hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,210 Commits 1,712 Branches 163 Tags
467aa647da6ca1d41a0100cb159dfb56b96ad2ea
Commit Graph

25210 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
467aa647da Merge pull request #6507 from tausbn/python-prevent-polynomial-redos-explosion 
Python: Prevent explosion in poly-ReDoS query
 2021-08-23 11:48:14 +02:00
Andrew Eisenberg
eda7616a23 Merge pull request #6514 from github/aeisenberg/pack/java 
Packaging: Refactor java and C#
 2021-08-20 15:24:13 -07:00
Andrew Eisenberg
8e75fef923 Fix identical files script 2021-08-19 14:55:54 -07:00
Andrew Eisenberg
c9f1c98390 Packaging: C# refactoring 
Split c# pack into `codeql/csharp-all` and `codeql/csharp-queries`.
 2021-08-19 14:09:35 -07:00
Andrew Eisenberg
8e750f18ad Packaging: Java refactoring 
Split java pack into `codeql/java-all` and `codeql/java-queries`.
 2021-08-19 14:09:35 -07:00
Andrew Eisenberg
39533317ff Merge pull request #6524 from github/aeisenberg/cpp/move-file 
C++: Move file from src to lib
 2021-08-19 13:46:31 -07:00
Andrew Eisenberg
2b36378917 C++: Move file from src to lib 
Neglected to do this one earlier.
 2021-08-19 13:12:42 -07:00
Owen Mansel-Chan
714e126088 Merge pull request #6370 from owen-mc/java/model/apache-collections 
Java: Model more of Apache Commons Collections
 2021-08-19 15:09:06 +01:00
CodeQL CI
1e1ee55ade Merge pull request #6511 from asgerf/js/vue-component-renaming 
Approved by erik-krogh
 2021-08-19 12:57:15 +01:00
Alexandre Boulgakov
297ae91e3b Merge pull request #6516 from sashabu/sashabu/elements 
C++: Move element tests to internal repo.
 2021-08-19 11:28:43 +01:00
Joe Farebrother
9dc28eb9b5 Merge pull request #6387 from joefarebrother/guava-cache 
Java: Model guava cache package
 2021-08-19 10:53:48 +01:00
Tamás Vajk
763de4fff9 Merge pull request #6425 from raulgarciamsft/insecureRandom_potential_fix 
C#: Adding Membership.GeneratePassword() as a bad source of random data
 2021-08-19 11:16:26 +02:00
Alexandre Boulgakov
89e52bf500 C++: Move element tests to internal repo. 2021-08-19 09:48:13 +01:00
Tamas Vajk
d97525e21e Fix minor quality issues in comment and change note 2021-08-19 09:30:23 +02:00
Alexandre Boulgakov
1eb804a072 Merge pull request #6496 from sashabu/sashabu/c_linkage 
C++: Allow querying for "C" language linkage on routine types.
 2021-08-18 17:46:44 +01:00
Chris Smowton
48818ebd6d Merge pull request #6434 from smowton/smowton/admin/jodd-unsafe-deserialization 
Java: Unsafe deserialization: add support for Jodd JSON library
 2021-08-18 17:26:02 +01:00
Mathias Vorreiter Pedersen
24638418f1 Merge pull request #6503 from andersfugmann/model_strdupa_functions 
C++: Model strdupa and strndupa
 2021-08-18 17:48:04 +02:00
Shati Patel
089077ed60 Merge pull request #6322 from shati-patel/shati-patel/docs-multi-dbs-vscode 
Docs: Running query on multiple DBs in CodeQL for VS Code
 2021-08-18 16:41:10 +01:00
Alexandre Boulgakov
3ba308a69f C++: Allow querying for "C" language linkage on routine types. 2021-08-18 15:35:30 +01:00
Taus
021e5ff510 Python: Autoformat 2021-08-18 14:27:54 +00:00
Chris Smowton
cc4fe7375c Merge pull request #5953 from github/sauyon/java/spring-webutil 
Java: Add models for the Spring `web.util` package
 2021-08-18 15:07:28 +01:00
Mathias Vorreiter Pedersen
27df2727e9 Merge pull request #6501 from erik-krogh/rank 
CPP/C#: use min() instead of rank[1]()
 2021-08-18 15:47:08 +02:00
Asger Feldthaus
eef7f559c6 JS: Change note 2021-08-18 15:36:41 +02:00
Asger Feldthaus
cde8059960 JS: Update some comments referring to Vue instances 2021-08-18 15:36:41 +02:00
Asger Feldthaus
165f6c6935 JS: Add a deprecated forwarder for Vue::Instance 2021-08-18 15:36:41 +02:00
Asger Feldthaus
7b6485c32a JS: Rename some test predicates to match class name 2021-08-18 15:36:41 +02:00
Asger Feldthaus
b21071923e JS: Rename variables to match new class name 2021-08-18 15:36:41 +02:00
Asger Feldthaus
0a98679f74 JS: Rename Vue::Instance to Vue::Component 2021-08-18 15:36:41 +02:00
Anders Fugmann
0b98b39f91 C++: Test dataflow tests for strdupa and strndupa functions 2021-08-18 15:22:14 +02:00
Taus
af91a2df00 Python: Prevent explosion in poly-ReDoS query 
I consider this to be a short-term solution to the performance problems
we identified. The choice of "at most ten occurrences of `.*`" is
somewhat arbitrary, and it's possible a higher limit would work just as
well.
 2021-08-18 13:21:46 +00:00
Anders Fugmann
44752d5ee0 C++: Model strdupa and strndupa string functions returning memory allocated with alloca 2021-08-18 13:12:08 +02:00
Asger Feldthaus
4a1fb5df5d JS: De-abstractify Vue::Instance class 2021-08-18 11:14:25 +02:00
Asger Feldthaus
40ae13a20e JS: Rename Vue::{Component -> ComponentRegistration} 2021-08-18 11:14:25 +02:00
Erik Krogh Kristensen
dd59f79947 use min() instead of rank[1]() 2021-08-18 11:09:03 +02:00
Aditya Sharad
21d03cd365 Merge pull request #6488 from github/aeisenberg/pack/cpp 
Packaging: Refactor cpp libraries
 2021-08-17 16:44:04 -07:00
Andrew Eisenberg
03d6b15401 Merge branch 'main' into aeisenberg/pack/cpp 2021-08-17 15:28:47 -07:00
Andrew Eisenberg
88ceb42356 Packaging: Migrate cpp experimental/semmle folder to lib 
Also, fix up some library path dependencies.
 2021-08-17 14:41:41 -07:00
Andrew Eisenberg
d8e4e25c1e Packaging: Fix query pack references 
We can't have recursive references to query packs.
 2021-08-17 13:03:40 -07:00
Sauyon Lee
17cef3f498 Address review comments 2021-08-17 12:45:47 -07:00
Andrew Eisenberg
2c5dd2dfa3 Packaging: Refactor the cpp libraries 
This PR separates the core cpp packs into `codeql/cpp-queries` and
`codeql/cpp-all`.

There are very few lines of code changed. Almost all changes are moving
files around.
 2021-08-17 11:22:36 -07:00
Joe Farebrother
076aeb5d80 Update tests 2021-08-17 16:44:58 +01:00
Mathias Vorreiter Pedersen
88372df125 Merge pull request #6495 from andersfugmann/more_buffer_overrun_tests 
More buffer overrun tests
 2021-08-17 16:18:36 +02:00
yoff
50a4345235 Merge pull request #6161 from RasmusWL/peewee-modeling 
Python: Add modeling of `peewee`
 2021-08-17 16:06:35 +02:00
Anders Fugmann
666d5917fa C++: Avoid inclusion of standard headers 2021-08-17 15:56:28 +02:00
Anders Fugmann
469f8a638b C++: Add more tests for buffer overruns 2021-08-17 15:21:33 +02:00
Anders Fugmann
35b7808866 C++: Fix wrong comment on what is tested 2021-08-17 15:21:03 +02:00
Rasmus Wriedt Larsen
3231ae77ef Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-08-17 15:17:10 +02:00
Chris Smowton
92d1becf08 Merge pull request #6474 from github/yo-h-patch-1 
Java: add `org.json` package to known frameworks
 2021-08-17 14:09:39 +01:00
Chris Smowton
c52a51e5c8 Merge pull request #6454 from smowton/smowton/admin/change-note-wording 
Java: Elaborate change note a little
 2021-08-17 14:08:04 +01:00
CodeQL CI
92804a3cc3 Merge pull request #6487 from erik-krogh/moreJquerySinks 
Approved by asgerf
 2021-08-17 11:46:24 +01:00