codeql

mirror of https://github.com/github/codeql.git synced 2026-02-04 17:21:08 +01:00

Author	SHA1	Message	Date
Anders Schack-Mulligen	ca09649679	Dataflow: Forward hasLocationInfo.	2023-05-02 10:48:32 +02:00
Anders Schack-Mulligen	5927bb2030	Dataflow: Replace "extends Node" with "instanceof Node".	2023-05-02 09:48:34 +02:00
Anders Schack-Mulligen	6c8cb0dc5e	Merge pull request #12930 from aschackmull/dataflow/split-typedcontent Dataflow: Refactor access paths to split TypedContent into an explicit pair	2023-05-01 14:58:15 +02:00
Rasmus Wriedt Larsen	1bba5258d6	Merge pull request #11280 from RasmusWL/dict-dataflow-steps Python: Support more dictionary read/store steps	2023-04-30 16:07:29 +02:00
Anders Schack-Mulligen	71ae0909d8	Dataflow: Enforce type pruning in all forward stages.	2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen	9140cbefc0	Dataflow: Sync.	2023-04-27 14:55:23 +02:00
Anders Schack-Mulligen	246d904712	Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring Dataflow: Add type to PathNode.toString.	2023-04-27 14:14:10 +02:00
Arthur Baars	128d102bbc	Merge pull request #12871 from aibaars/py-yaml Python: add YAML support	2023-04-26 18:13:26 +02:00
Anders Schack-Mulligen	d681671356	Dataflow: Sync.	2023-04-26 14:45:07 +02:00
Arthur Baars	5b6d3afd89	Python: Yaml printAst and tests	2023-04-26 13:41:57 +02:00
Rasmus Wriedt Larsen	1a97e8f329	Python: Add flow-step for arg[1] to `dict.setdefault`	2023-04-26 13:30:11 +02:00
Arthur Baars	c1c2bcf419	Python: rename YAML.qll to Yaml.qll	2023-04-26 12:44:53 +02:00
Kasper Svendsen	361b15b2c7	Merge branch 'main' into kaspersv/prevent-python-join-order-regression	2023-04-24 13:35:07 +02:00
Arthur Baars	f61565cab1	Python: add YAML library	2023-04-21 17:42:02 +02:00
Rasmus Wriedt Larsen	4094ec5fcc	Python: Change additional dict store/read steps to not affect taint-tracking	2023-04-21 14:43:24 +02:00
Rasmus Wriedt Larsen	e0e978bd3e	Python: Fix ql4ql alerts	2023-04-21 14:18:50 +02:00
Rasmus Wriedt Larsen	b56869551d	Python: Support more dictionary read/store steps The `setdefault` behavior is kinda strange, but no reason not to support it.	2023-04-21 14:18:50 +02:00
Kasper Svendsen	603a97faf9	Prevent Python join order regression	2023-04-20 13:44:30 +02:00
Michael Nebel	656d8d2451	Sync files.	2023-04-20 11:29:51 +02:00
Michael Nebel	1d82b09ec1	Sync files.	2023-04-13 09:21:05 +02:00
Chris Smowton	7eefa43f5a	Rename and document `viableArgParamSpecific` to make clear it is a temporary hook.	2023-04-12 14:33:46 +01:00
Chris Smowton	4d8ca3d759	Add dataflow callback to filter out receiver argument flow to Golang interface dispatch candidates. Other langauges stub the callback.	2023-04-12 14:19:06 +01:00
Jeroen Ketema	0acca2ba76	Merge pull request #12687 from jketema/unit-2 Make imports of `codeql.util.Unit` private	2023-03-29 13:07:12 +02:00
Anders Schack-Mulligen	7c74fd07e9	Merge pull request #12684 from aschackmull/dataflow/remove-footgun Dataflow: Remove accidentally exposed predicates.	2023-03-28 15:14:58 +02:00
Jeroen Ketema	3b8ad087eb	Make imports of `codeql.util.Unit` private	2023-03-28 14:14:13 +02:00
Anders Schack-Mulligen	d406b051fc	Dataflow: Remove accidentally exposed predicates.	2023-03-28 10:04:21 +02:00
Rasmus Wriedt Larsen	0b9d16a43e	Merge pull request #12636 from RasmusWL/sql-modeling Python: Some more SQL modeling	2023-03-27 15:52:30 +02:00
Jeroen Ketema	977f15f8a4	Merge pull request #12649 from jketema/unit Replace all definitions of `Unit` by `import codeql.util.Unit`	2023-03-27 08:49:50 +02:00
Anders Schack-Mulligen	6db8c8b19f	Merge pull request #12656 from aschackmull/dataflow/qldoc Dataflow: Minor qldoc fix	2023-03-24 14:57:39 +01:00
Taus	c0eb611dae	Merge pull request #12244 from RasmusWL/import-refined Python: Fix import of refined variable	2023-03-24 13:22:19 +01:00
Anders Schack-Mulligen	85511ba19d	Dataflow: Sync	2023-03-24 12:42:06 +01:00
Jeroen Ketema	a87a9438c7	Replace all definitions of `Unit` by `import codeql.util.Unit`	2023-03-24 10:39:34 +01:00
Anders Schack-Mulligen	9d88f01c82	Merge pull request #12645 from aschackmull/dataflow/renaming Dataflow: Rename Make to Global and hasFlow to flow	2023-03-24 08:48:31 +01:00
Anders Schack-Mulligen	d440bc2d0c	Dataflow: Sync.	2023-03-23 13:40:23 +01:00
Anders Schack-Mulligen	2761aa73ca	Dataflow: Sync.	2023-03-23 13:06:19 +01:00
Kasper Svendsen	ce6be1f636	Dataflow: Instantiate stage 1 access paths with proper unit type	2023-03-23 08:32:16 +01:00
Rasmus Wriedt Larsen	7b3f710e91	Python: Model `aiosqlite`	2023-03-22 15:51:47 +01:00
Rasmus Wriedt Larsen	9975facf9d	Python: Make asyncio version of PEP249 modeling library so it's also easy to modeling asyncio libraries Also ports aiomysql/aiopg to use this new modeling	2023-03-22 15:51:33 +01:00
Rasmus Wriedt Larsen	2b4ebf7377	Python: Add support for `.executescript`	2023-03-22 15:20:06 +01:00
Rasmus Wriedt Larsen	eb43fa2644	Python: Make API graph version of PEP249 modeling This will allow us to more easily handle the executescript method, which we'll do in next commit.	2023-03-22 15:07:03 +01:00
Rasmus Wriedt Larsen	170a93cc4f	Python: Model `cassandra-driver` PyPI package	2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen	e4db5f9a64	Python: Model `asyncpg.connection.connect()`	2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen	4f9117963d	Python: Model `sqlite3.dbapi2`	2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen	b2f34ef4b1	Merge branch 'main' into import-refined	2023-03-21 15:12:11 +01:00
Anders Schack-Mulligen	0d6dd7d25a	DataFlow: Sync.	2023-03-21 14:27:25 +01:00
Anders Schack-Mulligen	3876e4335f	Merge pull request #12420 from kaspersv/kaspersv/dataflow-remove-alias-preds Dataflow: Remove revFlowAlias and revFlowApAlias predicates	2023-03-20 16:30:15 +01:00
Michael Nebel	17b3383043	Merge pull request #12556 from michaelnebel/java/argumentthis Java: Argument[-1] -> Argument[this]	2023-03-20 15:59:59 +01:00
Erik Krogh Kristensen	a9d40d39d9	Merge pull request #12550 from erik-krogh/useNumberUtil Java/Python: use Number.qll to parse hex numbers in regex parsing	2023-03-20 15:50:31 +01:00
Erik Krogh Kristensen	0f813ce2e8	Merge pull request #12543 from erik-krogh/reg-perf ReDoS: restrict the edges considered in polynomial-redos for complex regular expressions	2023-03-20 15:48:35 +01:00
Rasmus Wriedt Larsen	2ee09cc5d1	Merge branch 'main' into import-refined	2023-03-20 15:42:01 +01:00

1 2 3 4 5 ...

1457 Commits