hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,897 Commits 1,712 Branches 163 Tags
5ec8511d50c96fac2909dfba39424fac79c9df89
Commit Graph

20897 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
5ec8511d50 Python: Port PyYAML model to API graphs 2021-03-18 11:47:46 +01:00
Rasmus Wriedt Larsen
14e9bda5de Python: Refactor PyYAML tests a bit 2021-03-18 11:39:47 +01:00
Rasmus Wriedt Larsen
45a1fc6a96 Python: Add link to better PyYAML docs 
I found this randomly
 2021-03-18 11:20:22 +01:00
CodeQL CI
d95b295e52 Merge pull request #5400 from erik-krogh/replaceCallbacks 
Approved by asgerf
 2021-03-17 06:42:34 -07:00
Tom Hvitved
5b2d5ee010 Merge pull request #4940 from hvitved/csharp/base-ssa-phi-input 
C#: Take phi nodes into account in `Steps::getARead()`
 2021-03-17 14:33:59 +01:00
Rasmus Wriedt Larsen
1ecee2da0d Merge pull request #5357 from yoff/python-rework-documentation 
Python: rework documentation
 2021-03-17 14:25:23 +01:00
Anders Schack-Mulligen
05779ef7ee Merge pull request #5368 from joefarebrother/guava-convert-to-csv 
Java: Convert existing Guava models to CSV format
 2021-03-17 13:50:48 +01:00
CodeQL CI
efeff6fcf8 Merge pull request #5033 from asgerf/js/generalized-remote-flow-source 
Approved by erik-krogh
 2021-03-17 05:41:39 -07:00
Erik Krogh Kristensen
dab6a11978 add example code 2021-03-17 13:35:16 +01:00
Erik Krogh Kristensen
5898b48391 add missing polarity check 2021-03-17 13:35:07 +01:00
Erik Krogh Kristensen
1db5cb15f0 Update javascript/ql/src/semmle/javascript/security/IncompleteBlacklistSanitizer.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2021-03-17 13:30:05 +01:00
yoff
0fc30997eb Update docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-17 13:00:09 +01:00
Tamás Vajk
2e2a5d62c2 Merge pull request #5420 from tamasvajk/feature/fix-nullable-warning 
C#: Fix nullable warning
 2021-03-17 12:16:15 +01:00
Asger Feldthaus
3a68eceaaa JS: Fix typo in change note 2021-03-17 10:17:56 +00:00
Tamas Vajk
02cb383d3b C#: Fix nullable warning 2021-03-17 09:35:13 +01:00
Rasmus Lerchedahl Petersen
acac519fef Python: Address review suggestions 2021-03-17 00:10:04 +01:00
yoff
0ee7ccf6b9 Update docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-16 19:58:23 +01:00
Asger Feldthaus
97b8e35426 JS: Update test expectations 2021-03-16 15:09:01 +00:00
Joe Farebrother
f5e4b87d1e Remove redundant rows and add note on collection flow 2021-03-16 14:28:24 +00:00
Joe Farebrother
1e3c4d0eb1 Add stubs to fix broken test case 2021-03-16 14:24:49 +00:00
Joe Farebrother
980b2c1f4c Convert existing Guava models to CSV system 2021-03-16 14:24:49 +00:00
Rasmus Wriedt Larsen
fbbec5d2b9 Merge pull request #5118 from yoff/python-port-stacktrace-exosure 
Python: Port stack trace exposure
 2021-03-16 14:52:44 +01:00
Rasmus Wriedt Larsen
50978364a6 Merge pull request #5246 from yoff/python-port-insecure-default-protocol 
Python: Port insecure default protocol
 2021-03-16 14:30:19 +01:00
Asger Feldthaus
3922c73be7 JS: Add change note 2021-03-16 13:28:12 +00:00
Asger Feldthaus
a76be91481 JS: Remove deprected use of queryAccess 2021-03-16 13:28:12 +00:00
Asger Feldthaus
ff1326cc7b JS: Cache getReExportedModule 2021-03-16 13:28:12 +00:00
Asger Feldthaus
710cca5395 JS: Update expectations with new sources 2021-03-16 13:28:12 +00:00
Asger Feldthaus
a9383da2c3 JS: Autoformat 2021-03-16 13:28:12 +00:00
Asger Feldthaus
bc4c178648 JS: Cache together 2021-03-16 13:28:12 +00:00
Asger Feldthaus
7b7e87f177 JS: Fix bad join order in closure 2021-03-16 13:28:11 +00:00
Asger Feldthaus
aa1c8c041e JS: Exclude client-side sources from RegExpInjection 2021-03-16 13:28:11 +00:00
Asger Feldthaus
2e57a7d3e9 JS: Add ClientSideRemoteFlowSource 2021-03-16 13:28:09 +00:00
Anders Schack-Mulligen
aa360c0378 Merge pull request #5413 from smowton/smowton/feature/infer-fluent-method-taint-flow 
Add taint-preserving edges where a call also has a value-preserving edge
 2021-03-16 14:10:11 +01:00
Anders Schack-Mulligen
53c360479a Merge pull request #5329 from tamasvajk/feature/csv-taint-step 
Java: migrate taint steps to CSV
 2021-03-16 14:09:21 +01:00
Anders Schack-Mulligen
46bae88181 Merge pull request #5375 from aschackmull/dataflow/unbind 
Dataflow: Switch from unbind to pragma[only_bind_into].
 2021-03-16 14:03:54 +01:00
Tom Hvitved
88b7ad001f C#: Take phi nodes into account in Steps::getARead() 2021-03-16 13:55:30 +01:00
CodeQL CI
ae62fbc2c7 Merge pull request #5382 from erik-krogh/moreCache 
Approved by asgerf
 2021-03-16 05:53:03 -07:00
Tom Hvitved
cb8e2d451d C#: Add test for DeadStoreOfLocal.ql 2021-03-16 13:52:41 +01:00
CodeQL CI
b37da7cc22 Merge pull request #5386 from erik-krogh/cachePrepend 
Approved by asgerf
 2021-03-16 05:49:24 -07:00
CodeQL CI
40acb95105 Merge pull request #5397 from erik-krogh/globalSanitizer 
Approved by asgerf
 2021-03-16 05:37:32 -07:00
Erik Krogh Kristensen
3640bbd466 add test for IncompleteHtmlAttributeSanitization 2021-03-16 13:25:27 +01:00
Erik Krogh Kristensen
1bf259beef support another String.prototype.replace pattern 2021-03-16 13:25:13 +01:00
Tamas Vajk
d02fba8c37 Java: adjust wrapped constructor calls 2021-03-16 12:42:41 +01:00
Rasmus Lerchedahl Petersen
cf791e8164 Python: Describe Concepts and Attributes 2021-03-16 12:31:47 +01:00
Tamas Vajk
e3534d1635 Java: cover wrapped constructor taint flow 2021-03-16 12:10:28 +01:00
Tamas Vajk
af0dff8c6f Java: migrate constructor flow taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
f9a207dd9f Java: migrate 'arg to arg' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
7e1534a6cd Java: migrate 'arg to return' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
5cdbde2686 Java: migrate 'qualifier to return' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
40126563ef Java: migrate 'qualifier to arg' taint steps to CSV 2021-03-16 12:10:28 +01:00