hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,258 Commits 1,684 Branches 159 Tags
96bf754f01774d57524c1da8d0c865ee73c18ef4
Commit Graph

34258 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
96bf754f01 Accept intrigus suggested doc clarifications 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-03-31 12:09:45 +01:00
Chris Smowton
19cd97e426 Java: Clarify the meaning of getRuleExpression/Statement 2022-03-30 17:58:11 +01:00
Nick Rolfe
fa1bb82701 Merge pull request #8610 from github/nickrolfe/re-fix-location-join-order 
Ruby: undo accidental revert of #8538
 2022-03-30 16:31:52 +01:00
Nick Rolfe
10b75bff76 Ruby: undo accidental revert of 13be9919 2022-03-30 16:02:12 +01:00
Chris Smowton
9675f34cf5 Merge pull request #8257 from luchua-bc/java/insecure-webview-resource-response 
Java: CWE-200 Query to detect insecure WebResourceResponse implementation
 2022-03-30 15:56:27 +01:00
Arthur Baars
031d183bdf Merge pull request #8532 from aibaars/regex-refactor-2 
JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll
 2022-03-30 16:38:47 +02:00
Dave Bartolomeo
70c44734e6 Merge pull request #8445 from dbartol/dbartol/ir-range/semantic-scratch 
Sign, Modulus, and Range analysis for C++ using sharable semantic layer
 2022-03-30 07:08:09 -04:00
Dave Bartolomeo
e2396a5e03 Remove PrintIR tests for range analysis 
These were only used for debugging, and don't actually make good tests.
 2022-03-30 06:45:28 -04:00
Dave Bartolomeo
19789fa738 Merge remote-tracking branch 'upstream/main' into semantic-scratch 2022-03-30 06:39:14 -04:00
Nick Rolfe
a274af2b16 Merge pull request #7985 from github/nickrolfe/constant_regexp 
Ruby: separate constant propagation of regexps from strings
 2022-03-30 11:37:33 +01:00
Robert Marsh
8d21c8b7c5 Merge pull request #8423 from 4B5F5F4B/main 
[CPP][Linux Kernel]Add ql to detect CVE-2017-5123
 2022-03-29 15:10:15 -04:00
luchua-bc
fa2a6a7da3 Remove unnecessary taint step and update qldoc 2022-03-29 17:52:49 +00:00
Jeroen Ketema
e5ac492b62 Merge pull request #8593 from jketema/pointless-options 
C++: Remove debugging options from library tests
 2022-03-29 17:55:47 +02:00
Jeroen Ketema
d1857a9e37 C++: Remove debugging options from library tests 2022-03-29 17:24:18 +02:00
Michael Nebel
c3ac5aba57 Merge pull request #8482 from michaelnebel/csharp/capturesourcesink-models 
C#: Capture[Source|Sink]Models utility.
 2022-03-29 14:43:10 +02:00
Dave Bartolomeo
c9f79047b3 Improve QLDoc 2022-03-29 07:27:45 -04:00
Dave Bartolomeo
01c747ccb7 Remove debugging code 2022-03-29 07:14:51 -04:00
Dave Bartolomeo
820beed085 Remove Java portion (moved to separate PR) 2022-03-29 07:09:33 -04:00
Tony Torralba
e564481e9f Organize imports 2022-03-29 11:38:24 +02:00
Asger F
68575f3655 Merge pull request #8579 from asgerf/js/literal-csv-rows 
JS: write all CSV rows as literals
 2022-03-29 11:13:19 +02:00
Michael Nebel
8e60073d5a Java: Remove dataflow imports for java.qll. 2022-03-29 11:07:58 +02:00
Michael Nebel
f734edf8ff C#/Java: Minor refactor and re-arranging of code to align the CaptureModel specific implementations. 2022-03-29 11:07:58 +02:00
Michael Nebel
dd267b353a C#: Move isRelevantMemberAccess out of PropagateToSinkConfigurationSpecific. 2022-03-29 11:07:58 +02:00
Michael Nebel
3933dfa78e Java: Make imports private and add parts of the dataflow library to java.qll (same as in C#). 2022-03-29 11:07:58 +02:00
Michael Nebel
ad90c55bc6 C#: Improve encapsulation in CaptureModelsSpecific. 2022-03-29 11:07:57 +02:00
Michael Nebel
26d5eb64b3 C#/Java: Initial merge ModelGeneratorUtils into CaptureModels. 2022-03-29 11:07:57 +02:00
Michael Nebel
9b7691a5fc C#/Java: Address comments on re-exposing functionality. 2022-03-29 11:07:57 +02:00
Michael Nebel
1710b66003 C#/Java: Some minor variable name changes and QL Doc updates. 2022-03-29 11:07:57 +02:00
Michael Nebel
4298024cd6 C#: Refactor isRelevantForModels. 2022-03-29 11:07:57 +02:00
Michael Nebel
5970fd9904 C#: Also include property reads in possible new sink discovery. Only include public fields and properties. 2022-03-29 11:07:57 +02:00
Michael Nebel
8a65efbae4 C#/Java: Add isRelevantSinkKind predicate with language specific implementation. 2022-03-29 11:07:57 +02:00
Michael Nebel
0009d781d7 Java: Make most imports private. 2022-03-29 11:07:57 +02:00
Michael Nebel
1c7d764d54 C#: Make most module imports private. 2022-03-29 11:07:57 +02:00
Michael Nebel
ad27a5a1a6 C#/Java: Add some more QL Doc to the CaptureModels[Specific] implementation. 2022-03-29 11:07:57 +02:00
Michael Nebel
62dcbff67f C#: Update sync files config. 2022-03-29 11:07:57 +02:00
Michael Nebel
5d62c48890 C#/Java: Move libraries to internal folder as these are for internal use only. 2022-03-29 11:07:57 +02:00
Michael Nebel
3d2ce57c9e Java: Collapse all the specific code for summary, source and sink models into a single file. 2022-03-29 11:07:57 +02:00
Michael Nebel
43c9f9d7bb C#: Collapse all the specific code for summary, source and sink models into a single file. 2022-03-29 11:07:57 +02:00
Michael Nebel
852d8a2770 Java: Collapse all the shared code for summary, source and sink models into a single file. 2022-03-29 11:07:57 +02:00
Michael Nebel
4f2227f206 C#: Collapse all the shared code for summary, source and sink models into a single file. 2022-03-29 11:07:57 +02:00
Michael Nebel
79fd2e6a40 C#/Java: Make configurations private and sprinkle some QL Doc. 2022-03-29 11:07:57 +02:00
Michael Nebel
6194d5cf63 C#: Add test for CaptureSinkModel query. 2022-03-29 11:07:57 +02:00
Michael Nebel
5babb0e66a C#: Update stubs to include one more known sink method. 2022-03-29 11:07:57 +02:00
Michael Nebel
858508fa33 C#: Make sure that language independent parts of CaptureSinkModels is in sync. 2022-03-29 11:07:57 +02:00
Michael Nebel
db21a6a0f3 C#: Add CaptureSummaryModels query. 2022-03-29 11:07:57 +02:00
Michael Nebel
fb2a7dfb48 Java: Refactor CaptureSinkModels into language specific and generic part. 2022-03-29 11:07:57 +02:00
Michael Nebel
cc5fbbb7c5 Java: Minor cleanup in CaptureSinkModels. 2022-03-29 11:07:56 +02:00
Michael Nebel
cc4e26466f C#: Add test case for CaptureSummaryModels query. 2022-03-29 11:07:56 +02:00
Michael Nebel
b4efd0e154 C#: Make sure that the shared CaptureSummaryModel is in sync. 2022-03-29 11:07:56 +02:00
Michael Nebel
4ae5dc323f C#: Add CaptureSourceModel query. 2022-03-29 11:07:56 +02:00