hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
23,305 Commits 1,741 Branches 166 Tags
cf689b83a9b2d7a67673f2fd8afb203e65d0ea64
Commit Graph

23305 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
dd457f9641 Python: Fix tests 2021-06-10 15:58:56 +02:00
John L. Singleton
f174d7a0e0 Comment changes 2021-06-10 09:52:22 -04:00
John L. Singleton
14c419a75f autoformatting 2021-06-10 09:39:43 -04:00
CodeQL CI
a241c114da Merge pull request #5836 from RasmusWL/ec-class-improvement 
Approved by tausbn
 2021-06-10 06:20:56 -07:00
Rasmus Wriedt Larsen
04db33513e Merge branch 'main' into sensitive-improvements 2021-06-10 15:11:09 +02:00
Rasmus Wriedt Larsen
ea0c1d7db3 Python: Better handling of sensitive functions 
This solution was the best I could come up with, but it _is_ a bit
brittle since you need to remember to add this additional taint step
to any configuration that relies on sensitive data sources... I don't
see an easy way around this though :|
 2021-06-10 15:08:21 +02:00
Rasmus Wriedt Larsen
f167143a84 Python: Use real config in TestSensitiveDataSources 
This will enable better tests in just one second
 2021-06-10 15:01:31 +02:00
Rasmus Wriedt Larsen
c341643ec1 Python: Add more tests for sensitive function handling 2021-06-10 14:36:05 +02:00
Rasmus Wriedt Larsen
eb4f168dd4 Python: Clarify SensitiveAttributeAccess 
The comment about imports was placed wrong. I also realized we didn't
even have a single test-case for
`this.(DataFlow::AttrRead).getAttributeNameExpr() = sensitiveLookupStringConst(classification)`
so I added that (notice that this is only `getattr(foo, x)` and not
`getattr(foo, "password")`)
 2021-06-10 14:09:47 +02:00
yoff
716627c1dd Merge pull request #5878 from RasmusWL/fix-concept-tests-pretty-print 
Python: Fix concept tests pretty print
 2021-06-10 11:21:08 +02:00
John L. Singleton
01cac13a48 format ql test files. 2021-06-09 17:16:26 -04:00
John L. Singleton
b91a0dbe16 removed accidental modification. 2021-06-09 17:12:59 -04:00
John L. Singleton
1fe3c9d093 removed accidental modification. 2021-06-09 17:11:39 -04:00
John L. Singleton
28e2cdb54e adding standard C/C++ fixed width, minimum width, and maximum width types 2021-06-09 16:12:58 -04:00
Taus
b14fa8b4cd Merge pull request #5925 from RasmusWL/pep249-import 
Python: Use absolute import for PEP249
 2021-06-09 18:32:28 +02:00
Dave Bartolomeo
4f81484e91 Merge pull request #6050 from MathiasVP/fix-join-order-in-addressOperandAllocationAndOffset 
C++: Fix join order in `addressOperandAllocationAndOffset`
 2021-06-09 12:20:50 -04:00
Shati Patel
bc4184e859 Merge pull request #6051 from github/shati-patel/rank 
Clarify docs about rank aggregate
 2021-06-09 16:03:34 +01:00
shati-patel
b5420a6f39 Update wording 2021-06-09 15:54:57 +01:00
shati-patel
0c9b53a9b2 Fix table formatting 2021-06-09 15:27:01 +01:00
shati-patel
405b2c84d6 Clarify how to think about rank aggregate 
- Mention that `rank[1](...)` is the same as `min(...)`
- Make this (+ note about 1-based indexing) more visible
 2021-06-09 15:25:28 +01:00
Mathias Vorreiter Pedersen
879bfbbd4e C++: Match the join order from before #5522. 2021-06-09 15:02:31 +02:00
Taus
e3a6daaecb Merge pull request #6046 from RasmusWL/typetracking-attributes 
Python: Add type-tracking test for attrs set in functions/methods
 2021-06-09 14:45:48 +02:00
Rasmus Wriedt Larsen
aaddd36236 Python: Add another type-tracking attr test 
This one just works out of the box 💪
 2021-06-09 14:20:50 +02:00
Rasmus Wriedt Larsen
89cba216ca Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-06-09 14:15:59 +02:00
CodeQL CI
d65e6bbfa1 Merge pull request #6035 from erik-krogh/joi 
Approved by asgerf
 2021-06-09 04:42:54 -07:00
Erik Krogh Kristensen
3e171adaab update qldoc 
Co-authored-by: Asger F <asgerf@github.com>
 2021-06-09 10:45:55 +02:00
CodeQL CI
6bdd7df810 Merge pull request #6002 from erik-krogh/history 
Approved by asgerf
 2021-06-08 13:17:38 -07:00
CodeQL CI
a02f96d660 Merge pull request #6043 from erik-krogh/serialize-javascript-typo 
Approved by asgerf
 2021-06-08 12:18:52 -07:00
CodeQL CI
169e67cbb8 Merge pull request #5990 from erik-krogh/prettier 
Approved by asgerf
 2021-06-08 12:17:24 -07:00
Rasmus Wriedt Larsen
3d2de03674 Python: Add type-tracking test for attr set in function 2021-06-08 19:03:53 +02:00
Rasmus Wriedt Larsen
dcd448b743 Python: Refactor formatting 2021-06-08 19:03:53 +02:00
Rasmus Wriedt Larsen
09de1bcf44 Python: Add tests for type-tracking attrs on instances 2021-06-08 19:03:53 +02:00
Mathias Vorreiter Pedersen
8fb15666ee Merge pull request #6041 from geoffw0/uncontrolled-allocation-size 
C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size.
 2021-06-08 17:44:02 +02:00
Rasmus Wriedt Larsen
afd35f2e21 Python: Fix wording of change-note 
`aiohttp.web` is a web _framework_, and not a web _server_.
 2021-06-08 16:19:25 +02:00
CodeQL CI
fec39857fa Merge pull request #6015 from erik-krogh/resolve 
Approved by asgerf
 2021-06-08 04:15:19 -07:00
CodeQL CI
6279c67949 Merge pull request #5901 from erik-krogh/regFP 
Approved by asgerf
 2021-06-08 04:14:06 -07:00
Erik Krogh Kristensen
4b98af0c2b fix typo in prettier qldoc 
Co-authored-by: Asger F <asgerf@github.com>
 2021-06-08 13:13:33 +02:00
Erik Krogh Kristensen
ba6d504746 fix typo in SerializeJavascriptSanitizer qldoc 2021-06-08 13:12:23 +02:00
Geoffrey White
32545a1346 C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size. 2021-06-08 10:59:03 +01:00
Erik Krogh Kristensen
8b4c3c4462 refactor ValidationCall back to a CallNode 2021-06-08 11:18:49 +02:00
Mathias Vorreiter Pedersen
025043afca Merge pull request #6010 from geoffw0/charloc 
C++: Test and fix maxCols / charLoc
 2021-06-08 11:15:04 +02:00
CodeQL CI
561c8d0e1a Merge pull request #6033 from erik-krogh/serverlessLib 
Approved by asgerf
 2021-06-08 01:44:40 -07:00
CodeQL CI
95b591d72b Merge pull request #6025 from erik-krogh/serve 
Approved by asgerf
 2021-06-08 01:42:38 -07:00
Erik Krogh Kristensen
b1d7c61d8e add missing qldoc 2021-06-08 09:56:32 +02:00
Erik Krogh Kristensen
1ad08677c2 model serve-handler in js/exposure-of-private-files 2021-06-08 09:52:56 +02:00
CodeQL CI
260ae47940 Merge pull request #6031 from asgerf/js/lines-of-user-code 
Approved by erik-krogh
 2021-06-08 00:37:51 -07:00
AlexDenisov
378a357251 Merge pull request #6032 from AlexDenisov/alexdenisov/fix-outdated-comment 
C++: Remove outdated comment
 2021-06-08 08:56:38 +02:00
Erik Krogh Kristensen
be7abede22 add model for the joi library 2021-06-07 20:04:17 +02:00
Felicity Chapman
44b9de04e5 Merge pull request #6011 from github/docs-4433-diagnostic-info 
Make minimal changes to CodeQL docs for new diagnostic data
 2021-06-07 17:20:15 +01:00
Felicity Chapman
aad738ba9f Update docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2021-06-07 17:05:40 +01:00