hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 04:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,134 Commits 1,686 Branches 158 Tags
09e4e7901a775231edcdbcfe1754aa69e5919821
Commit Graph

972 Commits

Author SHA1 Message Date
semmle-qlci
479fca9e30 Merge pull request #1946 from xiemaisi/js/top-level-await 
Approved by asger-semmle
 2019-09-18 12:32:09 +01:00
Max Schaefer
9ff5c7007a JavaScript: Add support for top-level await. 2019-09-18 09:56:21 +01:00
Esben Sparre Andreasen
c9d31e90fe JS: add change notes 2019-09-16 10:11:43 +02:00
Calum Grant
e330d5a6c6 Merge pull request #1549 from hvitved/csharp/cfg/loop-unrolling 
C#: Loop unrolling for `foreach` statements
 2019-09-12 10:24:26 +01:00
semmle-qlci
72db219c13 Merge pull request #1910 from xiemaisi/js/unused-index-variable 
Approved by esben-semmle, shati-semmle
 2019-09-11 14:33:32 +01:00
Max Schaefer
500cde68c3 JavaScript: Add new query UnusedIndexVariable. 2019-09-11 11:36:50 +01:00
semmle-qlci
16c95d8c5e Merge pull request #1876 from esben-semmle/js/more-delimiter-stripping-whitelisting 
Approved by xiemaisi
 2019-09-11 09:16:57 +01:00
Asger F
194a1c3530 JS: Change note 2019-09-09 15:42:43 +01:00
semmle-qlci
e899250e87 Merge pull request #1894 from asger-semmle/fp-incorrect-suffix-check 
Approved by xiemaisi
 2019-09-09 15:33:47 +01:00
semmle-qlci
89cba089b4 Merge pull request #1892 from asger-semmle/event-handler-sink 
Approved by esben-semmle
 2019-09-09 15:33:21 +01:00
Asger F
b6690bb644 JS: Add change note 2019-09-09 12:45:03 +01:00
Calum Grant
3734552081 C#: Add change note for datetime queries. 2019-09-06 16:45:02 +01:00
Asger F
dfd18a51ee JS: Change note 2019-09-06 16:03:16 +01:00
Robert Marsh
94c625f03f Merge pull request #1777 from jbj/ast-field-flow-defbyref 
C++: Don't use definitionByReference for data flow
 2019-09-05 10:23:28 -07:00
semmle-qlci
fd2e8486e4 Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge 
Approved by esben-semmle
 2019-09-05 12:50:58 +01:00
Esben Sparre Andreasen
a9665f53b8 JS: whitelist quote stripping for js/incomplete-sanitization 2019-09-05 09:47:49 +01:00
Jonas Jensen
114c2fe0d4 Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref 2019-09-05 09:33:45 +02:00
Robert Marsh
a3290503ec Merge pull request #1806 from jbj/localExprFlow 
C++: Add localExprFlow and localExprTaint
 2019-09-04 10:38:46 -07:00
Asger F
93a3f571ec JS: Add change note 2019-09-04 16:14:51 +01:00
Jonas Jensen
cdcc716675 Merge pull request #1867 from geoffw0/erafix9 
CPP: Add date to JapaneseEraDate.ql
 2019-09-04 13:16:04 +02:00
Jonas Jensen
3ba650911c Merge pull request #1847 from geoffw0/erafix8 
CPP: Deal with two very similar Japanese era queries
 2019-09-04 09:57:10 +02:00
Geoffrey White
84112d3630 CPP: Change note. 2019-09-03 18:30:24 +01:00
semmle-qlci
6778f28424 Merge pull request #1854 from asger-semmle/prototype-pollution-precision 
Approved by esben-semmle, xiemaisi
 2019-09-03 10:50:24 +01:00
Jonas Jensen
d7681bf122 C++: Don't use definitionByReference for data flow 
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
 2019-09-03 11:49:01 +02:00
Tom Hvitved
4b32ee77e6 C#: Add change note 2019-09-03 09:35:58 +02:00
Asger F
c71a66a045 JS: Add change note 2019-09-02 11:05:07 +01:00
Max Schaefer
91e46cd6fd JavaScript: Fix parsing of asynchronous generator methods. 2019-09-02 09:56:42 +01:00
semmle-qlci
6d55d1f7c0 Merge pull request #1707 from asger-semmle/canonical-name-call-graph 
Approved by xiemaisi
 2019-09-02 09:45:24 +01:00
Max Schaefer
742c9708a9 Merge pull request #1828 from asger-semmle/jsdoc-relation 
JS: Make getDocumentation handle chain assignments
 2019-09-02 08:43:40 +01:00
Jonas Jensen
63311739a5 C++: Add localExprFlow and localExprTaint 
This is for ODASA-8053.
 2019-09-02 09:29:10 +02:00
yh-semmle
f54545522e Merge pull request #1759 from aschackmull/java/flow-exploration 
Java/C++/C#: Add support for dataflow exploration by partial paths.
 2019-08-30 17:00:17 -04:00
Asger F
45941869ad JS: Change note 2019-08-30 18:25:39 +01:00
Asger F
9533ca0926 JS: Change note 2019-08-30 18:19:49 +01:00
Asger F
3186942906 JS: Add change note 2019-08-30 16:05:13 +01:00
semmle-qlci
a97aefe0c3 Merge pull request #1835 from xiemaisi/js/dom-fixes 
Approved by asger-semmle
 2019-08-30 14:45:06 +01:00
Taus
a2841b4245 Merge pull request #1763 from markshannon/python-cwe-312 
Python: Two new queries for CWE-312.
 2019-08-30 15:28:56 +02:00
Anders Schack-Mulligen
455bb6cd15 Java/C++/C#: Add change notes. 2019-08-30 14:35:21 +02:00
Anders Schack-Mulligen
6749f7a1b7 Merge pull request #1843 from lukecartey/java/add-missing-sql-apis 
Java: Add missing SQL query APIs.
 2019-08-30 14:27:40 +02:00
Luke Cartey
e118f9a5f9 Add change note. 2019-08-30 10:48:37 +01:00
Mark Shannon
811815aa4e Merge branch 'master' into python-cwe-312 2019-08-30 10:39:04 +01:00
Tom Hvitved
ae5fb7f330 C#: Introduce BarrierGuards 2019-08-30 09:37:16 +02:00
Geoffrey White
b254e1f48e CPP: Change note. 2019-08-29 18:24:29 +01:00
Calum Grant
424ab3ed6a C#: Analysis change notes. 2019-08-29 18:12:58 +01:00
Mark Shannon
4f172bd075 Python: Add change note for CWE-312 queries. 2019-08-29 16:05:11 +01:00
Jonas Jensen
c8a9ec465e C++: New change-notes file for 1.23 2019-08-28 13:36:57 +02:00
Max Schaefer
78ce290de3 JavaScript: Fix DomMethodCallExpr.interpretsArgumentsAsHTML. 2019-08-28 11:22:03 +01:00
semmle-qlci
f123916f53 Merge pull request #1825 from asger-semmle/js-change-notes 
Approved by xiemaisi
 2019-08-26 14:00:32 +01:00
Asger F
17f5984101 Update change-notes/1.22/analysis-javascript.md 
Co-Authored-By: Felicity Chapman <felicity@semmle.com>
 2019-08-26 13:10:19 +01:00
Asger F
6364f8bbf7 JS: Change notes for jump-to-def and documentation improvements 2019-08-26 12:55:14 +01:00
semmle-qlci
30921d5ee7 Merge pull request #1817 from taus-semmle/python-change-notes-1.22 
Approved by felicity-semmle
 2019-08-25 13:28:14 +01:00