hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
ddb93e8829 Fix a bug with type bounds + a few other bugs 2021-07-15 10:49:13 +01:00
Joe Farebrother
036e83a247 Fix error with implementing interfaces 2021-07-15 10:49:13 +01:00
Joe Farebrother
06d6ddc1b9 Fix issue with reporting javac output 2021-07-15 10:49:13 +01:00
Joe Farebrother
8f40a6e21e Use shlex for printing commands 2021-07-15 10:49:13 +01:00
Joe Farebrother
c850c7d079 Fix typo in comment 2021-07-15 10:49:13 +01:00
Joe Farebrother
b562bdd14f Simplify the python script 2021-07-15 10:49:12 +01:00
Joe Farebrother
f35320e85b Add explanatory comments + minor fixes 2021-07-15 10:49:12 +01:00
Joe Farebrother
cce6217e17 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-15 10:49:12 +01:00
Joe Farebrother
471c140d2c Fix incorrect comment 2021-07-15 10:49:12 +01:00
Joe Farebrother
cffaa8d9a0 Improve the stubbing query to handle more language constructs correctly 2021-07-15 10:49:12 +01:00
Joe Farebrother
40bb19e4f1 Add Java stubbing script 2021-07-15 10:49:12 +01:00
Joe Farebrother
e7e432d7fd Fix incorrect row 2021-07-15 10:39:05 +01:00
Joe Farebrother
f3ab295f0f Fix up tests 2021-07-15 10:34:21 +01:00
Joe Farebrother
bbc4d4855c Move tests 2021-07-15 10:34:18 +01:00
Joe Farebrother
51045a83c2 Add change note 2021-07-15 10:33:33 +01:00
Joe Farebrother
df74a142dd Update for collection flow and add more tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
8f89d748fe Add spring tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
4be7e94dcc Add more spring stubs 2021-07-15 10:33:30 +01:00
Joe Farebrother
c1555b36a1 Add additional HTTP flow steps 2021-07-15 10:32:13 +01:00
Joe Farebrother
9b6213dbf0 Convert existing spring http steps to csv 2021-07-15 10:32:10 +01:00
Erik Krogh Kristensen
5ff7d208b7 add taint step through arrify 2021-07-15 11:24:50 +02:00
Erik Krogh Kristensen
e64f29fe8f add support for Array.prototype.find and polyfills 2021-07-15 11:16:06 +02:00
Erik Krogh Kristensen
f6f63e2811 add model for the array-from polyfill 2021-07-15 10:51:55 +02:00
Anders Schack-Mulligen
d34e748c83 Merge pull request #6290 from aschackmull/java/query-metadata3 
Java: Add metadata.
 2021-07-15 09:59:45 +02:00
Erik Krogh Kristensen
383b5f2ff2 implement RegExpSubPattern.getOperand in the Python regexp implementation 2021-07-15 09:41:53 +02:00
Anders Schack-Mulligen
60b3dbd217 Java: Add metadata. 2021-07-15 09:16:56 +02:00
Anders Schack-Mulligen
bf0877c5cb Merge pull request #6289 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-07-15 09:15:51 +02:00
Anders Schack-Mulligen
e18a20fedb Merge pull request #6285 from smowton/smowton/feature/spring-jdbc-object 
Add models for org.springframework.jdbc.object
 2021-07-15 09:06:56 +02:00
Robert Marsh
4d8e882214 Merge pull request #6186 from geoffw0/formatarg 
C++: Fix FPs from cpp/wrong-type-format-argument
 2021-07-14 17:20:46 -07:00
github-actions[bot]
d6186e8d0f Add changed framework coverage reports 2021-07-15 00:06:37 +00:00
Erik Krogh Kristensen
de8f64c5be sync with python 2021-07-14 23:40:06 +02:00
Erik Krogh Kristensen
80d784e37a add a step over empty lookaheads/lookbehinds 2021-07-14 23:40:04 +02:00
mr-sherman
04940a1105 Create 2021-07-14-service-stack-support.md 2021-07-14 15:54:28 -04:00
Erik Krogh Kristensen
22dfe84ee8 add xss sink for react-tooltip 2021-07-14 20:03:50 +02:00
Erik Krogh Kristensen
14b26f2a68 add mkdirp as a sink for tainted-path 2021-07-14 19:32:22 +02:00
Chris Smowton
f2b232f276 Add change note 2021-07-14 17:39:58 +01:00
Chris Smowton
0b2750828e Add models for org.springframework.jdbc.object 
Also add tests for the existing Spring JDBC SQL injection sinks in the process
 2021-07-14 17:25:00 +01:00
Taus
fb57c5f6f0 Merge pull request #6143 from RasmusWL/concepts-private-import-python 
Python: Make `import python` private in Concepts.qll
 2021-07-14 17:49:06 +02:00
Taus
5c5ee85332 Merge pull request #6122 from RasmusWL/mention-mysqlclient 
Python: Mention modeling of `mysqlclient` PyPI package
 2021-07-14 17:48:40 +02:00
Taus
30d61045d2 Python: Mention nameIndicatesSensitiveData 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-07-14 17:33:39 +02:00
Erik Krogh Kristensen
f462c9bb76 add taint through the parseqs library 2021-07-14 17:22:35 +02:00
Erik Krogh Kristensen
bec1818fc7 add taint through the normalize-url library 2021-07-14 17:15:14 +02:00
Erik Krogh Kristensen
86de10e6a1 simplify some implementations in UriLibraries.qll 2021-07-14 17:01:40 +02:00
Erik Krogh Kristensen
193ddfc771 add taint through the qs library 2021-07-14 16:56:51 +02:00
Aditya Sharad
e0a123cbd0 Merge pull request #6257 from github/rneatherway/summary-docs 
Add docs for summary type queries
 2021-07-14 07:54:18 -07:00
Taus
5a9fca48e8 Python: Fix ExceptStmt::getType 
We were not supporting `except` statements handling multiple exception
types (specified as a tuple) correctly, instead just returning the
tuple itself as the "type" (which makes little sense).

To fix this, we explicitly extract the elements of this node, in the
case where it _is_ a tuple.

This is a change that can potentially affect many queries (as `getType`
is used in quite a few places), so some care should be taken to
ensure that this does not adversely affect performance.
 2021-07-14 14:03:49 +00:00
Taus
ec9063b4a5 Python: Add test case for github/codeql#6227 2021-07-14 13:52:32 +00:00
Taus
2bb44d49d9 Python: Perform more deduplication 
This cut the evaluation time on `django` down from 1.2 seconds to ~0.8
seconds (but the impact will likely be greater on bigger projects).
 2021-07-14 13:38:05 +00:00
Anders Schack-Mulligen
a0481bda91 Merge pull request #6282 from aschackmull/java/query-metadata2 
Java: Add missing metadata.
 2021-07-14 15:17:27 +02:00
edvraa
fd4d8e2595 Use HasFlow instead HasFlowPath 2021-07-14 16:06:34 +03:00