hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 05:13:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,907 Commits 1,697 Branches 161 Tags
codeql-cli/v2.24.2
Commit Graph

85907 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
5b30153113 java: add Escaping query (P1) 2025-10-09 09:14:16 +02:00
yoff
328b53576a java: add SafePublication query (P2) 2025-10-09 09:14:16 +02:00
yoff
fe487e8bf0 java: add ThreadSafe query (P3) 
Co-authored-by: Raúl Pardo <raul.pardo@protonmail.com>
Co-authored-by: SimonJorgensenMancofi <simon.jorgensen@mancofi.dk>
Co-authored-by: Bjørnar Haugstad Jåtten <bjornjaat@hotmail.com>
 2025-10-09 09:14:16 +02:00
idrissrio
546d59ff9d Java: Wait for test HTTP servers to be ready before running buildless test 2025-10-09 08:37:54 +02:00
REDMOND\brodes
f524de4afc Crypto: Updating insecure iv/nonce to consider if an operation is known for it, and if so do not alert on non-secure random if it is tied to decryption 2025-10-08 16:27:18 -04:00
REDMOND\brodes
7a57496c54 Crypto: Missing test update. 2025-10-08 14:16:47 -04:00
REDMOND\brodes
11e81395b5 Crypto: Updated default flows to use taint tracking (this is needed to fix false positives in the unknown IV/Nonce query). Add the unknown IV/Nonce query and associated test cases. Fix unknown IV/Nonce query to focus on cases where the oepration isn't known or the operation subtype is not encrypt or wrap. 2025-10-08 14:14:17 -04:00
REDMOND\brodes
75b5a9fda8 Crypto: Update general regression test results to account for removal of JCA random source. 2025-10-08 12:55:11 -04:00
REDMOND\brodes
8e10e1937d Crypto: Adding query for unknown IV initialization. 2025-10-08 12:49:54 -04:00
REDMOND\brodes
83ff70bcd8 Crypto: Adding tests for insecure iv or nonce. Updating generic literal sources to include array literals. 2025-10-08 12:47:58 -04:00
Jon Janego
83519a9fcc Merge pull request #20606 from github/changedocs-2.23.2 
changedocs for 2.23.2
 2025-10-08 11:07:58 -05:00
Jon Janego
4534d67107 Merge branch 'main' into changedocs-2.23.2 2025-10-08 11:00:45 -05:00
Jon Janego
9c610e8bab Update links in CodeQL CLI changelog 2025-10-08 10:57:17 -05:00
Owen Mansel-Chan
2f22acdd06 Remove hashing example when not covered by query 2025-10-08 16:48:57 +01:00
Jon Janego
f8626cd417 changedocs for 2.23.2 2025-10-08 10:42:10 -05:00
REDMOND\brodes
bd34b6ce02 Crypto: Removing JCA model of random, need to reassess this as this impacts the insecure IV/Nonce query. Updated name of the Insecure nonce query to be InsecureIVorNonce 2025-10-08 11:41:21 -04:00
REDMOND\brodes
143be8cc35 Crypto: Remove redundant queries. 2025-10-08 10:26:05 -04:00
REDMOND\brodes
1b1b333e8b Crypto: Modify suggested queries per misc. side conversations on standards. Remove redundant query. Fix QL-for-QL issues. 2025-10-08 10:21:06 -04:00
REDMOND\brodes
cf88e3f52d Crypto: Standardize naming where use of "family" and "type" have been used. Prefer 'type'. 2025-10-08 09:54:53 -04:00
REDMOND\brodes
bba541c016 Merge remote-tracking branch 'upstream/java-crypto-check' into santander-java-crypto-check 2025-10-08 09:30:26 -04:00
Owen Mansel-Chan
0bcdb91639 Improve qhelp for broken crypto algo queries 
Previously it focussed too much on the risk of data being decrypted,
and didn't explain why using weak algorithms is a problem in other
contexts.
 2025-10-08 14:10:54 +01:00
Owen Mansel-Chan
2a1c9d8ec1 Remove erroneous comma 2025-10-08 14:08:36 +01:00
Owen Mansel-Chan
90db349f4b State that ruby broken crypto algo doesn't deal with hashing 2025-10-08 14:05:00 +01:00
Geoffrey White
d39c8d155c Merge pull request #20574 from geoffw0/rustga3 
Rust: Docs updates
 2025-10-08 11:04:29 +01:00
Anders Schack-Mulligen
2d9b249367 Merge pull request #20600 from aschackmull/java/constant-exp-fix 
Java: Fix bug in ConstantExpAppearsNonConstant.
 2025-10-08 11:40:50 +02:00
Michael Nebel
4cc6a07620 Merge pull request #20593 from michaelnebel/csharp/reducetypeparameterandtuplelocations 
C#: Reduce Type Parameter- and Tuple type location extraction.
 2025-10-08 11:36:32 +02:00
Anders Schack-Mulligen
99f5dcaaa4 Java: Fix bug in ConstantExpAppearsNonConstant. 2025-10-08 10:32:51 +02:00
Michael Nebel
cdfa58645a C#: Add change-note. 2025-10-08 10:14:51 +02:00
Idriss Riouak
28fe20e3e4 Merge pull request #20595 from github/idrissrio/java-lambda 
Java: Add integration test for buildless lambda recovery
 2025-10-08 09:53:29 +02:00
Paolo Tranquilli
75a7507017 Merge pull request #20590 from github/redsun82/rust-test-compatibility 
Rust: test with the 1.90 toolchain
 2025-10-08 09:00:30 +02:00
Asger F
10c9b747a5 Merge pull request #20586 from asgerf/js/api-graphs-block-this 
JS: Restrict receiver-flow in API graphs
 2025-10-08 08:41:56 +02:00
Geoffrey White
8a2be0910c Rust: Add change note for Rust GA. 2025-10-07 23:10:31 +01:00
Ian Lynagh
2918d30697 Merge pull request #20597 from github/igfoo/bmn-ga 
C++: Add a changenote for C/C++ BMN GA
 2025-10-07 22:57:32 +01:00
Alexander Eyers-Taylor
825d3709d8 Merge pull request #20386 from github/alexet/overlay-informed-dataflow 
Dataflow: Overlay informed dataflow.
 2025-10-07 20:22:57 +01:00
Alex Eyers-Taylor
77d4af153d Java: Make some query libraries local. 2025-10-07 18:24:37 +01:00
Alex Eyers-Taylor
193cd46a76 DataFlow: Adress comments on overlay informed dataflow 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
7a8d2392ee Daatflow: Fix bug 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
542bdf0792 Java: Use Overlay dataflow in java. 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
3c110f2eb8 DataFlow: Add code for merging base with overlay. 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
c49e2ab2da DataFlow: Add code to do overlay informed dataflow. 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
82e4fc9f0f AlertFiltering: Expose filtering further. 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
8c02130bcf DataFlow: Rearrange files to group the parts that can be shared with overlay aware. 2025-10-07 17:52:12 +01:00
Ian Lynagh
791a92b146 C++: Add a changenote for C/C++ BMN GA 2025-10-07 17:32:36 +01:00
idrissrio
f69e5f5ffc Java: Accept new test results after extractor changes 2025-10-07 16:55:53 +02:00
idrissrio
55b15a261a Java: Add integration test for buildless lambda recovery 2025-10-07 16:55:52 +02:00
Michael Nebel
eb84b1441a C#: Add some locations tests for type parameters and tuple types. 2025-10-07 15:26:33 +02:00
Michael Nebel
f0842e430d C#: Respect the context when extracting locations for type parameters and tuple typles. 2025-10-07 15:26:31 +02:00
Anders Schack-Mulligen
18e33b193e Merge pull request #20589 from aschackmull/java/array-entrypoint-read-taint 
Java: Allow taint-read-steps for array sources.
 2025-10-07 15:04:03 +02:00
Michael Nebel
ea4d4751f3 Merge pull request #20581 from michaelnebel/csharp/reducetyplocationtuples 
C#: Reduce location tuple extraction for named types.
 2025-10-07 14:50:36 +02:00
Paolo Tranquilli
122b7ebba8 Rust: accept test changes 2025-10-07 14:49:08 +02:00