codeql

mirror of https://github.com/github/codeql.git synced 2026-06-28 16:17:03 +02:00

Author	SHA1	Message	Date
Rasmus Wriedt Larsen	afe7a0536c	Python: Support positional arguments in Django routes	2019-10-29 13:58:07 +01:00
Rasmus Wriedt Larsen	49dd2216a6	Python: Refactor django library Use General.qll for routing, like in other web libraries	2019-10-29 13:58:07 +01:00
Shati Patel	e2b446db19	Docs: Update Python	2019-10-29 12:36:16 +00:00
Shati Patel	3337eaf0f9	Docs: Update JavaScript/TypeScript	2019-10-29 12:36:06 +00:00
Erik Krogh Kristensen	2d01e7c5ed	simplify the callsArray predicate	2019-10-29 12:13:01 +01:00
Erik Krogh Kristensen	563f32193c	suggestions from @max-schaefer Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2019-10-29 12:10:12 +01:00
Jonas Jensen	b6038f3caa	C++: Remove best-bound logic from test This logic, in an improved form, is now part of the library itself.	2019-10-29 11:54:32 +01:00
Jonas Jensen	311963906b	C++: Only give the best delta in range analysis This mirrors Java's `6b85fe087a`.	2019-10-29 11:49:49 +01:00
Taus	6e6dab9ab8	Merge pull request #2178 from RasmusWL/python-minor-qldoc-fix Python: Fix qldoc for TaintTracking Configuration	2019-10-29 10:40:12 +01:00
Jonas Jensen	ff62afb575	C++: Rename parameter to `b` to match QLDoc	2019-10-29 10:38:23 +01:00
semmle-qlci	2cddb82f10	Merge pull request #2210 from max-schaefer/js/better-destructuring-type-inference Approved by asger-semmle, esbena	2019-10-29 08:08:51 +00:00
Jonas Jensen	0b2c2620cd	Merge pull request #2184 from dave-bartolomeo/dave/AliasedUse C++/C#: Add `AliasedUse` instruction to all functions	2019-10-29 08:37:57 +01:00
Robert Marsh	8076156cb1	Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects	2019-10-28 16:50:34 -07:00
Robert Marsh	120fa6c330	C++: alias fixes for ReturnIndirection	2019-10-28 15:09:35 -07:00
Robert Marsh	5e946cc9f3	C++: add param read side effects to IR exit blocks	2019-10-28 15:09:04 -07:00
Geoffrey White	3584c0b2e5	CPP: Speed up InitializationFunctions.qll's getTarget.	2019-10-28 19:54:10 +00:00
Geoffrey White	2d64fedeb0	CPP: Speed up VirtualDispatch.qll's getAViableTarget.	2019-10-28 19:54:10 +00:00
Geoffrey White	c40c88ec4b	CPP: Add test cases for ConditionallyUninitializedVariables.ql.	2019-10-28 18:43:00 +00:00
Geoffrey White	d693eb8c20	CPP: Correct the ConditionallyUninitializedVariable examples.	2019-10-28 17:39:45 +00:00
Asger F	94dd9a1c04	JS: Block XSS flow through encodeURIComponent	2019-10-28 17:12:40 +00:00
Henning Makholm	ae554cf1e9	Make each upgrade directory a QL pack	2019-10-28 17:14:31 +01:00
Taus	04e3683035	Merge pull request #2194 from RasmusWL/python-improve-getbasetype-qldoc Python: Improve qldoc for ClassValue::getABaseType	2019-10-28 17:07:19 +01:00
Anders Schack-Mulligen	d0842fc35d	Java/C++/C#: Minor refactor following review comment.	2019-10-28 16:31:22 +01:00
Jonas Jensen	b13535ac7d	C++: Implement DataFlow::BarrierGuard for AST+IR The change note is copied from the Java change note.	2019-10-28 16:22:23 +01:00
Anders Schack-Mulligen	0ffcf9ce64	Merge pull request #2192 from JLLeitschuh/feature/JLL/http_response_splitting_netty Add CWE-113 check for io.netty.handler.codec.http.DefaultHttpHeaders	2019-10-28 15:01:20 +01:00
semmle-qlci	70b114b827	Merge pull request #2208 from hvitved/csharp/codeql/no-bundled-nuget Approved by p0	2019-10-28 13:47:50 +00:00
Tom Hvitved	3f5ee5138b	C#: Add change notes	2019-10-28 14:22:59 +01:00
Tom Hvitved	eb990525d7	C#: Add precision tags to `UnsafeDeserialization[UntrustedInput].ql`	2019-10-28 14:19:40 +01:00
Tom Hvitved	b0cf7cb39a	C#: Move `UnsafeDeserialization.qll`	2019-10-28 13:38:53 +01:00
Tom Hvitved	c3f23f542a	C#: Add change note	2019-10-28 13:15:20 +01:00
Tom Hvitved	1fc786bea7	C#: Add `precision` tag to `cs/deserialized-delegate`	2019-10-28 13:11:10 +01:00
shati-patel	d94b0cab29	Update docs/language/learn-ql/java/introduce-libraries-java.rst Co-Authored-By: Felicity Chapman <felicitymay@github.com>	2019-10-28 12:05:51 +00:00
semmle-qlci	30a907861b	Merge pull request #2193 from max-schaefer/js/autobuilder-exclude-node_modules Approved by asger-semmle	2019-10-28 11:26:51 +00:00
Tom Hvitved	8a08038ff3	C#: Use system-nuget in Autobuilder when `SEMMLE_PLATFORM_TOOLS` is not set	2019-10-28 10:59:26 +01:00
Geoffrey White	8839bdd688	Merge pull request #1428 from jbj/infinite-loops-visible C++: Make cpp/comparison-with-wider-type visible	2019-10-28 09:49:38 +00:00
Anders Schack-Mulligen	379ef1d2f9	Java: Fix bad magic and join-order.	2019-10-28 10:40:06 +01:00
semmle-qlci	33374ee089	Merge pull request #2202 from asger-semmle/express-sendfile Approved by esbena	2019-10-28 09:24:34 +00:00
Max Schaefer	b333c6a214	Merge pull request #2106 from asger-semmle/call-graph-3 JS: Call graph changes	2019-10-28 09:24:10 +00:00
Ziemowit Laski	1500148c76	[CPP-434] Clarify Qhelp.	2019-10-27 11:23:54 -07:00
Erik Krogh Kristensen	b2c31701f3	add documentation to two predicates	2019-10-27 09:12:56 +01:00
Raul Garcia	e44229435c	Merge pull request #6 from Semmle/master Merge	2019-10-26 19:05:58 -07:00
Erik Krogh Kristensen	92cebea235	update tests to include empty reciever case	2019-10-27 00:25:59 +02:00
Erik Krogh Kristensen	c6f53199d4	ignore when the reciever is the empty array	2019-10-27 00:24:38 +02:00
Erik Krogh Kristensen	da23898eba	update tests	2019-10-26 23:26:45 +02:00
Pavel Avgustinov	d501316c76	Merge pull request #2195 from hmakholm/pr/chain-to-codeql codeqlmanifest: explicitly chain to ./codeql if we have it	2019-10-26 21:55:50 +01:00
Ziemowit Laski	6ee3d7d788	[CPP-434] Address more comments re .cpp test cases.	2019-10-25 15:50:00 -07:00
Ziemowit Laski	7204e13746	[CPP-434] Address comments re .cpp test cases.	2019-10-25 14:37:28 -07:00
Dave Bartolomeo	cc5a689293	C++/C#: Fix up after merge from master	2019-10-25 14:11:34 -07:00
Ziemowit Laski	f964fe8b0e	[CPP-434] Address comments regarding .ql and .qhelp.	2019-10-25 14:08:30 -07:00
Dave Bartolomeo	f5e320e988	Merge from master	2019-10-25 13:24:19 -07:00

... 314 315 316 317 318 ...

23837 Commits