github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
62 624 коммитов 1 534 Ветки 130 Теги 471 MiB
Граф коммитов

62624 Коммитов

Автор SHA1 Сообщение Дата
Philip Ginsbach 805e9d8910 documentation: weak and strong aliases in the specification 2024-01-09 17:00:45 +00:00
Philip Ginsbach 225aff47ed documentation: update section on applicativity 2024-01-09 10:39:18 +00:00
Philip Ginsbach 493158a3f5 documentation: add section no strong and weak aliases 2024-01-09 10:39:18 +00:00
Tony Torralba 3224b5c1b9
Merge pull request #15257 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-01-09 08:57:28 +01:00
github-actions[bot] 384cf90e8f Add changed framework coverage reports 2024-01-09 00:17:10 +00:00
Jeroen Ketema 9330afbe8a
Merge pull request #15252 from jketema/builtin-rm 
C++: Remove test that is no longer relevant
 2024-01-08 20:38:46 +01:00
Edward Minnix III e9467fe2d6
Merge pull request #14724 from egregius313/egregius313/java/environment-variable-injection 
Java: Environment variable injection query
 2024-01-08 13:06:31 -05:00
Mathias Vorreiter Pedersen 18bd0d0ad0
Merge pull request #14954 from microsoft/32-cpp-string-concatenation-library 
32 cpp string concatenation library
 2024-01-08 18:42:31 +01:00
Geoffrey White 2f6f376d2d
Merge pull request #15230 from geoffw0/swiftui 
Swift: Add dataflow tests for property wrappers and SwiftUI
 2024-01-08 17:41:43 +00:00
Cornelius Riemenschneider c84e85d35d
Merge pull request #15232 from github/criemen/bump-bazel-rules 
Bazel: Bump dependant rules versions.
 2024-01-08 17:49:21 +01:00
Ian Lynagh d7cdad04dd
Merge pull request #14895 from igfoo/igfoo/kt-snap 
Kotlin: Add a 2.0.255 snapshot
 2024-01-08 16:13:03 +00:00
Ed Minnix 55da62e9cf Remove stray comma 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2024-01-08 11:09:11 -05:00
Alex Ford ef8ca55d92
Merge pull request #15203 from pwntester/patch-3 
Ruby: Update Kernel.qll to include `Object.send` aliases
 2024-01-08 15:32:57 +00:00
Chuan-kai Lin a743fca3a5
Merge pull request #15243 from github/cklin/upgrade-delete-fixes-ruby 
Ruby: Fix upgrade delete directives
 2024-01-08 07:27:59 -08:00
Chuan-kai Lin c4e5506a2c
Merge pull request #15242 from github/cklin/upgrade-delete-fixes-csharp 
C#: Fix upgrade delete directives
 2024-01-08 07:27:40 -08:00
Chuan-kai Lin d7e22b2ddd
Merge pull request #15241 from github/cklin/upgrade-delete-fixes-cpp 
C++: Fix upgrade delete directives
 2024-01-08 07:27:27 -08:00
Chris Smowton b7158ab1d7
Merge pull request #15231 from github/smowton/admin/note-java-21-support 
Note Java 21 support
 2024-01-08 15:19:48 +00:00
Ed Minnix b8466b45be Update change note date 2024-01-08 09:39:11 -05:00
Edward Minnix III 2440075402 Remove off-topic reference 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-01-08 09:39:10 -05:00
Edward Minnix III 3816271b3e Remove redundant CWE link 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-01-08 09:39:10 -05:00
Ed Minnix 2eff6b351c Add comment 2024-01-08 09:39:09 -05:00
Ed Minnix 16bb19e176 Add OWASP and CERT references 2024-01-08 09:39:08 -05:00
Ed Minnix 9f974415c0 Add references to CWE-454 (External Initialization of Trusted Variables) 2024-01-08 09:39:07 -05:00
Ed Minnix 97b29bb965 Add Java Tutorial reference 2024-01-08 09:39:06 -05:00
Edward Minnix III 938d52b86f Docs review suggestions 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2024-01-08 09:39:05 -05:00
Ed Minnix a528db8958 Use `MapMutation` instead of `MethodCall` 2024-01-08 09:39:05 -05:00
Ed Minnix e14be0e971 Add `BAD` markers to samples 2024-01-08 09:39:04 -05:00
Ed Minnix 709649e9df Model `replace` and `putIfAbsent` 2024-01-08 09:39:03 -05:00
Ed Minnix 1544330f3f Minor fixes for code review 2024-01-08 09:38:53 -05:00
Ed Minnix 4b9b27c395 change note 2024-01-08 09:38:52 -05:00
Edward Minnix III 18e8a27fca Reworded name and description 2024-01-08 09:38:51 -05:00
Edward Minnix III 1f37e70d83 Fix typos 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-01-08 09:38:51 -05:00
Ed Minnix 51006aa088 Formatting fix 2024-01-08 09:38:50 -05:00
Ed Minnix 6eff72f99a Include other map mutations 2024-01-08 09:38:49 -05:00
Ed Minnix 4fc6f710a4 Fix alert message 2024-01-08 09:38:48 -05:00
Ed Minnix 1550f5df2a Environment variable injection query documentation 2024-01-08 09:38:47 -05:00
Ed Minnix f1f0f50c92 TaintedEnvironmentVariableQuery docs 2024-01-08 09:38:47 -05:00
Ed Minnix 818c5de8d5 security-severity metadata 2024-01-08 09:38:46 -05:00
Ed Minnix d4e2b84348 Cleanup helper dataflow configuration 2024-01-08 09:38:45 -05:00
Ed Minnix f05f16116b Testing for Environment variable injection 2024-01-08 09:38:45 -05:00
Ed Minnix 8ed3f3c865 Move to library 2024-01-08 09:38:44 -05:00
Ed Minnix 65d05bf3de Add environment-injection to Model Validation 2024-01-08 09:38:43 -05:00
Ed Minnix 814885f7f6 Hudson environment variables models 2024-01-08 09:38:43 -05:00
Ed Minnix 028bd49211 `org.apache.commons.exec` models 2024-01-08 09:38:42 -05:00
Ed Minnix b482b36b5f Initial ProcessBuilder support 2024-01-08 09:38:41 -05:00
Ed Minnix ad32b81492 `environment-injection` sink 2024-01-08 09:38:41 -05:00
Ed Minnix 93025cc8cf Argument injection initial commit 2024-01-08 09:38:40 -05:00
Tony Torralba 7e6f2d1fc5
Merge pull request #14681 from atorralba/atorralba/java/weak-randomness-cve-coverage 
Java: Add more sinks to the Insecure Randomness query
 2024-01-08 15:33:03 +01:00
Jeroen Ketema e772531bb3
C++: Remove test that is no longer relevant 2024-01-08 15:24:41 +01:00
Geoffrey White 6636c76af8
Merge pull request #15122 from geoffw0/pwhash 
Swift: Query for Use of an inappropriate cryptographic hashing algorithm on passwords
 2024-01-08 14:11:02 +00:00