hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 08:41:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,687 Branches 159 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan Brandauer
9c3fcb6268 precise tracking of handlebars arguments 2022-03-28 17:26:43 +02:00
Asger Feldthaus
cf596a1856 JS: Add decorator edges in API graphs and corresponding MaD tokens 2022-03-28 15:34:40 +02:00
Asger Feldthaus
e152416317 JS: write all CSV rows as literals 2022-03-28 15:30:18 +02:00
Asger F
e5f2b830f3 Merge pull request #8577 from asgerf/fix-mad-warning 
JS/Ruby: Fix regexp in MaD checking
 2022-03-28 15:29:16 +02:00
Asger F
f22df765ed Merge pull request #8533 from asgerf/mad-receiver-token 
JS/Ruby: Represent non-positional arguments with Argument/Parameter tokens
 2022-03-28 15:28:52 +02:00
Geoffrey White
611b820cbc C++: Change notes. 2022-03-28 14:27:21 +01:00
Nick Rolfe
9406aa2f29 Merge remote-tracking branch 'origin/main' into nickrolfe/constant_regexp 2022-03-28 13:05:34 +01:00
Asger Feldthaus
0b30ecf36a Ruby: add select clause back to Summaries.ql 2022-03-28 13:57:50 +02:00
Arthur Baars
85c4daa2bf Address comments 2022-03-28 13:15:32 +02:00
Asger Feldthaus
d5bcd14733 Sync ApiGraphModels.qll 2022-03-28 12:43:55 +02:00
Asger Feldthaus
7e6206ed36 JS: Fix the regexp for valid MaD token arguments 2022-03-28 12:43:43 +02:00
Arthur Baars
2ae5e8158e Python: import RegExpTreeView correctly 2022-03-28 12:41:32 +02:00
Nick Rolfe
a9eac19dac Ruby: address review feedback 2022-03-28 11:19:24 +01:00
Arthur Baars
b103679d8a JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll 2022-03-28 12:17:26 +02:00
Arthur Baars
af1d949d06 Merge pull request #8489 from aibaars/regex-refactor 
Ruby: refactor regex libraries
 2022-03-28 12:17:00 +02:00
Geoffrey White
18f80eb3e3 C++: Loosen a few constraints slightly. 2022-03-28 11:16:57 +01:00
Geoffrey White
850646b8ba C++: Deprecate the experimental version, forward to the new one. 2022-03-28 11:16:56 +01:00
Geoffrey White
3fed7bf6d0 C++: Extend cpp/cleartext-transmission using PrivateData.qll. 2022-03-28 11:16:56 +01:00
Geoffrey White
202b6d44a5 C++: Update SensitiveExprs.qll to clarify the relationship. 2022-03-28 10:54:56 +01:00
Geoffrey White
0453c0f0a1 C++: Convert to C++ and make it look more like SensitiveExprs.qll. 2022-03-28 10:54:55 +01:00
Geoffrey White
ec98269a24 C++: Copy PrivateData.qll from csharp. 2022-03-28 10:54:54 +01:00
Geoffrey White
bb272003b4 C++: More test cases. 2022-03-28 10:54:54 +01:00
Erik Krogh Kristensen
c98d024c0e Merge pull request #8575 from erik-krogh/qlFixTypo 
QL: fix Import::getImportString
 2022-03-28 11:41:59 +02:00
Arthur Baars
accdd9499a Ruby: drop unused predicates that do not exist in Python variant 2022-03-28 11:32:52 +02:00
Erik Krogh Kristensen
7ac6f5849c fix Import::getImportString 2022-03-28 11:04:18 +02:00
Ahmed Farid
53f756b078 Update ZipSlip.expected 2022-03-28 08:54:44 +00:00
Mathias Vorreiter Pedersen
57c39e9642 Merge pull request #8574 from erik-krogh/qlForQlFixes 
QL: two small improvements
 2022-03-28 09:26:43 +01:00
Erik Krogh Kristensen
77aff04429 add a getImportString utility predicate to Import 2022-03-28 10:14:27 +02:00
Erik Krogh Kristensen
d4c8f42336 add QLDoc to the child relation for TopLevel 2022-03-28 09:54:08 +02:00
yoff
5efc19c39d Merge pull request #7806 from erik-krogh/pyDef 
Python: Add def nodes to API graphs
 2022-03-28 08:09:14 +02:00
Ahmed Farid
d89ed8b98b Update zipslip_bad.py 2022-03-28 01:40:08 +00:00
Ahmed Farid
a50f051cdd Update zipslip_bad.py 2022-03-28 01:38:58 +00:00
Ahmed Farid
cafbd98454 Update zipslip_bad.py 2022-03-28 01:08:39 +00:00
Ahmed Farid
f364e41dbe Update ZipSlip.expected 2022-03-28 01:02:38 +00:00
Ahmed Farid
a8c14ed6c3 Update zipslip_bad.py 2022-03-28 01:00:38 +00:00
Ahmed Farid
ddba3b7784 Update ZipSlip.qll 2022-03-28 00:59:56 +00:00
Ahmed Farid
0fac4f195d Update Concepts.qll 2022-03-28 00:47:27 +00:00
Ahmed Farid
413f1945ce Update Zip.qll 2022-03-28 00:44:56 +00:00
4B5F5F4B
2d7b9c0c4f modify a little cute typo 2022-03-26 22:55:27 +08:00
4B5F5F4B
7a091f808b Create NoCheckBeforeUnsafePutUser.ql 2022-03-26 22:45:03 +08:00
4B5F5F4B
64863d493b Delete cve-2017-5123.ql 2022-03-26 22:42:59 +08:00
Edoardo Pirovano
8faabb837a Merge pull request #8561 from erik-krogh/latestTools 
QL: use latest tools in codeql-action/init
 2022-03-25 15:12:58 -04:00
Erik Krogh Kristensen
21192b7593 use latest tools in codeql-action/init 2022-03-25 19:26:10 +01:00
Andrew Eisenberg
5fb84a774b Merge pull request #8553 from github/aeisenberg/cpp-suites 
Suites: Remove self-referential `from` directives
 2022-03-25 09:15:53 -07:00
Michael Nebel
79f3da8af1 Merge pull request #8506 from michaelnebel/java/generalize-generate-flow-model 
Java/C#: Generalize script for generating flow models.
 2022-03-25 16:20:53 +01:00
Geoffrey White
2014599f88 Merge pull request #8318 from geoffw0/cwe497b 
C++: New query cpp/potential-system-data-exposure
 2022-03-25 14:55:00 +00:00
Taus
b75ac4e827 Merge pull request #8540 from tausbn/python-add-points-to-call-graph-meta-query 
Python: Add call graph meta-query
 2022-03-25 15:36:33 +01:00
Erik Krogh Kristensen
9e71d9bada Merge pull request #8556 from erik-krogh/bumpAction 
QL: update codeql-action version in QL-for-QL
 2022-03-25 14:46:31 +01:00
Erik Krogh Kristensen
68c07fe1c0 pin the commit of codeql-action in the remaining steps/workflows 2022-03-25 14:35:44 +01:00
Erik Krogh Kristensen
8f377f4101 pin the commit 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2022-03-25 14:19:29 +01:00