codeql

mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	2ba2642c7a	add more template sinks for the `js/code-injection` query	2021-06-22 20:24:42 +02:00
CodeQL CI	bde1bb4030	Merge pull request #6126 from erik-krogh/dates Approved by esbena	2021-06-22 10:35:51 -07:00
Mathias Vorreiter Pedersen	90fe5c5aca	C++: Add change-note.	2021-06-22 17:13:07 +02:00
Mathias Vorreiter Pedersen	2e2673aff6	C++: Delete the experimental SqlPqxxTainted query.	2021-06-22 17:13:07 +02:00
Mathias Vorreiter Pedersen	440793b5ff	C++: Move the example from the experimental CWE-089 query into a test.	2021-06-22 17:13:06 +02:00
Mathias Vorreiter Pedersen	222cd41aa3	C++: Use the new SQL interface in 'Security.qll' and 'SqlTainted.ql'.	2021-06-22 17:13:06 +02:00
Mathias Vorreiter Pedersen	092fbd60d9	C++: Create a new SQL interface.	2021-06-22 17:13:06 +02:00
Taus	317c6867aa	Python: Fix sneaky semantic change Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2021-06-22 16:46:54 +02:00
CodeQL CI	eb95dff746	Merge pull request #6129 from erik-krogh/ReDoSCWE Approved by esbena	2021-06-22 07:02:39 -07:00
Shati Patel	396de59ad7	Merge pull request #6131 from erik-krogh/toUnicodeDoc mention the new `toUnicode` method in the QL language specification	2021-06-22 14:36:16 +01:00
Erik Krogh Kristensen	062502fecc	add back support for `util-promisifyall`	2021-06-22 15:34:51 +02:00
Rasmus Wriedt Larsen	3b41c2f204	Python: Use new `MethodCallNode` in TaintTrackingPrivate	2021-06-22 15:12:35 +02:00
Rasmus Wriedt Larsen	0b767bb853	Merge branch 'main' into small-cleanups	2021-06-22 15:01:53 +02:00
Tamas Vajk	870e4125dc	Fix framework coverage commenter to use merge commit parent instead of (old) base repo SHA	2021-06-22 13:24:26 +02:00
Erik Krogh Kristensen	3bdd9f7a30	mention the new toUnicode method in the QL language specification	2021-06-22 13:13:30 +02:00
Tom Hvitved	38a38fd2c1	Merge pull request #6003 from hvitved/csharp/external-summaries C#: CSV-based flow summaries	2021-06-22 12:59:44 +02:00
Asger Feldthaus	16e3681fd3	JS: Update RegExpInjection test case	2021-06-22 12:00:04 +02:00
Anders Schack-Mulligen	206a37cf08	Merge pull request #6130 from aschackmull/java/collection-test Java: Improve test and fix a few missing cases.	2021-06-22 11:56:44 +02:00
Erik Krogh Kristensen	4360e5dcbc	add model of the `thenify` library	2021-06-22 11:55:58 +02:00
Erik Krogh Kristensen	61cc415a32	add model of the `util.promisify` library	2021-06-22 11:55:58 +02:00
Erik Krogh Kristensen	2f3ea4412f	add model of the `pify` library	2021-06-22 11:55:54 +02:00
Rasmus Wriedt Larsen	5db627042f	Merge pull request #6091 from tausbn/python-exclude-main-py-files Python: Avoid `__main__.py` files as entry points.	2021-06-22 11:29:02 +02:00
Rasmus Wriedt Larsen	e05d6e71b8	Merge pull request #6064 from tausbn/python-add-get-method-call Python: Add `getAMethodCall` to `LocalSourceNode`	2021-06-22 11:16:39 +02:00
Anders Schack-Mulligen	38fc8a750c	Java: Improve test and fix a few missing cases.	2021-06-22 11:16:02 +02:00
Jonas Jensen	ae296fc6db	Merge pull request #6101 from github/AlonaHlobina-patch-3 Adding C++20 Beta support.rst	2021-06-22 11:02:15 +02:00
Erik Krogh Kristensen	c736606695	add support for moment/dayjs/luxon instances returned by `@date-io` adapters	2021-06-22 10:42:24 +02:00
Erik Krogh Kristensen	f2ca2134d1	refactor `promisify` models into a module	2021-06-22 10:40:22 +02:00
Erik Krogh Kristensen	f53955fb5e	add support for the `promise.allsettled` library	2021-06-22 10:30:33 +02:00
Erik Krogh Kristensen	95a7b16315	add support for the `lie` polyfill	2021-06-22 10:30:33 +02:00
Erik Krogh Kristensen	085efe5d20	add support for the `any-promise` polyfill	2021-06-22 10:30:33 +02:00
Erik Krogh Kristensen	cb82cdf6e9	add support for the `synchronous-promise` library	2021-06-22 10:30:33 +02:00
Erik Krogh Kristensen	5cb3c2c650	add support for the `pinkie` polyfill	2021-06-22 10:30:33 +02:00
Erik Krogh Kristensen	b574292dab	add support for the `pinkie-promise` polyfill	2021-06-22 10:30:33 +02:00
Erik Krogh Kristensen	bb1c971348	add support for the `when` polyfill, and expand the defition of `ES2015PromiseDefinition`	2021-06-22 10:30:32 +02:00
Erik Krogh Kristensen	e467ea2ea6	add support for the `native-promise-only` polyfill	2021-06-22 10:30:32 +02:00
Erik Krogh Kristensen	ebde9015d8	add support for the `rsvp` and `es6-promise` polyfill	2021-06-22 10:30:32 +02:00
Erik Krogh Kristensen	d7a47e8fbd	add support for the `promise-polyfill` polyfill	2021-06-22 10:30:32 +02:00
Erik Krogh Kristensen	f095e190a9	add support for the `promise` polyfill	2021-06-22 10:30:32 +02:00
Erik Krogh Kristensen	967ccfef0c	add support for `kew`	2021-06-22 10:30:28 +02:00
Erik Krogh Kristensen	a4303bc81d	add CWE-1333 to the JS ReDoS queries	2021-06-22 10:24:56 +02:00
ihsinme	94bd2a32f9	Update FindIncorrectlyUsedSwitch.qhelp	2021-06-22 10:39:37 +03:00
AlonaHlobina	2a9d0009be	Update versions-compilers.rst	2021-06-22 10:36:19 +03:00
Erik Krogh Kristensen	227f61b954	add model for the `luxon` library	2021-06-21 23:29:12 +02:00
Erik Krogh Kristensen	cdf3cdcf71	add model for the `formatByString` and `formatByNumber` functions in `@date-io`	2021-06-21 23:29:01 +02:00
Erik Krogh Kristensen	2a4570eaaa	add model for the `dayjs` library	2021-06-21 23:28:45 +02:00
Taus	ba6ab8ff3d	Python: Expand `__main__.py` comment Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2021-06-21 18:14:03 +02:00
Taus	768cab3642	Python: Address review comments - changes `getReceiver` to `getObject` - fixes `calls` to avoid unwanted cross-talk - adds some more documentation to highlight the above issue	2021-06-21 14:57:19 +00:00
Mathias Vorreiter Pedersen	3bc6b11ae5	C++: Share the 'bounded' predicate from 'cpp/uncontrolled-arithmetic' and use it in 'cpp/tainted-arithmetic'.	2021-06-21 16:38:17 +02:00
Anders Schack-Mulligen	c06e152e90	Java: Remove outdated test.	2021-06-21 16:08:59 +02:00
Anders Schack-Mulligen	27c973e157	Java: Fix some qltests.	2021-06-21 16:08:52 +02:00

... 49 50 51 52 53 ...

26405 Commits