hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-27 17:58:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,170 Commits 1,721 Branches 164 Tags
b8bfdcc719bcfc34d9518e33c1f3fe22ed6d6dfd
Commit Graph

21170 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
b8bfdcc719 improve performance in ServiceDefinitions by inlining, and refactoring away a SourceNode 2021-03-23 19:13:40 +01:00
Erik Krogh Kristensen
93bcc3724a use pragma to improve 2 join-orders in TaintTracking 2021-03-23 19:12:33 +01:00
Mathias Vorreiter Pedersen
ce638096de Merge pull request #5492 from geoffw0/samateissue 
C++: Test taint regression
 2021-03-23 14:01:03 +01:00
Tom Hvitved
3c26779f40 Merge pull request #5415 from tamasvajk/feature/async-flow 
C#: add store step for return statements inside async methods
 2021-03-23 13:59:19 +01:00
Anders Schack-Mulligen
27408fefe2 Merge pull request #5008 from torque59/cwe-346 
Java: Queries to detect remote source flow origins to CORS header.
 2021-03-23 13:54:00 +01:00
Anders Schack-Mulligen
9a56601dd3 Merge pull request #5164 from luchua-bc/java/insecure-ldap-endpoint 
Java: CWE-297 Query to detect insecure LDAP endpoint configuration
 2021-03-23 13:53:51 +01:00
Geoffrey White
b38a9d51e6 C++: Effect of 'Don't override getParameterSizeIndex in the model for Accept'... 2021-03-23 12:26:59 +00:00
Geoffrey White
13eb9e0833 C++: Fix the test. 2021-03-23 12:26:58 +00:00
Geoffrey White
30e1b88b7f C++: Extend test. 2021-03-23 12:26:58 +00:00
Geoffrey White
da08c6e63e Merge pull request #5496 from MathiasVP/accept-model-getParameterSizeIndex-should-be-none 
C++: Don't override getParameterSizeIndex in Accept
 2021-03-23 11:42:50 +00:00
Anders Schack-Mulligen
1e6b5391d6 Merge pull request #4994 from haby0/main 
Java: CWE-652: Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')
 2021-03-23 12:05:53 +01:00
Taus
b46a3616d8 Merge pull request #5490 from RasmusWL/private-imports 
Python: Make import private for better auto-complete
 2021-03-23 12:00:35 +01:00
Mathias Vorreiter Pedersen
585606a933 C++: Respond to review comments. 2021-03-23 11:14:29 +01:00
Mathias Vorreiter Pedersen
0b4650a4c9 C++: Accept test changes. 2021-03-23 10:27:19 +01:00
Mathias Vorreiter Pedersen
7d0cfc69f1 C++: Don't override getParameterSizeIndex in the model for Accept. This fixes IR construction of calls to accept. 2021-03-23 09:53:09 +01:00
Mathias Vorreiter Pedersen
0ff7cc845c C++: Add reduced testcase that broke IR construction in #5492. 2021-03-23 09:53:04 +01:00
yoff
921b560e89 Merge pull request #5489 from tausbn/python-make-getacall-return-a-callcfgnode 
Python: Make `API::Node::getACall` return a `CallCfgNode`
 2021-03-23 09:31:38 +01:00
Rasmus Wriedt Larsen
1890e63d4c Python: Make import private for better auto-complete 
With the non-private imports, auto-completing on `API::` gave ALL results
available from `import python`, as well as the ones specified in the `API`
module.

The non-private import in Attributes.qll did the same for `DataFlow::`.
 2021-03-22 16:45:44 +01:00
Taus Brock-Nannestad
4a6589d0ae Python: Make API::Node::getACall return a CallCfgNode 
This should eliminate the need for explicit casting to
`CallCfgNode` (which does not appear in our code as far as I can see,
but was observed in an external contribution).
 2021-03-22 16:37:24 +01:00
Shati Patel
34e25624e0 Merge pull request #5488 from github/rc/3.1 
Merge release candidate branch back into main
codeql-cli/v2.5.0 		2021-03-22 14:28:25 +00:00
Shati Patel
c7a79a51fe Merge pull request #5479 from github/shati-patel/docs-bump-version 
Docs: Prepare supported languages/frameworks for 1.27 release
 2021-03-22 13:50:53 +00:00
CodeQL CI
119872d8a4 Merge pull request #5461 from erik-krogh/moreOutDir 
Approved by asgerf
 2021-03-22 13:27:14 +00:00
Mathias Vorreiter Pedersen
257fc7459d Update categories for new the C++ libraries. 2021-03-22 13:28:48 +01:00
yo-h
b495e1efab Merge pull request #5411 from aschackmull/java/dataflow-lambda-dispatch 
Java: Bugfix dispatch to lambda in call context.
 2021-03-22 08:25:21 -04:00
Jonas Jensen
0bfeba5251 Merge pull request #5414 from criemen/diagnostic-queries 
C++: Extractor/database diagnostic errors
 2021-03-22 13:23:24 +01:00
Anders Schack-Mulligen
f681d584bd Merge pull request #5474 from Marcono1234/marcono1234/string-building-type 
Java: Add StringBuildingType
 2021-03-22 13:16:54 +01:00
Shati Patel
0f83722767 Revert JS changes and add another Java entry 2021-03-22 12:01:08 +00:00
Anders Schack-Mulligen
58fe81db2e Merge pull request #5455 from hvitved/dataflow/lambda-doc 
Data flow: Add section on lambda flow to `dataflow.md`
 2021-03-22 12:54:46 +01:00
Shati Patel
c5ef57c408 Update docs/codeql/support/reusables/frameworks.rst 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-03-22 11:40:13 +00:00
CodeQL CI
a889316003 Merge pull request #5428 from asgerf/js/cheat-sheet-tweak 
Approved by esbena
 2021-03-22 10:51:26 +00:00
Shati Patel
343f4e442f Add "TODO"s 2021-03-22 10:46:29 +00:00
Shati Patel
9e84b756f7 Update supported frameworks 2021-03-22 10:40:17 +00:00
Cornelius Riemenschneider
668841cefa C++: Rename diagnostic queries. 2021-03-22 11:13:49 +01:00
Shati Patel
b422a972bf Update conf.py 2021-03-22 10:00:18 +00:00
haby0
fe046ec71e Merge remote-tracking branch 'upstream/main' into main 2021-03-22 17:25:37 +08:00
Tom Hvitved
98558c7c59 Update docs/ql-libraries/dataflow/dataflow.md 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-03-22 09:42:27 +01:00
Anders Schack-Mulligen
36962b8438 Merge pull request #5468 from Marcono1234/marcono1234/floating-point-literal-value 
Java: Add value predicates for float and double literals; improve tests
 2021-03-22 09:02:31 +01:00
Marcono1234
cd059eb965 Java: Add StringBuildingType 2021-03-22 00:19:23 +01:00
Marcono1234
fa98443bb7 Java: Add value predicates for float and double literals; improve tests 2021-03-21 18:07:55 +01:00
Erik Krogh Kristensen
b565e3de91 expand outDir support in tsconfig files 2021-03-19 23:13:51 +01:00
Erik Krogh Kristensen
07ca09ef90 Merge pull request #5425 from yoff/tausbn-python-document-api-graphs 
Python: document api graphs
 2021-03-19 22:15:07 +01:00
CodeQL CI
3415b64229 Merge pull request #5423 from erik-krogh/koa 
Approved by asgerf, esbena
 2021-03-19 17:05:58 +00:00
Erik Krogh Kristensen
84e9229386 Merge branch 'main' into koa 2021-03-19 16:56:15 +01:00
yoff
eae7bccaad Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2021-03-19 16:50:48 +01:00
yoff
c6a69e1d6e Merge pull request #5457 from RasmusWL/framework-tests-non-experimental 
Python: Move framework tests out of experimental
 2021-03-19 16:29:50 +01:00
Tom Hvitved
6e1ee07e90 Address review comment 2021-03-19 16:25:48 +01:00
Rasmus Wriedt Larsen
d9079e34e3 Python: Move framework tests out of experimental 
Since they are not experimental anymore 😄
 2021-03-19 15:51:54 +01:00
Erik Krogh Kristensen
79feb3b689 Merge pull request #5454 from asgerf/js/fix-untrusted-checkout-id 
JS: Fix query ID for UntrustedCheckout
 2021-03-19 14:32:52 +01:00
Tom Hvitved
18ac2596d0 Data flow: Add section on lambda flow to dataflow.md 2021-03-19 13:58:21 +01:00
CodeQL CI
3b117f5218 Merge pull request #5419 from erik-krogh/forgery 
Approved by asgerf
 2021-03-19 12:56:53 +00:00