hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,523 Commits 1,671 Branches 157 Tags
c06e37f3d9844b078c1abbb1a31972b170eacf84
Commit Graph

25523 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Muskalla
c06e37f3d9 Hide diff for generated files by default 2021-09-03 10:46:52 +02:00
Shati Patel
d22620f72f Merge pull request #6575 from shati-patel/docs-copyright-year 
Docs: Auto-update copyright year
 2021-09-02 18:43:07 +01:00
CodeQL CI
b4963c7538 Merge pull request #6558 from erik-krogh/redosCasing 
Approved by esbena, yoff
 2021-09-02 12:20:08 +01:00
Taus
e4fd749a46 Merge pull request #6547 from github/RasmusWL/cwe328-weak-hash 
Python: Add CWE-328 to `py/weak-sensitive-data-hashing`
 2021-09-02 11:42:31 +02:00
Tamás Vajk
82f61ca015 Merge pull request #6577 from tamasvajk/fix/cil-modified-pointer 
C#: Temporarily extract modified pointers as unmodified during CIL ex…
 2021-09-02 10:48:51 +02:00
Jonas Jensen
1ba26237a7 Merge pull request #6585 from rvermeulen/patch-3 
Update qldoc for the Access class
 2021-09-02 10:17:36 +02:00
Erik Krogh Kristensen
1ad204d89e make after and TState private in ReDoSUtil 2021-09-02 09:15:43 +02:00
Erik Krogh Kristensen
df04c5044c use concat instead of strictconcat in RegexTreeView.qll 2021-09-02 08:54:39 +02:00
Andrew Eisenberg
10f6cab77e Merge pull request #6583 from github/aeisenberg/query-suite-docs 
Docs: Update documentation for query suites
 2021-09-01 10:33:22 -07:00
Remco Vermeulen
7310590f90 Update qldoc FunctionAccess class 
The `FunctionAccess` class doesn't capture accesses of functions in function call expressions.
This update makes that explicit.
 2021-09-01 15:36:00 +02:00
Remco Vermeulen
ffd2a388a9 Update qldoc for the Access class 
The access class does not capture function accesses that are part of a function call expression.
This updates makes that explicit
 2021-09-01 15:30:33 +02:00
Chris Smowton
dccdc3be5a Merge pull request #6582 from github/smowton/admin/mention-multiple-sort-criteria 
Expression docs: mention multiple sort criteria
 2021-09-01 12:22:23 +01:00
Tamás Vajk
e9ff6e8755 Merge pull request #6578 from tamasvajk/fix/cil-local-decoding 
C#: Handle non-critical exception in CIL local variable extraction
 2021-09-01 12:52:53 +02:00
Erik Krogh Kristensen
a3289fabe1 sync ReDoSUtil with python 2021-09-01 12:47:06 +02:00
Erik Krogh Kristensen
537450606e use a consistent comment about the ignore case flag 2021-09-01 12:46:50 +02:00
Erik Krogh Kristensen
ff74fe1e03 rename hasChildThatMatchesIgnoringCasing to hasChildThatMatchesIgnoringCasingFlags 2021-09-01 12:45:20 +02:00
Erik Krogh Kristensen
75a3f34e86 use if-else in ReDoSUtil::getCanonicalizationFlags 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-09-01 12:44:02 +02:00
CodeQL CI
29bcd7ca6f Merge pull request #6572 from erik-krogh/live-server 
Approved by esbena
 2021-09-01 12:41:23 +02:00
Tamás Vajk
50a9b18c92 Merge pull request #6579 from tamasvajk/fix/cil-type-args 
C#: Fix completely broken type argument extraction in NoMetadataHandleType
 2021-09-01 12:16:15 +02:00
Chris Smowton
303e02fb8a Fix typo 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-09-01 10:45:47 +01:00
Erik Krogh Kristensen
f8d46677b9 add RequestExpr as an alias to NodeJSLib::RequestExpr in Connect.qll 2021-09-01 10:11:05 +02:00
Erik Krogh Kristensen
98d018ce26 remove redundant extends clause 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-09-01 10:09:40 +02:00
Andrew Eisenberg
21c168e229 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-08-31 14:47:28 -07:00
Andrew Eisenberg
0923d1fdc1 Docs: Update documentation for query suites 
Adds some clarification around the `qlpack` directive.
The semantics has changed. This provides a new example
and some description.
 2021-08-31 13:39:04 -07:00
Chris Smowton
c92b7828cb Merge pull request #6580 from smowton/smowton/admin/guava-models-mistakes 
Fix minor mistakes in old Guava models
 2021-08-31 19:44:23 +01:00
Chris Smowton
a47efc4348 Expression docs: mention multiple sort criteria 2021-08-31 19:18:03 +01:00
Shati Patel
a80a367de4 Merge pull request #6354 from Optixal/docs-js-isuncertain 
JS: Fixed description of `isUncertain()` predicate in CodeQL Language Guides: CodeQL Library for JavaScript
 2021-08-31 19:13:40 +01:00
Sauyon Lee
7156dee270 Merge pull request #6521 from sauyon/java/test-gen-improvements 
Java: generate more realistic tests
 2021-08-31 10:06:08 -07:00
Chris Smowton
7977d9c253 Fix minor mistakes in old Guava models 
Also add tests for the affected functions
 2021-08-31 15:26:09 +01:00
Chris Smowton
b38a23daee Fix test cases featuring primitive arrays 
Previously we couldn't print the name of types like `byte[]` for example.
 2021-08-31 15:12:47 +01:00
Tamas Vajk
b267d26ff8 C#: Fix completely broken type argument extraction in NoMetadataHandleType 2021-08-31 14:34:27 +02:00
Tamas Vajk
d6ae19c87d C#: Handle non-critical exception in CIL local variable extraction 2021-08-31 14:29:53 +02:00
Tamas Vajk
0ba334bb22 C#: Temporarily extract modified pointers as unmodified during CIL extraction 2021-08-31 14:26:36 +02:00
Erik Krogh Kristensen
28dce6e95a fix non-monotonic recursion in js/missing-rate-limiting 2021-08-31 14:23:23 +02:00
Erik Krogh Kristensen
83252e5ba2 change note 2021-08-31 14:23:23 +02:00
Erik Krogh Kristensen
cecb6c7bdd add model for live-server 2021-08-31 14:23:23 +02:00
Erik Krogh Kristensen
b509627113 add tests for connect 2021-08-31 14:23:23 +02:00
Erik Krogh Kristensen
3d6ab81ab8 refactor the tests for connect 2021-08-31 14:23:23 +02:00
Erik Krogh Kristensen
c6399dbdf4 simplify the connect model by reusing NodeJSLib::RouteHandler 2021-08-31 14:23:23 +02:00
Chris Smowton
f94d8c341d Abbreviate multi-column min 2021-08-31 11:57:49 +01:00
Chris Smowton
510f5abb9a Add missing qldoc 2021-08-31 11:56:03 +01:00
Chris Smowton
5dddc48e60 autoformat 2021-08-31 11:53:13 +01:00
Tom Hvitved
c8a5397085 Merge pull request #6513 from hvitved/csharp/cfg/shared 
C#: Make CFG library shared
esbena/dca-test-build/run/R-1186042660 		2021-08-31 11:55:43 +02:00
CodeQL CI
cf9ab83dee Merge pull request #6498 from bananabr/main 
Approved by asgerf
 2021-08-31 08:46:11 +02:00
CodeQL CI
c3e122f5fc Merge pull request #6569 from erik-krogh/packageJsonModule 
Approved by asgerf
 2021-08-31 08:23:45 +02:00
Benjamin Muskalla
09aaa8f78e Merge pull request #6562 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-30 21:31:02 +02:00
Tom Hvitved
05b45da42f Merge pull request #6556 from hvitved/csharp/insecure-sql-conn-flow 
C#: Use data flow instead of taint tracking in `InsecureSQLConnection.ql`
codeql-cli/v2.6.1 		2021-08-30 11:31:22 +02:00
Tom Hvitved
7dbdfeb161 Merge pull request #6548 from hvitved/csharp/dataflow/tests 
C#: Update call-context data-flow tests
 2021-08-30 11:30:55 +02:00
Erik Krogh Kristensen
486b283c20 support the "module" field in package.json files 2021-08-30 11:05:32 +02:00
Erik Krogh Kristensen
f5a1a12435 support case insensitive regexps in the ReDoS queries 2021-08-30 09:59:33 +02:00