hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,033 Commits 1,712 Branches 163 Tags
d8e4e25c1e0fca628ff0b29bc297468fa8cc77b2
Commit Graph

25033 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
d8e4e25c1e Packaging: Fix query pack references 
We can't have recursive references to query packs.
 2021-08-17 13:03:40 -07:00
Andrew Eisenberg
2c5dd2dfa3 Packaging: Refactor the cpp libraries 
This PR separates the core cpp packs into `codeql/cpp-queries` and
`codeql/cpp-all`.

There are very few lines of code changed. Almost all changes are moving
files around.
 2021-08-17 11:22:36 -07:00
Andrew Eisenberg
e566fb9c5a Packaging: Update suite-helpers qlpack 
Uses new style naming scheme.
 2021-08-16 17:51:33 -07:00
Sarita Iyer
57ff8e7138 Merge pull request #6473 from github/sarita-iyer/codeql-packs-vscode 
Added article for working with codeQL packs in VS Code
 2021-08-12 16:08:00 -04:00
Sarita Iyer
a373ac8332 Update period at end of quote 2021-08-12 15:42:23 -04:00
Sarita Iyer
eb2ef23d56 Apply suggestions from code review 
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com>
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2021-08-12 14:57:13 -04:00
Sarita Iyer
d1190dc5f2 Switch from object to element, and clarify package cache functionality 2021-08-12 10:41:20 -04:00
Shati Patel
1707fb8821 Merge pull request #6475 from github/correct-link-syntax 
Fix markup in `metadata-for-codeql-queries.rst`
 2021-08-12 09:36:18 +01:00
CodeQL CI
8fe2a43fd9 Merge pull request #6433 from asgerf/js/tainted-url-suffix 
Approved by erik-krogh
 2021-08-12 00:28:46 -07:00
James Fletcher
3bd918972e fix markup 2021-08-12 08:16:20 +01:00
Sarita Iyer
186e011a4b Added codeql packs info for use in VS code 2021-08-11 15:47:27 -04:00
Alexandre Boulgakov
00466e4bb0 Merge pull request #6464 from sashabu/sashabu/auto 
C++: Expose trailing return type presence.
 2021-08-11 18:43:39 +01:00
Chris Smowton
7a2704373f Merge pull request #5943 from joefarebrother/java-stub 
[Java] Add stubbing script
 2021-08-11 16:11:53 +01:00
Alexandre Boulgakov
490498899b C++: Expose trailing return type presence. 2021-08-11 16:04:07 +01:00
Geoffrey White
3f72a1abea Merge pull request #6471 from MathiasVP/fix-fp-in-incorrect-allocation-error-handling 
C++: Fix false-positive in 'cpp/incorrect-allocation-error-handling'
 2021-08-11 15:56:55 +01:00
CodeQL CI
c8ded7ebf6 Merge pull request #6459 from erik-krogh/oreq 
Approved by asgerf
 2021-08-11 07:40:13 -07:00
Mathias Vorreiter Pedersen
8d594dbf08 Update cpp/ql/test/query-tests/Security/CWE/CWE-570/test.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-08-11 16:18:18 +02:00
Mathias Vorreiter Pedersen
0d1884d7a6 C++: Fix FP and accept test changes. 2021-08-11 15:38:57 +02:00
Mathias Vorreiter Pedersen
c2b1da0010 C++: Add FP testcase with an 'new' that has a 'std::nothrow&' parameter, but not a 'noexcept' specifier. This case was previously not reported because of the 'noexcept' specifier, and apparently the 'std::nothrow' case was broken all along. 2021-08-11 15:38:03 +02:00
Mathias Vorreiter Pedersen
89ce25f247 Merge pull request #6083 from ihsinme/ihsinme-patch-275 
CPP: Add query for CWE-783 Operator Precedence Logic Error When Use Bitwise Or Logical Operations
 2021-08-11 14:40:09 +02:00
ihsinme
6d24047626 Update OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql 2021-08-11 14:34:20 +03:00
Chris Smowton
d45d58804b Merge pull request #6466 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-11 07:56:55 +01:00
github-actions[bot]
5db82651fe Add changed framework coverage reports 2021-08-11 00:13:37 +00:00
Joe Farebrother
7462180dcd Improve handling or array types 2021-08-10 16:52:38 +01:00
Erik Krogh Kristensen
01a202fa10 fix cfg and dataflow for logical compound assignments 2021-08-10 12:17:59 +02:00
Tom Hvitved
d658ef1dcd Merge pull request #6449 from hvitved/python/contains-in-scope-perf 
Python: Avoid bad join in `AstExtended::AstNode::containsInScope`
 2021-08-10 10:27:00 +02:00
Chris Smowton
cb73100717 Merge pull request #6458 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-10 09:23:53 +01:00
Chris Smowton
9f9c76390f Nudge CI 2021-08-10 09:12:18 +01:00
Asger Feldthaus
d83f5a9cd7 JS: Update StringConcatenation tests after handling 0-arg join calls 2021-08-10 08:56:36 +02:00
Asger Feldthaus
a3e56dea5e JS: Factor out StringOps::substringMethodName 2021-08-10 08:55:04 +02:00
Asger Feldthaus
1074d409fb JS: Autoformat 2021-08-10 08:55:03 +02:00
Asger Feldthaus
6ef83f8015 JS: Change note 2021-08-10 08:55:03 +02:00
Asger Feldthaus
f1bcfa287b JS: Add more tests 2021-08-10 08:55:03 +02:00
Asger Feldthaus
4efea4316e JS: Use TaintedUrlSuffix flow label in jQuery xss 2021-08-10 08:55:03 +02:00
Asger F
077aa05336 Merge pull request #6448 from asgerf/js/handlebars-extraction-preliminary 
JS: Update locations in Angular2 test
 2021-08-10 08:50:18 +02:00
github-actions[bot]
22fe354aab Add changed framework coverage reports 2021-08-10 00:07:47 +00:00
Chris Smowton
5ba9347281 Merge pull request #6006 from artem-smotrakov/timing-attacks 
Java: Timing attacks while comparing results of cryptographic operations
 2021-08-09 15:30:47 +01:00
Chris Smowton
171dc26531 Fix test reference and expectations 2021-08-09 13:56:55 +01:00
Tom Hvitved
ea6d51f123 Python: Avoid bad join in AstExtended::AstNode::containsInScope 2021-08-09 11:20:57 +02:00
Asger Feldthaus
88500a3fa3 JS: Update TRAP test output 2021-08-09 11:19:08 +02:00
Asger Feldthaus
2836d465e4 JS: Update locations in Angular2 test 2021-08-09 11:03:15 +02:00
Tom Hvitved
15db6dfb10 Merge pull request #6431 from hvitved/csharp/silence-xml-extraction 
C#: Silence XML extraction commands
 2021-08-09 09:36:23 +02:00
CodeQL CI
562ba49f4e Merge pull request #6406 from erik-krogh/cleanCfg 
Approved by asgerf
 2021-08-09 00:21:31 -07:00
Tamás Vajk
c1cf2a1c5f Merge pull request #5579 from edvraa/cookies 
C#: HttpOnly and Secure cookie queries
 2021-08-09 08:58:11 +02:00
Shati Patel
8bb47b91b9 Merge pull request #6426 from shati-patel/docs/cwe-coverage 
Docs: Make TOC more visible and add note about CWE coverage
 2021-08-05 15:01:29 +01:00
Shati Patel
97dd88661e Merge pull request #6427 from shati-patel/docs/vscode-tests 
Docs: Mention setting for running tests in VS Code (already shipped)
 2021-08-05 15:01:20 +01:00
Tom Hvitved
5b5ed97421 C#: Silence XML extraction commands 2021-08-05 15:24:01 +02:00
Tom Hvitved
4ee5cc5557 Merge pull request #6428 from hvitved/csharp/xss-nodes 
C#: Add missing `nodes` predicate to XSS queries
 2021-08-05 15:03:22 +02:00
Tom Hvitved
9eb3f28ef1 C#: Add missing nodes predicate to XSS queries 2021-08-05 13:53:52 +02:00
Tom Hvitved
6471092139 Merge pull request #6394 from github/p0/csharp-virtual-dispatch-limit 
C#: Guard against virtual dispatch branching too much.
 2021-08-05 13:20:14 +02:00