hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 13:06:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,378 Commits 1,714 Branches 162 Tags
032ed1224235aa97ea2b518d6a41408d69e552b0
Commit Graph

1378 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
032ed12242 JavaScript: Use in-dist trap cache when extracting externs. 2018-11-12 08:28:08 +00:00
Max Schaefer
63933cdecd JavaScript: Don't extract extens with --experimental turned on. 
There isn't any particularly compelling reason for doing so.
 2018-11-09 16:22:55 +00:00
Max Schaefer
f7d693d06f JavaScript: Make default extractor options more sensible. 
We now use module auto-detection and no TypeScript mode.

This only affects extern extraction in `AutoBuild`, everything else sets these options explicitly.
We currently do not have any ES2015 modules or TypeScript code in our externs, so in practice this is behaviour-preserving.
 2018-11-09 16:21:35 +00:00
semmle-qlci
a7290e5aeb Merge pull request #434 from esben-semmle/js/type-confusion-with-taint-kinds 
Approved by asger-semmle
 2018-11-09 08:25:55 +00:00
semmle-qlci
c19747803b Merge pull request #425 from xiemaisi/js/lodash-recognition-extensible 
Approved by esben-semmle
 2018-11-09 08:08:40 +00:00
Aditya Sharad
1a5d4626bc Merge pull request #435 from calumgrant/cs/fix-extractor 
C#: Fix an ArgumentNullException.
 2018-11-08 17:29:08 +00:00
calumgrant
6fdb0aab41 Merge pull request #426 from hvitved/csharp/accessor-argument 
C#: Improve `AccessorCall::getArgument()`
 2018-11-08 16:03:48 +00:00
semmle-qlci
3c49bc6e67 Merge pull request #407 from asger-semmle/email-xss 
Approved by xiemaisi
 2018-11-08 10:53:10 +00:00
semmle-qlci
29cabc0e09 Merge pull request #424 from esben-semmle/js/syntactic-nullOrUndefined 
Approved by asger-semmle
 2018-11-08 10:52:44 +00:00
calum
789e2fcf6d C#: Fix an ArgumentNullException. 2018-11-08 10:39:38 +00:00
Tom Hvitved
f7db845331 C#: Add change note 2018-11-08 09:26:59 +01:00
Tom Hvitved
06a2bcc244 C#: Fix XmlReaderSettingsCreation logic 2018-11-08 09:20:21 +01:00
semmle-qlci
990c7e057f Merge pull request #419 from xiemaisi/js/fix-mixed-whitespace 
Approved by esben-semmle
 2018-11-07 23:47:48 +00:00
yh-semmle
49fbc410a1 Merge pull request #414 from aschackmull/java/unreachable-ssa 
Java: Don't construct nonsense SSA for unreachable code.
 2018-11-07 18:30:46 -05:00
yh-semmle
fc5b1958aa Merge pull request #422 from aschackmull/java/ws-in-examples 
Java: Fix mixed tabs/spaces in qhelp examples.
 2018-11-07 18:25:10 -05:00
ian-semmle
f2a3054aae Merge pull request #432 from dave-bartolomeo/dave/FixCppWhitespace 
C++: Fix mixed tabs and spaces in non-test code
 2018-11-07 23:11:38 +00:00
Dave Bartolomeo
5bf88f0f0a C++: Fix mixed tabs and spaces in non-test code 2018-11-07 11:32:17 -08:00
Esben Sparre Andreasen
0afbea968c Merge pull request #421 from xiemaisi/js/open-source-extractor 
JavaScript: Open-source extractor
 2018-11-07 15:13:27 +01:00
calumgrant
a8eabeb660 Merge pull request #420 from hvitved/csharp/whitespaces 
C#: Fix whitespaces
 2018-11-07 13:44:31 +00:00
semmle-qlci
ee3a332568 Merge pull request #423 from aschackmull/docs/ws-fix-style-guide 
Approved by xiemaisi
 2018-11-07 13:05:43 +00:00
Asger F
92f1c9a521 JS: add change note 2018-11-07 11:31:52 +00:00
Asger F
e0d5557ef4 JS: add email HTML body as XSS sink 2018-11-07 11:31:40 +00:00
Esben Sparre Andreasen
f0343d0678 JS: use isUserControlledObject in js/type-confusion-through-parameter-tampering 2018-11-07 12:18:46 +01:00
Esben Sparre Andreasen
a2df4f9bfe JS: mark Koa params as user-controlled objects 2018-11-07 12:18:46 +01:00
Tom Hvitved
5d8162cc8b C#: Improve AccessorCall::getArgument() 
- Handle tuple assignments.
- Handle compound `+=` assignments.
 2018-11-07 11:30:04 +01:00
Tom Hvitved
48634d4c9a Merge pull request #391 from calumgrant/cs/extractor/dump-args 
C#: Reduce extractor log size
 2018-11-07 11:17:21 +01:00
Tom Hvitved
7423916214 C#: Add tests for calls to accessors with arguments 2018-11-07 10:38:36 +01:00
Max Schaefer
22640f891e JavaScript: Make lodash/underscore recognition extensible. 2018-11-07 09:02:17 +00:00
Esben Sparre Andreasen
e6a190c06e JS: replace .stripParens query uses w. .getUnderlyingReference 2018-11-07 09:32:02 +01:00
Esben Sparre Andreasen
f04293f73c JS: replace .stripParens library uses w. .getUnderlyingReference 2018-11-07 09:32:02 +01:00
Esben Sparre Andreasen
43e215c7af JS: replace .stripParens query uses w. .getUnderlyingValue 2018-11-07 09:32:02 +01:00
Esben Sparre Andreasen
030d9202de JS: replace .stripParens library uses w. .getUnderlyingValue 2018-11-07 09:32:02 +01:00
semmle-qlci
4225e0bb44 Merge pull request #356 from asger-semmle/parameter-node 
Approved by xiemaisi
 2018-11-07 08:31:05 +00:00
semmle-qlci
2457eb98df Merge pull request #166 from asger-semmle/documentable-self-assign 
Approved by esben-semmle, xiemaisi
 2018-11-07 08:30:17 +00:00
semmle-qlci
c20e24d549 Merge pull request #385 from asger-semmle/async-model 
Approved by xiemaisi
 2018-11-07 08:28:37 +00:00
semmle-qlci
282d1e2096 Merge pull request #404 from asger-semmle/useless-conditional2 
Approved by xiemaisi
 2018-11-07 08:28:01 +00:00
Max Schaefer
212a78b5fc Merge pull request #323 from esben-semmle/js/always-return-type-inference 
JS: additional return type inference
 2018-11-07 08:25:28 +00:00
Jonas Jensen
6f2fd05480 Merge pull request #354 from geoffw0/return-exception 
CPP: Remove successor edges after calls to non-returning functions
 2018-11-07 09:24:41 +01:00
Anders Schack-Mulligen
268de8de4f Style guide: Fix whitespace. 2018-11-07 09:12:55 +01:00
Anders Schack-Mulligen
92f265844b Java: Fix mixed tabs/spaces in qhelp examples. 2018-11-07 09:02:41 +01:00
Tom Hvitved
67e64f21d8 C#: Fix whitespaces 2018-11-07 08:52:38 +01:00
Max Schaefer
f75ce7a6ef JavaScript: Fix project layout for trap tests. 2018-11-07 07:48:25 +00:00
Max Schaefer
afe271c679 JavaScript: Update file classification in .lgtm.yml. 2018-11-07 07:48:25 +00:00
Max Schaefer
52e5879a2d JavaScript: Move extractor change notes. 2018-11-07 07:48:25 +00:00
Max Schaefer
4c4920c3a9 JavaScript: Open-source extractor. 2018-11-07 07:48:25 +00:00
Max Schaefer
5ffe45a80b JavaScript: Fix mixed tabs/spaces in qhelp. 2018-11-07 07:40:51 +00:00
semmle-qlci
b38effd55b Merge pull request #402 from geoffw0/tag-typos 
Approved by dave-bartolomeo
 2018-11-07 00:59:21 +00:00
Jonas Jensen
e03b4f0cb6 Merge pull request #293 from geoffw0/zerosizebuffer 
CPP: Better handling of zero-sized buffers
 2018-11-06 20:08:39 +01:00
semmle-qlci
33c02fe928 Merge pull request #355 from hvitved/csharp/guards-logic 
Approved by calumgrant
 2018-11-06 19:06:30 +00:00
Dave Bartolomeo
62a5aef0de Merge pull request #410 from jbj/range-analysis-tests 
C++: Tests for two range analysis bugs
 2018-11-06 10:51:12 -08:00