hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 02:00:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,595 Commits 1,673 Branches 157 Tags
57a588ceb6d841e6fb7214da3a90f80a07369ddb
Commit Graph

16595 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
57a588ceb6 JS: Share extraction results via symlinks 2020-10-06 11:13:03 +01:00
Asger Feldthaus
c84e43d95b JS: Replace yarn with manual dependency resolution 2020-10-06 11:13:03 +01:00
Asger Feldthaus
f5c3aa3d39 JS: Handle types/typings fields in package.json 2020-10-06 11:13:03 +01:00
Asger Feldthaus
0220ab6784 JS: Move some TypeScript classes into .ts.extractor 2020-10-06 11:13:03 +01:00
Tamás Vajk
8d09885ae6 Merge pull request #4378 from tamasvajk/feature/flow-summary-nullable 
Flow summary nullable
 2020-10-06 11:45:41 +02:00
CodeQL CI
eece3ad352 Merge pull request #4411 from github/asgerf/exclude-js-tests 
Approved by esbena
 2020-10-06 01:48:21 -07:00
Tom Hvitved
6bd355784a Merge pull request #4353 from hvitved/csharp/dataflow/task-precise 
C#: Precise data-flow for `System.Threading.Tasks`
 2020-10-06 10:45:19 +02:00
Asger F
dd5fb6ce12 Exclude JS tests from code scanning 2020-10-06 08:46:43 +01:00
Tamas Vajk
576085af50 Add extra information to nullable conversion test file 2020-10-06 09:03:49 +02:00
Tamas Vajk
faf663a334 C#: Flow summary for Nullable<T> 2020-10-06 09:03:49 +02:00
Tamás Vajk
77abff7c90 Merge pull request #4405 from tamasvajk/feature/lazy-flow 
C#: Improve data flow summary for System.Lazy<>
 2020-10-06 09:01:48 +02:00
CodeQL CI
339c0721c5 Merge pull request #4344 from esbena/js/fixup-cwe-20-to-cwe-020 
Approved by erik-krogh
 2020-10-05 12:30:53 -07:00
CodeQL CI
e95b665556 Merge pull request #4363 from erik-krogh/nosql-api 
Approved by max-schaefer
 2020-10-05 12:01:34 -07:00
Jonas Jensen
6b2ae5d1ad Merge pull request #4393 from MathiasVP/no-more-flow-into-read-side-effect 
C++: No more flow into ReadSideEffect instructions
 2020-10-05 19:46:32 +02:00
Robert Marsh
b7dcd5c557 Merge pull request #4395 from geoffw0/modelbeginend 
C++: Merge StdSequenceContainerBeginEnd into the general BeginOrEndFunction
 2020-10-05 12:22:27 -04:00
Tom Hvitved
c39bca5240 C#: Model data-flow for System.Threading.Tasks.Task<T>.GetAwaiter() 2020-10-05 17:15:54 +02:00
Jonas Jensen
297f1c75e4 Merge pull request #4345 from geoffw0/map 
C++: Models for std::pair, std::map and std::unordered_map
 2020-10-05 15:28:10 +02:00
Mathias Vorreiter Pedersen
a6d7b1f9d9 Update cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-10-05 15:21:15 +02:00
Mathias Vorreiter Pedersen
e95aefe0b2 C++: Now that PrimaryArgumentNode is an OperandNode we want a specialized toString on it 2020-10-05 15:13:33 +02:00
Erik Krogh Kristensen
2753a4f379 Apply suggestions from code review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-10-05 15:11:04 +02:00
Tom Hvitved
4ec14b1b02 Merge pull request #4399 from hvitved/csharp/error-type-population 
C#: Handle population of error types
 2020-10-05 15:04:50 +02:00
CodeQL CI
48fa8aacd5 Merge pull request #4403 from asgerf/js/remove-tslint-dependency 
Approved by erik-krogh
 2020-10-05 05:58:48 -07:00
Tamas Vajk
3b70064606 C#: Improve data flow summary for System.Lazy<> 2020-10-05 14:45:14 +02:00
Mathias Vorreiter Pedersen
d162c3d8c6 C++: Accept more test changes 2020-10-05 14:29:57 +02:00
Geoffrey White
855d2b50d7 C++: Correct test comments. 2020-10-05 13:00:51 +01:00
Anders Schack-Mulligen
30f29e0ba7 Merge pull request #4320 from aibaars/multipart-request 
Java: add Spring::MultipartRequest as taint source
 2020-10-05 13:45:06 +02:00
Geoffrey White
c757813d65 Merge branch 'main' into map 2020-10-05 12:32:49 +01:00
Anders Schack-Mulligen
e660ac54da Merge pull request #4358 from joefarebrother/format-taint 
Java: Add taint steps through string formatting methods
 2020-10-05 13:25:54 +02:00
Mathias Vorreiter Pedersen
6c87b08c69 C++: Respond to review comments: 
- ArgumentNode is now abstract
- PrimaryArgumentNode is now an OperandNode.
- ArgumentIndirectionNode is now merged into SideEffectArgumentNode.
 2020-10-05 12:54:11 +02:00
Asger Feldthaus
fee99105da JS: Remove tslint dependency 2020-10-05 11:53:58 +01:00
CodeQL CI
43b2c90538 Merge pull request #4400 from max-schaefer/js/api-graph-classrefs 
Approved by asgerf
 2020-10-05 03:12:23 -07:00
Mathias Vorreiter Pedersen
4c14f5dbb7 Merge branch 'main' into no-more-flow-into-read-side-effect 2020-10-05 11:03:42 +02:00
Tom Hvitved
4d62033a15 C#: Handle population of error types 2020-10-05 10:14:13 +02:00
Mathias Vorreiter Pedersen
d38121f54a Merge pull request #4394 from geoffw0/oddsends2 
C++: Clean up and add to taint tests
 2020-10-05 09:16:50 +02:00
Erik Krogh Kristensen
856ad07694 join-order improvement in NoSQL.qll 2020-10-03 22:07:34 +02:00
Tom Hvitved
c0b251ad9e C#: Precise data-flow for System.Threading.Tasks 2020-10-03 11:13:45 +02:00
Tom Hvitved
26544f322a C#: Update data-flow tests for System.Threading.Tasks 2020-10-03 11:13:45 +02:00
Arthur Baars
78c58c2415 Merge pull request #4384 from tausbn/python-fix-package-locations 
Python: Fix `hasLocationInfo` for packages
 2020-10-02 20:48:43 +02:00
Alexander Eyers-Taylor
754d82c325 Merge pull request #4382 from github/alexet-patch-1 
Fix the name of the vscode extension recommendation
 2020-10-02 18:33:36 +01:00
Alexander Eyers-Taylor
30ed6a0dac Merge pull request #4385 from aibaars/drop-queries 
Drop 'tech-inventory' and 'code duplication' queries from the standard query suites
 2020-10-02 18:31:25 +01:00
Geoffrey White
1efe461a98 C++: Move the rest of of StdSequenceContainerBeginEnd into BeginOrEndFunction. 2020-10-02 18:03:46 +01:00
Geoffrey White
8d5bd2289b C++: Remove parts of StdSequenceContainerBeginEnd in favour of BeginOrEndFunction. 2020-10-02 18:03:46 +01:00
Geoffrey White
8d5febf9c4 C++: Add a couple more test cases that have been discussed. 2020-10-02 18:03:07 +01:00
Geoffrey White
cc170bd513 C++: Test layout. 2020-10-02 18:03:07 +01:00
Geoffrey White
2dc8fba7fe C++: Remove StdMapBeginEnd as we now have a general model BeginOrEndFunction in main. 2020-10-02 16:39:23 +01:00
Geoffrey White
0d6bd6facb Merge branch 'main' into map 2020-10-02 16:24:03 +01:00
Arthur Baars
daa1bcc06e Also mark 'tech inventory' queries as deprecated 2020-10-02 17:23:11 +02:00
Arthur Baars
fc45b6cd3c Drop 'tech-inventory' and 'code duplication' queries from the standard query suites 2020-10-02 17:22:04 +02:00
Geoffrey White
28ab092e9f C++: Add 'tainted' markers to standalone_iterators.cpp test. 2020-10-02 15:54:26 +01:00
Taus
fce76e2799 Merge pull request #4354 from RasmusWL/python-command-execution-modeling 
Python: Better command execution modeling
 2020-10-02 16:14:34 +02:00