hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
19,196 Commits 1,746 Branches 166 Tags
88db8f562d7ca553ecb77efdbc575d68729554e3
Commit Graph

19196 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
dde8d320f3 Apply suggestions from code review 
Minor qldoc fixes.
 2021-01-19 08:24:24 +01:00
Rasmus Lerchedahl Petersen
bd3de23c6e Python: Remove some unhelpful store steps 2021-01-19 00:05:10 +01:00
Marcono1234
703336a77f Add ArrayInit.getSize(), improve documentation 2021-01-18 16:44:53 +01:00
Marcono1234
e9aa63b670 Fix broken links to QLDoc specification 2021-01-18 16:18:45 +01:00
Rasmus Wriedt Larsen
8e5557eca3 Python: Avoid duplicated route-setup in django 
When using `django.conf.urls.url` with Django 2+
 2021-01-18 16:18:29 +01:00
Rasmus Lerchedahl Petersen
bfc6660795 Python: Remember to update test expectations 2021-01-18 15:00:06 +01:00
Erik Krogh Kristensen
01900d7ca2 remove false positive due to "\n" not being in the relevant relation 2021-01-18 14:47:29 +01:00
CodeQL CI
fc2fe6cccb Merge pull request #4928 from esbena/js/rewrite-multi-sanitization 
Approved by asgerf
 2021-01-18 05:11:42 -08:00
Asger Feldthaus
3db6069372 JS: Add test for new sink 2021-01-18 10:55:34 +00:00
Asger Feldthaus
2752b4ba64 JS: Shift line numbers in test 2021-01-18 10:54:39 +00:00
Asger Feldthaus
ff1d0cc4c7 JS: Recognize DomSanitizer from @angular/core 2021-01-18 10:54:27 +00:00
Rasmus Lerchedahl Petersen
66426bf0cc Python: Add tests for iterable unpacking 
in for-iterations and comprehensions.
 2021-01-18 09:36:13 +01:00
Tamas Vajk
8400a3862b Add DB upgrade folder 2021-01-18 09:19:27 +01:00
Tamas Vajk
ce58514453 Change release note date 2021-01-18 09:19:27 +01:00
Tamas Vajk
c0b31cbfe7 Add new stats file 2021-01-18 09:19:27 +01:00
Tamas Vajk
f235a28295 C# Add relational patterns extraction 2021-01-18 09:19:27 +01:00
Rasmus Lerchedahl Petersen
175e43d6f2 Python: Slight refactor 2021-01-18 09:12:05 +01:00
Rasmus Lerchedahl Petersen
5f189a7e43 Python: Address reviews 2021-01-15 20:18:37 +01:00
yoff
1edad03622 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-01-15 18:50:04 +01:00
Erik Krogh Kristensen
401e516654 update expected output, and update PackageExports test 2021-01-15 17:40:47 +01:00
Erik Krogh Kristensen
26783b6ab0 make getTopmostPackageJSON public again, and update PackageExports test 2021-01-15 16:05:49 +01:00
Tom Hvitved
9a9a57716c C#: Improved extraction of type nullability 2021-01-15 16:01:14 +01:00
yoff
48910d0597 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-01-15 14:02:27 +01:00
Erik Krogh Kristensen
1506ac09e5 limit the number of characters produced by getAThreewayIntersect 2021-01-15 13:54:16 +01:00
Erik Krogh Kristensen
0117a0fac1 specialize the getAValueExportedBy predicate to only topmost package.jsons 2021-01-15 13:54:16 +01:00
Erik Krogh Kristensen
0c9d46a7f9 changes based on review 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-01-15 13:54:05 +01:00
Anders Schack-Mulligen
545451e602 Merge pull request #4960 from github/yo-h/java15-change-note 
Java: update documentation on supported language versions
codeql-cli/v2.4.3 codeql-cli/v2.4.2 		2021-01-15 10:19:46 +01:00
Tamás Vajk
81ce29c6c8 Merge pull request #4656 from tamasvajk/feature/csharp9-not-pattern 
C#: Extract unary patterns
 2021-01-15 09:44:53 +01:00
yo-h
27fd16ae87 Java: update documentation on supported language versions 2021-01-14 20:29:16 -05:00
Tom Hvitved
d7ca065192 Merge pull request #4923 from hvitved/csharp/ssa/refactor 
C#: SSA refactorings
 2021-01-14 17:28:14 +01:00
Geoffrey White
15089c4117 Merge branch 'main' into modelclasses 2021-01-14 15:57:02 +00:00
Geoffrey White
7012bc05a2 C++: Simplification. 2021-01-14 15:21:26 +00:00
Geoffrey White
54bd36def2 C++: Correct QLDoc comments. 2021-01-14 15:20:29 +00:00
Geoffrey White
13d0efe96d C++: Change to more natural expressions without use of weird predicates or 'any'. The classes for string objects now match instantiations directly rather than the template. 2021-01-14 15:02:51 +00:00
Tom Hvitved
6cf684f615 C#: Fix QL doc 2021-01-14 15:59:22 +01:00
yoff
b5d40e4c9a Merge pull request #4944 from RasmusWL/flask-class-based-handlers 
Python: Add modeling of Flask class based (HTTP) request handlers
 2021-01-14 15:17:36 +01:00
yoff
de8ac6c12d Merge pull request #4869 from RasmusWL/tornado-source-modeling 
Python: Add Tornado source modeling
 2021-01-14 14:40:14 +01:00
Tamas Vajk
4b32fd0556 Update change note date 2021-01-14 14:29:13 +01:00
Tamas Vajk
b7b4ed8774 Add DB upgrade folder 2021-01-14 14:26:40 +01:00
Erik Krogh Kristensen
c106b09d49 change-note 2021-01-14 14:17:32 +01:00
Tamas Vajk
66d8b0f1a0 Add new .stats file 2021-01-14 14:11:28 +01:00
Erik Krogh Kristensen
c5595f4cbd improve alert message for js/polynomial-redos 2021-01-14 13:48:26 +01:00
Rasmus Wriedt Larsen
4cb2f2ed1e Python: Proper models of flask MethodView classes 2021-01-14 13:42:18 +01:00
Rasmus Wriedt Larsen
e327fdb317 Python: Model flask View classes 2021-01-14 13:42:18 +01:00
Rasmus Wriedt Larsen
0b1cece523 Python: Add tests for class based handlers in Flask 2021-01-14 13:42:17 +01:00
Rasmus Wriedt Larsen
14bb10a361 Python: Use LocalSourceNode for TornadoRouteRegex 2021-01-14 13:39:41 +01:00
Erik Krogh Kristensen
86e33d9d79 select the shortest possible reason 2021-01-14 13:38:37 +01:00
Rasmus Wriedt Larsen
f9a29cb886 Python: Add change-note for tornado source modeling 2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen
812ea5dde5 Python: Tornado: Model request handlers without known route 2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen
1849b9e771 Python: Tornado: Handle basic route setup with tuples 
The reason this becomes valueable right now, is that we can mark routed params
as taint-sources. Longer down the line, we can (hopefully) detect that a routed
param will only accept digits, and mark it safe for some of our taint-tracking
queries.
 2021-01-14 13:37:26 +01:00