semmle-qlci
|
243dea706e
|
Merge pull request #3269 from erik-krogh/Promisify
Approved by esbena
|
2020-04-18 13:02:42 +01:00 |
|
Erik Krogh Kristensen
|
cffa911661
|
retarget change note for 1.25
|
2020-04-17 14:22:57 +02:00 |
|
Erik Krogh Kristensen
|
e72eed1db5
|
more -> additional
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
|
2020-04-17 13:10:06 +02:00 |
|
Erik Krogh Kristensen
|
3b230648d2
|
change-note
|
2020-04-17 11:45:08 +02:00 |
|
Geoffrey White
|
92187d9e71
|
C++: Change note.
|
2020-04-14 14:00:46 +01:00 |
|
Jonas Jensen
|
42e9d1416b
|
Merge pull request #3206 from geoffw0/newfreefix
C++: Fix `cpp/new-free-mismatch` false positives
|
2020-04-08 08:39:43 +02:00 |
|
Geoffrey White
|
66a0b7884e
|
Merge branch 'master' into alloc-size
|
2020-04-07 17:12:35 +01:00 |
|
semmle-qlci
|
e5d3286ee9
|
Merge pull request #3183 from asger-semmle/js/bad-url-scheme-check
Approved by esbena
|
2020-04-06 14:53:15 +01:00 |
|
Geoffrey White
|
050e239507
|
C++: Change note.
|
2020-04-06 14:39:07 +01:00 |
|
Calum Grant
|
6cce0de9b2
|
Merge pull request #3124 from hvitved/csharp/dataflow/sources-and-sinks
C#: Introduce `RemoteFlowSink` class
|
2020-04-06 12:36:14 +01:00 |
|
Asger Feldthaus
|
2c6beadf68
|
JS: Recognize more forms of scheme checks
|
2020-04-06 12:30:03 +01:00 |
|
Jonas Jensen
|
16c7a35b1c
|
Merge pull request #3195 from geoffw0/taintstring
C++: Model taint flow through std::string constructor and c_str()
|
2020-04-03 12:05:07 +02:00 |
|
Tom Hvitved
|
08fbd1d2ad
|
C#: Update change notes
|
2020-04-03 10:25:46 +02:00 |
|
Geoffrey White
|
ab716ebe75
|
C++: Change note.
|
2020-04-02 19:49:42 +01:00 |
|
Geoffrey White
|
6b5f4d9e12
|
Merge branch 'master' into av114
|
2020-04-01 18:23:21 +01:00 |
|
semmle-qlci
|
1975a83cdd
|
Merge pull request #3116 from max-schaefer/js/postgres-type-tracking
Approved by asgerf
|
2020-03-27 09:23:52 +00:00 |
|
semmle-qlci
|
e7fd97e72b
|
Merge pull request #3119 from erik-krogh/SockJS
Approved by esbena
|
2020-03-25 21:36:29 +00:00 |
|
Tom Hvitved
|
95b6f6aee0
|
C#: Add change note
|
2020-03-25 20:05:39 +01:00 |
|
Erik Krogh Kristensen
|
f7faaa634f
|
change-note
|
2020-03-25 11:37:39 +01:00 |
|
semmle-qlci
|
ac7c74dcee
|
Merge pull request #3111 from RasmusWL/python-fabric-command-injection
Approved by BekaValentine
|
2020-03-25 10:07:33 +00:00 |
|
Max Schaefer
|
efbcec09ef
|
JavaScript: Add type tracking to Postgres model.
|
2020-03-24 17:30:07 +00:00 |
|
Rasmus Wriedt Larsen
|
49fa7c8589
|
Python: update 1.24 changelog
|
2020-03-24 10:15:36 +01:00 |
|
semmle-qlci
|
4c9a6b73ee
|
Merge pull request #3107 from erik-krogh/FArgs
Approved by esbena
|
2020-03-24 08:32:56 +00:00 |
|
Erik Krogh Kristensen
|
833183c706
|
change note
|
2020-03-23 14:13:30 +01:00 |
|
Asger F
|
6c2842bd49
|
Merge pull request #2919 from asger-semmle/js/property-barriers
JS: Make sanitizers no longer block taint inside an object
|
2020-03-23 11:43:18 +00:00 |
|
Luke Cartey
|
9eee16b2d6
|
Merge pull request #3091 from hvitved/csharp/xpath-injection-more-sinks
C#: Teach XPath injection query about `XPathNavigator`
|
2020-03-23 09:39:26 +00:00 |
|
semmle-qlci
|
2c7af72f14
|
Merge pull request #2858 from RasmusWL/python-support-django2
Approved by tausbn
|
2020-03-23 09:35:46 +00:00 |
|
Tom Hvitved
|
fc74a482a4
|
C#: More XPath injection sinks
|
2020-03-19 14:13:35 +01:00 |
|
Tom Hvitved
|
0d45700088
|
C#: Add change note
|
2020-03-19 13:41:22 +01:00 |
|
Asger Feldthaus
|
de7fbce27b
|
JS: Adjust whitespace in change notes
|
2020-03-18 11:55:13 +00:00 |
|
Asger Feldthaus
|
08ad4f785a
|
JS: Tweak other parts of change note for consistency
|
2020-03-18 11:55:12 +00:00 |
|
Asger Feldthaus
|
ad2b150d05
|
JS: Add change note
|
2020-03-18 11:55:12 +00:00 |
|
Jonas Jensen
|
f1ad0dafdc
|
Merge pull request #2849 from geoffw0/model-gets
C++: Model for gets
|
2020-03-18 11:06:23 +01:00 |
|
semmle-qlci
|
ea46873bfe
|
Merge pull request #3065 from erik-krogh/PathSinks
Approved by esbena
|
2020-03-17 13:00:00 +00:00 |
|
Erik Krogh Kristensen
|
9403026fff
|
add change note
|
2020-03-17 11:48:02 +01:00 |
|
Geoffrey White
|
034f7cc948
|
Merge branch 'master' into model-gets
|
2020-03-16 15:12:36 +00:00 |
|
Geoffrey White
|
40db92bfd1
|
C++: Change note.
|
2020-03-16 13:22:00 +00:00 |
|
semmle-qlci
|
7e093a8e5c
|
Merge pull request #3041 from erik-krogh/JQueryAjax
Approved by esbena
|
2020-03-14 22:31:59 +00:00 |
|
Esben Sparre Andreasen
|
4d6aa20990
|
Merge pull request #3004 from esbena/js/additional-mongodb-and-mongoose-injection-sinks
JS: Mongoose and MongoDB improvements
|
2020-03-14 12:31:43 +01:00 |
|
Geoffrey White
|
cecbdae3e1
|
C++: Change note.
|
2020-03-13 17:58:31 +00:00 |
|
Jonas Jensen
|
917b984909
|
Merge pull request #3050 from geoffw0/mismatching_placement_new
C++: Fix mismatching new/free FP in template code.
|
2020-03-12 12:42:29 +01:00 |
|
Geoffrey White
|
f84c94b5fb
|
C++: Change note.
|
2020-03-11 18:11:51 +00:00 |
|
Erik Krogh Kristensen
|
2c18144560
|
change note
|
2020-03-11 17:01:41 +01:00 |
|
Erik Krogh Kristensen
|
dd261c51f7
|
add change note
|
2020-03-11 14:42:57 +01:00 |
|
Rasmus Wriedt Larsen
|
2da1503942
|
Merge branch 'master' into python-support-django2
|
2020-03-11 11:21:47 +01:00 |
|
Esben Sparre Andreasen
|
5b1b945c35
|
JS: distinguishes escapes in strings and regular expression literals
|
2020-03-10 12:26:20 +01:00 |
|
Esben Sparre Andreasen
|
e61f522f30
|
JS: bump change notes for mongodb
|
2020-03-10 09:57:45 +01:00 |
|
Max Schaefer
|
3c785ecaa7
|
JavaScript: Move flow summaries to experimental.
Also update description and change note to call out their experimental character more clearly.
|
2020-03-09 12:57:20 +00:00 |
|
Asger Feldthaus
|
a9a9c14eea
|
JS: Change note
|
2020-03-07 15:15:13 +00:00 |
|
semmle-qlci
|
7891f8621e
|
Merge pull request #2982 from esbena/js/request-model-with-chaining
Approved by asgerf
|
2020-03-06 08:57:42 +00:00 |
|