hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 13:06:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,979 Commits 1,714 Branches 162 Tags
0669ef505ecc1021064104e2c05b2c4ba4ea06e7
Commit Graph

29979 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
0669ef505e Fix semver for upgrades references 
Ensure the version range is flexible enough to handle
future version changes.
 2021-12-13 09:03:33 -08:00
Aditya Sharad
372f099850 Merge pull request #7323 from adityasharad/atm/perf-debugging-std-lib 
JS: Performance improvements to libraries using regex matching
 2021-12-13 08:53:11 -08:00
Michael Nebel
c0b61d7f73 Merge pull request #7370 from michaelnebel/csharp-mad-textreader 
C#: Flow summaries for virtual members in abstract classes should also apply to overrides.
 2021-12-13 15:00:54 +01:00
Alex Ford
124aac23c6 Merge pull request #7371 from github/ruby/comment-new-syntax 
Ruby: use Ruby object instantiation syntax in a comment
 2021-12-13 13:23:03 +00:00
Alex Ford
4ae92667e1 Ruby: use Ruby object instantiation syntax in a comment 2021-12-13 12:54:45 +00:00
Michael Nebel
ba23393c0d C#: Update test as we now also implicitly gets flow summary for StreamReader. 2021-12-13 13:51:53 +01:00
Michael Nebel
a6eba04793 C#: Convert System.IO.TextReader flow to CSV format. 2021-12-13 13:51:18 +01:00
Michael Nebel
88bb8a2704 C#: Update flow summaries test cases. 2021-12-13 13:14:49 +01:00
Michael Nebel
d699ca9aa8 C#: Flow summaries should also apply for overides or virtual members in abstract classes. 2021-12-13 13:09:40 +01:00
Michael Nebel
7ff2ee695d Merge pull request #7348 from michaelnebel/csharp-mad-as-csv-json 
C#: Convert flow summaries for JSon.NET
 2021-12-13 11:57:55 +01:00
Michael Nebel
f32d464c0f C#: Ensure bi-directional import for External flow. 2021-12-13 10:50:49 +01:00
Michael Nebel
327cf444f4 C#: Convert Newtonsoft.JSon.Linq.JObject and Newtonsoft.JSon.Linq.JToken flow to CSV format. 2021-12-13 10:50:49 +01:00
Michael Nebel
f3c0eadbce C#: Fix the existing callableFlow for JObject to target the inherited ToString methods from JToken. 2021-12-13 10:50:49 +01:00
Michael Nebel
58f36e4b31 C#: Convert NewtonSoft.Json.JSonSerializer flow to CSV format. 2021-12-13 10:50:49 +01:00
Michael Nebel
90e49508a3 C#: Convert Newtonsoft.Json.JsonConvert flow to CSV format. 2021-12-13 10:50:48 +01:00
Michael Nebel
a4bea05fa7 Merge pull request #7342 from michaelnebel/csharp-mad-as-csv3 
C#: More Flow summaries in CSV format.
 2021-12-13 10:32:28 +01:00
Michael Nebel
be1e75471e C#: Ensure bi-directional import for external flow. 2021-12-13 09:23:11 +01:00
Michael Nebel
1cab177f8a C#: Convert System.Web.HttpUtility flow to CSV format. 2021-12-13 09:19:41 +01:00
Michael Nebel
0e0c3e3937 C#: Convert System.Web.HttpServerUtility flow to CSV format. 2021-12-13 09:19:41 +01:00
Michael Nebel
6301e726ee C#: Update HttpServerUtility stub with HtmlEncode method and update flow summaries test. 2021-12-13 09:19:41 +01:00
Michael Nebel
1cd37dddf5 C#: Convert System.Net.WebUtility flow to CSV format. 2021-12-13 09:19:41 +01:00
Michael Nebel
07a4f5f748 C#: Update FlowSummaries test as the bogus flow summaries for the KeyValuePair default constructor has been removed. 2021-12-13 09:19:41 +01:00
Michael Nebel
679aad138e C#: Convert System.Collections.Generic.KeyValuePair flow to CSV format. 2021-12-13 09:19:36 +01:00
Michael Nebel
42bf866fb3 C#: Convert System.Web.UI.WebControls.Textbox flow to CSV format. 2021-12-13 09:18:34 +01:00
Michael Nebel
9604ed883c C#: Convert System.NET.IPHostEntry flow to CSV format. 2021-12-13 09:17:27 +01:00
Michael Nebel
d804893a49 C#: Convert System.Net.Cookie flow to CSV format. 2021-12-13 09:16:05 +01:00
Michael Nebel
03fb244545 C#: Convert System.Web.HttpCookie flow to CSV format. 2021-12-13 09:13:14 +01:00
Michael Nebel
a6360215f3 Merge pull request #7304 from michaelnebel/csharp-mad-as-csv2 
C#: Convert flow summaries to CSV format.
 2021-12-13 08:56:06 +01:00
Harry Maclean
0ca9852cc8 Merge pull request #7325 from github/hmac/action-controller-private-methods 
Ruby: Don't count private methods as Rails actions
 2021-12-13 20:47:22 +13:00
Harry Maclean
e1d290d4c0 Ruby: Don't count private methods as Rails actions 
Private instance methods on ActionController classes aren't valid
request handlers. Routing to them will raise an exception.
 2021-12-13 15:36:55 +13:00
Aditya Sharad
1857de1f33 JS: Speed up detection of jQuery marker comments 
Combine two regexes into a single one.
This saves up to 5s on large databases by reducing the number
of separate scans of the comments table before regex matching.

The combined regex is slightly more permissive than the
original two, since it allows a combination of the two
matched formats. A string that matches one of the original
regexes will match the combined regex.
 2021-12-10 15:30:02 -08:00
Nick Rolfe
b80a84c156 Merge pull request #7341 from github/nickrolfe/cookies 2021-12-10 19:52:23 +00:00
Aditya Sharad
6a1aea740f JS: Avoid scanning individual comment lines to find generated code markers 
Some subclasses of GeneratedCodeMarkerComment regex match against `getLine(_)`.
When evaluated, this results in multiple scans (one per subclass that uses it)
of all comment lines in the database, before regex matching against those lines.

To make these scans smaller, regex match against the entire comment text
without splitting them into lines.
This is achieved using `?m` (multiline) and line boundaries in the regexes.
 2021-12-10 11:41:54 -08:00
Aditya Sharad
c9a87234ef JS: Factor helper predicate to improve SensitiveWrite performance 2021-12-10 11:41:53 -08:00
Andrew Eisenberg
66c1629974 Merge pull request #7285 from github/post-release-prep-2.7.3-ddd4ccbb 
Post-release preparation 2.7.3
 2021-12-10 09:59:45 -08:00
Nick Rolfe
b6c5b4d213 Ruby: define ActionViewCookiesCall 2021-12-10 16:36:26 +00:00
yoff
d8857c7ce8 Merge pull request #7246 from tausbn/python/import-star-flow 
Python: Support flow through `import *`
 2021-12-10 16:34:32 +01:00
Henry Mercer
a46787ea07 Merge pull request #7351 from github/henrymercer/js-atm-heuristic-sinks-improvements 
JS: Improve handling of heuristic sinks in endpoint filters
 2021-12-10 14:56:45 +00:00
Rasmus Wriedt Larsen
bd9b96e154 Merge pull request #7331 from tausbn/python-fix-bad-callsite-points-to-join 
Python: Fix bad `callsite_points_to` join
 2021-12-10 15:39:49 +01:00
Rasmus Wriedt Larsen
8ee020f79c Merge pull request #7332 from tausbn/python-fix-bad-scope-entry-points-to-join 
Python: Fix bad `scope_entry_points_to` join
 2021-12-10 15:33:13 +01:00
Henry Mercer
6e167040f5 Merge pull request #7307 from adityasharad/atm/perf-debugging 
JS/ATM: Various compilation fixes and performance improvements
 2021-12-10 11:00:27 +00:00
Tom Hvitved
657cd89286 Merge pull request #7347 from hvitved/cfg/more-consistency-tests 
Shared CFG: Add two more consistency queries
 2021-12-10 10:50:39 +01:00
Michael Nebel
afa58f5676 C#: Ensure bi-directional importing of external flow for System.Text. 2021-12-10 10:28:35 +01:00
Arthur Baars
13f7fd88f1 Merge pull request #7283 from aibaars/ruby-pattern-matching-cfg 
Ruby: pattern matching: CFG
 2021-12-10 10:24:38 +01:00
Anders Schack-Mulligen
634ed91904 Merge pull request #7346 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-12-10 10:12:23 +01:00
Tom Hvitved
cf42427f54 Merge pull request #7321 from hvitved/csharp/cil/unique-type 
C#: Avoid CIL instructions with multiple types
 2021-12-10 09:58:06 +01:00
Tom Hvitved
f7f3890b40 Merge pull request #7320 from hvitved/csharp/unknown-type 
C#: Populate `UnknownType`
 2021-12-10 09:57:55 +01:00
Tom Hvitved
70f76d06c7 Shared CFG: Add two more consistency queries 2021-12-10 09:56:50 +01:00
Tom Hvitved
45c0d4a3b2 Merge pull request #7343 from hvitved/cfg/consistency-test 
Shared CFG: Add another consistency test
 2021-12-10 09:49:05 +01:00
github-actions[bot]
7e5bfa5aa0 Add changed framework coverage reports 2021-12-10 00:09:34 +00:00