hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,554 Commits 1,741 Branches 165 Tags
b33daa3d3a8260cf69682c7d8eb4664ce61c19cd
Commit Graph

26554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
cc8b581c06 C++: Accept test changes. 2021-10-01 22:23:17 +02:00
Mathias Vorreiter Pedersen
cca77ed65c Merge branch 'main' into add-return-value-deref-to-model-util 2021-10-01 22:02:06 +02:00
Tamás Vajk
62aa7b75bd Merge pull request #6792 from tamasvajk/fix/csv-workflow 
Let 'ql/lib' folders trigger the CSV workflow
 2021-10-01 19:44:48 +02:00
Mathias Vorreiter Pedersen
0679142607 C++: Accept test changes. 2021-10-01 18:27:55 +02:00
Mathias Vorreiter Pedersen
3463c28e24 C++: Add return value dereference to 'callOutput'. This will need to be modified once we get return value side effects in the IR. 2021-10-01 18:27:46 +02:00
Marcono1234
e3fed55945 Java: Add tests for text blocks 2021-10-01 18:16:11 +02:00
Joe Farebrother
085701c7db Remove models.csv 2021-10-01 17:11:12 +01:00
Joe Farebrother
5e4498a53a Add more models; fix tests 2021-10-01 16:53:53 +01:00
Marcono1234
924b7320bc Java: Add test for NullLiteral 2021-10-01 17:27:54 +02:00
Marcono1234
bb6e6f4808 Java: Split literals tests 
This allows changing individual tests in the future without having to adjust
the expected output of all other tests.
 2021-10-01 17:27:50 +02:00
Anders Schack-Mulligen
99ba80d492 C#: Adjust test output. 2021-10-01 16:57:30 +02:00
Tamas Vajk
ebe0988d9a Let 'ql/lib' folders trigger the CSV workflow 2021-10-01 16:30:56 +02:00
yoff
1ce9426adf Merge pull request #6761 from RasmusWL/cryptodome-sha3 
Python/JS: Recognize SHA-3 hash functions
 2021-10-01 13:33:36 +02:00
Anders Schack-Mulligen
eb26b4a04b Merge pull request #6755 from alexet/alexet/cache-params-string 
Java: Fix more performance issues with future versions of codeql.
 2021-10-01 12:54:53 +02:00
Asger Feldthaus
c8e7df7900 JS: Add test case 2021-10-01 12:02:40 +02:00
Asger Feldthaus
600e5bad0d JS: Exclude methods declared private/protected 2021-10-01 11:46:32 +02:00
Asger Feldthaus
af1b04de9c JS: Restrict what property names that are considered public exports 2021-10-01 11:42:03 +02:00
Mathias Vorreiter Pedersen
a3cf721b9e Merge pull request #6713 from geoffw0/cwe139 
C++: New query for 'Cleartext transmission of sensitive information'
 2021-10-01 11:10:36 +02:00
Geoffrey White
679b0f9b73 C++: Autoformat. 2021-10-01 09:40:16 +01:00
Anders Schack-Mulligen
799e099d1d Merge pull request #6784 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-01 10:05:34 +02:00
github-actions[bot]
3d61c81456 Add changed framework coverage reports 2021-10-01 00:09:22 +00:00
Chris Smowton
f48c418d6d Merge pull request #5907 from x-f1v3/java/hardcoded-shiro-key 
Java: CWE-798: Query to detect hard-coded SHIRO key
 2021-09-30 17:58:12 +01:00
Chris Smowton
ec4cb7c90f Fix typo 2021-09-30 16:22:12 +01:00
Chris Smowton
cb4ce36d3c Update change note; drop unnecessary import 2021-09-30 15:00:13 +01:00
Chris Smowton
b0983cb726 Specifically include Base64 encode/decode as a likely intermediate step for hardcoded credentials 2021-09-30 14:57:49 +01:00
Chris Smowton
b57a58c253 Amend change note 2021-09-30 14:27:05 +01:00
f1v3
24c9bb2fb7 autoformat 2021-09-30 14:26:19 +01:00
f1v3
168fc4170d Apply suggestions from code review 2021-09-30 14:26:14 +01:00
f1v3
f3bde56de9 detects a hard-coded cipher key for shiro 2021-09-30 14:22:48 +01:00
Chris Smowton
60a023d064 Merge pull request #5852 from luchua-bc/java/hardcoded-azure-credential 
Java: CWE-798 Query to detect hard-coded Azure credentials
 2021-09-30 14:11:29 +01:00
yoff
c1c63d0c28 Merge pull request #6738 from RasmusWL/qldoc-getArgByName 
Python: Add QLDoc to `Function.getArgByName`
 2021-09-30 14:11:18 +02:00
Jonas Jensen
45cf6344cd Merge pull request #6184 from github/rdmarsh2/improve-exec-tainted 
C++: Refactor ExecTainted.ql to only report results after string concatenation
 2021-09-29 19:21:13 +02:00
CodeQL CI
e9b4e571e1 Merge pull request #6775 from RasmusWL/fix-hasLocationInfo-url 
Approved by aschackmull, erik-krogh, hvitved, jbj, tausbn
 2021-09-29 16:51:08 +01:00
alexet
447eb23356 Java: Fix for tc magic issue with subtyping. 2021-09-29 16:01:08 +01:00
Joe Farebrother
3ae5f13c3d Generate tests and stubs 2021-09-29 15:44:21 +01:00
Tamás Vajk
089bb33113 Merge pull request #6773 from tamasvajk/fix/global-stmt-library 
C#: Handle invalid code gracefully: global statements in library
 2021-09-29 16:18:05 +02:00
Rasmus Wriedt Larsen
ba990f72f2 Another hasLocationInfo URL reference fix 2021-09-29 14:00:28 +02:00
Rasmus Wriedt Larsen
987b573709 Fix hasLocationInfo URL reference 
Follow up to https://github.com/github/codeql/pull/5830
 2021-09-29 13:47:58 +02:00
alexet
dea8dde566 Java: Improve performance of confusing overloading query. 2021-09-29 12:17:30 +01:00
Tamas Vajk
e17071723f C#: Handle invalid code gracefully: global statements in library 2021-09-29 10:23:33 +02:00
Mathias Vorreiter Pedersen
8dcf7926de Merge pull request #6760 from andersfugmann/relax_memberMayBeVarSize 
Increase precision to high for cpp/static-buffer-overflow
 2021-09-29 10:09:11 +02:00
Benjamin Muskalla
d09c3bf863 Merge pull request #6748 from bmuskalla/fixHiddenTypesTestGenerator 
Java: Avoid stubbing methods with private parameter types
 2021-09-29 09:27:13 +02:00
Anders Schack-Mulligen
1a92fa5d92 Merge pull request #6772 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-09-29 09:25:19 +02:00
github-actions[bot]
8d2ad4ed17 Add changed framework coverage reports 2021-09-29 00:08:05 +00:00
Geoffrey White
89098f54be C++: Correct comment. 2021-09-28 20:03:42 +01:00
Benjamin Muskalla
5f659f6e48 Merge branch 'main' into fixHiddenTypesTestGenerator 2021-09-28 17:42:39 +02:00
Geoffrey White
10323ac819 Update cpp/ql/src/Security/CWE/CWE-311/CleartextStorage.inc.qhelp 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-09-28 15:13:29 +01:00
Shati Patel
ee46717c76 Merge pull request #6771 from shati-patel/mergeback-3.2-main 
Merge 3.2 into main
 2021-09-28 14:52:17 +01:00
Jonas Jensen
914e621d1b Merge pull request #6678 from andersfugmann/refactor_use_of_isGuardPhi 
C++: Refactor code to use predicate isGuardPhi/4
 2021-09-28 15:45:05 +02:00
Shati Patel
976190e84d Merge pull request #6764 from shati-patel/slides-links 
Docs: Fix a few links in the training slides
 2021-09-28 14:35:46 +01:00