hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-15 14:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,690 Branches 160 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
88500a3fa3 JS: Update TRAP test output 2021-08-09 11:19:08 +02:00
Asger Feldthaus
2836d465e4 JS: Update locations in Angular2 test 2021-08-09 11:03:15 +02:00
Tamas Vajk
91bd3d1a11 Cache getName to improve performance 2021-08-09 10:28:31 +02:00
Tom Hvitved
15db6dfb10 Merge pull request #6431 from hvitved/csharp/silence-xml-extraction 
C#: Silence XML extraction commands
 2021-08-09 09:36:23 +02:00
CodeQL CI
562ba49f4e Merge pull request #6406 from erik-krogh/cleanCfg 
Approved by asgerf
 2021-08-09 00:21:31 -07:00
Tamás Vajk
c1cf2a1c5f Merge pull request #5579 from edvraa/cookies 
C#: HttpOnly and Secure cookie queries
 2021-08-09 08:58:11 +02:00
Owen Mansel-Chan
1997dfbb4a Remove unnecessary casts 2021-08-08 14:03:57 +01:00
Owen Mansel-Chan
f94e467076 Fixes to models and tests 
Running the test generator script again showed many missing tests.
 2021-08-08 14:03:48 +01:00
Owen Mansel-Chan
377403d525 Remove redundant models and corresponding test 
Iterator.next is already modelled
 2021-08-08 13:57:51 +01:00
Owen Mansel-Chan
5d3f10824e Fix erroneous treatment of varargs in models 2021-08-08 13:57:50 +01:00
Fosstars
df0f9ee3a5 Fixed a few typos 2021-08-08 12:50:04 +02:00
Owen Mansel-Chan
9533f12e24 Add explanatory commented for MapIterator model 2021-08-06 07:06:36 +01:00
Owen Mansel-Chan
2ba41df2ba Remove commented line 2021-08-06 07:06:36 +01:00
Owen Mansel-Chan
d1a440a45a Improve helper functions for Put 2021-08-06 07:06:35 +01:00
Owen Mansel-Chan
26f5ac9ff2 Add change note 2021-08-06 07:06:35 +01:00
Owen Mansel-Chan
b922d7c6f3 Duplicate models for old package name 
The package name was org.apache.commons.collection until release 4.0.
 2021-08-06 07:06:34 +01:00
Owen Mansel-Chan
51a7018afc Add stubs 2021-08-06 07:06:16 +01:00
Raul Garcia
2708326624 Update csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-08-05 16:33:01 -07:00
Raul Garcia (MSFT)
e117077761 Adding change-note 2021-08-05 15:29:18 -07:00
Jordy Zomer
a3bacc76f1 Update cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-08-05 23:31:12 +02:00
Chris Smowton
0b6c991ac4 Unsafe deserialization: add support for Jodd JSON library 2021-08-05 16:01:14 +01:00
Jordy Zomer
cf40d0ae4d Fix a typo unsiged -> unsigned 2021-08-05 16:40:49 +02:00
Shati Patel
8bb47b91b9 Merge pull request #6426 from shati-patel/docs/cwe-coverage 
Docs: Make TOC more visible and add note about CWE coverage
 2021-08-05 15:01:29 +01:00
Shati Patel
97dd88661e Merge pull request #6427 from shati-patel/docs/vscode-tests 
Docs: Mention setting for running tests in VS Code (already shipped)
 2021-08-05 15:01:20 +01:00
Tom Hvitved
5b5ed97421 C#: Silence XML extraction commands 2021-08-05 15:24:01 +02:00
Tom Hvitved
4ee5cc5557 Merge pull request #6428 from hvitved/csharp/xss-nodes 
C#: Add missing `nodes` predicate to XSS queries
 2021-08-05 15:03:22 +02:00
Tom Hvitved
9eb3f28ef1 C#: Add missing nodes predicate to XSS queries 2021-08-05 13:53:52 +02:00
Tom Hvitved
6471092139 Merge pull request #6394 from github/p0/csharp-virtual-dispatch-limit 
C#: Guard against virtual dispatch branching too much.
 2021-08-05 13:20:14 +02:00
Jordy Zomer
489ac04f86 Remove author tag 2021-08-05 12:34:31 +02:00
shati-patel
dbf49a8257 Docs: Mention setting for running tests in VS Code 2021-08-05 11:27:20 +01:00
shati-patel
09f3001048 Docs: Make TOC more visible and add note about CWE coverage 2021-08-05 10:55:41 +01:00
Anders Schack-Mulligen
c29353db80 Merge pull request #6424 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-05 09:48:53 +02:00
Tony Torralba
0356ed7f9e Merge pull request #5911 from atorralba/atorralba/promote-missing-jwt-signature-check 
Java: Promote Missing JWT signature check query from experimental
 2021-08-05 09:43:03 +02:00
Anders Schack-Mulligen
1932f604dc Merge pull request #6419 from smowton/smowton/admin/unsafe-deserialization-jabsorb 
Add unsafe-deserialization support for Jabsorb
 2021-08-05 09:04:23 +02:00
Erik Krogh Kristensen
d3ea58002d fix a case in union where order wasn't necessarily preserved 2021-08-05 08:48:15 +02:00
Erik Krogh Kristensen
6ca53c8b25 a little more special casing in CFGExtractor union 2021-08-05 08:32:56 +02:00
CodeQL CI
475032780e Merge pull request #6311 from asgerf/js/dom-element-methods 
Approved by erik-krogh
 2021-08-04 23:18:34 -07:00
Raul Garcia (MSFT)
7340a1293f Fixing query & test 2021-08-04 19:37:57 -07:00
Raul Garcia (MSFT)
8544356f90 Adding Membership.GeneratePassword() as a bad source of random data because of the bias. 2021-08-04 17:12:00 -07:00
github-actions[bot]
9d13edb325 Add changed framework coverage reports 2021-08-05 00:08:17 +00:00
Erik Krogh Kristensen
7e422a656a remove unused imports 2021-08-04 23:41:36 +02:00
Erik Krogh Kristensen
ff9943906d micro optimize the hot loops by adding special cases and removing streams 2021-08-04 23:35:58 +02:00
Fosstars
b913928294 Renamed queries and merged qhelp files 2021-08-04 17:54:16 +02:00
Chris Smowton
1f08c3fe55 Move test files to appropriate package directories 2021-08-04 16:50:03 +01:00
edvraa
db2f9add53 Post merge 2021-08-04 18:37:17 +03:00
Chris Smowton
5a42448888 Code review suggestions 
- Remove unneeded import
- Remove unnecessary `toLowerCase` call
 2021-08-04 16:08:07 +01:00
Chris Smowton
69549e9ce3 Add unsafe-deserialization support for Jabsorb 
This is partly extracted from https://github.com/github/codeql/pull/5954
 2021-08-04 15:35:50 +01:00
Asger Feldthaus
1b67b43b40 JS: Change note 2021-08-04 16:25:59 +02:00
Asger Feldthaus
00f4694616 JS: Recognize methods returning DOM objects 2021-08-04 16:25:56 +02:00
Anders Schack-Mulligen
5f9f857c34 Update java/ql/src/semmle/code/java/security/JWT.qll 2021-08-04 16:23:21 +02:00