hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-15 09:51:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
28,741 Commits 1,784 Branches 169 Tags
76e841830f9e40971fec0295e5e2a05422bb349b
Commit Graph

28741 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
76e841830f JS: Check for labeled barriers in reachableFromInput 2021-11-03 13:10:20 +01:00
Erik Krogh Kristensen
54fba2d6a1 Merge pull request #6781 from erik-krogh/ldap 
JS: Move LDAP injection out of experimental
 2021-11-02 13:35:32 +01:00
Anders Schack-Mulligen
7d0152f3c0 Merge pull request #6932 from aschackmull/dataflow/flow-features 
Dataflow: Add support for call context restrictions on sources/sinks.
 2021-11-02 13:24:17 +01:00
Nick Rolfe
6dd5dad4a9 Merge pull request #7026 from github/nickrolfe/rb-prefix 
Ruby: use the `rb/` prefix in all query ids
 2021-11-02 12:04:50 +00:00
Erik Krogh Kristensen
f7f315adbb Merge pull request #7022 from erik-krogh/cwe319 
JS: add cwe-319 to js/clear-text-cookie
 2021-11-02 12:47:53 +01:00
Erik Krogh Kristensen
7a96b8e9e1 Merge branch 'main' into ldap 2021-11-02 12:47:28 +01:00
Nick Rolfe
898f5ec596 Ruby: use the rb/ prefix in all query ids 2021-11-02 11:42:02 +00:00
Tom Hvitved
302373d154 Merge pull request #6858 from hvitved/python/type-tracker-changes 
Python: Type tracker changes
 2021-11-02 11:47:01 +01:00
CodeQL CI
d5e2026a26 Merge pull request #6934 from erik-krogh/more-instanceof 
Approved by MathiasVP, esbena, yoff
 2021-11-02 03:46:23 -07:00
CodeQL CI
5d62aa5b29 Merge pull request #6994 from erik-krogh/redundant-cast 
Approved by RasmusWL, aschackmull, esbena, geoffw0, hvitved, nickrolfe
 2021-11-02 03:45:48 -07:00
Tom Hvitved
fe80c4a17b Ruby: Sync files 2021-11-02 11:16:46 +01:00
Tom Hvitved
1e64893742 Update python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll 
Co-authored-by: Taus <tausbn@github.com>
 2021-11-02 11:16:32 +01:00
Tom Hvitved
660398aa78 Python: Introduce TypeBackTracker::getACompatibleTypeTracker() 2021-11-02 11:16:32 +01:00
Tom Hvitved
73fd66cfed Python: Cache TypeBackTracker::prepend 2021-11-02 11:16:32 +01:00
Erik Krogh Kristensen
41e7dea943 add cwe-319 "Cleartext Transmission of Sensitive Information" to js/clear-text-cookie 2021-11-02 11:11:38 +01:00
Mathias Vorreiter Pedersen
e2cb53c65f Merge pull request #7014 from jbj/isFromSystemMacroDefinition 
C++: Add `isFromSystemMacroDefinition` predicate
 2021-11-02 09:14:59 +00:00
Anders Schack-Mulligen
42a046edc6 Merge pull request #7004 from Marcono1234/marcono1234/deprecate-StringLiteral-getRepresentedString 
Java: Deprecate `StringLiteral.getRepresentedString()`
 2021-11-02 09:57:52 +01:00
Tamás Vajk
18b08060ae Merge pull request #5110 from porcupineyhairs/ssrfCsharp 
C# : Add query to detect SSRF
 2021-11-02 09:50:28 +01:00
Tony Torralba
5d7b09ac67 Merge pull request #7020 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-11-02 08:33:36 +01:00
github-actions[bot]
093be44258 Add changed framework coverage reports 2021-11-02 00:09:00 +00:00
Marcono1234
668928045e Merge branch 'main' into marcono1234/deprecate-StringLiteral-getRepresentedString 2021-11-01 16:32:57 +01:00
Anders Schack-Mulligen
e88bbfdd67 Merge pull request #7008 from JLLeitschuh/feat/JLL/java_optional_lambda_support 
Java: Model java.util.Optional lambda methods
 2021-11-01 13:49:21 +01:00
Anders Schack-Mulligen
64acd0288e Merge pull request #6614 from Marcono1234/marcono1234/char-literal-codepoint 
Java: Add `CharacterLiteral.getCodePointValue()`
 2021-11-01 13:06:00 +01:00
Nick Rolfe
da5d10fd6b Merge pull request #7012 from MalikIdreesHasanKhan/main 
Fixed a typo. ( Minor PR)
 2021-11-01 11:30:13 +00:00
Chris Smowton
b59f6665a2 Fix punctuation 2021-11-01 11:02:58 +00:00
Chris Smowton
9ff426cf23 Sort Optional models 2021-11-01 10:59:03 +00:00
CodeQL CI
dde493259a Merge pull request #7003 from asgerf/js/mixed-this-fp 
Approved by erik-krogh
 2021-11-01 09:13:21 +00:00
Anders Schack-Mulligen
301a907596 Update java/ql/lib/semmle/code/java/Expr.qll 2021-11-01 09:36:09 +01:00
Jonas Jensen
93dfee866a C++: Add isFromSystemMacroDefinition predicate 2021-11-01 09:17:49 +01:00
MalikIdreesHasa
e44e982065 Fixed a typo. 2021-10-31 15:11:39 +00:00
Jonathan Leitschuh
c2a2a3a676 Java: Model java.util.Optional lambda methods 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-29 13:23:47 -04:00
Marcono1234
b284e727a9 Java: Add change note for StringLiteral.getRepresentedString() deprecation 2021-10-29 15:21:55 +02:00
Marcono1234
fe5115169f Java: Describe CharacterLiteral.getValue() behavior for surrogates 2021-10-29 14:56:07 +02:00
Marcono1234
e1516b4e9d Java: Describe StringLiteral.getValue() behavior for unpaired surrogates 2021-10-29 14:53:13 +02:00
Marcono1234
bfb9577d15 Java: Deprecate StringLiteral.getRepresentedString() 2021-10-29 14:50:15 +02:00
Erik Krogh Kristensen
f676fc00d3 revert a change in an identical file 2021-10-29 14:42:38 +02:00
Erik Krogh Kristensen
0897b004eb revert removal of redundant inline casts in some python files 2021-10-29 14:40:27 +02:00
Erik Krogh Kristensen
d36c66cfca remove redundant inline casts in arguments where the type is inferred by the call target 2021-10-29 14:37:56 +02:00
Marcono1234
4f59886a65 Java: Simplify CompileTimeConstantExpr.getIntValue() 
The changed code previously also only covered IntegerLiteral:
- Restricted to Literal
- Integral type
- != "long"
- != "char"

So the only class left which matches all of these is IntegerLiteral.
 2021-10-29 14:30:51 +02:00
Marcono1234
9730021641 Java: Add CharacterLiteral.getCodePointValue() 2021-10-29 14:30:50 +02:00
Asger Feldthaus
d52b2bd863 JS: Fix FP in ˚MixedStaticInstanceThisAccess 2021-10-29 14:16:54 +02:00
Asger Feldthaus
afa6424d67 JS: Add test with FP 2021-10-29 14:16:54 +02:00
yoff
1c78c792ff Merge pull request #6991 from RasmusWL/flask-blueprints 
Python: Support `flask.blueprints.Blueprint`
 2021-10-29 14:06:43 +02:00
Rasmus Wriedt Larsen
85f00fda19 Merge pull request #6776 from yoff/python/model-asyncpg 
Python: Model `asyncpg`
 2021-10-29 13:54:44 +02:00
Anders Schack-Mulligen
3a1836c9f6 Merge pull request #7000 from aschackmull/dataflow/interface-refactor 
Dataflow: Refactor public references to DataFlowCallable
 2021-10-29 12:21:13 +02:00
Edoardo Pirovano
513e0bbea9 Merge pull request #6965 from edoardopirovano/fix-lgtm-version 
Fix LGTM version number in language reference
 2021-10-29 10:50:53 +01:00
Anders Schack-Mulligen
bfacd23573 Dataflow: Adjust documentation. 2021-10-29 11:20:19 +02:00
Anders Schack-Mulligen
5951ae79b9 Dataflow: Add language specific predicates. 2021-10-29 11:11:35 +02:00
Anders Schack-Mulligen
00df6798b1 Dataflow: Sync 2021-10-29 11:00:23 +02:00
Anders Schack-Mulligen
2b4e3a7d9b Dataflow: Refactor the getEnclosingCallable and ParameterNode interface. 2021-10-29 10:59:36 +02:00