hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-26 21:56:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,673 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cornelius Riemenschneider
0274162c4d Merge pull request #5385 from github/igfoo/failed_extractions 
C++: Add FailedExtractions.ql
 2021-03-12 11:14:06 +01:00
Anders Schack-Mulligen
1d3ad0cb52 Java: Remove value steps from taint steps. 2021-03-12 11:09:53 +01:00
Jonas Jensen
2d4f624935 Merge pull request #5381 from MathiasVP/fix-link-in-CONTRIBUTING 
Fix dead link in CONTRIBUTING.md
 2021-03-12 10:27:45 +01:00
Asger Feldthaus
5d6a93332f JS: Autoformat 2021-03-12 08:28:32 +00:00
Erik Krogh Kristensen
d7b0f628a1 add test 2021-03-12 00:03:20 +01:00
Erik Krogh Kristensen
ae805eb939 don't filter away templated URLs in RemoteServerResponse 2021-03-11 23:52:24 +01:00
Marcono1234
edeb08480e Java: Fix documentation mistake in Modules.qll 2021-03-11 23:45:59 +01:00
Taus Brock-Nannestad
fe3824c202 Python: Document API graphs 2021-03-11 23:11:23 +01:00
Taus Brock-Nannestad
c7b2b719cf Python: Support builtins in API graphs 2021-03-11 23:03:18 +01:00
luchua-bc
c8b1bc3a89 Enhance the query 2021-03-11 21:41:34 +00:00
Mathias Vorreiter Pedersen
5667901a2a C++: Accept test changes after merge from main (which changed the path explanations). 2021-03-11 21:16:57 +01:00
Ian Lynagh
75ebb348a0 C++: Add name/description to FailedExtractions.ql 2021-03-11 18:44:24 +00:00
luchua-bc
0a35feef76 Exclude CSRF cookies to reduce FPs 2021-03-11 17:28:07 +00:00
luchua-bc
57953c523c Update qldoc 2021-03-11 17:16:36 +00:00
Mathias Vorreiter Pedersen
a2d75c4fed Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-11 18:06:37 +01:00
Asger Feldthaus
a03cb11257 JS: Include $().prop() source in XssThroughDom 2021-03-11 16:27:31 +00:00
Chris Smowton
82a000bcca Improve change note 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-03-11 16:22:56 +00:00
Chris Smowton
6508a223c3 Remove useless =y value specification from inline test expectations 2021-03-11 16:22:56 +00:00
Chris Smowton
b5268def16 Add models for CONST_BYTE and CONST_SHORT 2021-03-11 16:22:56 +00:00
Chris Smowton
1c1ca70027 Add models for flow- and taint-preserving functions in Commons ObjectUtils. 
These should all be value-preserving, but we don't support value-preserving varargs methods yet.
 2021-03-11 16:22:54 +00:00
Asger Feldthaus
2f3a76c43b JS: Handle global variable d3 2021-03-11 16:17:27 +00:00
Asger Feldthaus
3b11958e33 JS: Expand D3 model a bit 2021-03-11 16:13:02 +00:00
Erik Krogh Kristensen
3005439a6a cache the BasicBlock charpred 2021-03-11 16:09:47 +01:00
Erik Krogh Kristensen
5afb7e05ee cache AccessPath::getAnInstanceIn 2021-03-11 16:09:24 +01:00
Erik Krogh Kristensen
24b0469d74 cache two more predicates in the SSA stage 2021-03-11 16:09:00 +01:00
Erik Krogh Kristensen
e5b13d9db4 cache hasLocationInfo and Node::toString in the dataflow stage 2021-03-11 16:08:45 +01:00
Rasmus Lerchedahl Petersen
f561c458a9 Python: One more change from code review 2021-03-11 15:58:47 +01:00
yoff
4d1b49a7dd Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2021-03-11 15:57:44 +01:00
Ian Lynagh
6ef8fb667f C++: Autoformat FailedExtractions.ql 2021-03-11 14:48:27 +00:00
Ian Lynagh
3c1e445a59 C++: Add a changenote for cpp/diagnostics/failed-extractions. 2021-03-11 14:33:04 +00:00
Ian Lynagh
2341c653f7 C++: Add FailedExtractions.ql 2021-03-11 14:08:55 +00:00
luchua-bc
eeac7e322a Query to detect insecure configuration of Spring Boot Actuator 2021-03-11 13:46:32 +00:00
Mathias Vorreiter Pedersen
0edae89425 Merge pull request #5380 from github/criemen/clang-cl 
C++: Add clang-cl.exe to `compiledAsMicrosoft()`.
 2021-03-11 13:56:25 +01:00
Cornelius Riemenschneider
97ab842010 C++: Update summary queries. 2021-03-11 12:44:30 +00:00
Mathias Vorreiter Pedersen
4977169cf5 Fix dead link in CONTRIBUTING.md 2021-03-11 13:36:19 +01:00
Cornelius Riemenschneider
288ee92d52 C++: Add clang-cl.exe to compiledAsMicrosoft(). 2021-03-11 12:15:27 +00:00
Erik Krogh Kristensen
fa2e7fd498 cache prepend 2021-03-11 11:59:54 +01:00
Artem Smotrakov
4b7c57c077 Added a comment for getBeanIdentifier() 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-03-11 11:52:07 +01:00
Asger Feldthaus
3fb810b540 JS: Add @kind problem meta queries 2021-03-11 10:46:18 +00:00
Asger Feldthaus
773cf0dcdd JS: Autoformat 2021-03-11 10:44:33 +00:00
Asger Feldthaus
0c6e161277 JS: Add source to XssThroughDom 2021-03-11 10:05:05 +00:00
Asger Feldthaus
18cfe72e99 JS: Add model of d3 2021-03-11 10:05:05 +00:00
Mathias Vorreiter Pedersen
01cc2f2c77 Merge pull request #5366 from MathiasVP/better-path-explanation-for-this-indirection 
C++: Replace 'Argument -1 indirection' with 'This indirection'
 2021-03-11 10:48:44 +01:00
Anders Schack-Mulligen
87e4dec86a Merge pull request #5300 from tamasvajk/feature/external-remote-flow-sources 
Java: Convert remote flow sources to use new CSV format
 2021-03-11 10:44:17 +01:00
CodeQL CI
25f4b76788 Merge pull request #5045 from erik-krogh/bindRoute 
Approved by asgerf
 2021-03-11 01:39:26 -08:00
CodeQL CI
ad665b765f Merge pull request #5323 from erik-krogh/staging 
Approved by asgerf
 2021-03-11 00:50:51 -08:00
Jonas Jensen
e1adf5e8b0 Merge pull request #5218 from MathiasVP/no-write-side-effects-for-const-pointer-params 
C++: Don't generate write side effects for const parameter indirections
 2021-03-11 09:48:05 +01:00
Mathias Vorreiter Pedersen
9439ed49c1 Merge branch 'main' into better-path-explanation-for-this-indirection 2021-03-11 09:39:18 +01:00
Mathias Vorreiter Pedersen
55da16c4a9 C++: Accept test changes. 2021-03-11 09:27:45 +01:00
Artem Smotrakov
0a5d58ed8a Cover more configurations in UnsafeSpringExporterInConfigurationClass.ql 2021-03-10 21:15:19 +03:00