hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
24,070 Commits 1,741 Branches 166 Tags
94cbc4b2c0b32253a4d564deeae8fc46ce5ea3cb
Commit Graph

24070 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
72986e1e28 Python: Add some comments on the booelan sweep 
pattern
 2021-06-30 12:50:36 +02:00
Rasmus Lerchedahl Petersen
4ca0ee87f0 Merge branch 'main' of github.com:github/codeql into python-port-ReDoS 2021-06-30 12:28:54 +02:00
Rasmus Lerchedahl Petersen
52d91917aa Merge branch 'python-port-ReDoS' of github.com:yoff/codeql into python-port-ReDoS 2021-06-30 12:25:59 +02:00
Rasmus Lerchedahl Petersen
09e71cfdfd Python: update test expectations 2021-06-30 12:25:29 +02:00
Rasmus Lerchedahl Petersen
6dfbf80494 Python: Disable use of toUnicode 
until supporting CLI is released
 2021-06-30 12:21:52 +02:00
Rasmus Wriedt Larsen
e5d65992b4 Python: Use DefinitionNode instead of Assign 
Based on https://github.com/github/codeql/pull/6155#discussion_r660964666:

> Hmm... Would it be better to do this using DefinitionNode instead of
> Assign? The latter is fairly limited in what it can represent, and also
> raises questions of whether this definition is sound with regard to
> control-flow splitting.
 2021-06-30 12:08:32 +02:00
yoff
c19522e921 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-06-30 11:49:45 +02:00
Tamas Vajk
0946ae2ae9 Fix review findings 2021-06-30 11:39:51 +02:00
Anders Schack-Mulligen
e235e151f1 Java: Fix bad magic. 2021-06-30 11:09:08 +02:00
Tony Torralba
9d64cadb50 Adapt tests after applying changes from code review 2021-06-30 10:02:03 +02:00
Tony Torralba
b64b8ecec2 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-30 09:52:22 +02:00
Anders Schack-Mulligen
374859efb4 Merge pull request #6156 from smowton/smowton/feature/jax-rs-content-type-sensitivity 
Jax RS XSS Tests
 2021-06-30 09:52:07 +02:00
Tamás Vajk
a0e768bb43 Merge pull request #6172 from tamasvajk/fix/csv-comment-again 
Fix CSV framework coverage commenter workflow
 2021-06-30 09:10:47 +02:00
Tom Hvitved
22dd53f245 Merge pull request #6167 from hvitved/csharp/trap-stack-preprocessor-conditions 
C#: Add active preprocessor conditions as suffix in all TRAP `.push` instructions
 2021-06-30 08:34:47 +02:00
Sauyon Lee
52d1901d6e Adjust validation models to reflect array parameters 2021-06-29 12:01:24 -07:00
Sauyon Lee
52b24118b3 Add tests for Spring validation.Errors 2021-06-29 12:01:23 -07:00
Edoardo Pirovano
8354f66c29 Performance: Improve join order in data flow library 2021-06-29 18:23:22 +01:00
Rasmus Wriedt Larsen
94bcda3bae Python: Highlight problem picking DataFlow::Node for Assign 2021-06-29 15:32:16 +02:00
Sauyon Lee
b76f761e56 Import springvalidation in ExternalFlow.qll 2021-06-29 05:51:58 -07:00
Sauyon Lee
aa0fbce28e Remove unnecessary code from stubs 2021-06-29 05:51:38 -07:00
Sauyon Lee
92f1c51653 fixup! Add models for Spring validation.Errors 
Rename SpringErrors to SpringValidation
 2021-06-29 05:51:36 -07:00
Sauyon Lee
534ab86900 Add models for Spring validation.Errors 2021-06-29 05:51:21 -07:00
Sauyon Lee
fe2b73ed72 Stub more of Spring 2021-06-29 05:51:19 -07:00
Chris Smowton
d4bb8a70c2 Merge pull request #5976 from github/sauyon/java/spring-util 
Model Spring `util`
 2021-06-29 13:50:12 +01:00
Anders Schack-Mulligen
ad8bef5177 Update java/ql/src/semmle/code/java/frameworks/spring/SpringUtil.qll 2021-06-29 14:08:48 +02:00
Chris Smowton
48d4493146 Fix test indentation 2021-06-29 12:42:20 +01:00
Chris Smowton
9551321592 Fix LinkedMultiValueMap models and make tests more realistic 2021-06-29 12:40:57 +01:00
Chris Smowton
60179ce8f0 Genericise MultiValueMaps; remove non-longer-needed casts 2021-06-29 12:32:22 +01:00
Chris Smowton
916c7c576d Remove superfluous (Object) casts 2021-06-29 12:28:42 +01:00
Chris Smowton
71f6d59646 Genericise test util functions 2021-06-29 12:27:03 +01:00
Chris Smowton
60126b406f Clean up test 
Remove unused import; drop unused util methods and needless casts.
 2021-06-29 12:20:47 +01:00
Chris Smowton
d6c4325c13 Import SpringUtil from ExternalFlow.qll 2021-06-29 12:18:30 +01:00
Anders Schack-Mulligen
1bd01a5eee Update java/ql/test/library-tests/frameworks/spring/util/test.ql 2021-06-29 13:13:09 +02:00
Chris Smowton
3d270bbc50 Drop models for stringifying functions 
Per default stringification isn't taint-propagating in Java
 2021-06-29 12:01:08 +01:00
Chris Smowton
0441098b18 Amend models of MultiValueMap.addAll overloads 2021-06-29 11:58:46 +01:00
Chris Smowton
b202110285 Drop redundant model that can be inherited from java.util.Iterator 2021-06-29 11:47:22 +01:00
Chris Smowton
f67e9ae1cc Drop tests for protected inner classes 2021-06-29 11:45:59 +01:00
Chris Smowton
5769f4718f Add missing CollectionUtils model 2021-06-29 11:44:29 +01:00
Chris Smowton
659478cc39 Remove model for protected class 
Can't be accessed outside the org.springframework.util package.
 2021-06-29 11:40:19 +01:00
Chris Smowton
f7a4614f56 Add missing tests for AntPathMatcher's protected methods; fix models accordingly 2021-06-29 11:35:25 +01:00
Rasmus Lerchedahl Petersen
b684434a58 Merge branch 'main' of github.com:github/codeql into python-port-ReDoS 2021-06-29 11:45:21 +02:00
Rasmus Lerchedahl Petersen
e778a65464 Python: Adjust test expectations 
so we can see the light go green.
But we should perhaps do something about those duplicate results.
 2021-06-29 11:29:42 +02:00
Rasmus Lerchedahl Petersen
fbfe415162 Python: Limit test files 2021-06-29 11:18:24 +02:00
Rasmus Lerchedahl Petersen
6f2cdbf59e Python: Give up on providing values for form feeds 2021-06-29 11:14:27 +02:00
Rasmus Lerchedahl Petersen
ffb8938e52 Python: undo autoformat character mangling 2021-06-29 11:06:17 +02:00
Rasmus Lerchedahl Petersen
135b71b649 Python: Apply performance fix by @hvitved 2021-06-29 11:01:33 +02:00
Chris Smowton
dec0123751 Autoformat 2021-06-29 09:52:24 +01:00
Tom Hvitved
125d435d62 C#: Address review comments 2021-06-29 10:50:45 +02:00
Anders Schack-Mulligen
89cea5cc1a Merge pull request #6178 from github/yo-h/java-sealed-classes 
Java: add `permits` relation to dbscheme (sealed classes)
 2021-06-29 10:43:37 +02:00
Anders Schack-Mulligen
53823e4a36 Merge pull request #6179 from github/yo-h/java-frameworks-jakarta 
Java: add `jakarta.*` package to known frameworks
 2021-06-29 09:38:55 +02:00