hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,099 Commits 1,672 Branches 157 Tags
aa2a49d1898043e57c391d7abc1d9c3e3b5b51a2
Commit Graph

12099 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
aa2a49d189 JS: Rewrite mayHaveStringValue to avoid misoptimization 2020-04-28 08:56:27 +01:00
Calum Grant
1f1ac72de8 Merge pull request #3309 from hvitved/csharp/cfg/catch-finally-bug 
C#: Add missing CFG edge from generic `catch` block to `finally` block
 2020-04-24 10:12:53 +01:00
semmle-qlci
28cfe548d5 Merge pull request #3325 from erik-krogh/MoreEventClasses 
Approved by asgerf
 2020-04-24 09:02:27 +01:00
semmle-qlci
671e7c6637 Merge pull request #3335 from asger-semmle/js/cached-chained-methods 
Approved by esbena
 2020-04-24 08:28:05 +01:00
Jonas Jensen
d98e956c2b Merge pull request #3322 from felicitymay/merge-124-master 
Merge rc/1.24 into master
 2020-04-24 08:48:54 +02:00
Taus
1d6b6a48ae Merge pull request #2924 from BekaValentine/python-objectapi-to-valueapi-wrongnumberargumentsincall 
Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall
 2020-04-23 17:56:39 +02:00
Asger Feldthaus
cafdcfa4de JS: Preserve reflective calls in getAMethodCall 2020-04-23 13:57:14 +01:00
semmle-qlci
36b28386f8 Merge pull request #3332 from erik-krogh/JGrowl 
Approved by esbena
 2020-04-23 13:06:00 +01:00
semmle-qlci
801ce89c67 Merge pull request #3099 from esbena/js/introduce-poi-utility 
Approved by erik-krogh
 2020-04-23 12:14:00 +01:00
Jonas Jensen
312e6229fb Merge pull request #3330 from MathiasVP/libc-assert 
C++: Generalize charpred of LibcAssert
 2020-04-23 13:06:41 +02:00
Erik Krogh Kristensen
d8c498bd15 add NOT OK comment 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-23 12:17:25 +02:00
Erik Krogh Kristensen
e1423b0fa5 add test for jGrowl 2020-04-23 11:58:06 +02:00
Erik Krogh Kristensen
5382976195 change note 2020-04-23 11:52:16 +02:00
Taus
54d1991a9d Merge pull request #3300 from RasmusWL/python-pointsto-regression-open 
Python: Add points-to regression for uncalled function
 2020-04-23 11:50:30 +02:00
Pavel Avgustinov
adf12ba2b4 Merge pull request #3333 from sj/patch-3 
Update CODE_OF_CONDUCT.md to be based on Contributor Covenant template
 2020-04-23 10:46:41 +01:00
Bas van Schaik
0c8786f941 Update code of conduct in line with GH 
Updates CODE_OF_CONDUCT.md to use the Contributor Covenant Code of Conduct that is widely used for other open source projects at GitHub.
 2020-04-23 10:19:13 +01:00
Jonas Jensen
d6f77c0f98 Merge pull request #3328 from MathiasVP/literal-comment 
C++: Remove unnecessary part of comment
 2020-04-23 11:10:16 +02:00
Erik Krogh Kristensen
90652eeb25 add $.jGrowl as an XSS sink 2020-04-23 10:44:41 +02:00
semmle-qlci
da3292606c Merge pull request #3191 from erik-krogh/XssDom 
Approved by esbena, mchammer01
 2020-04-23 09:17:07 +01:00
Jonas Jensen
f696594d35 Merge pull request #3295 from MathiasVP/field-flow-single-struct 
C++: Add PostUpdateNode for updates to structs with no chi instructions
 2020-04-23 10:02:10 +02:00
Jonas Jensen
cbed175931 Merge pull request #3273 from Semmle/rdmarsh/cpp/RemoteFlowSource-model 
C++: Add remote flow sources via models
 2020-04-23 09:54:40 +02:00
Mathias Vorreiter Pedersen
1016a0c0db C++: Generalize charpred of LibcAssert 2020-04-23 09:48:30 +02:00
Esben Sparre Andreasen
a66b4b55fe Update javascript/ql/src/experimental/poi/PoI.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-04-23 09:47:21 +02:00
semmle-qlci
1312fcccae Merge pull request #3324 from erik-krogh/BoundSocketIO 
Approved by asgerf
 2020-04-23 08:42:45 +01:00
Tom Hvitved
5b5f9adfc6 C#: Add missing CFG edge from generic catch block to finally block 2020-04-23 08:45:11 +02:00
Tom Hvitved
bd075a7de0 C#: Add CFG test 2020-04-23 08:45:11 +02:00
Esben Sparre Andreasen
161c05dced Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-04-23 08:41:54 +02:00
Mathias Vorreiter Pedersen
7b51d0c8a5 C++: Remove unnecessary part of comment 2020-04-23 08:35:44 +02:00
Robert Marsh
ac22e7950c C++: autoformat FlowSources.qll 2020-04-22 16:11:33 -07:00
Robert Marsh
471f536326 Merge pull request #3307 from dbartol/dbartol/BinaryConditional 
C++: IR translation for binary conditional operator
 2020-04-22 15:01:16 -07:00
Erik Krogh Kristensen
6ada588dd1 add support for util.inherits 2020-04-22 22:55:12 +02:00
Erik Krogh Kristensen
957e4073b0 use getABoundCallbackParameter in SocketIO 2020-04-22 21:56:34 +02:00
Erik Krogh Kristensen
40822e10b4 add SocketIO test case 2020-04-22 21:55:20 +02:00
Tom Hvitved
5a2dcc591c Merge pull request #3317 from Semmle/revert-2814-cs/unqualify-trap-ids 
Revert "C#: Improve db consistency by removing assembly id"
 2020-04-22 20:46:35 +02:00
Felicity Chapman
89bf35cd43 Merge branch 'rc/1.24' into merge-124-master 
Conflicts:
	change-notes/1.24/analysis-javascript.md
    Resolved in favor of the rc/1.24 branch
 2020-04-22 19:01:47 +01:00
Taus
cf9114761f Merge pull request #3321 from felicitymay/1.24/move-python-change-notes 
1.24: Move python change notes into rc/1.24 branch
 2020-04-22 19:42:12 +02:00
Felicity Chapman
523f1068b8 Editorial suggestions 
We don't hyphenate "QL-library" and there were a few typos. Feel free to further revise this if I've changed the meaning too much.

As discussed separately, I was unable to raise this as a PR in GitHub.com and had to resort to a direct commit.

(cherry picked from commit e29468135d)
 2020-04-22 18:15:43 +01:00
Taus
ac8cca37e8 Apply suggestions from code review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
(cherry picked from commit 44b570f7b6)
 2020-04-22 18:15:43 +01:00
Taus Brock-Nannestad
63234aae40 Python: Finalise change notes for 1.24. 
(cherry picked from commit e97d88c158)
 2020-04-22 18:15:42 +01:00
Rebecca Valentine
89752f4b55 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-22 09:52:33 -07:00
Rebecca Valentine
d5c44d8513 Merge pull request #3315 from tausbn/python-finalise-1.24-change-notes 
Python: Finalise change notes for 1.24.
 2020-04-22 09:15:54 -07:00
Dave Bartolomeo
163ecd97de Merge pull request #3277 from geoffw0/rangeshift 
C++: Support for & and >> in SimpleRangeAnalysis
 2020-04-22 11:36:36 -04:00
Felicity Chapman
e29468135d Editorial suggestions 
We don't hyphenate "QL-library" and there were a few typos. Feel free to further revise this if I've changed the meaning too much.

As discussed separately, I was unable to raise this as a PR in GitHub.com and had to resort to a direct commit.
 2020-04-22 15:48:01 +01:00
Tom Hvitved
8c0c283811 Revert "C#: Improve db consistency by removing assembly id" 2020-04-22 16:32:13 +02:00
Taus
44b570f7b6 Apply suggestions from code review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-04-22 16:03:20 +02:00
Taus Brock-Nannestad
e97d88c158 Python: Finalise change notes for 1.24. 2020-04-22 14:31:04 +02:00
Esben Sparre Andreasen
a0e6562208 JS: address review feedback 2020-04-22 14:24:35 +02:00
Esben Sparre Andreasen
2747e2a0c7 JS: formatting 2020-04-22 14:24:35 +02:00
Esben Sparre Andreasen
2186ca7efc JS: address non-semantic review feedback 2020-04-22 14:24:35 +02:00
Esben Sparre Andreasen
27e5fce0ed JS: make the default PoIConfiguration/enabled inclusive 2020-04-22 14:24:34 +02:00