hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,672 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
d2c74480b9 add taint step through flatten libraries 2021-07-15 12:36:07 +02:00
Erik Krogh Kristensen
77f4d56cd9 add taint step through array-union, array-uniq, and uniq 2021-07-15 12:32:29 +02:00
Anders Schack-Mulligen
8ccdd4fb9f Merge pull request #6211 from aschackmull/dataflow/refactor-call-context-check 
Dataflow: Refactor call context check
 2021-07-15 12:27:23 +02:00
Tom Hvitved
caf88a2d31 C#: Remove redundant conjunct in ssaDefReachesReadWithinBlock 2021-07-15 12:25:33 +02:00
Anders Schack-Mulligen
7339bd89ba Java: Add support for synthetic fields in csv rows. 2021-07-15 12:19:34 +02:00
Joe Farebrother
0e8dd9f335 Use generated stubs 2021-07-15 11:03:51 +01:00
Joe Farebrother
af78b99475 Include stubs for javax 2021-07-15 10:58:12 +01:00
Joe Farebrother
f59ab527b4 Fix issue with nested types 2021-07-15 10:57:32 +01:00
Joe Farebrother
65ce8aa798 Fix issue with circular type bounds 2021-07-15 10:49:14 +01:00
Joe Farebrother
0577e12b97 Add consistency checks 2021-07-15 10:49:13 +01:00
Joe Farebrother
ecf130f7ae Move stubber to utils folder for consistency with test generator 2021-07-15 10:49:13 +01:00
Joe Farebrother
ddb93e8829 Fix a bug with type bounds + a few other bugs 2021-07-15 10:49:13 +01:00
Joe Farebrother
036e83a247 Fix error with implementing interfaces 2021-07-15 10:49:13 +01:00
Joe Farebrother
06d6ddc1b9 Fix issue with reporting javac output 2021-07-15 10:49:13 +01:00
Joe Farebrother
8f40a6e21e Use shlex for printing commands 2021-07-15 10:49:13 +01:00
Joe Farebrother
c850c7d079 Fix typo in comment 2021-07-15 10:49:13 +01:00
Joe Farebrother
b562bdd14f Simplify the python script 2021-07-15 10:49:12 +01:00
Joe Farebrother
f35320e85b Add explanatory comments + minor fixes 2021-07-15 10:49:12 +01:00
Joe Farebrother
cce6217e17 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-15 10:49:12 +01:00
Joe Farebrother
471c140d2c Fix incorrect comment 2021-07-15 10:49:12 +01:00
Joe Farebrother
cffaa8d9a0 Improve the stubbing query to handle more language constructs correctly 2021-07-15 10:49:12 +01:00
Joe Farebrother
40bb19e4f1 Add Java stubbing script 2021-07-15 10:49:12 +01:00
Joe Farebrother
e7e432d7fd Fix incorrect row 2021-07-15 10:39:05 +01:00
Joe Farebrother
f3ab295f0f Fix up tests 2021-07-15 10:34:21 +01:00
Joe Farebrother
bbc4d4855c Move tests 2021-07-15 10:34:18 +01:00
Joe Farebrother
51045a83c2 Add change note 2021-07-15 10:33:33 +01:00
Joe Farebrother
df74a142dd Update for collection flow and add more tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
8f89d748fe Add spring tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
4be7e94dcc Add more spring stubs 2021-07-15 10:33:30 +01:00
Joe Farebrother
c1555b36a1 Add additional HTTP flow steps 2021-07-15 10:32:13 +01:00
Joe Farebrother
9b6213dbf0 Convert existing spring http steps to csv 2021-07-15 10:32:10 +01:00
Erik Krogh Kristensen
5ff7d208b7 add taint step through arrify 2021-07-15 11:24:50 +02:00
Erik Krogh Kristensen
e64f29fe8f add support for Array.prototype.find and polyfills 2021-07-15 11:16:06 +02:00
Erik Krogh Kristensen
f6f63e2811 add model for the array-from polyfill 2021-07-15 10:51:55 +02:00
Anders Schack-Mulligen
d34e748c83 Merge pull request #6290 from aschackmull/java/query-metadata3 
Java: Add metadata.
 2021-07-15 09:59:45 +02:00
Erik Krogh Kristensen
383b5f2ff2 implement RegExpSubPattern.getOperand in the Python regexp implementation 2021-07-15 09:41:53 +02:00
Anders Schack-Mulligen
60b3dbd217 Java: Add metadata. 2021-07-15 09:16:56 +02:00
Anders Schack-Mulligen
bf0877c5cb Merge pull request #6289 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-07-15 09:15:51 +02:00
Anders Schack-Mulligen
e18a20fedb Merge pull request #6285 from smowton/smowton/feature/spring-jdbc-object 
Add models for org.springframework.jdbc.object
 2021-07-15 09:06:56 +02:00
Robert Marsh
4d8e882214 Merge pull request #6186 from geoffw0/formatarg 
C++: Fix FPs from cpp/wrong-type-format-argument
 2021-07-14 17:20:46 -07:00
github-actions[bot]
d6186e8d0f Add changed framework coverage reports 2021-07-15 00:06:37 +00:00
Erik Krogh Kristensen
de8f64c5be sync with python 2021-07-14 23:40:06 +02:00
Erik Krogh Kristensen
80d784e37a add a step over empty lookaheads/lookbehinds 2021-07-14 23:40:04 +02:00
mr-sherman
04940a1105 Create 2021-07-14-service-stack-support.md 2021-07-14 15:54:28 -04:00
Erik Krogh Kristensen
22dfe84ee8 add xss sink for react-tooltip 2021-07-14 20:03:50 +02:00
Erik Krogh Kristensen
14b26f2a68 add mkdirp as a sink for tainted-path 2021-07-14 19:32:22 +02:00
Chris Smowton
f2b232f276 Add change note 2021-07-14 17:39:58 +01:00
Chris Smowton
0b2750828e Add models for org.springframework.jdbc.object 
Also add tests for the existing Spring JDBC SQL injection sinks in the process
 2021-07-14 17:25:00 +01:00
Taus
fb57c5f6f0 Merge pull request #6143 from RasmusWL/concepts-private-import-python 
Python: Make `import python` private in Concepts.qll
 2021-07-14 17:49:06 +02:00
Taus
5c5ee85332 Merge pull request #6122 from RasmusWL/mention-mysqlclient 
Python: Mention modeling of `mysqlclient` PyPI package
 2021-07-14 17:48:40 +02:00