Rasmus Wriedt Larsen
0be280c608
Python: Port py/sql-injection to use proper source/sink customization
2021-07-12 16:22:10 +02:00
Tom Hvitved
6ba6d9931c
C#: Skip dotnet restore in standalone extraction when nuget_restore: false is set
2021-07-12 15:16:16 +02:00
Mathias Vorreiter Pedersen
be06230b43
Merge branch 'main' into path-sensitive-stack-variable-reachability-analysis
2021-07-12 14:46:44 +02:00
Asger F
d8927e5612
Apply suggestions from code review
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2021-07-12 14:23:58 +02:00
Erik Krogh Kristensen
c4f5009917
make explicit calls to member predicates
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2021-07-12 14:22:08 +02:00
Erik Krogh Kristensen
d22ebadcf2
add support for many more case changing libraries
2021-07-12 14:09:34 +02:00
Mathias Vorreiter Pedersen
dec747f6f0
Merge branch 'main' into more-random-sources-in-uncontrolled-arithmetic
2021-07-12 13:48:48 +02:00
Erik Krogh Kristensen
a5d1325d3f
add support for the change-case library
2021-07-12 13:37:06 +02:00
Taus
1e79091120
Python: Fix typo
2021-07-12 11:33:52 +00:00
Mathias Vorreiter Pedersen
c47d680d65
Merge pull request #6168 from criemen/fix-warning
...
C++: Fix warning from compile-query.
2021-07-12 12:41:29 +02:00
Tom Hvitved
47d126e681
Data flow: Sync
2021-07-12 12:09:51 +02:00
Tom Hvitved
09daf86e33
Data flow: Fix bad join-orders in summaryNodeType
2021-07-12 12:09:06 +02:00
Taus
32062d83ad
Python: Make deprecation warning more prominent
2021-07-12 10:00:21 +00:00
Taus
200da983d9
Python: Add change note
2021-07-12 09:59:17 +00:00
Mathias Vorreiter Pedersen
04dcef5ec4
C++: Include ComplementExpr as a sanitizer.
2021-07-12 11:53:47 +02:00
Cornelius Riemenschneider
d34f7b941a
C++: Address code review.
2021-07-12 11:43:43 +02:00
Cornelius Riemenschneider
e821b8be99
C++: Fix warning from compile-query.
2021-07-12 11:43:43 +02:00
Mathias Vorreiter Pedersen
d2cc0d3925
C++: Fix annotations.
2021-07-12 11:30:43 +02:00
Erik Krogh Kristensen
bef7e61e76
add support for the fast-json-stringify library
2021-07-12 11:13:01 +02:00
Erik Krogh Kristensen
40aa970db3
add support for the strip-json-comments library
2021-07-12 11:08:50 +02:00
Erik Krogh Kristensen
23c3be6860
add support for the json-cycle library
2021-07-12 11:03:39 +02:00
Asger Feldthaus
5df961c4ed
JS: Add change note
2021-07-12 10:53:41 +02:00
Erik Krogh Kristensen
94cbc4b2c0
add step through the fclone library
2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
f99a33598f
add support for the safe-stable-stringify library
2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
d6300bced3
add support for the replicator library
2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
babf657d9d
add support for the teleport-javascript library
2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
9261b7f859
add support for the flatted library
2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
1792c9a611
add taint step through the prettyjson library
2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
0bfff1eb7e
add support for the json5 library
2021-07-12 10:51:42 +02:00
Erik Krogh Kristensen
cb3bd4901b
add taint step through the json2csv library
2021-07-12 10:51:42 +02:00
Tom Hvitved
db4c8dfd3c
Merge pull request #6208 from hvitved/csharp/query-modules
...
C#: Add `Query` suffix to libraries that should only be imported by queries
2021-07-12 10:26:45 +02:00
Anders Schack-Mulligen
0e913a19aa
Merge pull request #6220 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2021-07-12 09:54:18 +02:00
github-actions[bot]
56419bc74b
Add changed framework coverage reports
2021-07-12 00:06:55 +00:00
Erik Krogh Kristensen
440e4b9a92
enable unicode support in the Python ReDoS query
2021-07-11 21:28:40 +02:00
ihsinme
eedcb0171d
Add files via upload
2021-07-05 11:14:51 +03:00
ihsinme
b10bdf1475
Add files via upload
2021-07-05 11:13:05 +03:00
Tom Hvitved
4de4753c67
C#: Remove Query.qll top-level modules
2021-07-04 09:35:27 +02:00
Tom Hvitved
c812d4e4e8
C#: Add Query suffix to libraries that should only be imported by queries
2021-07-04 09:35:26 +02:00
Taus
a65d40e36f
Merge branch 'main' into python-add-typetrackingnode
2021-07-02 20:55:37 +02:00
Taus
55d822cc56
Python: Add TypeTrackingNode
...
Splits `ModuleVariableNode` away from `LocalSourceNode`, instead
creating a class `TypeTrackingNode` that encapsulates both of these.
This means we no longer have module variable nodes as part of
`LocalSourceNode` (which is good, since they have no "local" aspect to
them), and hence we can have `LocalSourceNode` inherit directly from
`ExprNode` (which makes the API a bit nicer).
Unfortunately these are breaking changes, so we can't actually fulfil
the above two desiderata until the `track` and `backtrack` methods on
`LocalSourceNode` have been fully deprecated. For this reason, we
preserve the present implementation of `LocalSourceNode`, and instead
lay the foundation for switching over in the future, by deprecating
`track` and `backtrack` on `LocalSourceNode`.
2021-07-02 18:00:33 +00:00
Geoffrey White
dc2cb9bd62
C++: Fix numbering.
2021-07-02 18:33:36 +01:00
Geoffrey White
bc3b347569
C++: Another test case to consider.
2021-07-02 18:32:46 +01:00
Geoffrey White
a53b161afb
C++: Move some variant tests to a case we definitely do want to flag the base case of.
2021-07-02 18:18:11 +01:00
Geoffrey White
c3cd1359d6
C++: Mark the cases we're not sure about.
2021-07-02 18:18:10 +01:00
Geoffrey White
cf8fa830a9
C++: Clarify the note about file descriptors.
2021-07-02 18:18:10 +01:00
Geoffrey White
d86a0ab7a5
C++: Add test cases involving file descriptor versions.
2021-07-02 18:17:59 +01:00
CodeQL CI
1d56748eed
Merge pull request #6200 from yoff/pythonJS-make-expbtlib-private
...
Approved by RasmusWL, esbena
2021-07-02 09:09:18 -07:00
Joe Farebrother
4d459f24d9
Fix up tests and update models
2021-07-02 14:46:33 +01:00
Joe Farebrother
fc017b7934
Use ArrayElement of in flow step specifications
2021-07-02 14:46:31 +01:00
Joe Farebrother
15415931ce
Use Argument ranges in CSV rows
2021-07-02 14:46:03 +01:00
