codeql

mirror of https://github.com/github/codeql.git synced 2026-03-30 12:18:18 +02:00

Author	SHA1	Message	Date
yh-semmle	87cbc7e199	Merge pull request #1344 from aschackmull/java/validatedvariable Java: Replace ValidatedVariable with guarded accesses.	2019-05-24 11:23:18 -04:00
Anders Schack-Mulligen	1a9b1d5865	Java: Add change note.	2019-05-24 15:50:45 +02:00
Calum Grant	d2aea635e4	C#: Address review comments	2019-05-24 13:49:05 +01:00
Calum Grant	fe6056b0fc	C#: Analysis change notes.	2019-05-24 13:49:05 +01:00
Calum Grant	b28ad9066f	C#: Change notes	2019-05-24 13:49:05 +01:00
Asger F	a1399d07a4	JS: Add change note for TypeScript full extraction	2019-05-23 09:19:01 +01:00
Asger F	61ef73b0f7	JS: Add change note and deprecation member	2019-05-22 12:23:29 +01:00
semmle-qlci	2b5b8751ea	Merge pull request #1316 from asger-semmle/incorrect-suffix-check-fps Approved by esben-semmle, xiemaisi	2019-05-21 11:30:37 +01:00
semmle-qlci	56ab013114	Merge pull request #1340 from xiemaisi/js/es2019 Approved by asger-semmle	2019-05-20 16:47:09 +01:00
Max Schaefer	b62be049ec	JavaScript: Add change note.	2019-05-20 10:56:37 +01:00
Esben Sparre Andreasen	8256f2e736	Merge pull request #1308 from asger-semmle/exceptional-flow JS: Add flow through exceptions	2019-05-17 08:33:44 +02:00
Asger F	9c1208e751	JS: Add change note	2019-05-16 17:50:10 +01:00
Asger F	b9ade67933	JS: Add change note	2019-05-16 10:56:47 +01:00
Robert Marsh	14795863e2	Merge pull request #1303 from jbj/hasQualifiedName C++: Fix `getQualifiedName` performance issues	2019-05-15 12:42:57 -07:00
Max Schaefer	31f80df7dc	JavaScript: Add YAML file types to `versions-compilers.csv`.	2019-05-10 08:09:46 +01:00
Max Schaefer	86a7fa3abb	JavaScript: Make extractor default to ECMA 2019. Also introduces an enum constant for ECMA 2020 (not used anywhere yet).	2019-05-10 08:09:46 +01:00
semmle-qlci	9653fbd4f7	Merge pull request #1311 from emarteca/unreachableThrows Approved by xiemaisi	2019-05-09 10:37:41 +01:00
Ellen Arteca	893f62f334	Stylistic issue: replace \"eg\" by \"example\", as requested	2019-05-09 09:30:12 +01:00
Ellen Arteca	a12d12d59a	JavaScript: Update UnreachableStmt query so unreachable throws no longer gives an alert	2019-05-08 16:25:54 +01:00
Max Schaefer	c16e9a77f3	JavaScript: Fix a few false positives in `PasswordInConfigurationFile`.	2019-05-08 08:26:05 +01:00
Jonas Jensen	98657ebea7	C++: Change note for hasGlobalName	2019-05-06 10:14:44 +02:00
Nick Rolfe	324e59d5fd	C++: change note for new FoldExpr class	2019-05-02 11:16:21 +01:00
Jonas Jensen	399b64b9a6	C++: Enable cpp/alloca-in-loop on LGTM Now that the query has both tests and qhelp, we can use it on LGTM. This commit also adds a change note. I renamed the query to reduce confusion from the lower-case unquoted word "alloca".	2019-05-01 08:33:32 +02:00
Jonas Jensen	54091e87fa	Merge pull request #1136 from zlaski-semmle/cpp340a [CPP-340] Refinements to FutileParams.ql etc.	2019-05-01 08:21:35 +02:00
Ziemowit Laski	d14696729b	[CPP-340] Fix end-of-line formatting for our change notes. Bring back entry accidentally deleted during previous merge.	2019-04-29 14:05:58 -07:00
Max Schaefer	7ca5cc22d8	Merge pull request #1257 from asger-semmle/jsdoc JS: Add common interface between TypeExpr and JSDocTypeExpr	2019-04-29 16:20:17 +01:00
Tom Hvitved	58babdd425	Merge pull request #1187 from calumgrant/cs/expression-null C#: Fix FP in cs/constant-condition	2019-04-29 09:37:30 +02:00
semmle-qlci	52d6626547	Merge pull request #1242 from esben-semmle/js/whitelist-trailing-newline-removal Approved by xiemaisi	2019-04-29 07:35:15 +01:00
Asger F	393a9fd7b0	JS: Add change notes	2019-04-26 16:56:04 +01:00
Jonas Jensen	bdb678a318	Merge pull request #1267 from rdmarsh2/rdmarsh/cpp/def-by-ref-taint C++: add taint edges to DefinitionByReferenceNode	2019-04-26 08:50:20 +02:00
Max Schaefer	a8470a984a	JavaScript: Generalise `ConstantComparison` sanitisers. In addition to treating comparisons with literals as sanitisers, we now also treat comparisons with variables that have a single assignment as sanitisers. Proving that such a variable is actually a constant is not easy, but for this use case a simple approximation works fine.	2019-04-25 07:38:31 +01:00
Esben Sparre Andreasen	f064ba0c55	JS: change notes for newline whitelist in js/incomplete-sanitization	2019-04-23 08:38:26 +02:00
Robert Marsh	34f8653979	C++: change note for taint def-by-ref	2019-04-22 10:46:36 -07:00
yh-semmle	04954f77de	Merge pull request #1262 from sb-semmle/more-spring-sources Parameters annotated with Spring's @RequestBody and @PathVariable are remote input sources.	2019-04-18 18:08:44 -04:00
Sebastian Bauersfeld	734fe542ab	Update change notes.	2019-04-18 16:37:08 -04:00
Geoffrey White	56e0adf152	CPP: Change note.	2019-04-18 10:34:20 +01:00
semmle-qlci	f36eafce3f	Merge pull request #1246 from xiemaisi/js/hardcoded-password Approved by asger-semmle	2019-04-17 08:54:09 +01:00
calum	b628060ddd	C#: Address review comments.	2019-04-16 17:38:55 +01:00
calum	e16cbe0ca1	C#: Analysis change notes.	2019-04-16 16:45:49 +01:00
Max Schaefer	4c9edafef3	Merge pull request #1211 from esben-semmle/js/type-tracking-for-incomplete-hostname-regexp JS: type tracking for js/incomplete-hostname-regexp	2019-04-15 12:19:46 +01:00
Max Schaefer	1d5bb97121	JavaScript: Refine `PasswordInConfigurationFile` to avoid FPs. We now exclude passwords that look like they might be filled in via templating or shell substitution.	2019-04-15 12:10:21 +01:00
Esben Sparre Andreasen	2d66069d60	JS: change notes for js/incomplete-hostname-regexp	2019-04-12 08:51:28 +02:00
semmle-qlci	ccbb7ce04b	Merge pull request #1224 from asger-semmle/cheerio Approved by esben-semmle	2019-04-11 15:21:44 +01:00
semmle-qlci	ed5fd96603	Merge pull request #1227 from asger-semmle/typescript3.4 Approved by xiemaisi	2019-04-11 10:39:57 +01:00
Esben Sparre Andreasen	a6cf9503da	Merge pull request #1235 from xiemaisi/js/include-yaml JavaScript: Teach AutoBuilder to extract YAML files by default.	2019-04-11 09:28:59 +02:00
Max Schaefer	f22cb186e3	JavaScript: Teach AutoBuilder to extract YAML files by default.	2019-04-10 18:47:06 -07:00
Asger F	91f4916d07	TS: update supported compiler versions	2019-04-10 14:13:45 +01:00
Asger F	78b00e16d7	TS: change note	2019-04-10 14:11:11 +01:00
Robert Marsh	75ab311c3a	Merge pull request #1223 from geoffw0/commentedoutcode CPP: Detect commented out preprocessor logic	2019-04-09 16:16:19 -04:00
Asger F	39bafa354e	JS: Add change note	2019-04-09 12:22:20 +01:00

... 16 17 18 19 20 ...

1599 Commits