hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
0d161bec7a Merge pull request #6982 from github/nickrolfe/also-revert-cargo-lock 
Ruby: also revert Cargo.lock
 2021-10-27 20:33:07 +01:00
Erik Krogh Kristensen
96b6f670d9 filter away paths that start with libary inputs and end with a fixed-property write 2021-10-27 21:01:11 +02:00
Erik Krogh Kristensen
78371894f4 update import after rebasing on main 2021-10-27 20:47:06 +02:00
Erik Krogh Kristensen
a9a9e34265 recognize delete expresssions as a sink for js/prototype-polluting-assignment 2021-10-27 20:37:42 +02:00
Erik Krogh Kristensen
1243c736dd use ConcatenationNode::isCoercion 2021-10-27 20:37:42 +02:00
Erik Krogh Kristensen
2dedfb302a remove paths without unmatched returns from js/prototype-polluting-assignment 2021-10-27 20:37:42 +02:00
Erik Krogh Kristensen
0c9c9bbde7 detect library input when the arguments object is converted to an array 2021-10-27 20:37:41 +02:00
Erik Krogh Kristensen
fa9e9dd847 split out predicates in ClassifyFiles to avoid unnecessary computations 2021-10-27 20:35:38 +02:00
Erik Krogh Kristensen
3d124cf95e add change-note 2021-10-27 20:35:38 +02:00
Erik Krogh Kristensen
d1238dfd8b update alert message to distinguish between library input and remote flow 2021-10-27 20:35:38 +02:00
Erik Krogh Kristensen
6e183af383 ignore test files for the `prototypeLessObject' predicate 2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen
e94b0f5913 recognize inclusion based sanitizers for js/prototype-polluting-assignment 2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen
2a808b2cd6 track taint through string coercions for js/prototype-polluting-assignment 2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen
2d65aa17db recognize exported functions that use the arguments object 2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen
78774233c7 add library input as source to js/prototype-polluting-assignment 2021-10-27 20:35:36 +02:00
Erik Krogh Kristensen
0372ccce02 simplify regexp 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-10-27 20:04:24 +02:00
Erik Krogh Kristensen
af64b319ee update documentation strings 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-10-27 19:54:52 +02:00
Nick Rolfe
f557df6c4e Revert "Ruby: update Cargo.lock" 
This reverts commit 0a89028663.
 2021-10-27 18:38:22 +01:00
Nick Rolfe
f1229ff071 Revert "Ruby: update Cargo.lock" 
This reverts commit 7a5e8f1756.
 2021-10-27 18:38:08 +01:00
Arthur Baars
5e2cab4fb1 Split workflow into separate jobs 2021-10-27 19:06:22 +02:00
Erik Krogh Kristensen
71cca6d644 Merge branch 'main' into ldap 2021-10-27 19:06:06 +02:00
Erik Krogh Kristensen
2e912ee28e rename LDAP to Ldap 2021-10-27 19:05:56 +02:00
Erik Krogh Kristensen
c1ab49fe8a rename LDapFilterStep to TaintPreservingLDapFilterStep 2021-10-27 19:05:00 +02:00
jorgectf
350cbb4c5d Polish qhelp and libraries 2021-10-27 18:47:19 +02:00
Geoffrey White
e0e18c6587 C++: Drop the precision tags again, for now. 2021-10-27 17:24:46 +01:00
Shati Patel
c9b50f3c2f Merge pull request #6981 from github/aibaars/ruby-lgtm-links 
Ruby: update lgtm.com query console links
 2021-10-27 17:18:08 +01:00
Arthur Baars
f496336a0d Ruby: update lgtm.com query console links 2021-10-27 18:08:11 +02:00
Nick Rolfe
06303b103f Merge pull request #6979 from github/nickrolfe/revert-crate-updates 
Ruby: revert crate updates
 2021-10-27 16:53:19 +01:00
Nick Rolfe
7a5e8f1756 Ruby: update Cargo.lock 2021-10-27 16:21:33 +01:00
Nick Rolfe
ff7826dd96 Revert "Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/generator" 
This reverts commit 4cedb43a54.
 2021-10-27 16:21:33 +01:00
Nick Rolfe
fc1f874f92 Revert "Update tracing-subscriber requirement from 0.2 to 0.3 in /ruby/extractor" 
This reverts commit e9da027539.
 2021-10-27 16:21:33 +01:00
Nick Rolfe
11154a9409 Ruby: add regex injection query 2021-10-27 15:58:12 +01:00
Geoffrey White
2182bb5c91 C++: Remove unused qhelp files. 2021-10-27 15:47:01 +01:00
Geoffrey White
d990e790e7 C++: Remove unused index.qhelp files. 2021-10-27 15:40:34 +01:00
Arthur Baars
aeedfd9987 Filter out non-qhelp files 2021-10-27 16:00:19 +02:00
Arthur Baars
b128c7ca00 Don't use local actions 2021-10-27 15:57:54 +02:00
Arthur Baars
19e010e6fe fetch-codeql action: unzip in runner.temp 2021-10-27 15:57:54 +02:00
Anders Schack-Mulligen
6eabb610b4 Dataflow: Sync Ruby 2021-10-27 13:58:30 +02:00
Anders Schack-Mulligen
699630af54 Dataflow: Sync. 2021-10-27 13:57:44 +02:00
Anders Schack-Mulligen
92e4a1ed17 Dataflow: Review fixes. 2021-10-27 13:57:44 +02:00
Anders Schack-Mulligen
034c7f3538 Dataflow: Sync. 2021-10-27 13:57:44 +02:00
Anders Schack-Mulligen
51cebdce83 Dataflow: Add support for call context restrictions on sources/sinks. 2021-10-27 13:57:44 +02:00
Arthur Baars
dc24361f89 Merge pull request #6974 from github/nickrolfe/Cargo_lock 
Ruby: update Cargo.lock
 2021-10-27 13:47:22 +02:00
Arthur Baars
ce3a19458d Set persist-credentials: false 2021-10-27 13:30:22 +02:00
Arthur Baars
54e946918a QHelp preview: run if paths.txt is non-empty 2021-10-27 12:47:51 +02:00
Nick Rolfe
0a89028663 Ruby: update Cargo.lock 2021-10-27 11:43:09 +01:00
Arthur Baars
8077a49109 Switch qhelp-pr-preview.yml to pull_request_target 2021-10-27 12:38:52 +02:00
Rasmus Lerchedahl Petersen
06586a13a3 Python: merge tests files 2021-10-27 11:55:04 +02:00
Rasmus Lerchedahl Petersen
826f44d98e Python: Share implementation of awaited 2021-10-27 11:41:18 +02:00
Rasmus Lerchedahl Petersen
01ad19b82b Python: correct qldoc 2021-10-27 11:40:57 +02:00