hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,606 Commits 1,740 Branches 165 Tags
bdcf4198e60b9957f0da04a204d13fa028e362e1
Commit Graph

14606 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
lcartey@github.com
bdcf4198e6 Add additional Hibernate SQL sinks 2020-08-07 14:03:24 +02:00
Anders Schack-Mulligen
e3a12c5fea Merge pull request #4004 from Marcono1234/patch-2 
[Java] Clarify Wildcard.hasUpperBound() doc
 2020-08-07 13:06:13 +02:00
Tom Hvitved
c20d763490 Merge pull request #3951 from raulgarciamsft/users/raulgarciamsft/dataset_serialization 
C#: DataSet serialization
 2020-08-07 12:54:10 +02:00
Anders Schack-Mulligen
77db87efb7 Merge pull request #3968 from rvermeulen/java-importable-cwe-090 
Java: Move LDAP injection sinks, sanitizers, and additional taint steps to importable location
 2020-08-07 11:57:51 +02:00
Arthur Baars
c177eff3d8 Merge pull request #4027 from aschackmull/java/weak-crypto-precision 
Java: Update precision of java/weak-cryptographic-algorithm.
 2020-08-07 10:31:38 +02:00
Anders Schack-Mulligen
f9de8eb3b4 Java: Update precision of java/weak-cryptographic-algorithm. 2020-08-07 09:40:21 +02:00
Anders Schack-Mulligen
05e956b374 Merge pull request #4022 from aibaars/int-to-long 
Java: remove security tag from java/integer-multiplication-cast-to-long
 2020-08-07 09:32:43 +02:00
Marcono1234
0e54b498b7 Clarify Wildcard.hasTypeBound() doc 2020-08-06 23:15:25 +02:00
Marcono1234
f477e09190 Clarify Wildcard.hasUpperBound() doc 2020-08-06 23:15:16 +02:00
Remco Vermeulen
3ae3a879d2 Fix qldoc grammar and style mistakes 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-06 23:00:03 +02:00
Raul Garcia
3682a902de Update csharp/ql/src/experimental/Security Features/Serialization/DataSetSerialization.qhelp 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2020-08-06 12:09:02 -07:00
Arthur Baars
f16c263393 Java: remove security tag from java/integer-multiplication-cast-to-long 2020-08-06 17:42:01 +02:00
Remco Vermeulen
408db412dc Add missing predicate qldoc 2020-08-06 13:29:02 +02:00
Remco Vermeulen
5a819422c1 Reuse Unit class from TaintTracking 2020-08-06 12:02:34 +02:00
Remco Vermeulen
7f7ad88dea Limit LdapAdditionalTaintStep to Ldap configuration 2020-08-06 11:35:03 +02:00
Anders Schack-Mulligen
205dd1aead Merge pull request #3881 from intrigus-lgtm/more-pathcreations 
Java: Centralize and model additional path creations.
 2020-08-06 11:21:39 +02:00
intrigus
1011325cf7 Accept test changes. 2020-08-05 21:45:41 +02:00
Remco Vermeulen
a1411407c1 Consolidate sanitizers into default sanitizer 2020-08-05 17:07:05 +02:00
Remco Vermeulen
0c09d66d43 Consolidate different sinks into a default sink. 2020-08-05 16:53:50 +02:00
Jonas Jensen
5f635aca36 Merge pull request #3768 from geoffw0/copymove 
C++: Clean up ConversionConstructor.
 2020-08-05 14:35:05 +02:00
Anders Schack-Mulligen
9e78341e43 Merge pull request #3928 from rvermeulen/java-importable-cwe-113 
Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library
 2020-08-05 10:16:00 +02:00
Anders Schack-Mulligen
32d9d270fc Merge pull request #3948 from aibaars/java-3941 
Java: stack trace exposure: address false positives
 2020-08-05 09:31:01 +02:00
Jonas Jensen
ea0896c78b Merge pull request #3999 from MathiasVP/mathiasvp/range-based-for-loop-taint-tests 
C++: Add tests for taint through range-based for loops
 2020-08-05 09:11:53 +02:00
Raul Garcia (MSFT)
aa27eaf7e0 Addrssing the comments from https://github.com/github/codeql/pull/3951#discussion_r464894547 that I missed previously 2020-08-04 15:50:58 -07:00
Geoffrey White
9f5c37ccaa Merge branch 'master' into copymove 2020-08-04 15:41:27 +01:00
Tom Hvitved
63115a36f7 Merge pull request #3994 from hvitved/csharp/dataflow/library-aps-adjust 
C#: More type-based adjustment of library-flow access paths
 2020-08-04 14:33:54 +02:00
Anders Schack-Mulligen
68441bdf99 Merge pull request #3987 from Marcono1234/patch-1 
[Java] Improve InsecureJavaMail.qhelp references
 2020-08-04 12:12:38 +02:00
Anders Schack-Mulligen
cdea0f05b0 Merge pull request #3946 from aibaars/util-collections-2 
Java: Clean up ContainerFlow: address outstanding comments
 2020-08-04 10:27:22 +02:00
Raul Garcia (MSFT)
c52064af78 Fixing problems based on CR feedback. 
https://github.com/github/codeql/pull/3951#pullrequestreview-458987208
 2020-08-03 16:39:41 -07:00
Tom Hvitved
71933a4d8a Merge pull request #4009 from hvitved/csharp/extractor-pack-files 
C#: Add CodeQL extractor pack files
 2020-08-03 19:33:26 +02:00
CodeQL CI
8855ab8c8c Merge pull request #3835 from Raz0r/js/xss-protocol-sinks 
Approved by erik-krogh
 2020-08-03 15:40:05 +01:00
CodeQL CI
a4f8b19ae4 Merge pull request #3876 from erik-krogh/CWE078-Correctness 
Approved by esbena
 2020-08-03 15:38:51 +01:00
Tom Hvitved
d1db7b350f C#: Add CodeQL extractor pack files 2020-08-03 14:36:06 +02:00
CodeQL CI
c8e5db189a Merge pull request #3913 from erik-krogh/topmost 
Approved by asgerf
 2020-08-03 13:18:22 +01:00
Erik Krogh Kristensen
f5cc14f980 fix typo 2020-08-03 13:49:21 +02:00
CodeQL CI
0bbdc70cdb Merge pull request #3864 from erik-krogh/exprString 
Approved by asgerf, esbena
 2020-08-03 09:25:17 +01:00
Tamás Vajk
dd1a8e9b28 Merge pull request #3991 from tamasvajk/feature/vscode 
Add VS Code tasks to build and test the C# bits
 2020-08-03 09:52:46 +02:00
Calum Grant
595ab442e6 Merge pull request #3996 from yoff/SharedDataflow_Syntax 
Python: Test all expressions that incur dataflow
 2020-07-31 17:45:00 +01:00
Rasmus Lerchedahl Petersen
3e13056140 Python: Address most review comments 2020-07-31 17:20:58 +02:00
Tamás Vajk
c8dc2ee611 Merge pull request #3993 from tamasvajk/remove-noise 
Turn off C# auto-compile on topmost folder
 2020-07-31 16:59:36 +02:00
Tamas Vajk
17e256b2c7 C#: Add VS Code tasks to build and test the C# bits 2020-07-31 16:56:51 +02:00
Rasmus Lerchedahl Petersen
e8ce62e211 Python: Fix missing flow annotation 2020-07-31 15:28:27 +02:00
Rasmus Lerchedahl Petersen
e13cf2e126 Python: fix formatting 2020-07-31 14:25:09 +02:00
Tom Hvitved
54ce73b40e Merge pull request #3995 from hvitved/csharp/fix-alerts 
C#: Fix a few alerts
 2020-07-31 14:07:35 +02:00
Rasmus Lerchedahl Petersen
29493f5bd7 Python: Make the coverage test a path query 2020-07-31 12:38:57 +02:00
CodeQL CI
18fa6b613d Merge pull request #3998 from ceh-forks/ceh-fix-typos 
Approved by shati-patel
 2020-07-31 11:08:58 +01:00
Mathias Vorreiter Pedersen
4990d00498 C++: Add taint tests demonstrating lack of taint through range based for loops 2020-07-31 09:57:35 +02:00
Mathias Vorreiter Pedersen
b88ef56cb4 C++: Add basic iterator definition that matches STL 2020-07-31 09:45:32 +02:00
Emil Hessman
246ae575be Fix typos 2020-07-31 06:59:55 +02:00
Raul Garcia (MSFT)
a5dab4e768 removing a redundant line 2020-07-30 17:05:42 -07:00