hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,118 Commits 1,690 Branches 160 Tags
7f09edcf596e2507e45523183b144ff3369d9302
Commit Graph

23118 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
7f09edcf59 add change note 2021-06-07 17:25:18 +02:00
Erik Krogh Kristensen
bcf08e6472 add remote flow source for the serverless library 2021-06-07 17:19:19 +02:00
Erik Krogh Kristensen
09a2c055a7 add test for the serverless express API 2021-06-07 16:50:01 +02:00
Tamás Vajk
3f33f2de13 Merge pull request #5980 from tamasvajk/fix/extension-method-as-target 
C#: Extract correct method symbol as target of extension method calls
 2021-06-07 15:57:24 +02:00
CodeQL CI
4963a8f6b9 Merge pull request #6024 from erik-krogh/serialize-javascript 
Approved by asgerf
 2021-06-07 06:08:05 -07:00
Mathias Vorreiter Pedersen
3923acb5e0 Merge pull request #6017 from github/dbartol/pack/extra-queries-xml 
C++: Replace an odd `queries.xml` with `qlpack.yml`
 2021-06-07 10:58:19 +02:00
Anders Schack-Mulligen
96da85449d Merge pull request #5823 from atorralba/promote-jexl-injection 
Java: Promote JEXL Injection query from experimental
 2021-06-07 10:03:12 +02:00
Tamás Vajk
1a1b74cfcc Merge pull request #5998 from tamasvajk/fix/tuple-members 
C#: Fix container type extraction of tuple members
 2021-06-07 09:18:05 +02:00
Erik Krogh Kristensen
0adc001df0 add taint-step for serialize-javascript 2021-06-06 22:48:53 +02:00
Dave Bartolomeo
ac3ded7d5a Replace an odd queries.xml with qlpack.yml 
This one C++ test has its own `queries.xml` to make "outside-of-source" path filtering work, as detailed in commit 2550788598. I've replaced the `queries.xml` with `qlpack.yml`, added a comment, and added that pack to the `.codeqlmanifest.json` at the root of the repo. This will allow the library dependencies of this pack to be resolved without the need for a `--search-path` option with the upcoming packaging changes.
 2021-06-06 09:04:18 -04:00
Dave Bartolomeo
e276e2684e Merge pull request #5986 from MathiasVP/side-effects-for-nonconst-smart-pointers 
C++: Fix `hasDefaultSideEffect` for non-const smart pointers
 2021-06-04 13:57:44 -04:00
Mathias Vorreiter Pedersen
8e8c2e677a C++: Accept test changes. 2021-06-04 18:49:20 +02:00
Mathias Vorreiter Pedersen
27586d77f8 C++: Copy isDeeplyConst{Below} into SideEffects and modify it so that it works for smart pointers. 2021-06-04 18:46:52 +02:00
Mathias Vorreiter Pedersen
f2d7988d72 C++: Add tests involving various non-const and const smart pointers. 2021-06-04 18:46:05 +02:00
CodeQL CI
eb0491598a Merge pull request #6009 from erik-krogh/whatwg-fetch 
Approved by esbena
 2021-06-04 08:19:36 -07:00
Mathias Vorreiter Pedersen
f21e949898 Merge pull request #6007 from geoffw0/weak_crypto2 
C++: Combine results for cpp/weak-cryptographic-algorithm
 2021-06-04 16:06:29 +02:00
Tom Hvitved
3c7c10a424 Merge pull request #5991 from hvitved/java/shared-external-source-sink 
Java: Move common CSV logic for sources and sinks into shared library
 2021-06-04 16:04:25 +02:00
Geoffrey White
b24dc810c9 C++: Combine results from cpp/weak-cryptographic-algorithm that are in the same file. 2021-06-04 14:04:02 +01:00
Tamas Vajk
b3a2998d96 Fix failing test after rebase 2021-06-04 14:34:45 +02:00
Tamas Vajk
75060baaa3 Add change note 2021-06-04 14:33:12 +02:00
Tamas Vajk
33daa2c41d Fix container type extraction of tuple members 2021-06-04 14:33:12 +02:00
Tamas Vajk
4f4bf59cd4 C#: Add tuple member tests 2021-06-04 14:33:12 +02:00
Tom Hvitved
42202402a4 Address review comments 2021-06-04 14:32:37 +02:00
Tamas Vajk
f98781db63 Fix non-constructed generic extension method extraction 2021-06-04 13:34:19 +02:00
Tamas Vajk
127d66ccd1 Remove unneeded ReducedExtension method handling 2021-06-04 13:34:19 +02:00
Tamas Vajk
e05e2365ea C#: Extract correct method symbol as target of extension method calls 2021-06-04 13:34:19 +02:00
Tamas Vajk
fc0fc740ac C#: Add test for extension method calls 2021-06-04 13:32:03 +02:00
Erik Krogh Kristensen
46f90006c2 add model for whatwg-fetch 2021-06-04 13:13:13 +02:00
Anders Schack-Mulligen
f73960da8f Merge pull request #5788 from Marcono1234/marcono1234/stmt-toString 
Java: Override toString() for statements
 2021-06-04 12:41:03 +02:00
Anders Schack-Mulligen
60377a8f86 Merge pull request #5383 from smowton/smowton/feature/strbuilder-fluent-methods 
Java: Add models for StrBuilder's fluent methods
 2021-06-04 12:33:24 +02:00
Anders Schack-Mulligen
30cb80b341 Merge pull request #5181 from smowton/smowton/feature/commons-tostringbuilder 
Java: Add models for Commons ToStringBuilder
 2021-06-04 12:30:36 +02:00
Tamás Vajk
8d7f8a5bab Merge pull request #5997 from tamasvajk/fix/colliding-method-ids 
C#: Base IDs for constructed methods on their unconstructed counterparts
 2021-06-04 10:29:53 +02:00
Tamás Vajk
63c6ddd426 Merge pull request #6000 from tamasvajk/feature/extract-non-public-symbols 
C#: Change compilation settings to include all non-public symbols
 2021-06-04 10:28:55 +02:00
yo-h
8d879facf7 Merge pull request #5988 from github/AlonaHlobina-patch-1 
Update versions-compilers.rst
 2021-06-03 13:56:28 -04:00
yo-h
c0aadcf8ba Update docs/codeql/support/reusables/versions-compilers.rst 2021-06-03 13:49:57 -04:00
Marcono1234
6003b6edd2 Java: Adjust change note for statement toString() changes 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-03 17:17:00 +02:00
Marcono1234
485b0be805 Java: Fix expected test output 2021-06-03 17:15:00 +02:00
Marcono1234
2889f94128 Java: Add change note for statement toString() changes 2021-06-03 16:27:37 +02:00
Marcono1234
e0a45507f8 Java: Adjust toString() for statements 2021-06-03 16:27:36 +02:00
Marcono1234
7e778bc008 Java: Override toString() for statements 
Additionally remove redundant QLDoc which is inherited anyways.
 2021-06-03 16:27:35 +02:00
Anders Schack-Mulligen
bd9e3d0fa9 Merge pull request #5751 from aschackmull/java/collection-flow 
Java: Convert all collection and array steps from taint flow to value flow.
 2021-06-03 15:29:14 +02:00
Tom Hvitved
cc02c95092 C#: Sync files 2021-06-03 13:54:51 +02:00
Tom Hvitved
d0b6808299 Java: Move common CSV logic for sources and sinks into shared library 2021-06-03 13:54:51 +02:00
Tamas Vajk
1ce7c631ff Fix failing tests 2021-06-03 13:01:42 +02:00
Tamas Vajk
793e3db085 C#: Change compilation settings to include all non-public symbols 2021-06-03 11:54:05 +02:00
Tamas Vajk
5a3a011b8e Fix test results 2021-06-03 11:17:01 +02:00
Tom Hvitved
3d60c146ad C#: Base IDs for constructed methods on their unconstructed counterparts 2021-06-03 11:11:32 +02:00
Tamas Vajk
d044b15533 C#: Add colliding method ID tests 2021-06-03 11:11:32 +02:00
Tony Torralba
56a429a5f9 Merge branch 'main' into promote-jexl-injection 2021-06-03 11:10:56 +02:00
Tony Torralba
607dcd4a27 Don't use CSV models for private flow configs 2021-06-03 11:05:13 +02:00