hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 05:06:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,673 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
180904e9f6 Revert "Java: Convert Google HTTP client API parseAs sink to CSV format" 
This reverts commit 3e53484bb3.
 2021-04-22 11:14:51 +02:00
Owen Mansel-Chan
fea9f5f431 Merge pull request #5746 from owen-mc/java/refactor-exec-tainted 
Make ExecTainted easier to extend
 2021-04-22 10:14:28 +01:00
Tamas Vajk
a8a920c8f0 Add change note 2021-04-22 11:01:12 +02:00
Owen Mansel-Chan
8a01799fb8 Make imports private 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-04-22 09:46:49 +01:00
Rasmus Lerchedahl Petersen
b724e51cab Python: Improvements from review suggestions 2021-04-22 10:40:42 +02:00
Owen Mansel-Chan
4b8d4f5bbd Update docs 2021-04-22 09:30:50 +01:00
Owen Mansel-Chan
e448dcb725 Avoid bad join order 
We want to avoid joining on `i` first.
 2021-04-22 09:30:49 +01:00
Owen Mansel-Chan
9f1704560b Include constructors in abstract class 2021-04-22 09:30:48 +01:00
Tamas Vajk
1dab1590ea C#: Adjust 'fromSource' to hold only on files passed to the compiler as a source file 2021-04-22 10:21:28 +02:00
Tamas Vajk
1a708affbf Include compilation errors in diagnostic check 2021-04-22 10:08:33 +02:00
Asger Feldthaus
d2646ea4ad JS: More consistent section capitalization 2021-04-22 09:06:44 +01:00
Asger Feldthaus
0dceabe704 JS: Reference specific section of cheat sheet 2021-04-22 09:06:09 +01:00
Tamas Vajk
64354bbfaa Fix test results after rebase 2021-04-22 09:23:59 +02:00
Tamas Vajk
ff9327a035 Add diagnostic query to get correctly extracted files 2021-04-22 09:21:46 +02:00
Tamas Vajk
b05e211e21 Fix failing test 2021-04-22 09:21:45 +02:00
Tamas Vajk
353d43a039 Log model errors even in standalone extraction 2021-04-22 09:13:06 +02:00
Tamas Vajk
5149ffdd16 C#: Add extraction error diagnostic query 2021-04-22 09:13:06 +02:00
edvraa
ade238307f Add a test 2021-04-22 10:02:06 +03:00
Tamás Vajk
9c936867fa Exclude code from XML files 
Co-authored-by: yo-h <55373593+yo-h@users.noreply.github.com>
 2021-04-22 09:00:31 +02:00
Tamás Vajk
a7cc9f98ef Merge pull request #5745 from tamasvajk/feature/fix-arg-default 
C#: Fix special case of default argument value extraction
 2021-04-22 08:58:13 +02:00
edvraa
86444bfa09 Use set literal expression 2021-04-22 09:48:46 +03:00
edvraa
9774b24c4e Use TypeString 2021-04-22 09:44:07 +03:00
haby0
454324781d delete IfStmt 2021-04-22 11:59:33 +08:00
Robert Marsh
cac1bef6ea C++: deprecate cpp/return-stack-allocated-object 2021-04-21 15:17:31 -07:00
Asger Feldthaus
fe8deeaf6b JS: Autoformat 2021-04-21 23:13:57 +01:00
Dave Bartolomeo
383210096c C++: Isolate models from AST dataflow's reference/object conflation 
`DataFlowFunction` models treat references a pointers - an explicit level of indirection. The AST dataflow library generally treats references as if they were the referred-to object. This commit removes a workaround in the dataflow model for unary `operator*` on smart pointers, and makes the AST dataflow library adjust the results of querying the model so that a returned reference only gets flow that was modeled as going to the dereference of the return value.

This fixes some missing flow in IR dataflow, and recovers some (presumably) missing reverse taint flow in AST taint tracking as well.
 2021-04-21 18:09:44 -04:00
Asger Feldthaus
e98bfe921e JS: QLDoc 2021-04-21 22:14:50 +01:00
Asger Feldthaus
bb7934b381 JS: Change note 2021-04-21 21:20:12 +01:00
Asger Feldthaus
c113cfd8b7 JS: Autoformat 2021-04-21 21:13:07 +01:00
edvraa
57689df5aa Remove DataFlow::Node 2021-04-21 19:29:30 +03:00
Dave Bartolomeo
0bc4b0421d C++: Remove unnecessary cast 2021-04-21 12:12:01 -04:00
Rasmus Wriedt Larsen
5a9e27c6fc Merge branch 'main' into django-3.2 2021-04-21 17:15:47 +02:00
Chris Smowton
76091f0f8d Use ArrayElement accessor where needed 2021-04-21 15:58:41 +01:00
Chris Smowton
2c95b7539f Remove now-redundant steps 2021-04-21 15:57:09 +01:00
Chris Smowton
874733a61b Argument -> specific Argument indices 2021-04-21 15:53:55 +01:00
Chris Smowton
fce1d6122f Add change note 2021-04-21 15:47:20 +01:00
Chris Smowton
6589460357 Add models for Commons ToStringBuilder 
These don't include support for reflectionToString yet, which is coming up in a subsequent PR.
 2021-04-21 15:47:19 +01:00
Chris Smowton
94f0a1532d Merge pull request #5682 from smowton/smowton/docs/fix-has-modifier-comment 
Fix documentation of Modifier.qll
 2021-04-21 15:41:29 +01:00
Tamas Vajk
a0f5e45ae9 C#: Fix special case of default argument value extraction 2021-04-21 16:34:29 +02:00
edvraa
a93d6a3ef6 Remove SafeConstructorTrackingConfig 2021-04-21 17:16:54 +03:00
Geoffrey White
ba335089c4 Merge pull request #5601 from ihsinme/ihsinme-patch-259 
CPP: Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code
 2021-04-21 15:13:38 +01:00
edvraa
9e46ef3cd9 Get rid of getParent 2021-04-21 17:11:40 +03:00
edvraa
808444986d Get rid of UnsafeDeserializerCallable 2021-04-21 17:06:20 +03:00
Owen Mansel-Chan
9c72e73a82 Make ExecTainted easier to extend 
To add a method that executes a command, you can now define a class
extending ExecMethod.
 2021-04-21 14:55:37 +01:00
edvraa
b6952d541a get rid of getParent 2021-04-21 16:55:34 +03:00
edvraa
9cc67e4266 make private where possible 2021-04-21 16:48:05 +03:00
CodeQL CI
30d7f0dc98 Merge pull request #5687 from RasmusWL/inline-taint-tests 
Approved by yoff
 2021-04-21 06:24:12 -07:00
Taus
71780228ae Python: Rename TypeTrackerPrivate.qll 2021-04-21 13:08:26 +00:00
Asger Feldthaus
2c9a6e7bef JS: Cache function-wrapping steps in type-tracking stage 2021-04-21 13:45:58 +01:00
Tamas Vajk
e25305e3cc Java: Introduce LoC summary metric query 2021-04-21 14:27:00 +02:00