hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
ac6acfb660 C++: Use data flow. 2021-10-11 15:36:00 +01:00
Owen Mansel-Chan
058a04f756 Merge pull request #6795 from owen-mc/inline-expectation-test-trivial-change 
Change class name in InlineExpectationTest to avoid clash
 2021-10-11 15:35:17 +01:00
shati-patel
c7fbddce54 Docs: Update beta note for packaging 2021-10-11 15:02:25 +01:00
Rasmus Wriedt Larsen
bca1cb141c Packaging: Normalize src/qlpack.yml 
Port of 4) from https://github.com/github/codeql/pull/6605

> Dependencies from query packs to other packs are always "*" since
these dependencies are always from source and we should get the
latest.

Compare with [C++ change](https://github.com/github/codeql/pull/6605/files#diff-0236560ca1b9c19eb7c74d8bfecd1c78005e762122f8bcdaee9eb9b20460bf9c).
 2021-10-11 14:36:14 +02:00
Marcono1234
ba0dbd5871 Java: Improve IncorrectSerializableMethods.ql; address review comments 2021-10-11 14:29:10 +02:00
Rasmus Lerchedahl Petersen
19f6cc00c8 Python: rewrite import time test 2021-10-11 14:28:25 +02:00
yoff
5aee715931 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-10-11 13:00:21 +02:00
Arthur Baars
fac4df203a Update tree-sitter-ruby 2021-10-11 12:53:16 +02:00
Tom Hvitved
98d1ee5178 API graphs: Avoid non-linear recursion 2021-10-11 12:01:33 +02:00
Tom Hvitved
68ea3e7b49 Data flow: Add debugging predicates for rendering data flow graphs for summarized callables 2021-10-11 11:29:08 +02:00
Tom Hvitved
d5955f1ae1 Java: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
Tom Hvitved
30bf2aade4 C#: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
Tom Hvitved
61973c399e C#: Make GetCSharpArgsLogs robust against log directory not existing 2021-10-11 11:28:49 +02:00
Tom Hvitved
c75e2d306d Merge pull request #6852 from hvitved/csharp/interpret-element0-bad-magic 
C#: Avoid bad magic in `interpretElement0`
 2021-10-11 11:27:35 +02:00
haby0
c2d0fcfbe6 Update python/ql/test/experimental/query-tests/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 16:46:02 +08:00
haby0
29ddc76e2f Update python/ql/test/experimental/query-tests/Security/CWE-117/LogInjection.expected 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 16:43:30 +08:00
Rasmus Wriedt Larsen
8444388ec7 Python: Update .expected 2021-10-11 09:48:56 +02:00
Rasmus Wriedt Larsen
1552c108b0 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 09:34:15 +02:00
Tom Hvitved
b05d76a131 C#: Avoid bad magic in interpretElement0 2021-10-11 09:30:52 +02:00
Tony Torralba
0919746f1a Merge pull request #6844 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-11 09:25:46 +02:00
github-actions[bot]
ea0a0522a7 Add changed framework coverage reports 2021-10-11 00:08:32 +00:00
Marcono1234
a7670fbcab Java: Enhance IncorrectSerializableMethods.ql 2021-10-11 02:05:53 +02:00
Marcono1234
12936ff5fe Java: Fix IncorrectSerializableMethods.ql using wrong readObject signature 2021-10-11 02:05:53 +02:00
Marcono1234
b009886664 Java: Add TypeObjectInputStream 2021-10-11 02:05:50 +02:00
Marcono1234
a74d423d82 Java: Improve AnnotationPresentCheck.ql 2021-10-11 01:03:46 +02:00
Rasmus Lerchedahl Petersen
64b1aeaecd Python: Shorten toString for module vars 2021-10-10 15:59:31 +02:00
Rasmus Lerchedahl Petersen
0aa632d149 Python: Move writing of module vars 
into runtime jump steps.
 2021-10-10 15:49:33 +02:00
yoff
9c9c5c09ff Merge pull request #6837 from RasmusWL/more-unsafe-deserialization-sinks 
Python: More unsafe deserialization sinks
 2021-10-10 14:33:53 +02:00
yoff
f6122c8a6c Merge pull request #6734 from erik-krogh/regBehind 
JS/PY: do not filter away regular expressions with lookbehinds
 2021-10-10 13:54:26 +02:00
Henry Mercer
5b26d41d27 C++: Improve SARIF severity level reporting of extractor diagnostics 2021-10-08 17:53:55 +01:00
Rasmus Wriedt Larsen
a50b193c40 Python: Model data-flow for x or y and x and y 2021-10-08 18:32:30 +02:00
Rasmus Wriedt Larsen
15476c2513 Python: Add data-flow tests for BoolExp 
> 6.11. Boolean operations

> The expression x and y first evaluates x; if x is false, its value is
> returned; otherwise, y is evaluated and the resulting value is
> returned.

> The expression x or y first evaluates x; if x is true, its value is
> returned; otherwise, y is evaluated and the resulting value is
> returned.
 2021-10-08 18:29:06 +02:00
Nick Rolfe
f500e5b2d7 Use Expr::getValueText 2021-10-08 16:41:06 +01:00
Geoffrey White
79f13cae55 Merge pull request #6839 from geoffw0/toctoufp 
CPP: Add test cases for cpp/toctou-race-condition
 2021-10-08 16:15:00 +01:00
Rasmus Lerchedahl Petersen
705970cedd Python: Update tests to use correct tag 2021-10-08 16:57:36 +02:00
Cornelius Riemenschneider
84883d115d Merge pull request #6813 from adityasharad/docs/database-create-bazel 
CLI docs: Add example for creating a database using a Bazel build command
 2021-10-08 16:56:10 +02:00
Rasmus Lerchedahl Petersen
8ba01abcd6 Merge branch 'python-dataflow/init-time' of github.com:yoff/codeql into python-dataflow/init-time 2021-10-08 16:53:08 +02:00
Anders Schack-Mulligen
2185a654de Java: Fix some performance issues. 2021-10-08 15:53:14 +02:00
Anders Schack-Mulligen
5d0e72755d Merge pull request #6770 from aschackmull/java/stream-model 
Java: Add models for java.util.stream.
 2021-10-08 15:48:50 +02:00
Geoffrey White
1c56573194 C++: Add tests. 2021-10-08 14:30:27 +01:00
Geoffrey White
dd95131630 C++: Test spacing. 2021-10-08 14:28:42 +01:00
Rasmus Lerchedahl Petersen
4807f50c00 Merge branch 'main' of github.com:github/codeql into python-dataflow/init-time 2021-10-08 14:55:01 +02:00
ihsinme
8c42545d1c Update FindWrapperFunctions.qhelp 2021-10-08 13:10:36 +03:00
Rasmus Wriedt Larsen
fd0c386a4c Python: Add change-note 2021-10-08 12:06:18 +02:00
Rasmus Wriedt Larsen
5e6f042f6e Python: Model pickle.Unpickler 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
75b06d8a25 Python: Model dill.load 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
4820be3b10 Python: Model keyword arguments to dill.loads 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
9180257afe Python: Refactor Dill.qll 
So it matches the layout of all our other qll modules modeling a PyPI
package.
 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
f9333fc551 Python: Expand dill tests 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
42980a1ab4 Python: Model shelve.open 2021-10-08 11:55:54 +02:00