hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 06:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
20,247 Commits 1,740 Branches 165 Tags
ccd706ea10c98ad18e17919ad321524d11cbcd55
Commit Graph

20247 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
ccd706ea10 and pragmas to prevent bad join in RemoteFlowSource 2021-02-24 18:05:10 +01:00
Erik Krogh Kristensen
674b9ad4fe use getALocalSource instead of smallstep in JQuery::legacyObjectSource 2021-02-24 18:04:50 +01:00
Erik Krogh Kristensen
69348b1914 remove redundant hasLocationInfo 2021-02-24 18:01:35 +01:00
Erik Krogh Kristensen
8443b8e421 cache Module::getAnExportedValue 2021-02-24 18:01:16 +01:00
Erik Krogh Kristensen
fd9d738d53 use Expr instead of mising DataFlow-nodes and Exprs in charpred 2021-02-24 18:00:55 +01:00
Erik Krogh Kristensen
8c19f7810d replace forex with unique in DOM.qll 2021-02-24 17:59:38 +01:00
Cornelius Riemenschneider
cea1049745 Merge pull request #5249 from geoffw0/cleanupstr 
C++: QLDoc Pure.qll
 2021-02-24 16:42:41 +01:00
CodeQL CI
bf66bdbb95 Merge pull request #5253 from RasmusWL/no-getAnArg 
Approved by tausbn
 2021-02-24 06:34:31 -08:00
Rasmus Wriedt Larsen
d05a8b8c46 Python: Remove getAnArg in DataFlow::CallCfgNode 
Until we've had further discussion on what is the right approach to
naming (internal discussion in https://github.com/github/codeql-python-team/issues/95)
 2021-02-24 14:58:48 +01:00
Felicity Chapman
a05904f812 Merge pull request #5216 from github/felicitymay-update-process 
Remove personal assignment to writers
 2021-02-24 12:59:08 +00:00
Tamás Vajk
fd4eca6039 Merge pull request #5254 from tamasvajk/feature/fix-merge 
C#: Fix merge conflict (with + refactoring)
 2021-02-24 12:07:34 +01:00
CodeQL CI
d2816b33e2 Merge pull request #5240 from erik-krogh/vsPerf 
Approved by asgerf
 2021-02-24 02:26:16 -08:00
Anders Schack-Mulligen
add960bc4d Merge pull request #4880 from luchua-bc/java/sensitive-query-with-get 
Java: Sensitive GET Query
 2021-02-24 11:08:47 +01:00
Tamas Vajk
380058a4bd C#: Fix merge conflict (with + refactoring) 2021-02-24 10:50:51 +01:00
yoff
8262f0343b Merge pull request #5208 from RasmusWL/flask-clean-models 
Python: Cleanup Flask models now that we have API graphs
 2021-02-24 10:36:30 +01:00
Geoffrey White
358a8fee7d C++: 'side-effect free'. 2021-02-24 09:25:11 +00:00
Rasmus Wriedt Larsen
5bb4a1a45a Python: Use explicit argument specification instead of getAnArg 
I've seen quite a few places where `getAnArg` leads to wrong behavior, and I
generally just don't like it.
 2021-02-24 10:19:34 +01:00
yoff
c3d2001e85 Merge pull request #5251 from tausbn/python-port-missing-host-key-validation-query 
Python: Port missing host key validation query
 2021-02-24 08:43:52 +01:00
yo-h
1d654febfd Merge pull request #5195 from aschackmull/java/cwe-548-test 
Java: Add empty file to test.
 2021-02-23 21:12:40 -05:00
Taus Brock-Nannestad
f241dbabab Python: Clean up query a bit 2021-02-23 22:33:18 +01:00
Taus Brock-Nannestad
002d0fe565 Python: Port missing host key query 2021-02-23 22:26:03 +01:00
Rasmus Wriedt Larsen
358ade67e5 Merge pull request #5248 from tausbn/python-port-insecure-temporary-file 
Python: Port `py/insecure-temporary-file`
 2021-02-23 21:37:59 +01:00
Tamás Vajk
91928fa098 Merge pull request #5220 from tamasvajk/feature/limit-codescanning-csharp 
Limit C# codeql analysis to the csharp folder
 2021-02-23 21:05:38 +01:00
Tamás Vajk
e6532cbd75 Merge pull request #4695 from tamasvajk/feature/csharp9-with-expr 
C#: Extract 'with' expressions
 2021-02-23 21:04:51 +01:00
Geoffrey White
431a004127 C++: QLDoc. 2021-02-23 19:10:03 +00:00
Taus Brock-Nannestad
b8ce5e969e Python: Port py/insecure-temporary-file 2021-02-23 20:02:22 +01:00
yoff
9eed17f647 Merge pull request #5152 from RasmusWL/improve-pyyaml-support 
Python: Improve pyyaml support
 2021-02-23 19:58:04 +01:00
CodeQL CI
c5ae8d2c53 Merge pull request #5210 from erik-krogh/barrierPerf 
Approved by asgerf
 2021-02-23 07:29:27 -08:00
luchua-bc
56e3b301e9 Resolve ambiguous method access 2021-02-23 15:18:07 +00:00
Rasmus Wriedt Larsen
6e2445cce6 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-02-23 15:19:29 +01:00
Rasmus Wriedt Larsen
42de872bfa Python: Add INTERNAL annotation to Response::InstanceSource 
Since we need to reserve the flexibility to change this setup within the next
few months, we don't want to commit to keeping this extension point around for
the 12 months that the normal API deprecation cycle requires.
 2021-02-23 15:10:58 +01:00
Rasmus Wriedt Larsen
8ebedf26d2 Python: Add comment for MethodView being known subclass 2021-02-23 15:08:07 +01:00
Anders Schack-Mulligen
b1bed2731d Merge pull request #5172 from smowton/smowton/feature/commons-strbuilder 
Java: Add support for commons-lang's StrBuilder class
 2021-02-23 14:39:11 +01:00
Taus
53711dc82f Merge pull request #5238 from RasmusWL/no-flow-default-value 
Python: Highlight missing flow from default value in functions
 2021-02-23 13:27:41 +01:00
CodeQL CI
3f7f963ed5 Merge pull request #5227 from erik-krogh/infTest 
Approved by asgerf
 2021-02-23 04:03:18 -08:00
Erik Krogh Kristensen
539ef49b11 change join order for SystemCommandExecutors - and use ApiGraphs::getACall 2021-02-23 12:49:25 +01:00
Erik Krogh Kristensen
56405f40b0 change join order for summarizedHigherOrderCall 2021-02-23 12:48:24 +01:00
Erik Krogh Kristensen
b3aa358177 outline callee computation - to avoid many joins on getACall 2021-02-23 12:48:20 +01:00
CodeQL CI
2551aace89 Merge pull request #5236 from asgerf/js/html-invalid-attr-name 
Approved by erik-krogh
 2021-02-23 02:03:29 -08:00
Erik Krogh Kristensen
aa6cde2fe0 remove magic from inGuard 2021-02-23 10:03:21 +01:00
Erik Krogh Kristensen
69d6df7834 make globalVarRef non recursive 2021-02-23 10:03:17 +01:00
Erik Krogh Kristensen
06091e5312 cache AstNode::getParent 2021-02-23 09:52:58 +01:00
Erik Krogh Kristensen
b4e6f92505 rearange ArrayIndexingStep to avoid #shared predicate 2021-02-23 09:52:50 +01:00
yo-h
6213c20bc3 Merge pull request #5136 from aschackmull/java/csv-models 
Java: Add support for framework modelling through csv data.
 2021-02-22 19:00:41 -05:00
CodeQL CI
73e7b54bf1 Merge pull request #5214 from tausbn/actions-add-change-note-checker 
Approved by adityasharad
 2021-02-22 11:24:51 -08:00
Geoffrey White
362c12caea Merge pull request #5217 from MathiasVP/model-bsd-sockets-part-3 
C++: Implement models for poll, accept and select
 2021-02-22 18:34:59 +00:00
Owen Mansel-Chan
110f4072fd Merge pull request #5222 from owen-mc/update-go-supported-frameworks 
Update supported go frameworks
 2021-02-22 15:49:54 +00:00
Owen Mansel-Chan
31d6dbb9da Update supported go frameworks 2021-02-22 15:38:56 +00:00
Rasmus Wriedt Larsen
e160c855ad Merge pull request #5233 from yoff/python-for-tuple-iteration 
Python: `for`-iteration of tuples
 2021-02-22 15:28:13 +01:00
Rasmus Wriedt Larsen
127e778970 Merge pull request #5215 from github/RasmusWL/fix-acronym-style 
Style Guide: Fix two-letter acronym
 2021-02-22 15:05:26 +01:00