hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,271 Commits 1,673 Branches 157 Tags
063dbeeff3baf1aeffbc3fe9e3eae1c19b801dfa
Commit Graph

4271 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
063dbeeff3 Merge pull request #1198 from esben-semmle/js/more-express-route-handlers 
Approved by xiemaisi
 2019-04-05 09:47:51 +01:00
Max Schaefer
2f84aac7df Merge pull request #1193 from esben-semmle/js/improve-createServer 
JS: treat the last argument to https.createServer as a route handler
 2019-04-05 08:57:24 +01:00
Tom Hvitved
67ed863c76 Merge pull request #1200 from calumgrant/cs/icryptotransform 
C#: Tidy up cs/thread-unsafe-icryptotransform-field-in-class
 2019-04-05 09:28:24 +02:00
Jonas Jensen
d619a8c693 Merge pull request #1192 from geoffw0/severity 
CPP: Change some query severities
 2019-04-05 09:23:27 +02:00
Jonas Jensen
8c17278808 Merge pull request #1191 from geoffw0/microsoft 
CPP: Workaround improvement for File.compiledAsMicrosoft.
 2019-04-05 09:22:08 +02:00
Jonas Jensen
b555f5025e Merge pull request #1209 from geoffw0/gmtime 
CPP: Add variants to PotentiallyDangerousFunction.ql
 2019-04-05 09:19:40 +02:00
yh-semmle
6ba57fc639 Merge pull request #1202 from aschackmull/java/slf4j-print-array 
Java: Exclude slf4j calls in PrintLnArray as it supports array formatting.
 2019-04-04 20:08:20 -04:00
Esben Sparre Andreasen
0ec0aa35be JS: change notes for Express 2019-04-04 21:42:23 +02:00
Esben Sparre Andreasen
60ba74a210 JS: Express cleanup and generalization 2019-04-04 21:42:08 +02:00
Esben Sparre Andreasen
c94ca46366 JS: add more Express tests 2019-04-04 21:42:08 +02:00
Mark Shannon
2ba122373a Merge pull request #1128 from taus-semmle/python-paramiko-unsafe-host-key-validation 
Python: Add query for insecure SSH host key policies in Paramiko.
 2019-04-04 16:57:13 +01:00
Geoffrey White
7aee334baf CPP: Update the qhelp. 2019-04-04 16:48:14 +01:00
Geoffrey White
e8b7bf9ddf CPP: Change note. 2019-04-04 16:38:42 +01:00
Geoffrey White
a437e6c103 CPP: Extend coverage. 2019-04-04 16:31:02 +01:00
Geoffrey White
a1e503f428 CPP: Add test cases for PotentiallyDangerousFunction. 2019-04-04 16:26:53 +01:00
Taus
c5f41c1a5a Merge pull request #1207 from markshannon/python-fix-cwe-ref 
Fix CWE tag for Code injection query.
 2019-04-04 17:08:51 +02:00
Mark Shannon
c2e814a11a Fix CWE tag for Code injection query. 2019-04-04 15:09:12 +01:00
Geoffrey White
5e71207a23 CPP: Add '/' case. 2019-04-04 14:32:22 +01:00
Anders Schack-Mulligen
15fa4f8b7a Merge pull request #1007 from jbj/dataflow-dispatch-no-ctx 
C++: Simplify stubs in DataFlowDispatch.qll
 2019-04-04 11:25:50 +02:00
Anders Schack-Mulligen
d144ea2f1c Java: Exclude slf4j calls in PrintLnArray as it supports array formatting. 2019-04-04 11:09:41 +02:00
yh-semmle
b226cb64cd Merge pull request #1189 from aschackmull/java/preconditions 
Java: Support precondition calls as guards (ODASA-7796).
 2019-04-03 21:36:08 -04:00
Tom Hvitved
f5d52d0652 Merge pull request #274 from lukecartey/csharp/remove-security-tags 
C#: Remove the 'security' tag from some queries
 2019-04-03 17:04:25 +02:00
Jonas Jensen
d0091b28ee Merge pull request #1199 from geoffw0/printfld 
CPP: Support %Ld in printf.qll
 2019-04-03 15:38:16 +02:00
Taus
b79b53f5e3 Merge pull request #1103 from markshannon/python-encapsulate-builtins 
Python: encapsulate extensionals dealing with 'builtin' objects.
 2019-04-03 15:20:42 +02:00
Anders Schack-Mulligen
9211927112 Java: Add change note. 2019-04-03 13:17:18 +02:00
calum
42b2f09315 C#: Tidy up query, remove false-positives and add some more test cases. 2019-04-03 12:17:01 +01:00
Geoffrey White
aa21db3ed3 CPP: Change note. 2019-04-03 11:57:38 +01:00
Geoffrey White
d4c931cf11 CPP: Permit %Ld and similar. 2019-04-03 11:46:48 +01:00
Geoffrey White
b3fd7ab757 CPP: Add test cases. 2019-04-03 11:46:30 +01:00
Esben Sparre Andreasen
3c608fe11e Merge branch 'master' into js/improve-createServer 2019-04-03 12:37:33 +02:00
semmle-qlci
1da828fa80 Merge pull request #1195 from esben-semmle/js/firebase-express-requests 
Approved by xiemaisi
 2019-04-03 11:36:02 +01:00
Anders Schack-Mulligen
5379c6e3c5 Merge pull request #1197 from felicity-semmle/java/update-query-description 
Java: Fix typo in query description
 2019-04-03 12:09:26 +02:00
Felicity Chapman
ffeb61c698 Fix typo in query description 2019-04-03 10:46:48 +01:00
Jonas Jensen
f9c9efeabe Merge pull request #1188 from geoffw0/donotedit 
CPP: Consider more files to be generated.
 2019-04-03 09:52:28 +02:00
Esben Sparre Andreasen
f23a5a5fee JS: model firebase-functions/https.onRequest 2019-04-03 08:01:45 +02:00
Robert Marsh
65d0412692 Merge pull request #1194 from geoffw0/dead-goto 
CPP: Fix false positive from DeadCodeGoto.ql
 2019-04-02 10:03:15 -07:00
Jonas Jensen
eae2fe5a16 Merge pull request #1190 from Semmle/rc/1.20 
Merge 1.20 into master
 2019-04-02 15:29:12 +02:00
Geoffrey White
2e106879b8 CPP: Change note. 2019-04-02 14:25:38 +01:00
Geoffrey White
8979361255 CPP: Exclude functions containing preprocessor logic. 2019-04-02 14:24:37 +01:00
Esben Sparre Andreasen
0b733b4f23 JS: treat the last argument to https.createServer as a route handler 2019-04-02 14:38:31 +02:00
Geoffrey White
5cb30b04cc CPP: Add a test case. 2019-04-02 13:15:40 +01:00
Geoffrey White
1542fdc44b CPP: Change AV Rule 107.ql to a recommendation. 2019-04-02 12:19:33 +01:00
Geoffrey White
96136a1c55 CPP: Change SloppyGlobal.ql to a recommendation. 2019-04-02 12:18:22 +01:00
Geoffrey White
c3ec7b55b7 CPP: Workaround improvement for File.compiledAsMicrosoft. 2019-04-02 11:40:49 +01:00
semmle-qlci
4ec2df6bad Merge pull request #1179 from asger-semmle/js-windoc 
Approved by xiemaisi
 2019-04-02 11:21:07 +01:00
Jonas Jensen
b7e6f9a43e Merge pull request #1183 from aibaars/fix-query-metadata 
Fix queries with inconsistent `@kind` and `select` statements
 2019-04-02 12:00:25 +02:00
Anders Schack-Mulligen
b1e364b56a Java: Support precondition calls as guards. 2019-04-02 10:58:46 +02:00
Geoffrey White
bce6ee5c27 CPP: Consider more files to be generated. 2019-04-02 09:19:55 +01:00
semmle-qlci
02f4695a5b Merge pull request #1152 from esben-semmle/js/koa-improvements 
Approved by xiemaisi
 2019-04-02 08:51:19 +01:00
semmle-qlci
54b4e59d12 Merge pull request #1182 from esben-semmle/js/sourcenode-regexp-literals 
Approved by xiemaisi
 2019-04-01 21:58:58 +01:00