hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 14:46:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,673 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
91f277681a fix typo in ApolloClientRequest 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-02-15 09:59:04 +01:00
Anders Schack-Mulligen
161e756c4b Merge pull request #5141 from github/yo-h/java-flow-check-fix 
Java: prepare to enforce additional compiler checks in test code
 2021-02-15 09:41:03 +01:00
Francis Alexander
409d95c522 Sanitizer checks to decrease FP 2021-02-15 14:01:14 +05:30
luchua-bc
23f620d255 Query to detect insecure LDAP endpoint configuration 2021-02-15 05:31:29 +00:00
yo-h
1d007b6e72 Java: delete two test cases as per code review 2021-02-14 21:42:58 -05:00
Rasmus Wriedt Larsen
2478a9f10e Python: Fix wording of change-note 2021-02-14 23:20:46 +01:00
luchua-bc
6a6727fc80 Reduce the scope of the query to reduce FPs 2021-02-14 15:01:06 +00:00
CodeQL CI
178c54e69b Merge pull request #5139 from RasmusWL/django-improvements 
Approved by yoff
 2021-02-14 02:16:52 -08:00
Tamas Vajk
4cc9bc9bf0 Add new .stats file 2021-02-13 16:21:45 +01:00
Raul Garcia (MSFT)
782f4bc3e2 Fixing shared .qhelp issue (renaming to .qhelp.inc)& addressing a fix 2021-02-12 13:38:55 -08:00
Marcono1234
7a6db061b5 Address review feedback 2021-02-12 20:15:10 +01:00
Tamas Vajk
cb9116028c Add change note for 'with' expression extraction 2021-02-12 20:04:22 +01:00
Tamas Vajk
10e99203e8 Add DB upgrade folder for 'with' expression 2021-02-12 19:59:14 +01:00
Tamas Vajk
7761774f88 Add record .ctor to property data flow summary 2021-02-12 19:54:52 +01:00
Tom Hvitved
6a6644b5c2 C#: Adjust data-flow for with expressions 
In `x with { Foo = bar }`, instead of having a single data-flow step

`x => x with { Foo = bar }`

we now have two steps:

`x => { Foo = bar }`

and

`{ Foo = bar } => x with { Foo = bar }`

Moreover, `clearsContent` now targets the object initializer instead of the
whole `with` expression, which means that it will only apply to values carried
over from the old object and not those explicitly stored into the new object.
 2021-02-12 19:54:52 +01:00
Tamas Vajk
dd9b1d52b5 C#: Initial data-flow for with expressions 2021-02-12 19:54:52 +01:00
Tamas Vajk
b2b4c9ecd6 C#: Extract 'with' expressions 2021-02-12 19:54:52 +01:00
Tamás Vajk
77af7edaa4 Merge pull request #4628 from tamasvajk/feature/csharp9-foreach 
C#: Extract underlying methods of foreach statements
 2021-02-12 19:53:26 +01:00
Taus Brock-Nannestad
2632422783 Python: Add FP test for unknown argument in string format 
Reported in https://github.com/github/codeql/issues/2650

I found this during a bit of spring cleaning in my working
directory. As this doesn't have any immediate security implications, I
don't know when we'll get round to fixing it, but it can't hurt to
have the test case checked in.
 2021-02-12 19:28:12 +01:00
Erik Krogh Kristensen
4fa33b151f Merge pull request #5146 from github/more-redos-tests 
JS: add two non ReDoS regular expressions to the ReDoS test suite
 2021-02-12 18:56:52 +01:00
Geoffrey White
6d452521f7 C++: Move StdBasicStringStream to a more logical location. 2021-02-12 17:42:33 +00:00
Geoffrey White
74f05d569b C++: BSL support. 2021-02-12 17:41:32 +00:00
CodeQL CI
179a7a89dd Merge pull request #5098 from erik-krogh/xml2js 
Approved by asgerf
 2021-02-12 09:22:40 -08:00
Chris Smowton
402f20c5e2 Merge pull request #5154 from smowton/smowton/admin/deprecate-old-maven-predicate-names 
Java: Re-introduce deprecated versions of old Maven predicate names
 2021-02-12 17:22:05 +00:00
Chris Smowton
80978c7c35 Merge pull request #5153 from smowton/smowton/admin/move-misplaced-experimental-query 
Move misplaced experimental query into the conventional directory
 2021-02-12 17:21:57 +00:00
Geoffrey White
d362b5aa65 C++: StdSet should be private as well. 2021-02-12 16:29:44 +00:00
Geoffrey White
df91b8182c C++: Deprecate StdPairClass properly. 2021-02-12 16:24:45 +00:00
Geoffrey White
1edfd04598 C++: BSL Support. 2021-02-12 15:56:47 +00:00
Geoffrey White
3cfb0a21fe C++: Fix Iterator.qll taint/data flows for operator+=. 2021-02-12 14:54:47 +00:00
Geoffrey White
61b0d6a0cd C++: Fix Iterator.qll non-member operator+= charpred. 2021-02-12 14:54:46 +00:00
Geoffrey White
da06b2a615 C++: Improve Iterator.qll layout and QLDoc. 2021-02-12 14:54:46 +00:00
Geoffrey White
90dbbbb0c2 C++: Update Iterator.qll. 2021-02-12 14:54:46 +00:00
Geoffrey White
7705fc4f98 C++: Add more test cases for iterator taint flow. 2021-02-12 14:54:45 +00:00
Alvaro Muñoz
7d294361dc Update java/ql/src/semmle/code/java/frameworks/apache/Lang.qll 
Co-authored-by: Joe Farebrother <joefarebrother@github.com>
 2021-02-12 15:40:44 +01:00
Alvaro Muñoz
6b80a42913 apply LSP formatter and add missing dot 2021-02-12 15:03:11 +01:00
Alvaro Muñoz
8606386c2c add bidirectional import 2021-02-12 14:59:28 +01:00
Alvaro Muñoz
49eda8ced6 apply LSP formatter 2021-02-12 14:56:10 +01:00
Anders Schack-Mulligen
085286ab58 Merge pull request #5135 from pwntester/guava_preconditions 
Add support for the Preconditions Class in the Guava framework
 2021-02-12 14:15:17 +01:00
Chris Smowton
655cfb3a47 Re-introduce deprecated versions of old Maven predicate names 2021-02-12 12:24:19 +00:00
Chris Smowton
97df60f9d6 Move misplaced experimental query into the conventional directory 2021-02-12 12:12:16 +00:00
Chris Smowton
942ae7ef47 Merge pull request #5142 from Marcono1234/marcono1234/maven-pom-improvements 
Java: Improve MavenPom documentation, rename inconsistent predicates
 2021-02-12 11:52:19 +00:00
Rasmus Wriedt Larsen
10fdc4bfb9 Python: Add support for more yaml loading functions 2021-02-12 12:30:00 +01:00
Rasmus Wriedt Larsen
2021cdbe33 Python: Add tests for more yaml loading functions 2021-02-12 12:30:00 +01:00
Rasmus Wriedt Larsen
f328e84bd2 Python: Mention yaml.safe_load in the qhelp 2021-02-12 12:29:55 +01:00
Rasmus Wriedt Larsen
1651f81ac8 Python: Refactor to avoid confusing name 
After discussion with @yoff
 2021-02-12 12:19:37 +01:00
Mathias Vorreiter Pedersen
729c7f2371 C++: Add deprecated alias to RemoteFlowSourceFunction and LocalFlowSourceFunction. 2021-02-12 10:53:34 +01:00
Mathias Vorreiter Pedersen
b1c7cb6396 C++: Address review comments. 2021-02-12 10:37:27 +01:00
Rasmus Wriedt Larsen
ed2dc5f6ad Python: Fix date for change-note 2021-02-12 10:26:31 +01:00
Tamas Vajk
0aded1549e Improve NestedLoopsSameVariable query performance 2021-02-12 09:33:33 +01:00
Rasmus Lerchedahl Petersen
cfa72af12c Python: Update test expectation to new format 2021-02-12 09:30:12 +01:00