hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-27 06:06:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,673 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ihsinme
cadb1d6554 Add files via upload 2021-03-04 16:21:34 +03:00
ihsinme
633fc92efc Add files via upload 2021-03-04 16:20:22 +03:00
ihsinme
10cc574289 Add files via upload 2021-03-04 16:15:26 +03:00
ihsinme
01c13c4703 Add files via upload 2021-03-04 16:14:11 +03:00
CodeQL CI
15049ca853 Merge pull request #5183 from erik-krogh/next 
Approved by asgerf
 2021-03-04 04:57:43 -08:00
Anders Schack-Mulligen
f9365dc9ac Merge pull request #5324 from aschackmull/java/merge-5226 
Java: merge #5226
 2021-03-04 13:47:59 +01:00
haby0
c5577cb09a Fix the problem 2021-03-04 19:54:49 +08:00
Tamas Vajk
3e0245a7fc Fix test case for RuntimeChecksBypass 2021-03-04 12:47:21 +01:00
Chris Smowton
da0a7f343a Move existing value-preserving methods to use ValuePreservingCallable 2021-03-04 11:45:45 +00:00
Chris Smowton
40b0f68d2a Add backward dataflow edges through modelled function invocations. 
Also add convenience abstract classes for easily modelling new functions as fluent or value-preserving.
 2021-03-04 11:45:19 +00:00
Chris Smowton
71cd329ded Directly import Lang from ExternalFlow's Frameworks module 2021-03-04 11:12:21 +00:00
Chris Smowton
563404120f Move calls to getSourceDeclaration 2021-03-04 11:11:56 +00:00
Chris Smowton
43b9436bb8 Convert Apache misc text models to CSV taint-flow specifications 2021-03-04 11:11:56 +00:00
Chris Smowton
0029d3b743 Java CSV flow summaries: allow specifying an unqualified typename to imply either the type itself or any generic specialisation. 
It is still possible to specify a precise generic signature if need be.
 2021-03-04 11:11:56 +00:00
Chris Smowton
224e537459 Add change note 2021-03-04 11:11:56 +00:00
Chris Smowton
b0ba0585a7 Add models for Apache Commons Lang and Text's Str[ing]Substitutor 2021-03-04 11:11:55 +00:00
Chris Smowton
f749c31136 Add models for commons lang/text's Str[ing]Lookup class 2021-03-04 11:11:55 +00:00
Chris Smowton
1580d23b2b Add models for WordUtils and StrTokenizer 
Both of these have commons-text and commons-lang variants.
 2021-03-04 11:11:55 +00:00
Tamas Vajk
90acd8c695 Explicitly enable nullability analysis in guards tests 2021-03-04 11:39:56 +01:00
Anders Schack-Mulligen
45f52289ea Merge branch 'main' into java/merge-5226 2021-03-04 11:36:16 +01:00
Anders Schack-Mulligen
fe07630e40 Merge pull request #5219 from smowton/smowton/feature/backward-dataflow-for-fluent-methods 
Java: Add backward dataflow edges through fluent function invocations.
 2021-03-04 11:13:32 +01:00
CodeQL CI
342c7abd74 Merge pull request #5301 from asgerf/js/ajv-model 
Approved by erik-krogh
 2021-03-04 01:27:38 -08:00
Rasmus Lerchedahl Petersen
9f8a028dfc Python: add .expected-file 2021-03-04 00:12:34 +01:00
Rasmus Lerchedahl Petersen
d02c529872 Python: Update annotation 2021-03-04 00:06:36 +01:00
Rasmus Lerchedahl Petersen
de9469bbfc Python: complete ssl.create_default_context 2021-03-04 00:01:44 +01:00
Rasmus Lerchedahl Petersen
ee03837357 Python: small refactor 2021-03-03 23:46:18 +01:00
Rasmus Lerchedahl Petersen
cbbc7b2bcd Python: support unrestrictions 
Also pyOpenSSL allows SSL 2 and SSL 3 on `SSLv23`
 2021-03-03 23:42:48 +01:00
Rasmus Wriedt Larsen
3dc0c2081e Python: Fix taint-propagation to methods 
Before we would add a step from _any_ request instance to _any_ method (CP).
 2021-03-03 21:55:33 +01:00
luchua-bc
1784c202a7 Clean up the query 2021-03-03 17:03:37 +00:00
Rasmus Lerchedahl Petersen
97d26687fe Python: Improve logic of bit fields 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
7a1d953fca Python: More tests 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
60525ec301 Python: Also track offending call 
update test expectations at this point
 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
9e696ff0fb Python: Add false negative to test 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
d5171fc043 Python: Comment everything 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
3b856010f2 Python: add TODO comment 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
ea8c6f04e2 Python: Update old test and qlhelp 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
87e1a062ea Python: fluent api tests 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
186db7f43e Python: factor into modules and files 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
7ed018aff6 Python: refactor into modules 
and turn on the pyOpenSSL module
 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
72b37a5b1b Python: factor out barrier 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
86dde6eab1 Python: start of port 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
3dd34c9ba9 Python: rewrite comment 2021-03-03 17:41:20 +01:00
Owen Mansel-Chan
f9973d10ae Merge pull request #5245 from owen-mc/add-codeql-go-as-codeowner-of-shared-dataflow-library-files 
Add @codeql-go as code owners for the shared data-flow library files
 2021-03-03 16:36:05 +00:00
Taus
c1fd48468a Merge pull request #5286 from RasmusWL/share-crypto-algorithms 
Python/JS: Share modeling of crypto algorithms
 2021-03-03 17:00:01 +01:00
Tamas Vajk
cb4ed90c5c Fix failing tests 2021-03-03 16:58:48 +01:00
Rasmus Lerchedahl Petersen
dcf8c881ff Python: correct mistake in example 2021-03-03 16:54:36 +01:00
Rasmus Lerchedahl Petersen
fafc36a9cb Python: remove (do not introduce) unused import 2021-03-03 16:49:35 +01:00
Rasmus Lerchedahl Petersen
f02a19669f Python: Make exception info concept local 2021-03-03 16:47:31 +01:00
Anders Schack-Mulligen
f91c71c8f7 Merge pull request #5270 from Marcono1234/marcono1234/class-isPackageProtected 
Java: Add Class and Interface.isPackageProtected()
 2021-03-03 16:33:57 +01:00
Anders Schack-Mulligen
7ca57fd7a5 Merge pull request #5294 from Marcono1234/patch-1 
Java: Fix wrong algorithm name matching
 2021-03-03 16:33:13 +01:00