Anders Schack-Mulligen
|
bf921177f4
|
Merge pull request #8811 from erik-krogh/syncLate
Java: get tainttracking3/TaintTrackingImpl.qll in sync
|
2022-04-22 11:21:01 +02:00 |
|
Asger F
|
0187e9a3b1
|
Merge pull request #8808 from vovikhangcdv/doublevkay/fixing-PrototypePollutngAssignment-examples
Javascript: Fix PrototypePollutingAssignment example which is incorrect use of express leads to no result when scanning.
|
2022-04-22 11:18:23 +02:00 |
|
Tom Hvitved
|
be5363ea53
|
Merge pull request #8801 from hvitved/ruby/exclude-splat-in-taint-tracking
Ruby: Exclude `SplatExpr` from taint tracking
|
2022-04-22 11:12:05 +02:00 |
|
Erik Krogh Kristensen
|
dca74a1f45
|
get tainttracking3/TaintTrackingImpl.qll in sync
|
2022-04-22 10:37:31 +02:00 |
|
Chris Smowton
|
d309e15072
|
Merge pull request #8748 from smowton/smowton/admin/dependent-dataflow-configs
Java: Avoid higher-numbered dataflow configs that depend on lower-numbered ones
|
2022-04-22 08:56:00 +01:00 |
|
Mathias Vorreiter Pedersen
|
35471ff23c
|
Merge pull request #8809 from AlexDenisov/alexdenisov/rename-swift-db-columns
Swift: rename certain dbscheme columns
|
2022-04-22 08:17:37 +01:00 |
|
Mathias Vorreiter Pedersen
|
52dc016a7a
|
Merge pull request #8798 from jketema/using
C++: Fix tests after extractor changes that improve `using` position accuracy
|
2022-04-22 08:15:34 +01:00 |
|
Alex Denisov
|
e85cdf2ec3
|
Swift: rename certain dbscheme columns
|
2022-04-22 08:31:09 +02:00 |
|
AlexDenisov
|
a5189eae9f
|
Merge pull request #8735 from redsun82/swift-dbscheme-gen
Swift: dbscheme generator
|
2022-04-22 08:26:59 +02:00 |
|
Khang. Võ Vĩ
|
f4581ae866
|
fix PrototypePollutingAssignment examples
|
2022-04-22 11:55:45 +07:00 |
|
Tom Hvitved
|
c20ce62767
|
Ruby: Exclude SplatExpr from taint tracking
`SplatExpr`s are modelled using flow summaries, so there is no need to include them
explicitly in `defaultAdditionalTaintStep`.
|
2022-04-21 20:27:04 +02:00 |
|
Mathias Vorreiter Pedersen
|
813de65118
|
Merge pull request #8799 from jketema/comment-fix
C++: Fix the layout of comments in `getBufferSize`
|
2022-04-21 17:17:42 +01:00 |
|
Jeroen Ketema
|
a09fd8c35e
|
C++: Fix the layout of comments in getBufferSize
|
2022-04-21 17:42:10 +02:00 |
|
Jeroen Ketema
|
8139e1a2a8
|
C++: Fix tests after extractor changes that improve using position accuracy
|
2022-04-21 17:36:11 +02:00 |
|
Tom Hvitved
|
bd09c61504
|
Merge pull request #8786 from hvitved/ruby/dataflow/argument-tokens
Ruby: Implement `Argument[any]` and `Argument[n..]`
|
2022-04-21 16:31:24 +02:00 |
|
Michael Nebel
|
0ec5aa6095
|
Merge pull request #8675 from michaelnebel/csharp/capturemodelimprovement
C#: CaptureModel improvements
|
2022-04-21 15:16:35 +02:00 |
|
Michael Nebel
|
6180970ae7
|
C#: Address review comments.
|
2022-04-21 13:05:32 +02:00 |
|
Tom Hvitved
|
b6309c9db0
|
Merge pull request #8792 from hvitved/csharp/exclude-model-generation-from-cs-suites
C#: Exclude model generation queries from all suites
|
2022-04-21 11:06:56 +02:00 |
|
Tom Hvitved
|
f65b6ae3d1
|
C#: Exclude model generation queries from all suites
|
2022-04-21 09:51:52 +02:00 |
|
Mathias Vorreiter Pedersen
|
966c6f108b
|
Merge pull request #8720 from MathiasVP/smaller-join-in-get-root-cause
C++: Remove TC from `Element.getRootCause`
|
2022-04-21 08:23:05 +01:00 |
|
Harry Maclean
|
3ea6ba5398
|
Merge pull request #8618 from hmac/hmac/qlhelp-comment-workflow
Update existing qhelp comment, if it exists
|
2022-04-21 14:01:17 +12:00 |
|
Erik Krogh Kristensen
|
9927a82520
|
Merge pull request #8789 from erik-krogh/apiIpaBranches
JS/PY: mention newtype constructors in API graph label classes
|
2022-04-20 23:39:46 +02:00 |
|
Erik Krogh Kristensen
|
ff5b873557
|
Merge pull request #8773 from erik-krogh/exhaustion
JS: promote `js/resource-exhaustion` out of experimental
|
2022-04-20 19:33:42 +02:00 |
|
Erik Krogh Kristensen
|
aec8413487
|
PY: mention newtype constructors in API graph label classes
|
2022-04-20 18:38:44 +02:00 |
|
Erik Krogh Kristensen
|
ef51b46795
|
JS: mention newtype constructors in API graph label classes
|
2022-04-20 18:37:19 +02:00 |
|
Erik Krogh Kristensen
|
8bd975a6ec
|
Merge pull request #8785 from hvitved/ruby/api-graph-labels
Ruby: Mention `newtype` constructors in API graph label classes
|
2022-04-20 18:32:09 +02:00 |
|
Arthur Baars
|
040dd09c5a
|
Merge pull request #8718 from github/sj/codeowners-pms
Update CODEOWNERS for documentation and license changes
|
2022-04-20 18:08:43 +02:00 |
|
Arthur Baars
|
98df392b4f
|
Merge pull request #8719 from github/sj/update-readme-license-explanation
Update README to clarify license explanation
|
2022-04-20 18:07:00 +02:00 |
|
AlexDenisov
|
a187939424
|
Merge pull request #8784 from AlexDenisov/alexdenisov/swift-package-test-sdk
Swift: package test SDK
|
2022-04-20 16:07:40 +02:00 |
|
Bas van Schaik
|
732a2c32a8
|
Update README.md
|
2022-04-20 15:03:49 +01:00 |
|
Anders Schack-Mulligen
|
677c436e99
|
Merge pull request #8703 from aschackmull/dataflow/revert-state-in-out-barriers
Dataflow: Revert support for flow-state based in-/out-barriers
|
2022-04-20 14:54:02 +02:00 |
|
Tom Hvitved
|
ea229d361c
|
Sync files
|
2022-04-20 13:55:18 +02:00 |
|
Tom Hvitved
|
b4542c58c2
|
Ruby: Implement Argument[any] and Argument[n..]
|
2022-04-20 13:55:18 +02:00 |
|
Tom Hvitved
|
501b03149f
|
Ruby: Mention newtype constructors in API graph label classes
|
2022-04-20 13:37:55 +02:00 |
|
Nick Rolfe
|
3d109a4051
|
Merge pull request #8777 from github/nickrolfe/post_update_node
Ruby: make PostUpdateNode public
|
2022-04-20 12:04:37 +01:00 |
|
Alex Denisov
|
682c910d49
|
Swift: package test SDK
|
2022-04-20 12:35:19 +02:00 |
|
Mathias Vorreiter Pedersen
|
3388196c27
|
Merge branch 'main' into smaller-join-in-get-root-cause
|
2022-04-20 11:16:00 +01:00 |
|
Asger F
|
e60475618d
|
Merge pull request #8728 from asgerf/ql/library-coverage
QL: Add facilities for data flow
|
2022-04-20 11:40:18 +02:00 |
|
Nick Rolfe
|
f1b8af1db9
|
Ruby: rename PostUpdateNode::Range to PostUpdateNodeImpl
|
2022-04-20 10:35:40 +01:00 |
|
Anders Schack-Mulligen
|
cb898ae03f
|
Merge pull request #8701 from aschackmull/doc/any-none
Doc: Add any() and none() to the language reference.
|
2022-04-20 10:49:42 +02:00 |
|
yoff
|
0c7130602a
|
Merge pull request #8731 from RasmusWL/delete-old-readme
Python: Delete old dataflow readme
|
2022-04-20 10:36:12 +02:00 |
|
yoff
|
a66153d73e
|
Merge pull request #8733 from RasmusWL/split-dataflow-private
Python: Split `DataFlowPrivate`
|
2022-04-20 10:21:05 +02:00 |
|
Erik Krogh Kristensen
|
10130eef6d
|
Merge pull request #8678 from erik-krogh/fileSource
JS: Add files as a source for `js/xss-through-dom`
|
2022-04-20 09:18:38 +02:00 |
|
Harry Maclean
|
942388e8bc
|
Pipe to jq --arg instead of gh api --jq
|
2022-04-20 11:41:38 +12:00 |
|
Harry Maclean
|
eba303dea7
|
Fix typo
|
2022-04-20 11:21:06 +12:00 |
|
Felicity Chapman
|
b10e7300ae
|
Update docs/codeql/ql-language-reference/formulas.rst
|
2022-04-19 17:29:31 +01:00 |
|
Nick Rolfe
|
c02670aca2
|
Ruby: make PostUpdateNode public
|
2022-04-19 17:12:51 +01:00 |
|
Felicity Chapman
|
d663102ffb
|
Update docs/codeql/ql-language-reference/formulas.rst
|
2022-04-19 16:57:05 +01:00 |
|
Felicity Chapman
|
6fbe227cbc
|
Try to fix Sphinx warning in formulas.rst
|
2022-04-19 16:36:42 +01:00 |
|
Stephan Brandauer
|
2fb3147b7b
|
Merge pull request #8430 from kaeluka/js/CVE-2022-24718
JS: Add taint step for handlebars model
|
2022-04-19 15:57:58 +01:00 |
|