hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
507 Commits 1,684 Branches 159 Tags
90dfebb4bd978b911afbb989f17f67a391abf4fb
Commit Graph

507 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
90dfebb4bd Add extractor field to QL packs. 2020-04-07 14:41:54 +01:00
Max Schaefer
f074d89b54 Merge pull request #88 from max-schaefer/readsField 
Improve handling of field reads through pointer
 2020-04-07 09:02:10 +01:00
Max Schaefer
2ec335fb1a Autoformat. 2020-04-07 07:16:50 +01:00
Max Schaefer
fb661aadcc Merge pull request #90 from github/p0-patch-1 
Delete outdated COPYRIGHT file
 2020-04-06 15:32:50 +01:00
Pavel Avgustinov
c45a5cf1f2 Update copyright date 2020-04-06 14:37:09 +01:00
Pavel Avgustinov
291150a755 Delete outdated COPYRIGHT file 
This seems to be copied from Semmle/ql, and it claims the wrong license.
 2020-04-06 14:35:44 +01:00
Sauyon Lee
a663eaae23 Merge pull request #89 from max-schaefer/extractor-profiling 
Add environment variables for dumping CPU and memory profiles.
 2020-04-06 03:33:08 -07:00
Max Schaefer
1f7441e027 Make readsField and friends work modulo implicit dereferences, like writesField. 2020-04-06 11:06:46 +01:00
Max Schaefer
76f2748cbc Teach SsaWithFields to properly handle implicit dereferences. 2020-04-06 09:23:07 +01:00
Max Schaefer
4a1071cac6 Merge pull request #77 from robertbrignull/code_scanning_suites 
Add code-scanning suites
 2020-04-06 09:14:58 +01:00
Max Schaefer
5721d1fb3e Merge pull request #86 from sauyon/dependency-fix 
Allow dependencies to match imports of subpackages
 2020-04-03 20:35:07 +01:00
Max Schaefer
c240fdbd45 Merge pull request #87 from max-schaefer/more-qldoc 
Add missing QlDoc.
 2020-04-03 19:43:38 +01:00
Sauyon Lee
e1a7269a45 Allow dependencies to match imports of subpackages 2020-04-03 10:42:19 -07:00
Max Schaefer
d13d2f27e6 Add missing QlDoc. 2020-04-03 17:08:56 +01:00
Max Schaefer
407493094d Merge pull request #75 from sauyon/ssrf-refinement 
SSRF query refinements
 2020-04-03 09:31:24 +01:00
Sauyon Lee
dcd6aaf69a Alphabetize change notes 2020-04-03 00:01:19 -07:00
Sauyon Lee
ea3a7e8038 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-04-02 23:58:39 -07:00
Sauyon Lee
e27947e280 Add comment for new url concatenation sanitizer 2020-04-02 23:58:39 -07:00
Sauyon Lee
3c02b3ab74 Add SafeUrlFlowCustomizations doc comment 2020-04-02 23:58:38 -07:00
Sauyon Lee
c68e509508 OpenUrlRedirect: Fix some comments 2020-04-02 23:58:37 -07:00
Sauyon Lee
4e5b17e18d Sanitize hostname if there is a slash and a previous component 2020-04-02 23:58:36 -07:00
Sauyon Lee
4b3982154a Add a SafeUrlFlow configuration 2020-04-02 23:58:35 -07:00
Sauyon Lee
4bcffe2d47 RequestForgery: Add a safe URL sanitizer 2020-04-02 23:58:34 -07:00
Sauyon Lee
1c859a8991 Address review comments 2020-04-02 23:58:33 -07:00
Sauyon Lee
3577d75607 RequestForgery: Add change note 2020-04-02 23:58:17 -07:00
Sauyon Lee
89a03c8b67 RequestForgery: Add high precision 2020-04-02 23:49:58 -07:00
Sauyon Lee
830c3fce2a RequestForgery: Add tests 2020-04-02 23:49:57 -07:00
Sauyon Lee
314787956b Allow write base to be inside an implicit dereference 2020-04-02 23:49:56 -07:00
Sauyon Lee
e9b0f88946 RequestForgery: Add taint step for URL Host assignment 2020-04-02 23:49:55 -07:00
Sauyon Lee
12928d9f17 HTTP: Add model for Client.Do 2020-04-02 23:49:55 -07:00
Sauyon Lee
6876eabf54 RequestForgery: Add query help 2020-04-02 23:49:54 -07:00
Sauyon Lee
b23c75afb6 RequestForgery: move query from experimental 2020-04-02 23:49:53 -07:00
Max Schaefer
77c282824e Merge pull request #81 from gagliardetto/system-executors 
Expand system executors (continuation of #70)
 2020-04-03 07:24:05 +01:00
Sauyon Lee
f9610f22e7 Merge pull request #85 from max-schaefer/codeql-stats 
Use CodeQL for creating stats
 2020-04-02 10:57:20 -07:00
Max Schaefer
b28cd112fe Merge pull request #83 from max-schaefer/max-goroutines 
Introduce official environment variable for goroutine limiting.
 2020-04-02 13:49:21 +01:00
Max Schaefer
325bb7ca23 Merge pull request #84 from shati-patel/move-documentation 
Docs: Move "CodeQL for Go" out of this repo
 2020-04-02 13:48:51 +01:00
Shati Patel
3af3548c30 Remove "learn-ql" folder 2020-04-02 11:56:15 +01:00
Shati Patel
6126d32d82 Remove .rst files from this repo 2020-04-02 11:35:19 +01:00
Shati Patel
3a12c1c2d4 Docs: Add README with links to new docs location 2020-04-02 11:35:14 +01:00
Slavomir
b5f14d1296 Add awk and similar 2020-04-02 13:07:43 +03:00
Slavomir
81bc3c03a9 Add more commands 2020-04-02 13:03:22 +03:00
Max Schaefer
510b6070c9 Introduce official environment variable for goroutine limiting. 
We've had to tell people how to do this, so we should have a name for it that doesn't refer to a defunct company.
 2020-04-02 10:45:52 +01:00
Max Schaefer
ddb6f2ca6a Update stats. 2020-04-02 10:15:20 +01:00
Max Schaefer
17a8c722cd Use CodeQL for creating stats. 2020-04-02 10:15:10 +01:00
Slavomir
32beebd059 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
Co-Authored-By: Sauyon Lee <sauyon@github.com>
 2020-04-02 12:09:06 +03:00
Sauyon Lee
bc59fa40d7 Merge pull request #73 from intrigus-lgtm/make-CWE-643-supported 
Make cwe 643 supported
 2020-04-01 17:45:45 -07:00
Sauyon Lee
eba8dd0a36 Merge pull request #82 from github/max-schaefer-patch-1 
Improve autobuilder logging
 2020-04-01 09:07:55 -07:00
Sauyon Lee
c2eb3f5d6b Merge pull request #80 from max-schaefer/build-command-env-var 
Introduce `CODEQL_GO_EXTRACTOR_BUILD_COMMAND` as an alias for `LGTM_INDEX_BUILD_COMMAND`.
 2020-04-01 09:07:31 -07:00
Max Schaefer
611751a9c3 Improve autobuilder logging 2020-04-01 15:31:50 +01:00
intrigus
be21d49cf2 Add precision to query 2020-04-01 16:15:24 +02:00