hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-06 03:00:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,561 Commits 1,676 Branches 157 Tags
bbeea452e1ca5f352553264d86d9ec1a5ca0661f
Commit Graph

16561 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
bbeea452e1 C++: Add test with widening of binary Expr 2020-10-12 11:08:41 +02:00
Jonas Jensen
297f1c75e4 Merge pull request #4345 from geoffw0/map 
C++: Models for std::pair, std::map and std::unordered_map
 2020-10-05 15:28:10 +02:00
Tom Hvitved
4ec14b1b02 Merge pull request #4399 from hvitved/csharp/error-type-population 
C#: Handle population of error types
 2020-10-05 15:04:50 +02:00
CodeQL CI
48fa8aacd5 Merge pull request #4403 from asgerf/js/remove-tslint-dependency 
Approved by erik-krogh
 2020-10-05 05:58:48 -07:00
Geoffrey White
855d2b50d7 C++: Correct test comments. 2020-10-05 13:00:51 +01:00
Anders Schack-Mulligen
30f29e0ba7 Merge pull request #4320 from aibaars/multipart-request 
Java: add Spring::MultipartRequest as taint source
 2020-10-05 13:45:06 +02:00
Geoffrey White
c757813d65 Merge branch 'main' into map 2020-10-05 12:32:49 +01:00
Anders Schack-Mulligen
e660ac54da Merge pull request #4358 from joefarebrother/format-taint 
Java: Add taint steps through string formatting methods
 2020-10-05 13:25:54 +02:00
Asger Feldthaus
fee99105da JS: Remove tslint dependency 2020-10-05 11:53:58 +01:00
CodeQL CI
43b2c90538 Merge pull request #4400 from max-schaefer/js/api-graph-classrefs 
Approved by asgerf
 2020-10-05 03:12:23 -07:00
Tom Hvitved
4d62033a15 C#: Handle population of error types 2020-10-05 10:14:13 +02:00
Mathias Vorreiter Pedersen
d38121f54a Merge pull request #4394 from geoffw0/oddsends2 
C++: Clean up and add to taint tests
 2020-10-05 09:16:50 +02:00
Arthur Baars
78c58c2415 Merge pull request #4384 from tausbn/python-fix-package-locations 
Python: Fix `hasLocationInfo` for packages
 2020-10-02 20:48:43 +02:00
Alexander Eyers-Taylor
754d82c325 Merge pull request #4382 from github/alexet-patch-1 
Fix the name of the vscode extension recommendation
 2020-10-02 18:33:36 +01:00
Alexander Eyers-Taylor
30ed6a0dac Merge pull request #4385 from aibaars/drop-queries 
Drop 'tech-inventory' and 'code duplication' queries from the standard query suites
 2020-10-02 18:31:25 +01:00
Geoffrey White
8d5febf9c4 C++: Add a couple more test cases that have been discussed. 2020-10-02 18:03:07 +01:00
Geoffrey White
cc170bd513 C++: Test layout. 2020-10-02 18:03:07 +01:00
Geoffrey White
2dc8fba7fe C++: Remove StdMapBeginEnd as we now have a general model BeginOrEndFunction in main. 2020-10-02 16:39:23 +01:00
Geoffrey White
0d6bd6facb Merge branch 'main' into map 2020-10-02 16:24:03 +01:00
Arthur Baars
daa1bcc06e Also mark 'tech inventory' queries as deprecated 2020-10-02 17:23:11 +02:00
Arthur Baars
fc45b6cd3c Drop 'tech-inventory' and 'code duplication' queries from the standard query suites 2020-10-02 17:22:04 +02:00
Geoffrey White
28ab092e9f C++: Add 'tainted' markers to standalone_iterators.cpp test. 2020-10-02 15:54:26 +01:00
Taus
fce76e2799 Merge pull request #4354 from RasmusWL/python-command-execution-modeling 
Python: Better command execution modeling
 2020-10-02 16:14:34 +02:00
Taus
2e4a61428d Merge pull request #4346 from RasmusWL/python-add-implicit-init-test 
Python: add test for implicit __init__.py files
 2020-10-02 16:13:25 +02:00
Tom Hvitved
55d25d90fa Merge pull request #4386 from hvitved/csharp/remove-deprecated-queries 
C#: Remove deprecated external queries
 2020-10-02 15:12:33 +02:00
Rasmus Wriedt Larsen
e5b9ac8d9c Python: Use getCommand as tag in ConceptsTest 2020-10-02 14:12:41 +02:00
Rasmus Wriedt Larsen
eb67986916 Python: Exlucde only command injection sinks in os and subprocess 2020-10-02 14:11:07 +02:00
Rasmus Wriedt Larsen
68eacef23c Python: Refactor OsExecCall and friends for better readability 2020-10-02 13:38:54 +02:00
Rasmus Wriedt Larsen
de07d9e5d9 Python: Highlight that os.popen is not only problem for extra alerts 2020-10-02 13:34:33 +02:00
Taus Brock-Nannestad
b5d05f99c9 Python: Fix test output 2020-10-02 12:04:43 +02:00
Geoffrey White
4b0e9a4fb1 C++: Remove the model of make_pair. 2020-10-02 10:55:13 +01:00
Geoffrey White
0b6096ebfe C++: Define make_pair and declare std::forward in the test. 2020-10-02 10:51:34 +01:00
Max Schaefer
98e93a7b9d JavaScript: Improve API-graph support for function-style classes. 2020-10-02 09:25:51 +01:00
Chris Smowton
aa707e9370 Merge pull request #4381 from smowton/smowton/admin/fix-owasp-broken-links 
Fix OWASP broken links
 2020-10-02 08:51:36 +01:00
Tom Hvitved
bc68578c8b C#: Remove deprecated external queries 2020-10-01 21:11:47 +02:00
Jonas Jensen
48c6f34f91 Merge pull request #4372 from matt-gretton-dann/cpp20-constinit 
Add support for Variable.is_constinit()
 2020-10-01 20:19:56 +02:00
Aditya Sharad
f7f05476a2 Merge pull request #4375 from adityasharad/javascript/client-side-url-redirect-regexp 
JavaScript: Track taint through RegExp.prototype.exec for URL redirection
 2020-10-01 09:55:19 -07:00
Geoffrey White
ad9f306352 C++: Model taint flow only when the second component of a pair would be tainted. 2020-10-01 17:38:09 +01:00
Ian Lynagh
e555b6b2a8 Merge pull request #4380 from github/igfoo/unnamed 
C++: Accept test changes in unnamed entity naming
 2020-10-01 17:16:20 +01:00
Taus Brock-Nannestad
75f4051cb5 Python: Fix hasLocationInfo for packages 2020-10-01 17:21:53 +02:00
Joe
ca4781eb78 Java: Remove use of StringFormatMethod in TaintTrackingUtils 2020-10-01 15:58:32 +01:00
Alexander Eyers-Taylor
5ce0974eb2 Fix the name of the vscode extension recommendation 
The name is case sensitive so it didn't work before.
 2020-10-01 14:40:45 +01:00
Anders Schack-Mulligen
c027f3bd2b Merge pull request #4324 from tamasvajk/feature/unsigned-sign-analysis 
Handle unsigned types in sign analysis (C# and Java)
 2020-10-01 15:11:49 +02:00
CodeQL CI
36450a8998 Merge pull request #4338 from erik-krogh/nodejs-server-request-data 
Approved by asgerf
 2020-10-01 06:00:17 -07:00
Erik Krogh Kristensen
d54a057457 Merge pull request #4377 from erik-krogh/babelCrash 
JS: prevent crash when TemplateLiteral is used in import
 2020-10-01 14:58:45 +02:00
Chris Smowton
578ea1ae43 Fix OWASP broken links 2020-10-01 13:09:52 +01:00
Erik Krogh Kristensen
4dec2171da add http request server data as a RemoteFlowSource 2020-10-01 13:21:56 +02:00
Rasmus Wriedt Larsen
3247b300ae Python: Fix problem with missing use-use flow 2020-10-01 12:55:11 +02:00
Rasmus Wriedt Larsen
9b3509f0ba Python: Highlight problem with missing use-use flow 2020-10-01 12:51:44 +02:00
CodeQL CI
0158e2ffef Merge pull request #4374 from max-schaefer/js/api-graph 
Approved by erik-krogh
 2020-10-01 03:33:45 -07:00