hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felicity Chapman
72ac2e5498 Fix typos 2018-11-12 09:52:00 +00:00
Tom Hvitved
dd6fd400aa Merge pull request #335 from calumgrant/cs/cwe-937 
C#: New query VulnerablePackage
 2018-11-12 10:34:53 +01:00
Esben Sparre Andreasen
eaad84bb4f JS: add support for dis- and conjunctions in SanitizingFunction 2018-11-12 10:23:52 +01:00
Esben Sparre Andreasen
ffc3d6ba49 JS: simplify test (move alerts four lines up) 2018-11-12 10:21:41 +01:00
Esben Sparre Andreasen
6d0c93b6a8 JS: introduce TaintTracking::AdditionalSanitizingCall 2018-11-12 10:21:39 +01:00
Esben Sparre Andreasen
2033bf81cc JS: address docstring review comments 2018-11-12 10:03:08 +01:00
Tom Hvitved
40def8d364 Merge pull request #418 from dave-bartolomeo/dave/FormatConfig 
Allow mixed whitespace in certain test and external directories
 2018-11-12 09:43:39 +01:00
Tom Hvitved
21887d7c6f C#: Refactor SSA liveness logic 
Simplify liveness analysis by avoiding the two extra copies of `liveAtRank()`
(and other auxiliary predicates) for fields/captured variables analysis.
 2018-11-12 09:41:53 +01:00
semmle-qlci
c9d77a2d6d Merge pull request #443 from xiemaisi/js/improve-stack-trace-exposure 
Approved by asger-semmle
 2018-11-12 08:40:26 +00:00
semmle-qlci
bf18175f7a Merge pull request #445 from xiemaisi/js/aliases 
Approved by esben-semmle
 2018-11-12 08:39:11 +00:00
Max Schaefer
01b43dff72 JavaScript: Make in-dist trap cache read-only. 2018-11-12 08:33:11 +00:00
Jonas Jensen
e9dac22cfd Merge pull request #446 from geoffw0/minor-corrections 
CPP: Minor corrections to examples
 2018-11-12 09:30:39 +01:00
Max Schaefer
032ed12242 JavaScript: Use in-dist trap cache when extracting externs. 2018-11-12 08:28:08 +00:00
Jonas Jensen
0caf0f1f15 Merge pull request #430 from geoffw0/exprtemplate 
CPP: Exclude template code from ExprHasNoEffect.ql
 2018-11-12 09:27:36 +01:00
Max Schaefer
f26d47aacb JavaScript: Bump extractor version. 
This is not so much because extractor output has changed (it hasn't, except for corner cases) but to disable trap caching so as to help us to flush out bugs.
 2018-11-12 08:19:17 +00:00
Max Schaefer
f06cef5d40 JavaScript: Port JSDoc parser to Java. 2018-11-12 08:18:53 +00:00
Max Schaefer
c14ebac455 JavaScript: Port regular expression parser to Java. 2018-11-12 08:18:53 +00:00
Max Schaefer
47fda72b91 Merge pull request #448 from adityasharad/merge/master-next-091118 
Merge master into next.
 2018-11-12 08:04:31 +00:00
Aditya Sharad
761e5efd60 Merge master into next. 
JavaScript semantic conflicts fixed by referring to the `LegacyLanguage` enum.
C++ conflicts fixed by accepting Qltest output.
 2018-11-09 18:49:35 +00:00
Robert Marsh
d9495da225 C++: fix test 2018-11-09 10:15:28 -08:00
yh-semmle
992a015467 Merge pull request #415 from aschackmull/java/obinit-extraction 
Java: Account for extraction of calls to <obinit>.
 2018-11-09 12:34:00 -05:00
Geoffrey White
09782d145e CPP: Annotate expr_has_no_effect test. 2018-11-09 17:23:59 +00:00
Geoffrey White
3f0e28aea9 CPP: Fix additional expr_has_no_effect test. 2018-11-09 17:23:59 +00:00
Max Schaefer
63933cdecd JavaScript: Don't extract extens with --experimental turned on. 
There isn't any particularly compelling reason for doing so.
 2018-11-09 16:22:55 +00:00
Max Schaefer
f7d693d06f JavaScript: Make default extractor options more sensible. 
We now use module auto-detection and no TypeScript mode.

This only affects extern extraction in `AutoBuild`, everything else sets these options explicitly.
We currently do not have any ES2015 modules or TypeScript code in our externs, so in practice this is behaviour-preserving.
 2018-11-09 16:21:35 +00:00
Geoffrey White
0e9c7fc085 Merge pull request #416 from raulgarciamsft/users/raulga/c6317 
cpp: Incorrect not operator usage
 2018-11-09 15:59:57 +00:00
Aditya Sharad
355473abb3 Merge pull request #439 from aschackmull/java/move-lgtm-suites 
Java: Move the LGTM query suites to the public repo.
 2018-11-09 12:56:44 +00:00
Anders Schack-Mulligen
f6941af86c Java: Move the LGTM query suites to the public repo. 2018-11-09 13:48:49 +01:00
Anders Schack-Mulligen
46bebc898a Java: Add test. 2018-11-09 13:36:05 +01:00
Anders Schack-Mulligen
6f791bb530 Java: Account for extraction of calls to <obinit>. 2018-11-09 13:36:05 +01:00
Geoffrey White
e645166fee CPP: Make InconsistentNullnessTest.cpp example plausible. 2018-11-09 11:41:02 +00:00
Geoffrey White
d5c6f4fd64 CPP: Correct typo in OverflowCalculated.cpp example. 2018-11-09 11:38:33 +00:00
Max Schaefer
fa8736adbc JavaScript: Introduce aliases for compatibility with other language libraries. 2018-11-09 11:27:14 +00:00
semmle-qlci
e35cb3a98a Merge pull request #442 from xiemaisi/js/change-notes 
Approved by esben-semmle
 2018-11-09 10:38:39 +00:00
Max Schaefer
bdfe938d02 JavaScript: Improve StackTraceExposure query. 
It now also flags exposure of the entire exception object (not just the `stack` property).
 2018-11-09 09:42:09 +00:00
Max Schaefer
71bbbb77eb JavaScript: Update 1.19 change notes to remove changes that ended up in 1.18.1. 2018-11-09 09:17:14 +00:00
semmle-qlci
a7290e5aeb Merge pull request #434 from esben-semmle/js/type-confusion-with-taint-kinds 
Approved by asger-semmle
 2018-11-09 08:25:55 +00:00
semmle-qlci
c19747803b Merge pull request #425 from xiemaisi/js/lodash-recognition-extensible 
Approved by esben-semmle
 2018-11-09 08:08:40 +00:00
Robert Marsh
4fdc992cd9 C++: IRGuards uses Operand; fix CP in SignAnalysis 2018-11-08 14:43:51 -08:00
Robert Marsh
72bb7c9c42 C++: remove double backtick in qldoc 2018-11-08 11:39:47 -08:00
Robert Marsh
0d9e2098f2 C++: test for bounded bounds in sign analysis 2018-11-08 11:38:34 -08:00
Tom Hvitved
29f163fd4e C#: Fix guards implications logic 2018-11-08 20:21:34 +01:00
Tom Hvitved
e4aa196c37 C#: Teach guards library about custom null guards 2018-11-08 20:21:34 +01:00
Tom Hvitved
a5dfc10197 C#: Add tests for custom null guards 2018-11-08 20:21:34 +01:00
Tom Hvitved
5921a9ea51 C#: Teach guards library about assertions 2018-11-08 20:21:34 +01:00
Tom Hvitved
0fb7ddc956 C#: Add assertion guard tests 2018-11-08 20:21:34 +01:00
Dave Bartolomeo
2977395c32 Ignore whitespace errors in everything under lib 2018-11-08 11:06:42 -08:00
Dave Bartolomeo
d521502ded Allow mixed whitespace in parser tests 2018-11-08 11:06:42 -08:00
Dave Bartolomeo
a141f4c81a Allow mixed whitespace in C#, C++, and Java test sources 2018-11-08 11:06:42 -08:00
Dave Bartolomeo
55f4839abf Allow mixed whitespace in JavaScript test sources 2018-11-08 11:06:42 -08:00