hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,819 Commits 1,773 Branches 168 Tags
55477bb94b42e70817d1c6ff71f896f9bcdd5e52
Commit Graph

34819 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan Brandauer
55477bb94b documentation for new feature 2022-04-26 09:59:54 +02:00
Stephan Brandauer
8a78cb68ad ATM: new feature to list all imports in an endpoint's file 2022-04-26 09:59:54 +02:00
Esben Sparre Andreasen
9a24ebd0d4 use proper import instead of inlining 2022-04-25 22:02:22 +02:00
Esben Sparre Andreasen
6f64db1a06 remove Input_ArgumentIndexAndAccessPathFromCallee 2022-04-25 22:00:19 +02:00
Esben Sparre Andreasen
94b0f1adc0 add docstring examples 2022-04-22 15:34:09 +02:00
Esben Sparre Andreasen
f67a586fb5 address review comments 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
df34784834 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
cd2761b8f2 fix semantic merge conflict 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
446fbcdbe1 rename new features 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
b3f09e0203 add more features 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
c466fab22d improve feature documentation 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
c74857f44d improve feature tests with more cases 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
b65db6c07c improve access path strings 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
1cea33d80e support import in getSimpleAccessPath 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
09a273927a support await in getSimpleAccessPath 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
aa37ae6b70 avoid using new feautes by default 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
5f9d3e1e58 add CompareFeatures.ql 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
bf708b9181 add generic tests for features 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
6277650a0d Document EndpointFeatures.qll 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
3baa9de45d add ParameterAccessPathSimpleFromArgumentTraversal 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
e5ddc57aa6 improve getSimpleAccessPath 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
62bf841c5d refactor calleeAccessPath feature to class 2022-04-22 14:39:43 +02:00
Stephan Brandauer
b14feb0022 refactor getACallBasedTokenFeature to class-use 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
09db824078 Add CalleeAccessPathSimpleFromArgumentTraversal 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
eaba3c120f refactor EndpointFeatures.ql to use classes 2022-04-22 14:39:43 +02:00
CodeQL CI
06e5962da7 Merge pull request #8791 from asgerf/js/static-accessors 
Approved by erik-krogh
 2022-04-22 13:39:32 +01:00
Erik Krogh Kristensen
789b0a46d1 Merge pull request #8578 from erik-krogh/labelNaming 
JS: update `toString()` on API-graph labels.
 2022-04-22 14:27:25 +02:00
Erik Krogh Kristensen
8fcbaea273 Merge branch 'main' into labelNaming 2022-04-22 13:19:44 +02:00
Erik Krogh Kristensen
c015ef6ef4 Merge pull request #8810 from erik-krogh/rubyPathgraph 
Ruby: dont import the PathGraph module from Query.qll files
 2022-04-22 12:02:59 +02:00
Mathias Vorreiter Pedersen
489355cdab Merge pull request #8793 from MathiasVP/exclude-internal-diagnostics 
Exclude internal diagnostics from all selectors
 2022-04-22 10:55:38 +01:00
Tom Hvitved
093a3879be Merge pull request #8794 from hvitved/ruby/capture-barrier-guards 
Ruby: Handle captured variables in `BarrierGuard::getAGuardedNode()`
 2022-04-22 11:47:36 +02:00
Erik Krogh Kristensen
a737350f27 RB: dont import the PathGraph module from Query.qll files 2022-04-22 11:46:06 +02:00
Anders Schack-Mulligen
bf921177f4 Merge pull request #8811 from erik-krogh/syncLate 
Java: get tainttracking3/TaintTrackingImpl.qll in sync
 2022-04-22 11:21:01 +02:00
Asger F
0187e9a3b1 Merge pull request #8808 from vovikhangcdv/doublevkay/fixing-PrototypePollutngAssignment-examples 
Javascript: Fix PrototypePollutingAssignment example which is incorrect use of express leads to no result when scanning.
 2022-04-22 11:18:23 +02:00
Tom Hvitved
be5363ea53 Merge pull request #8801 from hvitved/ruby/exclude-splat-in-taint-tracking 
Ruby: Exclude `SplatExpr` from taint tracking
 2022-04-22 11:12:05 +02:00
Erik Krogh Kristensen
dca74a1f45 get tainttracking3/TaintTrackingImpl.qll in sync 2022-04-22 10:37:31 +02:00
Chris Smowton
d309e15072 Merge pull request #8748 from smowton/smowton/admin/dependent-dataflow-configs 
Java: Avoid higher-numbered dataflow configs that depend on lower-numbered ones
 2022-04-22 08:56:00 +01:00
Mathias Vorreiter Pedersen
35471ff23c Merge pull request #8809 from AlexDenisov/alexdenisov/rename-swift-db-columns 
Swift: rename certain dbscheme columns
 2022-04-22 08:17:37 +01:00
Mathias Vorreiter Pedersen
52dc016a7a Merge pull request #8798 from jketema/using 
C++: Fix tests after extractor changes that improve `using` position accuracy
 2022-04-22 08:15:34 +01:00
Alex Denisov
e85cdf2ec3 Swift: rename certain dbscheme columns 2022-04-22 08:31:09 +02:00
AlexDenisov
a5189eae9f Merge pull request #8735 from redsun82/swift-dbscheme-gen 
Swift: dbscheme generator
 2022-04-22 08:26:59 +02:00
Khang. Võ Vĩ
f4581ae866 fix PrototypePollutingAssignment examples 2022-04-22 11:55:45 +07:00
Tom Hvitved
c20ce62767 Ruby: Exclude SplatExpr from taint tracking 
`SplatExpr`s are modelled using flow summaries, so there is no need to include them
explicitly in `defaultAdditionalTaintStep`.
 2022-04-21 20:27:04 +02:00
Mathias Vorreiter Pedersen
813de65118 Merge pull request #8799 from jketema/comment-fix 
C++: Fix the layout of comments in `getBufferSize`
 2022-04-21 17:17:42 +01:00
Jeroen Ketema
a09fd8c35e C++: Fix the layout of comments in getBufferSize 2022-04-21 17:42:10 +02:00
Jeroen Ketema
8139e1a2a8 C++: Fix tests after extractor changes that improve using position accuracy 2022-04-21 17:36:11 +02:00
Tom Hvitved
bd09c61504 Merge pull request #8786 from hvitved/ruby/dataflow/argument-tokens 
Ruby: Implement `Argument[any]` and `Argument[n..]`
 2022-04-21 16:31:24 +02:00
Michael Nebel
0ec5aa6095 Merge pull request #8675 from michaelnebel/csharp/capturemodelimprovement 
C#: CaptureModel improvements
 2022-04-21 15:16:35 +02:00
Tom Hvitved
addb92f13b Ruby: Handle captured variables in BarrierGuard::getAGuardedNode() 2022-04-21 13:25:47 +02:00
Tom Hvitved
325b451288 Ruby: Add barrier guards test involving captured variables 2022-04-21 13:25:40 +02:00