1598 Commits

Author	SHA1	Message	Date
Michael Nebel	5016113a0f	C#: Add a string.Format sanitizer to url redirect and update expected test output.	2024-01-22 11:21:35 +01:00
Michael Nebel	884f3f1505	C#: Add string interpolation expression sanitizer to url redirect and update expected test output.	2024-01-22 11:21:19 +01:00
erik-krogh	8be7eadace	delete outdated deprecations	2024-01-22 09:11:35 +01:00
Joe Farebrother	4de19b3ec9	Merge pull request #15039 from joefarebrother/csharp-razor-flow-page-models ... C#: Add flow steps from a PageModel to cshtml page.	2024-01-19 10:07:25 +00:00
Michael Nebel	24855ddc64	Merge pull request #15328 from michaelnebel/csharp/inlinearrays ... C# 12: Inline array support.	2024-01-19 09:11:26 +01:00
Michael Nebel	9460c91c8c	C#: Also consider nullable simple types (and datetime) as simple type sanitizers.	2024-01-18 12:53:29 +01:00
Michael Nebel	8a97c8c28e	C#: Add QL support for InlineArrayType.	2024-01-18 11:09:00 +01:00
Michael Nebel	275822f80d	Merge pull request #15296 from michaelnebel/csharp/getruntimeargument ... C#: Improve getRuntimeArgumentForParameter to consider named arguments.	2024-01-12 15:57:17 +01:00
Michael Nebel	dcce93ac4c	C#: Address more review comments.	2024-01-12 14:07:27 +01:00
Michael Nebel	c68f9b05cd	C#: Address review comments.	2024-01-12 11:24:37 +01:00
Owen Mansel-Chan	6945289afc	Merge pull request #15246 from owen-mc/java/manual-neutral-overrides-generated ... C#/Java: Manual neutral summaries should block generated summaries	2024-01-12 10:05:18 +00:00
Michael Nebel	b03eecb5ab	C#: Add support for named arguments in getRuntimeArgumentForParameter.	2024-01-11 16:19:24 +01:00
Michael Nebel	1770beea25	C#: Update QL doc for getRuntimeArgumentForParameter.	2024-01-11 09:07:15 +01:00
Michael Nebel	b2faf3618c	C#: Add support for params parameters in getRuntimeArgumentForParameter.	2024-01-11 09:07:14 +01:00
Owen Mansel-Chan	7824e60acd	Manual neutral summaries should block generated summaries	2024-01-10 22:25:06 +00:00
Owen Mansel-Chan	52563b01b7	Factor logic out into interpretNeutral	2024-01-10 22:25:04 +00:00
Tom Hvitved	c9cf2a899c	Merge pull request #15260 from hvitved/dataflow/may-benefit-from-cctx-simplify ... Data flow: Remove column from `mayBenefitFromCallContext`	2024-01-10 11:43:15 +01:00
Tom Hvitved	f90201eb56	Data flow: Remove column from mayBenefitFromCallContext	2024-01-09 11:34:43 +01:00
Tamas Vajk	e70cb1f259	Code quality improvement: simplify DataFlowPrivate::isParamsArg	2024-01-08 10:00:39 +01:00
Tamas Vajk	91637d49d4	Fix null dereference false positive	2024-01-08 10:00:39 +01:00
Tamas Vajk	7daeeef3a1	C#: Improve arg-param mapping logic to consider named arguments passed to params parameters	2024-01-08 10:00:39 +01:00
Tamas Vajk	9bb807431d	C#: Improve arg-param mapping logic to consider arguments passed to params parameters	2024-01-08 10:00:39 +01:00
Joe Farebrother	e8c0fceb81	Use post-update nodes for this access in void handler	2024-01-04 14:25:39 +00:00
Joe Farebrother	7d11e4486e	Adress reveiw comments - update tests to path-problem and support all this qualifiers	2024-01-04 14:25:39 +00:00
Joe Farebrother	cdeac9b7f8	Add change note + fix qldoc	2024-01-04 14:25:39 +00:00
Joe Farebrother	b9754df390	Add case for void-returning handler methods	2024-01-04 14:25:39 +00:00
Joe Farebrother	00892e127f	Add unit test + fix flow step	2024-01-04 14:25:38 +00:00
Joe Farebrother	c3cd40fc69	Add flow steps from page models	2024-01-04 14:25:38 +00:00
Michael Nebel	31e12f7a06	C#: Recognize all overloads of String.Replace as a replace method.	2024-01-03 11:08:05 +01:00
Anders Schack-Mulligen	a1068ce2f9	Dataflow: deprecate references	2023-12-14 15:05:33 +01:00
Koen Vlaswinkel	7c141b9239	Merge pull request #15089 from github/koesie10/csharp-model-editor-generics ... C#: Fix names of generic types/methods in model editor queries	2023-12-14 14:17:14 +01:00
Tom Hvitved	c8b4a215bc	Merge pull request #14573 from hvitved/flow-summary-impl-param ... Move `FlowSummaryImpl.qll` to `dataflow` pack	2023-12-14 12:24:15 +01:00
Tom Hvitved	098afb935b	Address more review comments	2023-12-14 09:48:45 +01:00
Koen Vlaswinkel	e177f8783a	C#: Share qualified name module for model editor queries	2023-12-13 13:48:44 +01:00
Michael Nebel	07a5ac31ae	C#: Fixup tests.	2023-12-11 10:57:44 +01:00
Tom Hvitved	a2093c9aa2	C#: Use FlowSummaryImpl from dataflow pack	2023-12-10 11:25:43 +01:00
Anders Schack-Mulligen	64eb4ff753	Merge pull request #14983 from aschackmull/dataflow/deprecate-old-api ... Data Flow: Deprecate old data flow api.	2023-12-08 14:27:25 +01:00
Tamas Vajk	89df59a083	C#: Add missing models and fix interpolated string flow into StringBuilder	2023-12-07 10:56:59 +01:00
Tamas Vajk	a705f6dc0d	C#: Change StringBuilder flow models to not use Element access path	2023-12-06 15:54:34 +01:00
Michael Nebel	e6a5c50ebc	Merge pull request #14953 from rpmrmartin/issue/14952 ... C#: Fix a URL redirection from remote source false positive	2023-12-05 13:02:56 +01:00
Anders Schack-Mulligen	67f0529cda	Dataflow: Sync.	2023-12-04 12:36:57 +01:00
Michael Nebel	d160890aca	C#: Re-factor to avoid multiple explicit casts.	2023-12-04 12:02:34 +01:00
Tom Hvitved	23d09ed7c6	Address review comment	2023-12-04 10:47:52 +01:00
Robert Martin	66b456d3c6	C#: Fix a URL redirection from remote source false positive ... When guarding the redirect with `HttpRequestBase.IsUrlLocalToHost()`	2023-11-29 13:46:47 -07:00
Tom Hvitved	ccb9d9b8fa	C#: Strengthen call-back heuristics by considering body-less methods	2023-11-27 21:15:06 +01:00
Joe Farebrother	befb1ccd84	Fix integration tests for windows	2023-11-23 10:56:45 +00:00
Joe Farebrother	e4edb19f43	Update to hasFullyQualifiedName	2023-11-23 10:56:45 +00:00
Joe Farebrother	f24c042d04	Rename Razor Page class to Razor View class	2023-11-23 10:56:45 +00:00
Joe Farebrother	aa3fd6add0	Fix standalone tests	2023-11-23 10:56:45 +00:00
Joe Farebrother	82fbae3e5a	Handle standalone extraction case in which generated files list absolute paths	2023-11-23 10:56:45 +00:00