hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 03:01:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,691 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
02b440b0ed Merge pull request #6599 from joefarebrother/android-sensitive-communication 
Java: Promote android sensitive broadcast query
 2021-10-26 13:48:58 +01:00
Erik Krogh Kristensen
44afa34e37 Merge branch 'main' of github.com:github/codeql into htmlReg 2021-10-26 14:46:27 +02:00
CodeQL CI
e5e1046c81 Merge pull request #6962 from asgerf/js/template-db-constraint-err 
Approved by erik-krogh
 2021-10-26 13:43:57 +01:00
Jonathan Leitschuh
21aeee6378 Actually remove the last non-ascii quote from Promise 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-26 08:28:44 -04:00
Erik Krogh Kristensen
8ba545999e add change-note 2021-10-26 14:13:56 +02:00
Alexander Eyers-Taylor
3bae95a93a Merge pull request #6939 from edoardopirovano/bump-version 
Fix version number in language reference
 2021-10-26 13:11:30 +01:00
Anders Schack-Mulligen
90bebaa5a9 Merge pull request #6960 from erik-krogh/useSetLiteral 
use set literal instead of big disjunction of literals
 2021-10-26 14:06:05 +02:00
Anders Schack-Mulligen
ba95d46ec3 Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2021-10-26 14:04:13 +02:00
Erik Krogh Kristensen
090fb2df10 Merge pull request #6857 from erik-krogh/fixPipes 
JS: skip pipes and other special files when determining which files to extract
 2021-10-26 13:59:40 +02:00
Mathias Vorreiter Pedersen
4a58349fcd Merge pull request #6961 from MathiasVP/fix-join-order-in-in-def-dominance-frontier 
C#: Fix join order in `inDefDominanceFrontier`
 2021-10-26 12:55:31 +01:00
Edoardo Pirovano
6a3de20e7a Fix version number in language reference 2021-10-26 12:53:48 +01:00
Erik Krogh Kristensen
9c8a51bca6 cache SensitiveExpr 2021-10-26 13:47:28 +02:00
Erik Krogh Kristensen
038438edca assume that setting the secure/httpOnly flag to some unknown value is good 2021-10-26 13:47:28 +02:00
Erik Krogh Kristensen
5228196f79 fix typos and update docs 2021-10-26 13:47:21 +02:00
Erik Krogh Kristensen
311df4d2b7 add test for the cookie npm package 2021-10-26 13:46:59 +02:00
Erik Krogh Kristensen
92d59aa11c refactor most of the isSensitive predicates into a common helper predicate 2021-10-26 13:46:59 +02:00
Erik Krogh Kristensen
834d5ec6ad add session{key,id} as sensitive info 2021-10-26 13:46:59 +02:00
Erik Krogh Kristensen
1e1e549847 update tests so it's clear which cookies are insecure 2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen
283b8231cb add more cookie models 2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen
2cb3d2c53f documentation overhaul on client-exposed-cookie (and restricting it to server-side) 2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen
ab23ffff3d documentation overhaul for clear-text-cookie 2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen
f36accf3e6 only report clear-text cookies for sensitive cookies 2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen
53b4337795 combine test files 2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen
9193984f1b delete the experimental query library for cookie queries 2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen
6858acc6a9 port experimental cookie models to non-experimental 2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen
26a24a3895 prepare move to non-experimental 2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen
44db920f10 refactor, cleanup, and improvements in experimental cookie queries 2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen
a3c55c2aec use set literal instead of big disjunction of literals 2021-10-26 12:55:25 +02:00
Rasmus Lerchedahl Petersen
8a81d42e6f Python: more logic adjustment 
Not sure why the missing result is missing. There is
and edge with label `getAwaited` from `pkg.async_func` on line 22
to `coro` on line 23.
 2021-10-26 10:57:27 +02:00
Rasmus Wriedt Larsen
2b9edd7ff6 Merge pull request #6952 from github/aibaars/generate-code-scanning-query-list 
Add Ruby to generate-code-scanning-query-list.py and make the script faster
 2021-10-26 10:49:24 +02:00
Rasmus Lerchedahl Petersen
f91e43c068 Python: Add more honest test for awaited 2021-10-26 10:43:06 +02:00
Mathias Vorreiter Pedersen
67fd38f328 C#/Ruby: Use a 'noinline' instead of a 'only_bind_into'. 2021-10-26 09:41:52 +01:00
Rasmus Lerchedahl Petersen
a8a181a32f Python: adjust logic and add tests 
Due to the way paths a re printed, the tests look surprising
 2021-10-26 09:55:47 +02:00
Anders Schack-Mulligen
3d1b617101 Merge pull request #6959 from igfoo/igfoo/bbStmts 
Java: Make a test output a bit more readable
 2021-10-26 08:42:53 +02:00
Mathias Vorreiter Pedersen
4b137ede0e Ruby: Sync identical files. 2021-10-25 22:03:44 +01:00
Mathias Vorreiter Pedersen
e2d3474563 Merge branch 'main' into fix-join-order-in-in-def-dominance-frontier 2021-10-25 22:02:35 +01:00
Mathias Vorreiter Pedersen
9145382660 C#: Sync identical files. 2021-10-25 21:55:28 +01:00
Mathias Vorreiter Pedersen
ff35100d52 C#: Fix join order in 'inDefDominanceFrontier'. 2021-10-25 21:55:09 +01:00
Henry Mercer
3284953192 Merge pull request #6958 from github/henrymercer/rename-atm-query-pack 
JS: [Internal only] Rename ATM query pack for consistency with other packs
 2021-10-25 20:16:40 +01:00
ihsinme
41e15cd497 Update IncorrectPrivilegeAssignment.cpp 2021-10-25 22:15:52 +03:00
Erik Krogh Kristensen
e117659dce revert a thing for python 2021-10-25 20:50:18 +02:00
Ian Lynagh
f73f418a97 Java: Make a test output a bit more readable 
Now the nodes are in index order, and the indices are aligned.
 2021-10-25 18:48:19 +01:00
Erik Krogh Kristensen
f4a054ea01 apply range pattern patch to python 2021-10-25 19:38:10 +02:00
Erik Krogh Kristensen
d2d6b2ca7c apply range pattern patch to cpp 2021-10-25 19:38:10 +02:00
Erik Krogh Kristensen
dbd1148bd6 apply range pattern patch to javascript 2021-10-25 19:38:00 +02:00
Henry Mercer
7e0e35f364 Rename ATM query pack for consistency with other packs 2021-10-25 17:32:25 +01:00
Jonathan Leitschuh
ebe2c26f4d Remove the last non-ascii quote from Promise 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-25 11:30:12 -04:00
Arthur Baars
b79f8f1890 Fix CI jobs 2021-10-25 17:01:50 +02:00
shati-patel
8cd86ae8f5 Move queries.xml to src 2021-10-25 17:01:50 +02:00
shati-patel
b23b3c33f6 Add a queries.xml file (for CWE coverage) docs 2021-10-25 17:01:50 +02:00