hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,473 Commits 1,693 Branches 161 Tags
876a9f80cec81cc12ef4b71a5a2c8f341db718cf
Commit Graph

34473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
876a9f80ce Dataflow: remove unused column. 2022-04-07 13:53:27 +02:00
Erik Krogh Kristensen
ef9b6a11a6 Merge pull request #8679 from erik-krogh/getUrl 
Java: rename existing getUrl predicate to getRepositoryUrl
 2022-04-07 10:01:14 +02:00
Michael Nebel
72d4c97463 Merge pull request #8628 from michaelnebel/csharp/generatedkind 
C#: Introduce generated flag as a part of the kind column for flow summaries
 2022-04-07 08:43:30 +02:00
Erik Krogh Kristensen
489d4cb908 add change-note 2022-04-06 23:23:50 +02:00
Erik Krogh Kristensen
563d0d6532 rename existing getUrl predicate to getRepositoryUrl 2022-04-06 15:32:33 +02:00
Anders Schack-Mulligen
879b8a1200 Merge pull request #8676 from pwntester/java_hotspots_mods 
Make security-related TaintTracking Configuration public
 2022-04-06 14:40:14 +02:00
Erik Krogh Kristensen
943af17d10 Merge pull request #8619 from erik-krogh/atmSteps 
JS-ML: fix isKnownStepSrc such that it recognizes taint-steps
 2022-04-06 12:56:53 +02:00
Rasmus Wriedt Larsen
b99767ef52 Merge pull request #8668 from RasmusWL/use-instanceof 
Python: Rewrite concepts to use `extends ... instanceof ...`
 2022-04-06 12:09:12 +02:00
Anders Schack-Mulligen
bbb6d08071 Merge pull request #8661 from Marcono1234/marcono1234/getMethod-public-only 
Java: Fix reflection predicate for `getMethod` having non-public method result
 2022-04-06 12:03:14 +02:00
Alvaro Muñoz Sanchez
9ccd0e564b Add QLDocs 2022-04-06 12:00:41 +02:00
Rasmus Wriedt Larsen
4d2a3b38d2 Merge pull request #8511 from RasmusWL/use-query-suffix 
Python: Use `Query.qll` suffix for dataflow configuration definitions
 2022-04-06 11:59:29 +02:00
Anders Schack-Mulligen
d0b5b99e74 Merge pull request #8611 from github/smowton/doc/switch-expr-accessors 
Java: make SwitchCase.getRuleExpression/Statement more consistent
 2022-04-06 11:16:40 +02:00
Tom Hvitved
31ec2988df Merge pull request #8674 from hvitved/csharp/useless-upcast-lambda-tests 
C#: Add more tests for `cs/useless-cast-to-self`
 2022-04-06 11:11:40 +02:00
Alvaro Muñoz Sanchez
19b8d51c0b Update CommandLineQuery 
Make TaintTracking configuration public
 2022-04-06 10:58:56 +02:00
Alvaro Muñoz Sanchez
abaa71e2c5 Update Sql Injection queries 
move java/ql/src/Security/CWE/CWE-089/SqlInjectionLib.qll -> java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
 2022-04-06 10:57:14 +02:00
Geoffrey White
6c70cb4581 Merge pull request #8672 from jketema/unused-locals 
C++: Add `cpp/unused-local-variable` test case with `switch` initializer
 2022-04-06 09:03:12 +01:00
Tom Hvitved
02b11084bc C#: Add more tests for cs/useless-cast-to-self 2022-04-06 09:36:59 +02:00
Jeroen Ketema
d19504fca2 C++: Add cpp/unused-local-variable test case with switch initializer 
This is similar to the test case with the `if` initializer, and we should
not forget about it once we support `if` initialization.
 2022-04-05 18:27:53 +02:00
Alex Ford
ccd7bb5e70 Merge pull request #8421 from alexrford/ruby/weak-cryptographic-algorithm 
Ruby: Add `rb/weak-cryptographic-algorithm` query
 2022-04-05 14:34:45 +01:00
Michael Nebel
2562910b94 C#: Update Csv validation to allow sources and sink kinds to be prefixed with generated. 2022-04-05 14:25:34 +02:00
Michael Nebel
d7bf024318 Java: Add testcase for generated summary model. 2022-04-05 14:25:34 +02:00
Michael Nebel
0374f84c05 Java: Make support for generated as a part of kind. 2022-04-05 14:25:34 +02:00
Michael Nebel
3a04e9a03d Java: Update java capture models with new kind column (including tests). 2022-04-05 12:55:47 +02:00
Michael Nebel
412699f407 C#: Modify generator and update test output with updated kind column. 2022-04-05 12:51:01 +02:00
Rasmus Wriedt Larsen
5b96db26b3 Python: Rewrite concepts to use extends ... instanceof ... 
This solved performance problems experienced in
https://github.com/github/codeql/pull/8634, and this commit+PR is to
ensure we get this change in as fast as possible.
 2022-04-05 12:34:15 +02:00
Michael Nebel
c2920405fc C#: Add a query for detecting flow summaries that are discarded due to existing handwritten models. 2022-04-05 08:55:12 +02:00
Michael Nebel
3937714f9f C#: The CaptureSummaryModels query should only produce summary models that will not be discarded at run-time. 2022-04-05 08:55:12 +02:00
Michael Nebel
784327c183 Java/Ruby: Hardcode generated flag to false. 2022-04-05 08:55:12 +02:00
Michael Nebel
8e1fa35367 C#: Add testcase, where generated flow summary is ignored. 2022-04-05 08:55:12 +02:00
Michael Nebel
de76df3988 C#: Only use generated summaries, if no handwritten model exist for a particular dataflow callable. 2022-04-05 08:55:12 +02:00
Michael Nebel
30dc4ae788 C#: Add testcase with multiple generated flow summaries. 2022-04-05 08:55:12 +02:00
Michael Nebel
689e8f1952 C#: Small testcase with a summary flow model that is listed as generated. 2022-04-05 08:55:12 +02:00
Michael Nebel
26ad4861a3 C#: Introduce parsing of the kind field. 2022-04-05 08:55:12 +02:00
Michael Nebel
f8b094ac1f C#: Only use generated flow summaries in case no handwritten summary exists. 2022-04-05 08:55:11 +02:00
Michael Nebel
4d953da480 C#: Initial steps to allow generated as a part of the kind. 2022-04-05 08:55:11 +02:00
Michael Nebel
1f72f6c2cd Merge pull request #8559 from michaelnebel/csharp/generateflowmodelsscript 
C#: Generate Flow Models script
 2022-04-05 08:43:22 +02:00
Robert Marsh
a3072fcd83 Merge pull request #8664 from geoffw0/privdata3 
C++: More enhancements to PrivateData.qll
 2022-04-04 14:43:19 -04:00
Geoffrey White
04b8306f06 C++: Add some more patterns. 2022-04-04 16:57:00 +01:00
Geoffrey White
d2e7f22d1b C++: Group all phone number related exprs together. 2022-04-04 16:48:03 +01:00
Geoffrey White
d42ee7d279 C++: Extend tests. 2022-04-04 16:46:56 +01:00
Michael Nebel
8c3be653c2 C#: Update test output. 2022-04-04 16:07:46 +02:00
Michael Nebel
3fe941aae2 C#: Add missing empty ext column in generated summaries. 2022-04-04 15:58:35 +02:00
Michael Nebel
c6fe54c41b C#: Add script for running CaptureModel queries and generate qll source file. 2022-04-04 15:58:35 +02:00
Marcono1234
6dd14a6cb3 Java: Fix reflection predicate for getMethod having non-public method result 2022-04-04 15:10:49 +02:00
Asger F
de169277cb Merge pull request #8576 from asgerf/js/decorated-method-or-class 
JS: Add decorator edges in API graphs and corresponding MaD tokens
 2022-04-04 12:49:28 +02:00
Jeroen Ketema
82b1cd69d2 Merge pull request #8554 from jketema/bitwise-lambda-capture-init 
C++: Handle bitwise copies in lambda captures
 2022-04-04 12:23:05 +02:00
Michael Nebel
25881d673e Merge pull request #8626 from michaelnebel/csharp/equalsgethashcodeoverrides 
C#: Exclude Equals and GetHashCode overrides from model generation.
 2022-04-04 09:40:31 +02:00
Tom Hvitved
50dc3820c6 Merge pull request #8589 from hvitved/regex/speedup-concretise 2022-04-03 17:56:07 +02:00
Jeroen Ketema
e1fa58a6f2 C++: Update tests after generating reference conversion 2022-04-01 18:32:46 +02:00
Jeroen Ketema
1d51b618d1 C++: Update tests for handling op bitwise copy in lambda captures 2022-04-01 18:32:46 +02:00