Rasmus Lerchedahl Petersen
|
c2d2037726
|
Python: Add change note and set precision
|
2021-09-14 13:45:51 +02:00 |
|
Rasmus Lerchedahl Petersen
|
1c7982b319
|
Python: Move query tests over
|
2021-09-14 13:29:21 +02:00 |
|
Rasmus Lerchedahl Petersen
|
36e27f2aa4
|
Python: Remove promoted code:
- queries (`py/regex-injection`)
- concepts (RegexExecution, RegexEscape)
- library models (Stdlib::Re)
|
2021-09-14 13:14:16 +02:00 |
|
Rasmus Lerchedahl Petersen
|
abbd1d1dc5
|
Python: Fix errors introduced during port
testing on a database helps..
|
2021-09-14 13:08:21 +02:00 |
|
Rasmus Lerchedahl Petersen
|
6c82daef3d
|
Python: Move Regexinjection out of experimental
and fix up structure
|
2021-09-14 11:54:59 +02:00 |
|
Rasmus Lerchedahl Petersen
|
3d5192d6d3
|
Python: Fix typos
|
2021-09-14 11:54:11 +02:00 |
|
Rasmus Lerchedahl Petersen
|
a30f697537
|
Python: Add getName to RegexExecution concept
|
2021-09-14 11:53:40 +02:00 |
|
Rasmus Lerchedahl Petersen
|
8f152a5bfb
|
Python: Port regex concepts and adapt PolyRedos
|
2021-09-13 16:50:00 +02:00 |
|
Chris Smowton
|
68ed3250e8
|
Merge pull request #6478 from smowton/smowton/feature/jax-rs-request-filters
Java: Add sources for Jax-RS filters
|
2021-09-13 10:59:17 +01:00 |
|
James Fletcher
|
c86311e879
|
Merge pull request #6502 from github/dataflow-tutorial
Add data flow debugging guide to CodeQL docs
|
2021-09-13 10:25:19 +01:00 |
|
yoff
|
d0563c80be
|
Merge pull request #6665 from smowton/smowton/fix/python-redos-invalid-utf16
ReDoS: fix unpaired surrogate test
|
2021-09-13 11:14:45 +02:00 |
|
Anders Schack-Mulligen
|
2db039fb77
|
Merge pull request #6673 from Marcono1234/marcono1234/clone-method-models
Java: Remove duplicate classes modeling Object.clone
|
2021-09-13 11:13:14 +02:00 |
|
Anders Schack-Mulligen
|
dde07fd2ee
|
Merge pull request #6672 from Marcono1234/marcono1234/functional-interfaces-test
Java: Extend functional interfaces test
|
2021-09-13 11:13:06 +02:00 |
|
Tom Hvitved
|
4628f880b4
|
Merge pull request #6489 from hvitved/csharp/files-folders-drop-columns
C#: Drop redundant columns from `files` and `folders` relations
|
2021-09-13 11:02:13 +02:00 |
|
Anders Schack-Mulligen
|
31739cdae6
|
Merge pull request #6668 from github/workflow/coverage/update
Update CSV framework coverage reports
|
2021-09-13 09:50:09 +02:00 |
|
Tom Hvitved
|
2730423ab2
|
C#: Upgrade script
|
2021-09-13 09:49:10 +02:00 |
|
Tom Hvitved
|
5d048a9518
|
C#: Drop redundant columns from files and folders relations
|
2021-09-13 09:49:09 +02:00 |
|
Tamás Vajk
|
cc1374b832
|
Merge pull request #6646 from tamasvajk/fix/csv-timeseries
Fix CSV timeseries script to create DB with scheme from correct git SHA
|
2021-09-13 09:41:56 +02:00 |
|
Tom Hvitved
|
0abfb00032
|
Merge pull request #6660 from hvitved/csharp/dotnet-exec-tracing-windows
C#: Handle `dotnet exec csc.dll` compiler calls on Windows
|
2021-09-13 09:07:50 +02:00 |
|
github-actions[bot]
|
26e8e89aca
|
Add changed framework coverage reports
|
2021-09-13 00:08:00 +00:00 |
|
Philip Ginsbach
|
131d63c374
|
Merge pull request #6592 from github/ginsbach/instanceofDocs
language reference entry for non-extending subtypes
|
2021-09-12 15:21:41 +01:00 |
|
Marcono1234
|
d117593d72
|
Java: Remove duplicate classes modeling Object.clone
|
2021-09-12 02:05:57 +02:00 |
|
Marcono1234
|
5009ed618f
|
Java: Extend functional interfaces test
|
2021-09-12 01:50:07 +02:00 |
|
Andrew Eisenberg
|
edbaceceb3
|
Merge pull request #6666 from github/aeisenberg/suites-fix
Remove incorrect `suites` directive
|
2021-09-10 14:15:10 -07:00 |
|
CodeQL CI
|
e8fc3c8ead
|
Merge pull request #5888 from erik-krogh/casting
Approved by asgerf
|
2021-09-10 09:11:39 -07:00 |
|
Andrew Eisenberg
|
9c0f18b88d
|
Remove incorrect directive
This directive should only be in the
pack.
|
2021-09-10 08:57:37 -07:00 |
|
Chris Smowton
|
95046b9bb1
|
Factor JaxRS models
|
2021-09-10 16:36:40 +01:00 |
|
Chris Smowton
|
451a46bf0e
|
Add models for getLanguage, getMediaType
|
2021-09-10 16:36:38 +01:00 |
|
Chris Smowton
|
5e7a3ca2e6
|
Model UriInfo.relativize and resolve.
|
2021-09-10 16:36:37 +01:00 |
|
Chris Smowton
|
62ecab8432
|
Add change note
|
2021-09-10 16:36:36 +01:00 |
|
Chris Smowton
|
f1c3a11103
|
Add sources for Jax-RS filters
|
2021-09-10 16:36:34 +01:00 |
|
Chris Smowton
|
0ebbb333ba
|
Merge pull request #6564 from haby0/java/xxe/new
Java: Add XXE sinks
|
2021-09-10 16:04:27 +01:00 |
|
Chris Smowton
|
38cc9bef02
|
ReDoS: fix unpaired surrogate test
This actually does result in an FP, but this was previously hidden by non-interpretation of '\u' escapes within a raw string.
|
2021-09-10 15:37:34 +01:00 |
|
Chris Smowton
|
29028c5d46
|
Update test expectations to account for dataflow subpaths changes
|
2021-09-10 13:53:41 +01:00 |
|
Chris Smowton
|
2d03840fde
|
Add experimental variants of java/xxe, incorporating new sinks and a version that uses local sources.
Originally authored by @haby0, squashed to clean up a tangled commit history.
|
2021-09-10 13:49:31 +01:00 |
|
Rasmus Wriedt Larsen
|
db78e3a7da
|
Merge pull request #6274 from tausbn/python-api-graphs-import-star
Python: Support `import *` in API graphs
|
2021-09-10 13:25:41 +02:00 |
|
Rasmus Wriedt Larsen
|
b45743b562
|
Merge pull request #6312 from tausbn/python-deprecate-importnode
Python: Deprecate `importNode`
|
2021-09-10 13:12:56 +02:00 |
|
CodeQL CI
|
27f2d417c1
|
Merge pull request #6652 from asgerf/js/type-tracking-through-callback
Approved by erik-krogh
|
2021-09-10 04:11:14 -07:00 |
|
Tom Hvitved
|
649c2ce188
|
Merge pull request #6586 from hvitved/dataflow/stage2-precise-call-ctx-take2
Data flow: Add precise call contexts to stage 2
|
2021-09-10 11:34:35 +02:00 |
|
Tom Hvitved
|
af0b9abab7
|
C#: Handle dotnet exec csc.dll compiler calls on Windows
|
2021-09-10 11:26:43 +02:00 |
|
CodeQL CI
|
0673355f31
|
Merge pull request #6649 from rhysd/discussion-untrusted-inputs
Approved by erik-krogh
|
2021-09-10 01:44:54 -07:00 |
|
Anders Peter Fugmann
|
1bbadb57a2
|
Merge pull request #6568 from andersfugmann/andersfugmann/improve_upper_bound
C++: Improve predicate upperBound in SimpleRangeAnalysis
|
2021-09-10 09:49:48 +02:00 |
|
Erik Krogh Kristensen
|
a756ffa3a6
|
use the new instanceof syntax for NodeJSClientRequest
|
2021-09-10 09:30:37 +02:00 |
|
Tom Hvitved
|
296d10fe2a
|
Data flow: Adjust callMayFlowThroughFwd pragmas
|
2021-09-10 09:21:24 +02:00 |
|
Anders Schack-Mulligen
|
3e17fdcaa3
|
Merge pull request #6407 from bmuskalla/charSeqSubSeq
Java: Track taint for CharSequence#subSequence
|
2021-09-10 09:01:29 +02:00 |
|
rhysd
|
97ed9edd32
|
JS: Detect untrusted inputs in 'discussion' and 'discussion_comment' payloads
|
2021-09-10 10:42:58 +09:00 |
|
Chris Smowton
|
5b8b27a2aa
|
Merge pull request #6651 from smowton/smowton/admin/functional-interface-tests
Add tests for functional interfaces
|
2021-09-09 22:02:16 +01:00 |
|
Tamás Vajk
|
ad04099ac2
|
Merge pull request #6630 from tamasvajk/feature/interface-runtimecallable
C# Extend runtime callables to cover interface members with default implementation
|
2021-09-09 17:24:55 +02:00 |
|
Andrew Eisenberg
|
4c74709019
|
Merge pull request #6606 from github/aeisenberg/docs
Update the docs about qlpacks
|
2021-09-09 07:42:24 -07:00 |
|
Anders Schack-Mulligen
|
13c4b93d3d
|
Merge pull request #6648 from aschackmull/java/func-interface
Java: Fix FunctionalInterface.
|
2021-09-09 16:14:14 +02:00 |
|