codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Jonas Jensen	ad4b2beafa	Merge pull request #4727 from criemen/remove-abstract-classes C++/C#/JS/Python/Java XML.qll: Remove abstract from class hierarchy.	2020-11-27 08:17:21 +01:00
Cornelius Riemenschneider	3bfb398516	Autoformat XML.qll.	2020-11-25 18:20:50 +01:00
Cornelius Riemenschneider	7eec988fb5	XML.qll: Remove abstract from class hierarchy.	2020-11-25 17:22:03 +01:00
CodeQL CI	34ffcb5677	Merge pull request #4593 from asgerf/js/react-hot Approved by erik-krogh	2020-11-25 12:01:38 +00:00
CodeQL CI	395403789e	Merge pull request #4585 from erik-krogh/moreReDoS Approved by asgerf	2020-11-24 18:52:36 +00:00
CodeQL CI	4be158b362	Merge pull request #4708 from erik-krogh/emptyName Approved by asgerf	2020-11-24 17:34:55 +00:00
CodeQL CI	8c68463e76	Merge pull request #4711 from erik-krogh/locType Approved by asgerf	2020-11-24 13:10:32 +00:00
Erik Krogh Kristensen	f03429a4b8	change description for source root folder	2020-11-23 23:46:44 +01:00
Erik Krogh Kristensen	33dab1717e	treat nodes with type "Location" as a location source - but not if we can track it from an original node with type "Location"	2020-11-23 17:03:50 +01:00
Erik Krogh Kristensen	f7f9beeefd	avoid reporting empty names in `js/exposure-of-private-files`	2020-11-23 14:24:42 +01:00
Erik Krogh Kristensen	02d5fbf46b	remove superfluous space	2020-11-23 14:22:16 +01:00
Erik Krogh Kristensen	234730419b	restrict computation of ConcatenationRoot::getConstantStringParts to results that are less than 1 million chars long	2020-11-23 10:29:47 +01:00
Asger Feldthaus	f894cf2074	JS: Add support for react-hot-loader	2020-11-20 15:28:32 +00:00
Asger Feldthaus	16429c8ca4	JS: followed -> followed by	2020-11-20 14:44:25 +00:00
Asger Feldthaus	7536c49c6f	JS: Use getAParameter and not getReceiver instead of getASuccessor	2020-11-20 10:34:30 +00:00
Asger F	405f07720a	Apply suggestions from code review Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2020-11-20 10:21:19 +00:00
Asger Feldthaus	b34df9ff33	JS: Autoformat	2020-11-20 10:15:35 +00:00
Asger Feldthaus	f737f34dcd	JS: Add UntrustedDataToExternalApi query	2020-11-19 13:42:25 +00:00
Erik Krogh Kristensen	a3b21ad43b	Apply suggestions from code review Co-authored-by: Asger F <asgerf@github.com>	2020-11-19 11:42:12 +01:00
Erik Krogh Kristensen	cc1d797cef	adjust top comment to reflect what the query does, and add comment about which kind of accepting state is assumed.	2020-11-18 21:32:31 +01:00
Erik Krogh Kristensen	58c31f0eca	prune more regexps initially in the ReDoS query	2020-11-18 15:14:46 +01:00
Erik Krogh Kristensen	c4153a617e	remove duplicated test cases from ReDoS, and adjust variables names to match test output	2020-11-18 14:49:09 +01:00
Erik Krogh Kristensen	8270bf5bb9	make the character search skip unencodable characters	2020-11-18 11:55:49 +01:00
Erik Krogh Kristensen	55f2f86a26	limit the search of state-pairs to the ones that are reachable within the given length	2020-11-18 09:23:35 +01:00
Erik Krogh Kristensen	c4d7533701	Merge branch 'main' into moreReDoS	2020-11-17 17:34:49 +01:00
Erik Krogh Kristensen	97acf1fd87	fix FP related to inverted character classes choosing a char that was not matched by the char class	2020-11-17 17:34:43 +01:00
CodeQL CI	09cfb24afa	Merge pull request #4648 from erik-krogh/regexpParse Approved by asgerf	2020-11-16 08:20:40 +00:00
Erik Krogh Kristensen	a49b99b18c	autoformat	2020-11-13 20:06:17 +01:00
Erik Krogh Kristensen	affb11b0e3	changes based on review	2020-11-13 19:46:37 +01:00
Erik Krogh Kristensen	2f4fcc2f5e	Apply suggestions from code review Co-authored-by: Asger F <asgerf@github.com>	2020-11-13 18:03:07 +01:00
Erik Krogh Kristensen	7f68b07665	Merge branch 'main' into regexpParse	2020-11-13 09:33:16 +01:00
Erik Krogh Kristensen	7cf7a44fda	autoformat	2020-11-12 22:33:00 +01:00
Erik Krogh Kristensen	49be7e959f	Merge branch 'main' into jwt	2020-11-12 21:36:09 +01:00
Erik Krogh Kristensen	99d03bab24	only flag the secret key in JWT	2020-11-12 21:36:05 +01:00
Asger Feldthaus	4d3d982bde	JS: Autoformat date-functions file	2020-11-12 10:07:30 +00:00
CodeQL CI	f9d62adcb2	Merge pull request #4567 from asgerf/js/date-functions Approved by erik-krogh	2020-11-11 11:17:30 +00:00
Erik Krogh Kristensen	e01d4b104e	update expected output	2020-11-10 23:42:38 +01:00
Erik Krogh Kristensen	6b7f8dd505	fix parse errors related to char escapes and char ranges	2020-11-10 21:02:29 +01:00
Jonas Jensen	fc764db8e1	Merge pull request #4643 from nickrolfe/getFileBySourceArchiveName Replace getEncodedFile with shared getFileBySourceArchiveName predicate	2020-11-10 17:36:29 +01:00
Nick Rolfe	ac4a1f1d9b	Update comment to be a QLDoc comment	2020-11-10 14:14:27 +00:00
Nick Rolfe	1e1eb7ee33	Replace getEncodedFile with shared getFileBySourceArchiveName predicate While also making it work with paths for databases created on Windows.	2020-11-10 13:55:27 +00:00
Anders Schack-Mulligen	89ef6ea4eb	C++/C#/Java/JavaScript/Python: Autoformat set literals.	2020-11-10 13:32:27 +01:00
Erik Krogh Kristensen	ae7c7607f1	fix typos in documentation strings Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2020-11-10 10:41:39 +01:00
Erik Krogh Kristensen	5ecae55e77	add keys used by `jsonwebtoken` as CredentialsExpr	2020-11-10 10:41:39 +01:00
Erik Krogh Kristensen	e75259d3a6	model the verify function in `jsonwebtoken`	2020-11-10 10:41:39 +01:00
Erik Krogh Kristensen	6732493377	add model for `jwt-decode`	2020-11-10 10:41:36 +01:00
CodeQL CI	1e048d8045	Merge pull request #4609 from asgerf/js/destructuring-export Approved by erik-krogh	2020-11-09 15:47:00 +00:00
Asger Feldthaus	32c5bc4836	JS: Update test case output (new flow is correct)	2020-11-09 11:19:47 +00:00
Erik Krogh Kristensen	3ef5d89e39	update expected output	2020-11-08 23:27:38 +01:00
Erik Krogh Kristensen	17a687b344	testing many possible intersections, instead of a single intersection	2020-11-08 23:24:36 +01:00

1 2 3 4 5 ...

4633 Commits