14 12:16:44 +02:00
Ian Lynagh
36e8441ed7 Merge pull request #13427 from igfoo/igfoo/references 
Kotlin: Avoid using deprecated APIs
 2023-06-14 11:15:35 +01:00
Jean Helie
209f3e26d4 Merge pull request #13239 from github/tausbn/automodel-application-mode 
Java: Add QL support for automodel application mode
 2023-06-14 11:42:26 +02:00
Michael Nebel
2200a2ae79 C#: Address review comments. 2023-06-14 11:25:31 +02:00
Asger F
5aea6fc16c JS: Remove dataExtensions clause from test qlpack 2023-06-14 10:42:31 +02:00
Asger F
21831516f4 JS: use test-local data extensions 2023-06-14 10:38:33 +02:00
Tony Torralba
8bafc22add Replace open-url sink kinds with request-forgery 2023-06-14 09:59:59 +02:00
Tony Torralba
73d2ab7d66 Add change note 2023-06-14 09:58:30 +02:00
Tony Torralba
686c35e210 Add autogenerated models 2023-06-14 09:58:30 +02:00
Anders Schack-Mulligen
1a4fca334f Merge pull request #13273 from aschackmull/dataflow/summarynode-refactor 
Dataflow: Refactor FlowSummaryImpl to synthesize nodes independently from DataFlow::Node.
 2023-06-14 09:38:36 +02:00
erik-krogh
8663a8ba1c add change-note 2023-06-14 08:31:57 +02:00
erik-krogh
df61c4dd62 reintroduce the experiemental queries that use deprecated features 2023-06-14 08:31:57 +02:00
erik-krogh
bfe7e62f35 update some expected outputs - some tests no longer have an edges relation - and XsltSinks lost a result 2023-06-14 08:31:57 +02:00
erik-krogh
1f8f111ef6 reintroduce DataFlowType - otherwise nothing in the old DataFlow library would compile 2023-06-14 08:31:57 +02:00
erik-krogh
6e001ec062 deprecate SqlInjectionSink - it's not used anywhere 2023-06-14 08:31:57 +02:00
erik-krogh
e463819bc2 get ParamSource.ql to compile by deleting import that got deleted - I have no if this is a good change 2023-06-14 08:31:57 +02:00
erik-krogh
3a436d1f84 do a quick-and-dirty conversion of py/hardcoded-credentials to the new dataflow library 2023-06-14 08:31:56 +02:00
erik-krogh
ae8bf5ed3c delete old deprecations 2023-06-14 08:31:51 +02:00
Rasmus Lerchedahl Petersen
f1de753400 python: add changenote 2023-06-13 21:59:51 +02:00
Rasmus Lerchedahl Petersen
4b4b9bf9da python: add missing summaries 
For append/add:
The new results in the experimental tar slip query
show that we do not recognize the sanitisers.
 2023-06-13 20:22:21 +02:00
Rasmus Lerchedahl Petersen
b72c93ff4f python: remove remaining explicit taint steps 2023-06-13 20:22:20 +02:00
yoff
1d65284011 Merge pull request #13209 from yoff/python/container-summaries-2 
python: Container summaries, part 2
 2023-06-13 18:17:09 +02:00
Rasmus Lerchedahl Petersen
775f3eaf56 python: make copy a dataflow step 2023-06-13 17:07:41 +02:00
Taus
b860b21ced Update MaD Declarations after Triage 2023-06-13 16:50:58 +02:00
Alexandre Boulgakov
7280f07611 Merge pull request #13336 from github/sashabu/c++20-todos 
Swift: Fix some C++20 todos.
 2023-06-13 15:25:29 +01:00
Alexandre Boulgakov
f5d6f50851 Merge pull request #13335 from github/sashabu/c++20 
Build: Bump build mode to C++20.
 2023-06-13 15:03:01 +01:00
yoff
4056358863 Merge pull request #13438 from RasmusWL/flask-render-string 
Python: Add modeling of `flask.render_template_string`
 2023-06-13 14:56:43 +02:00
Michael Nebel
9690ff6177 C#: Address review comments. 2023-06-13 14:19:17 +02:00
Alex Ford
75ccbe58ee Ruby: rack - use Mimetype rather than MimeType in predicate names for consistency with concepts 2023-06-13 12:44:29 +01:00
Alex Ford
977ceb89fd Ruby: rack - remove PotentialResponseNode#getAStatusCode 2023-06-13 12:42:46 +01:00
Alex Ford
af1ca7fec7 Update ruby/ql/lib/codeql/ruby/frameworks/rack/internal/App.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-13 12:37:31 +01:00
Rasmus Wriedt Larsen
2b7fc94aef Python: Fix validTest.py expectation 2023-06-13 12:11:28 +02:00
Erik Krogh Kristensen
4dc596f0fb Merge pull request #13381 from erik-krogh/mongooseFindByIdAndUpdate 
JS: remove the second argument of findByIdAndUpdate as a NoSQL sink
 2023-06-13 11:59:58 +02:00
Rasmus Lerchedahl Petersen
33ad15e989 ruby: use aliases 2023-06-13 11:49:30 +02:00
Rasmus Lerchedahl Petersen
e11f6b5107 ruby/python: adjust shared file 
- move `isNonLocal` to the top
- missing backtics
 2023-06-13 11:49:30 +02:00
Rasmus Lerchedahl Petersen
b5961c7f6b ruby: move to internal folder 2023-06-13 11:49:30 +02:00
Rasmus Lerchedahl Petersen
203f8226cb ruby/python: make SummaryTypeTracker private 2023-06-13 11:32:06 +02:00
Anders Schack-Mulligen
2d616d494e C#/Ruby: Add fields as per review comments. 2023-06-13 11:26:30 +02:00
yoff
8cae151883 Update python/ql/test/experimental/dataflow/typetracking-summaries/TestSummaries.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-13 11:22:54 +02:00
Rasmus Lerchedahl Petersen
b709ed47e1 python: add test 2023-06-13 11:20:15 +02:00
Jeroen Ketema
6413fcc0f9 Merge pull request #13439 from jketema/go-dead 
Go: Remove commented out code from test
 2023-06-13 10:33:51 +02:00
Michael Nebel
577bbd531d C#: Base tests on stubs, move extractor options to options file and updated expected test output. 2023-06-13 10:17:42 +02:00
Jeroen Ketema
d035491c6f Go: Remove commented out code from test 2023-06-13 10:13:42 +02:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
yoff
2a5173c331 Update python/ql/lib/semmle/python/frameworks/Stdlib.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-06-13 10:04:46 +02:00
Asger F
0d45074caa Merge pull request #13422 from asgerf/rb/map_filter 
Ruby: fix bug in filter_map summary
 2023-06-13 09:43:47 +02:00