hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-01 15:52:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,684 Branches 159 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
790d97714f Ruby: Replace Element with Element[any] 
To make it look more like `Argument` tokens.
 2022-04-27 11:53:25 +02:00
Tom Hvitved
d1c9d68e14 Ruby: Generalize ArrayElementContent to ElementContent 2022-04-27 11:53:21 +02:00
Tom Hvitved
597424809f Merge pull request #8893 from hvitved/ruby/simplify-fetch-summary 
Ruby: Simplify flow summary for `fetch`
 2022-04-27 11:47:11 +02:00
Paolo Tranquilli
0100c7171d Swift: testing non-trivial dataclass properties 2022-04-27 10:17:49 +02:00
Paolo Tranquilli
7f0476049f Swift: removed spurious mock import 2022-04-27 09:11:14 +02:00
Paolo Tranquilli
68231bfc27 Swift: bump python version to 3.8 in workflow 2022-04-27 08:55:27 +02:00
Tom Hvitved
3b7fe06858 Ruby: Simplify flow summary for fetch 2022-04-27 08:26:24 +02:00
Paolo Tranquilli
f171ce6341 Swift: add unit tests to code generation 
Tests can be run with
```
bazel test //swift/codegen:tests
```

Coverage can be checked installing `pytest-cov` and running
```
pytest --cov=swift/codegen swift/codegen/test
```
 2022-04-27 08:24:11 +02:00
Harry Maclean
992cc517a8 Ruby: Minor changes to InsecureDownload 2022-04-27 18:04:21 +12:00
Harry Maclean
f35379bf8c Ruby: Add change note for rb/insecure-download 2022-04-27 12:47:09 +12:00
Harry Maclean
a85811ad69 Remove unused field 2022-04-27 12:47:09 +12:00
Harry Maclean
6998608257 Ruby: Document missing test result 2022-04-27 12:47:09 +12:00
Harry Maclean
bb3fb0325b Ruby: Add InsecureDownload query 
This query finds cases where a potentially unsafe file is downloaded
over an unsecured connection.
 2022-04-27 12:47:09 +12:00
Harry Maclean
ce7675ef43 Ruby: Identify domain in Net::HTTP requests 2022-04-27 12:47:09 +12:00
Harry Maclean
bbc3043836 Add change note for rb/regex/missing-regexp-anchor 2022-04-27 10:12:33 +12:00
Harry Maclean
af2965c2a0 Explain anchors in MissingRegExpAnchor qlhelp 2022-04-27 10:12:33 +12:00
Harry Maclean
6f9dc5eb7e Ruby: Update import for file move 2022-04-27 10:12:33 +12:00
Harry Maclean
2feb4a48be Ruby: Add hasMisleadingAnchorPrecedence to MissingRegExpAnchor 2022-04-27 10:12:33 +12:00
Harry Maclean
3f8b27c0cd Ruby: Add RegExpNonWordBoundary to RegExpTreeView 2022-04-27 10:12:33 +12:00
Harry Maclean
e3c3c00c68 Ruby: Add MissingRegExpAnchor query 2022-04-27 10:12:33 +12:00
Harry Maclean
debc57b417 Ruby: Add RegExpAnchor to RegExpTreeView 2022-04-27 10:12:33 +12:00
Harry Maclean
d95f533d19 Ruby: Add getLastChild to RegExpParent 2022-04-27 10:12:33 +12:00
Nick Rolfe
2d05ea3519 Merge pull request #8885 from SukkaW/replace-git-io-link 2022-04-26 20:29:32 +01:00
Mathias Vorreiter Pedersen
800e4ea7df Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars 
C++: generate IR for global variables with initializers
 2022-04-26 18:17:13 +01:00
Geoffrey White
7ce040f331 Merge pull request #8736 from geoffw0/xxe 
C++: New query for CWE-611 / XML External Entity Expansion (XXE)
 2022-04-26 17:21:06 +01:00
Nick Rolfe
649d7dd022 Merge pull request #8607 from github/nickrolfe/incomplete_sanitization 
Ruby: port of `js/incomplete-sanitization`
 2022-04-26 17:10:24 +01:00
Geoffrey White
742949154b C++: Apply code style suggestion. 2022-04-26 16:53:24 +01:00
Taus
7d736952db Python: Update expected output 2022-04-26 15:49:40 +00:00
Anna Railton
eacfceb6ce Merge pull request #8605 from github/annarailton/new-query-label-mappings 
Experimental (ATM): update query label mappings
 2022-04-26 16:39:06 +01:00
SukkaW
0c4885caa7 Replace git.io link with the actual URL 2022-04-26 23:28:34 +08:00
Jonathan Leitschuh
2565cdb964 Add additional File taint value flow models 
Adds
 - File::getAbsoluteFile
 - File::getCanonicalFile
 - File::getAbsolutePath
 - File::getCanonicalPath
 2022-04-26 10:42:53 -04:00
Nick Rolfe
2a4d65f917 Merge pull request #8881 from github/nickrolfe/graph_ordering_typo 2022-04-26 14:30:49 +01:00
Nick Rolfe
a7185e8a75 Ruby: fix typo in edge key for graph query 2022-04-26 13:56:38 +01:00
Erik Krogh Kristensen
7dba2b5868 PY: revert deletion of redundant-import in ClientSuppliedIpUsedInSecurityCheckLib.qll 2022-04-26 14:51:21 +02:00
Chris Smowton
d01c847839 Make import private 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-04-26 13:34:24 +01:00
Chris Smowton
c0c50147b3 Replace singleton set 2022-04-26 13:34:24 +01:00
Artem Smotrakov
03d86306b2 Use doc-comment in JMS.qll 2022-04-26 13:34:24 +01:00
Artem Smotrakov
12ca1f0b11 Fixed library-tests/frameworks/guava/handwritten/flow.ql 2022-04-26 13:34:24 +01:00
Artem Smotrakov
52b7fbf484 Removed non-ASCII characters 2022-04-26 13:34:24 +01:00
Artem Smotrakov
e86fd72529 Moved RabbitMQ tests to java/ql/test/library-tests/frameworks/rabbitmq 2022-04-26 13:34:23 +01:00
Artem Smotrakov
3369ffc3c2 Removed RabbitMQ import in FlowSteps.qll 2022-04-26 13:34:23 +01:00
Artem Smotrakov
d7ad13b8de Fixed typos in JMS.qll 2022-04-26 13:34:23 +01:00
Artem Smotrakov
20f185e772 Use tainted tag in JMS tests 2022-04-26 13:34:23 +01:00
Artem Smotrakov
7158fd1ce8 minorAnalysis in 2022-04-17-jms.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-04-26 13:34:23 +01:00
Artem Smotrakov
152de1533e Added a change note for JMS 2022-04-26 13:34:23 +01:00
Artem Smotrakov
b6bd4f92d1 Added sources and steps for JMS API 2022-04-26 13:34:21 +01:00
Artem Smotrakov
5c6aa15fe5 Fixed model for DataInput 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2022-04-26 13:34:05 +01:00
Artem Smotrakov
269143a19f Java: Added sources and flow steps for RabbitMQ 2022-04-26 13:34:04 +01:00
Artem Smotrakov
fb39e0f577 Java: Added flow steps for DataInput and ObjectInput 2022-04-26 13:32:48 +01:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00