hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,437 Commits 1,742 Branches 166 Tags
097b6e5e3364ecc7103586d6feb308861e15538e
Commit Graph

22437 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
633f228dc2 C#: Add CFG tests for partial classes 2021-05-03 10:23:29 +02:00
Tom Hvitved
bb1cb73675 Merge pull request #5795 from hvitved/csharp/implicit-constructor-inits 
C#: Extract implicit constructor initializer calls
 2021-05-03 10:21:04 +02:00
Tom Hvitved
b77b3da8d6 C#: Add change note 2021-05-03 09:40:13 +02:00
Jonas Jensen
c05ef1225c Merge pull request #5803 from MathiasVP/no-magic-in-getUnspecifiedType 
C++: Add nomagic to getUnspecifiedType
 2021-05-03 09:03:58 +02:00
edvraa
65183cde80 Move to experimental 2021-05-03 09:59:52 +03:00
edvraa
bd99114cd6 Comments added 2021-05-03 09:55:04 +03:00
edvraa
a24c1c8114 fix comment 2021-05-03 00:36:38 +03:00
edvraa
fa94fedfc3 simple dataflow for sensitive name 2021-05-03 00:36:26 +03:00
edvraa
97bc7e38d2 check for sensitive property name 2021-05-03 00:31:29 +03:00
edvraa
7ab91bb185 Inline getOptionsArgument 2021-05-03 00:09:15 +03:00
Mario Campos
ae857db657 Add React Native to JavaScript frameworks 
According to @asgerf, React Native is already supported 🎉
 2021-04-30 10:47:08 -05:00
Chris Smowton
b2c0259197 Merge pull request #5631 from haby0/UseOfLessTrustedSource 
[Java] CWE-348: Using a client-supplied IP address in a security check
 2021-04-30 15:20:53 +01:00
haby0
fdcc517b9f UseOfLessTrustedSource -> ClientSuppliedIpUsedInSecurityCheck" 2021-04-30 17:43:34 +08:00
haby0
f41301f8f5 Update java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSource.java 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-04-30 16:55:17 +08:00
haby0
0691cac5ab Update java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSourceLib.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-04-30 16:54:41 +08:00
haby0
8142810455 Update java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSource.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-04-30 16:54:28 +08:00
Tom Hvitved
ecd40e5cae Merge pull request #5808 from intrigus-lgtm/fix-lambda-typos 
Fix typo.
 2021-04-30 09:08:28 +02:00
haby0
711a74c9c9 Eliminate false positives\ 2021-04-30 10:31:40 +08:00
intrigus
08731fc6cf Fix typo. 2021-04-29 20:26:34 +02:00
Chris Smowton
ad9ea40954 Merge pull request #5597 from intrigus-lgtm/java/jwt-insecure-parse 
[Java] JWT without signature check.
 2021-04-29 14:41:11 +01:00
Geoffrey White
c4069362ce Merge pull request #5804 from MathiasVP/improve-detect-and-handle-memory-allocation-errors 
C++: Improve qhelp and tests for cpp/detect-and-handle-memory-allocation-errors
 2021-04-29 14:34:41 +01:00
haby0
e813257431 use hardCode 2021-04-29 21:23:52 +08:00
Anders Schack-Mulligen
404a6c1506 Merge pull request #5805 from smowton/smowton/admin/spring-setter-method-docs 
Document `SpringProperty::getSetterMethod`.
 2021-04-29 15:10:58 +02:00
Anders Schack-Mulligen
c78285e557 Merge pull request #5784 from Marcono1234/marcono1234/switch-expr-stmt-parent 
Java: Add StmtParent as superclass of SwitchExpr
 2021-04-29 15:02:05 +02:00
Tom Hvitved
c3890a9435 C#: Adjust CFG for instance constructors 2021-04-29 14:05:42 +02:00
Tom Hvitved
ee62522c51 C#: Extract implicit constructor initializer calls 2021-04-29 14:05:42 +02:00
Mathias Vorreiter Pedersen
c67ab8f1f0 C++: Respond to review comments. 2021-04-29 14:01:04 +02:00
Chris Smowton
2787c2f874 Document SpringProperty::getSetterMethod. 2021-04-29 12:28:26 +01:00
Mathias Vorreiter Pedersen
e81b40978e C++: Improve the description tag. 2021-04-29 12:10:29 +02:00
Arthur Baars
6693c5bdd0 Merge pull request #5395 from tausbn/python-share-typetracker 
Python: Make the type tracking implementation shareable
 2021-04-29 12:06:12 +02:00
Mathias Vorreiter Pedersen
9e39b08325 C++: Improve the qhelp for cpp/detect-and-handle-memory-allocation-errors. 2021-04-29 11:58:36 +02:00
Mathias Vorreiter Pedersen
44de127bff C++: Extend and improve the testcases for cpp/detect-and-handle-memory-allocation-errors. 2021-04-29 11:57:43 +02:00
Rasmus Wriedt Larsen
af0723c185 Merge pull request #5656 from asgerf/js/files-diagnostics 
JS: Add file diagnostics queries
 2021-04-29 11:53:11 +02:00
CodeQL CI
84d43946de Merge pull request #5755 from RasmusWL/non-alert-data-part1 
Approved by tausbn
 2021-04-29 02:51:34 -07:00
Mathias Vorreiter Pedersen
39c7816ede C++: Dont allow magic in getUnspecifiedType. 2021-04-29 10:09:46 +02:00
Tom Hvitved
0cb826a511 Merge pull request #5797 from hvitved/cpp/has-multi-scope-node-noinline 
C++: Do not inline `Dominance::hasMultiScopeNode`
 2021-04-29 09:51:05 +02:00
CodeQL CI
3240536d0e Merge pull request #5798 from erik-krogh/trackLoc 
Approved by esbena
 2021-04-29 00:45:21 -07:00
Aditya Sharad
4d2db08934 Merge pull request #5801 from github/aeisenberg/fix-codescanning 
Actions: Fix code scanning workflow
 2021-04-28 15:21:43 -07:00
Andrew Eisenberg
0376a13dd8 Actions: Fix code scanning workflow 2021-04-28 15:05:13 -07:00
intrigus
a8865e2fa2 Java: Cleanup jwt stubs. 2021-04-28 20:46:09 +02:00
Erik Krogh Kristensen
dfd63e5d5a track window object to where .location is read 2021-04-28 18:52:00 +02:00
Shati Patel
d288b9216e Merge pull request #5790 from github/cklin-find-the-thief-conditions-sync 
Fix inconsistency in the find-the-thief exercise
 2021-04-28 17:16:58 +01:00
CodeQL CI
9c5ad44e27 Merge pull request #5782 from erik-krogh/domFP 
Approved by esbena
 2021-04-28 09:12:00 -07:00
Rasmus Lerchedahl Petersen
16bde2729d Python: add flow from methods to calls 2021-04-28 17:02:24 +02:00
Tom Hvitved
058925cca9 C++: Do not inline Dominance::hasMultiScopeNode 2021-04-28 16:50:08 +02:00
yoff
73521e22de Merge pull request #5791 from tausbn/python-limit-absolute-imports 
Python: Limit absolute imports
 2021-04-28 16:22:08 +02:00
Erik Krogh Kristensen
902a4368a1 assume that all pipe elements that return something, return outputs 2021-04-28 12:36:07 +02:00
Erik Krogh Kristensen
2f14a6218a generalize RxJS pipes 2021-04-28 12:26:02 +02:00
Rasmus Wriedt Larsen
baa926359e Python: Minor fix to Django RawSQL QLDoc 2021-04-28 12:18:27 +02:00
Erik Krogh Kristensen
d5450f1df6 use isWildcardLike in MetacharEscapeSanitizer 2021-04-28 11:46:50 +02:00