Asger Feldthaus
a00fdc9b25
JS: StringManipulationStep
2021-03-17 13:25:59 +00:00
Asger Feldthaus
7a5f9f6a69
JS: StringConcatStep
2021-03-17 13:25:59 +00:00
Asger Feldthaus
0fa66acdb8
JS: ReactPropStep
2021-03-17 13:25:59 +00:00
Asger Feldthaus
317a073b6e
JS: DictionaryTaintStep
2021-03-17 13:25:58 +00:00
Asger Feldthaus
3398ddf783
JS: HeapTaintStep
2021-03-17 13:25:58 +00:00
Asger Feldthaus
c3e00181cb
JS: Add SharedTaintStep
2021-03-17 13:25:58 +00:00
Rasmus Wriedt Larsen
1ecee2da0d
Merge pull request #5357 from yoff/python-rework-documentation
...
Python: rework documentation
2021-03-17 14:25:23 +01:00
Anders Schack-Mulligen
05779ef7ee
Merge pull request #5368 from joefarebrother/guava-convert-to-csv
...
Java: Convert existing Guava models to CSV format
2021-03-17 13:50:48 +01:00
CodeQL CI
efeff6fcf8
Merge pull request #5033 from asgerf/js/generalized-remote-flow-source
...
Approved by erik-krogh
2021-03-17 05:41:39 -07:00
Erik Krogh Kristensen
dab6a11978
add example code
2021-03-17 13:35:16 +01:00
Erik Krogh Kristensen
5898b48391
add missing polarity check
2021-03-17 13:35:07 +01:00
Erik Krogh Kristensen
1db5cb15f0
Update javascript/ql/src/semmle/javascript/security/IncompleteBlacklistSanitizer.qll
...
Co-authored-by: Asger F <asgerf@github.com >
2021-03-17 13:30:05 +01:00
yoff
0fc30997eb
Update docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2021-03-17 13:00:09 +01:00
Cornelius Riemenschneider
5e0601fe1f
C++: Address review comments.
2021-03-17 12:28:03 +01:00
Tamas Vajk
7019878775
Upgrade nuget package in Semmle.Autobuild.Cpp.csproj
2021-03-17 12:18:28 +01:00
Tamás Vajk
2e2a5d62c2
Merge pull request #5420 from tamasvajk/feature/fix-nullable-warning
...
C#: Fix nullable warning
2021-03-17 12:16:15 +01:00
Mathias Vorreiter Pedersen
3914a93504
C++: Remove commonTaintStep from DefaultTaintTracking.
2021-03-17 11:56:59 +01:00
Cornelius Riemenschneider
144dcf1b5e
C++: Include empty message for SuccessfulExtractions.ql.
2021-03-17 11:18:40 +01:00
Cornelius Riemenschneider
5e4e853ffb
C++: Add missing QLDoc.
2021-03-17 11:18:40 +01:00
Cornelius Riemenschneider
4c4fc05553
C++: Make toString deterministic for tests.
2021-03-17 11:18:40 +01:00
Cornelius Riemenschneider
9612426680
C++: Initial file-related metric queries.
...
This adds a library `FailedExtractions.qll` that classifies extractor errors
and provides a unified interface for both recoverable and irrecoverable
extractor errors.
This interface is then used by the new diagnostic queries to list
successfully extracted files, as well as files that encountered an
extraction error.
2021-03-17 11:18:34 +01:00
Asger Feldthaus
3a68eceaaa
JS: Fix typo in change note
2021-03-17 10:17:56 +00:00
Erik Krogh Kristensen
d1602d538e
add change note
2021-03-17 10:06:41 +01:00
Erik Krogh Kristensen
edb0f77177
add missing qldoc
2021-03-17 10:05:36 +01:00
Erik Krogh Kristensen
8975c3a7ce
broaden which types are recognized by API-graphs
2021-03-17 10:03:55 +01:00
Erik Krogh Kristensen
2f3869f41b
add model for puppeteer
2021-03-17 10:03:51 +01:00
haby0
c516d69b98
Merge remote-tracking branch 'upstream/main' into main
2021-03-17 16:42:48 +08:00
Tamas Vajk
78843882f9
C#: Upgrade nuget packages
2021-03-17 09:35:57 +01:00
Tamas Vajk
02cb383d3b
C#: Fix nullable warning
2021-03-17 09:35:13 +01:00
Tamas Vajk
0b1705f302
C#: Adjust Callable::canReturn to handle Task-like async return types
2021-03-17 09:25:57 +01:00
Rasmus Lerchedahl Petersen
acac519fef
Python: Address review suggestions
2021-03-17 00:10:04 +01:00
Mathias Vorreiter Pedersen
43fbcc1c8a
C++: Convert all the dataflow configurations to taint configurations.
2021-03-16 22:36:17 +01:00
Mathias Vorreiter Pedersen
dd6b27df24
C++: Fix test annotation.
2021-03-16 22:35:47 +01:00
Tamas Vajk
cd820917bc
Remove duplicate yield return entries from global dataflow test
2021-03-16 21:28:58 +01:00
yoff
0ee7ccf6b9
Update docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2021-03-16 19:58:23 +01:00
Tamas Vajk
2541e9cb6a
C#: Handle async data flow in expression bodied callables
2021-03-16 16:32:47 +01:00
Tamas Vajk
048c72a0f2
C#: Remove YieldReturnKind
2021-03-16 16:20:04 +01:00
Tamas Vajk
aa2abf76ba
Make ReturnNodes disjoint (normal, yield, async)
2021-03-16 16:17:27 +01:00
Asger Feldthaus
97b8e35426
JS: Update test expectations
2021-03-16 15:09:01 +00:00
Joe Farebrother
f5e4b87d1e
Remove redundant rows and add note on collection flow
2021-03-16 14:28:24 +00:00
Joe Farebrother
1e3c4d0eb1
Add stubs to fix broken test case
2021-03-16 14:24:49 +00:00
Joe Farebrother
980b2c1f4c
Convert existing Guava models to CSV system
2021-03-16 14:24:49 +00:00
Tamas Vajk
732ef92830
C#: add store step for return statements inside async methods
2021-03-16 15:18:00 +01:00
Rasmus Wriedt Larsen
fbbec5d2b9
Merge pull request #5118 from yoff/python-port-stacktrace-exosure
...
Python: Port stack trace exposure
2021-03-16 14:52:44 +01:00
Tamas Vajk
c684b74b3d
C#: Add async dataflow tests
2021-03-16 14:46:16 +01:00
Rasmus Wriedt Larsen
50978364a6
Merge pull request #5246 from yoff/python-port-insecure-default-protocol
...
Python: Port insecure default protocol
2021-03-16 14:30:19 +01:00
Asger Feldthaus
3922c73be7
JS: Add change note
2021-03-16 13:28:12 +00:00
Asger Feldthaus
a76be91481
JS: Remove deprected use of queryAccess
2021-03-16 13:28:12 +00:00
Asger Feldthaus
ff1326cc7b
JS: Cache getReExportedModule
2021-03-16 13:28:12 +00:00
Asger Feldthaus
710cca5395
JS: Update expectations with new sources
2021-03-16 13:28:12 +00:00
