hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 09:11:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,689 Branches 159 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
98f56f4d60 Js/Ruby: Share IncompleteHostnameRegExp.ql 2022-03-07 16:10:08 +01:00
Arthur Baars
097c661362 Ruby: drop results that cannot be found yet from IncompleteHostnameRegExp.expected 2022-03-07 16:10:08 +01:00
Arthur Baars
9e8930c192 Ruby: IncompleteHostnameRegExp.ql 2022-03-07 16:10:08 +01:00
Arthur Baars
832c9c4b0b Ruby: copy IncompleteHostnameRegExp files from JavaScript 2022-03-07 16:10:07 +01:00
Arthur Baars
eeb9a1d270 JavaScript: fix typos in documentation 2022-03-07 16:09:13 +01:00
Arthur Baars
602538d1c1 Ruby: add RegExpPatterns module 2022-03-07 16:09:12 +01:00
Geoffrey White
cb33ed4fc2 C++: Only look for sensitive strings in appropriate parameters. 2022-03-07 11:29:09 +00:00
Mathias Vorreiter Pedersen
c7d624d314 Merge pull request #8247 from ihsinme/ihsinme-patch-80 
CPP: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation
 2022-03-07 11:00:29 +00:00
Geoffrey White
e7dca435a9 Merge pull request #6950 from ihsinme/ihsinme-patch-078 
CPP: Add query for CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
 2022-03-07 10:55:29 +00:00
Arthur Baars
200a965fda Update expected output 2022-03-07 11:51:54 +01:00
Arthur Baars
95027e746c Ruby: TypeTracker: add smallstep for functions that return their arguments 2022-03-07 11:51:54 +01:00
Tom Hvitved
9c4c35141a Ruby: Update type tracker test 2022-03-07 11:51:54 +01:00
Tom Hvitved
64b458b166 Merge pull request #8319 from hvitved/csharp/recursive-qltest-extraction-change-note 
C#: Add change note about recursive `codeql test run` extraction
 2022-03-07 11:43:11 +01:00
Tom Hvitved
c1db0a9429 Merge pull request #8317 from hvitved/typetracker/jump-step 
Ruby/Python: Clear call contexts after jump steps in type tracking
 2022-03-07 11:38:51 +01:00
Tom Bolton
173f45f316 Merge pull request #8334 from github/tombolton/add-mapping-query 
JS: Add query that maps queries to sink type
 2022-03-07 10:35:37 +00:00
Geoffrey White
f1d6234483 C++: Add more information about registry query parameters. 2022-03-07 09:45:31 +00:00
Mathias Vorreiter Pedersen
027c8247ae Merge pull request #8310 from jketema/update-stats 
C++: Update the DB scheme stats file
 2022-03-07 09:11:53 +00:00
Ahmed Farid
3b8c7e8944 Update ZipSlip.expected 2022-03-07 10:11:34 +01:00
Ahmed Farid
8402d661df Update zipslip_bad.py 2022-03-07 10:11:00 +01:00
Ahmed Farid
6685c6b4b3 Update ZipSlip.qll 2022-03-07 10:09:53 +01:00
Tony Torralba
08ce128d64 Merge pull request #8325 from JLLeitschuh/feat/JLL/improve_compile_time_constant 
[Java] Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
 2022-03-07 09:32:59 +01:00
haby0
7e6666bc63 Merge branch 'main' into py/add-ssrf-sinks 2022-03-07 12:09:14 +08:00
Ahmed Farid
35a1c80ceb Update zipslip_bad.py 2022-03-07 00:24:45 +01:00
Ahmed Farid
0d9436892a Update zipslip_bad.py 2022-03-07 00:24:25 +01:00
Ahmed Farid
6233309028 Update ZipSlip.expected 2022-03-07 00:23:48 +01:00
Ahmed Farid
ce7923c8b3 Update zipslip_bad.py 2022-03-07 00:23:19 +01:00
Ahmed Farid
e8449d8f40 Update zipslip_bad.py 2022-03-07 00:23:03 +01:00
Ahmed Farid
b7d4715c4e Create ZipSlip.expected 2022-03-07 00:06:24 +01:00
Ahmed Farid
b9b52d4c7c Update zipslip_bad.py 2022-03-07 00:02:50 +01:00
Ahmed Farid
d7dacfc6bd Update zipslip_good.py 2022-03-07 00:01:55 +01:00
Ahmed Farid
908db6a05f Update zipslip_bad.py 2022-03-07 00:01:09 +01:00
Ahmed Farid
7f2d242702 Update zipslip_good.py 2022-03-06 23:59:11 +01:00
Ahmed Farid
8649375be3 Update ZipSlip.qll 2022-03-06 23:56:02 +01:00
Ahmed Farid
91b5f2ad34 Update Zip.qll 2022-03-06 23:54:46 +01:00
Ahmed Farid
466f75bad8 Update Concepts.qll 2022-03-06 23:53:00 +01:00
Erik Krogh Kristensen
9c759a987e QL: add query detecting ordering by a constant 2022-03-06 17:02:19 +01:00
Alex Ford
98dbe3aaf3 Ruby: make ActiveRecord Persistence::ModifyAndSaveCall private 2022-03-05 18:22:32 +00:00
Jonathan Leitschuh
523ddb79f3 Cleanup after code review feedback 2022-03-04 15:35:01 -05:00
Jonathan Leitschuh
5243fe3dbf Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-04 15:30:52 -05:00
Tiferet Gazit
bbc712fdb3 Merge pull request #8297 from erik-krogh/atmPerf 
JS: Fix ATM timeout on NodeJS
 2022-03-04 10:41:35 -08:00
Geoffrey White
4316026720 C++: VariableAccess -> Expr. 2022-03-04 18:00:54 +00:00
Alex Ford
8fed9f9aa0 Ruby: ActiveRecord - match OrmWriteAccesses for assignements to the assignment node rather than the setter call 2022-03-04 17:24:24 +00:00
Mathias Vorreiter Pedersen
624795cbbf Merge pull request #8059 from rdmarsh2/rdmarsh2/cpp/insufficient-key-strength 
C++: new query for insufficient key strength
 2022-03-04 17:11:44 +00:00
Robert Marsh
280fdbfc1b C++: accept test output from perf improvement 
The last commit removed some source nodes from the dataflow graph, which
changed the test expectations slightly. No result changes occurred.
 2022-03-04 11:39:10 -05:00
Jorge
5552834e0f Merge pull request #9 from RasmusWL/WIP 
Rasmus' rewrite of https://github.com/github/codeql/pull/6112

See https://github.com/github/codeql/pull/6112#pullrequestreview-898959413
 2022-03-04 17:18:54 +01:00
Taus
b35718e0d5 Python: Remove uses of getAQlClass 2022-03-04 15:39:27 +00:00
Erik Krogh Kristensen
7691807713 delete the getLastParameter predicate from ApiGraphs 2022-03-04 16:24:54 +01:00
Jonathan Leitschuh
38897f2ec1 Fixup tests from code review changes 2022-03-04 09:33:51 -05:00
Jonathan Leitschuh
17b6e66814 Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-03-04 09:29:57 -05:00
ihsinme
5c801392d1 Merge pull request #2 from geoffw0/fix_tests 
Fix tests.
 2022-03-04 15:41:41 +03:00