hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,491 Commits 1,690 Branches 160 Tags
ad4b9372bd37c8f4fd54328285dc01ad306d66c4
Commit Graph

20491 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CodeQL CI
ad4b9372bd Merge pull request #5302 from RasmusWL/expectation-tests-allow-str-prefix 
Approved by MathiasVP, tausbn
 2021-03-04 06:48:57 -08:00
CodeQL CI
15049ca853 Merge pull request #5183 from erik-krogh/next 
Approved by asgerf
 2021-03-04 04:57:43 -08:00
Anders Schack-Mulligen
f9365dc9ac Merge pull request #5324 from aschackmull/java/merge-5226 
Java: merge #5226
 2021-03-04 13:47:59 +01:00
Anders Schack-Mulligen
45f52289ea Merge branch 'main' into java/merge-5226 2021-03-04 11:36:16 +01:00
Anders Schack-Mulligen
fe07630e40 Merge pull request #5219 from smowton/smowton/feature/backward-dataflow-for-fluent-methods 
Java: Add backward dataflow edges through fluent function invocations.
 2021-03-04 11:13:32 +01:00
CodeQL CI
342c7abd74 Merge pull request #5301 from asgerf/js/ajv-model 
Approved by erik-krogh
 2021-03-04 01:27:38 -08:00
Owen Mansel-Chan
f9973d10ae Merge pull request #5245 from owen-mc/add-codeql-go-as-codeowner-of-shared-dataflow-library-files 
Add @codeql-go as code owners for the shared data-flow library files
 2021-03-03 16:36:05 +00:00
Taus
c1fd48468a Merge pull request #5286 from RasmusWL/share-crypto-algorithms 
Python/JS: Share modeling of crypto algorithms
 2021-03-03 17:00:01 +01:00
Anders Schack-Mulligen
f91c71c8f7 Merge pull request #5270 from Marcono1234/marcono1234/class-isPackageProtected 
Java: Add Class and Interface.isPackageProtected()
 2021-03-03 16:33:57 +01:00
Anders Schack-Mulligen
7ca57fd7a5 Merge pull request #5294 from Marcono1234/patch-1 
Java: Fix wrong algorithm name matching
 2021-03-03 16:33:13 +01:00
Tamás Vajk
f3885a8a05 Merge pull request #4627 from tamasvajk/feature/csharp9-covariant-return 
C#: Add test for covariant return types
 2021-03-03 16:12:13 +01:00
Marcono1234
d5d0439471 Java: Fix wrong algorithm name matching 
The regex character class `[5|7]` matches `5`, `7` and `|`.
 2021-03-03 15:44:23 +01:00
Marcono1234
b9c0193022 Sync .qhelp file renaming to other languages 2021-03-03 15:38:08 +01:00
Tamas Vajk
a5a4329669 C#: Add tests for covariant return types 2021-03-03 14:52:10 +01:00
Rasmus Wriedt Larsen
c3175ae7b1 Python/JS: Sync CryptoAlgorithms.qll 2021-03-03 14:18:33 +01:00
Rasmus Wriedt Larsen
dd75ea31df Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-03 14:17:22 +01:00
Anders Schack-Mulligen
3400c121d6 Merge pull request #5202 from joefarebrother/apache-http 
Java: Add modelling for Apache HTTP Components
 2021-03-03 13:41:41 +01:00
Tamás Vajk
73ad417757 Merge pull request #5132 from tamasvajk/feature/dotnet502 
C#: Upgrade projects to .net 5
 2021-03-03 12:47:08 +01:00
CodeQL CI
8e2af077a7 Merge pull request #5237 from erik-krogh/moreInf 
Approved by asgerf
 2021-03-03 03:09:07 -08:00
Erik Krogh Kristensen
b9450c901a remove development comment 2021-03-03 11:18:09 +01:00
Mathias Vorreiter Pedersen
721ba5e2c5 Merge pull request #4825 from rdmarsh2/rdmarsh2/cpp/operand-reuse 
C++: share `TOperand` across IR stages
 2021-03-03 08:55:44 +01:00
Robert Marsh
312ead44c5 Merge pull request #5309 from github/aeisenberg/from-source-docs 
Documentation: Update C/C++ Element::fromSource() docs
 2021-03-02 12:51:41 -08:00
Robert Marsh
dbd8432884 C++: autoformat 2021-03-02 12:11:12 -08:00
Andrew Eisenberg
9982112b61 Documentation: Update C/C++ Element::fromSource() docs 
The previous documentation was not correct. This
documentation is adapted from File::fromSource().
 2021-03-02 08:57:17 -08:00
Aditya Sharad
648910e974 Merge pull request #5285 from adityasharad/actions/docs-review 
Actions: Add workflow to request docs review
 2021-03-02 08:52:32 -08:00
Joe Farebrother
81ff76814f Remove incorrect expectaton 2021-03-02 16:35:34 +00:00
Erik Krogh Kristensen
95a1edcabc refactor FunctionStyleClass to get a better join-order 2021-03-02 15:22:38 +01:00
Anders Schack-Mulligen
0eb2c06e20 Merge pull request #3945 from porcupineyhairs/structsDevMode 
Java: Add query to detect Apache Struts enabled Devmode
 2021-03-02 15:22:20 +01:00
Erik Krogh Kristensen
4d33407f6c optimize getACalleeValue 2021-03-02 15:21:36 +01:00
Tamas Vajk
714e1dc686 Add change note 2021-03-02 15:08:07 +01:00
Asger F
919ee38049 Update javascript/ql/src/semmle/javascript/security/dataflow/DeepObjectResourceExhaustionCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-02 14:02:35 +00:00
Asger F
6c884f86d2 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-02 14:01:59 +00:00
Asger Feldthaus
6e0322dc60 JS: Add DeepResourceExhaustion test 2021-03-02 13:56:43 +00:00
Asger Feldthaus
88e5348da9 JS: Move RemotePropertyInjection test into subfolder 2021-03-02 13:56:39 +00:00
Asger Feldthaus
5d27cd934d JS: Move Source def into customizations lib 2021-03-02 13:52:33 +00:00
Asger Feldthaus
d916118ea4 JS: Move ExceptionXss source into Xss.qll 2021-03-02 13:16:10 +00:00
Erik Krogh Kristensen
47f4faa4e2 use local dataflow instead of type-inference for mayHaveBooleanValue 2021-03-02 14:06:38 +01:00
Erik Krogh Kristensen
ae56285331 use callgraph instead of type-inference for array taint-steps 2021-03-02 14:06:09 +01:00
Erik Krogh Kristensen
b20ce8bfca use callgraph instead of TypeInference in Testing.qll 2021-03-02 14:04:23 +01:00
Porcuiney Hairs
beb15e27eb remove tests 2021-03-02 18:13:33 +05:30
Asger Feldthaus
fd9604c5ef JS: Update expected output for poly ReDoS 2021-03-02 12:39:05 +00:00
Asger Feldthaus
31721b5fe3 JS: Fix missing qldoc 2021-03-02 12:39:05 +00:00
Asger Feldthaus
05594f2936 JS: Change note 2021-03-02 12:39:05 +00:00
Asger Feldthaus
0bd60c1989 JS: Autoformat 2021-03-02 12:39:05 +00:00
Asger Feldthaus
12079cd1e4 JS: Recognize RegExps in JSON schemas 2021-03-02 12:39:04 +00:00
Asger Feldthaus
7afa755597 JS: Add ajv error as source of ExceptionXss 2021-03-02 12:39:04 +00:00
Asger Feldthaus
24199a5499 JS: Add query for resource exhaustion from deep object handling 2021-03-02 12:39:04 +00:00
Asger Feldthaus
b978359803 JS: Add schema validation as TaintedObject sanitizer 2021-03-02 12:39:04 +00:00
Tamas Vajk
fa2f345611 Revert "Simplify MissingCallTarget for calli" 
This reverts commit 3b82abd7c7.
 2021-03-02 12:58:42 +01:00
Erik Krogh Kristensen
55985c969b add change note 2021-03-02 12:25:50 +01:00