hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,728 Commits 1,714 Branches 163 Tags
dd84b6063beaeef6f3d826b735b67e86d8520f05
Commit Graph

2728 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
dd84b6063b Merge pull request #794 from xiemaisi/js/parallel-extraction 
Approved by asger-semmle, esben-semmle
 2019-01-20 00:22:38 +00:00
Mark Shannon
261cd36b8c Merge pull request #781 from kevinbackhouse/HashedButNoHash 
Python: fix false positive result.
 2019-01-18 21:56:12 +00:00
Kevin Backhouse
9e79e1bc8c Simplify the logic with theTypeErrorType(). 2019-01-18 16:33:48 +00:00
Taus
bcc65dbad3 Merge pull request #554 from markshannon/python-named-module-utility 
Python: named module utility
 2019-01-18 16:01:36 +01:00
Taus
8d99186d74 Merge pull request #795 from markshannon/remove-builtin-class-test 
Python: Remove fragile and unnecessary test.
 2019-01-18 15:17:39 +01:00
Taus
92d2e18bf2 Merge pull request #712 from markshannon/python-fix-odasa-7307 
Python: Detect a wider range of generated files.
 2019-01-18 14:38:08 +01:00
Mark Shannon
c1a549ddff Python. Improve grammar in qldoc comment. 2019-01-18 11:49:59 +00:00
Mark Shannon
4398670ecc Merge pull request #775 from taus-semmle/python-dill-pickle-support 
Python: dill pickle support.
 2019-01-18 10:01:22 +00:00
Max Schaefer
740acc12e8 JavaScript: Add change note. 2019-01-18 09:36:07 +00:00
semmle-qlci
5e712b3ff6 Merge pull request #784 from asger-semmle/dedup-promiseTaintStep 
Approved by esben-semmle
 2019-01-18 08:52:09 +00:00
Dave Bartolomeo
6af8948a3f Merge pull request #783 from jbj/ir-reachable-perf 
C++: Speed up getAFeasiblePredecessorBlock
 2019-01-17 10:19:07 -08:00
Kevin Backhouse
56efe3adb7 Fix false positive result. 2019-01-17 16:22:48 +00:00
Kevin Backhouse
5fc056beb3 Add regression test for false positive result. 2019-01-17 16:22:19 +00:00
Jonas Jensen
f147b63bb8 Merge pull request #654 from geoffw0/lossyresultcast 
CPP: Work on Lossy function result cast query
 2019-01-17 17:07:29 +01:00
semmle-qlci
beed51924e Merge pull request #780 from Semmle/xiemaisi-patch-4 
Approved by esben-semmle
 2019-01-17 16:04:00 +00:00
Asger F
a8d750f086 JS: update header doc in Promises.qll 2019-01-17 15:26:45 +00:00
Asger F
e9c4f13a31 JS: Remove trailing whitespace again 2019-01-17 13:10:15 +00:00
Asger F
7a344c8546 JS: Add resolved promise taint test case 2019-01-17 13:08:55 +00:00
Asger F
b6fdbdcf84 JS: deduplicate promiseTaintStep 2019-01-17 13:04:16 +00:00
Asger F
882b337c15 JS: Move ResolvedPromiseDefinition into StandardLibrary.qll 2019-01-17 13:02:03 +00:00
Asger F
fc27b26bd5 JS: Remove duplicate PromiseFlowStep 2019-01-17 12:56:40 +00:00
Asger F
66901dc7b8 JS: remove duplicate ES2015PromiseDefinition 2019-01-17 12:55:38 +00:00
Jonas Jensen
6b9aaf63d7 C++: Speed up getAFeasiblePredecessorBlock 
This predicate was unbearably slow on a ChakraCore snapshot (and
probably everywhere else):

    ReachableBlock::getAFeasiblePredecessorBlock#2#ff#antijoin_rhs .. 1m6s
    ReachableBlock::getAFeasiblePredecessorBlock#ff#antijoin_rhs .... 31.8s

With this change, the predicate is so fast that it doesn't even show up
in the clause timing report.

It's possible that we only tested this for performance in 1.18, and then
it has regressed in 1.19. Otherwise I can't explain how we've missed
this. I'm using QL for Eclipse 1.20.0.201901070127.
 2019-01-17 13:36:20 +01:00
Mark Shannon
801d8cb3a5 Python: Remove fragile and unnecessary test. 2019-01-17 12:31:19 +00:00
Calum Grant
f85f05d55f Merge pull request #776 from hvitved/csharp/delegate-ref-assignment 
C#: Recognize `ref` assignments through delegate calls
 2019-01-17 10:35:26 +00:00
Max Schaefer
8f8068695d JavaScript: Bump extractor version to avoid trap cache. 2019-01-17 09:30:18 +00:00
Max Schaefer
ce65fcedc1 JavaScript: Abort AutoBuild if an exception happens in one of the extractor threads. 2019-01-17 09:29:49 +00:00
Max Schaefer
7765c6d486 JavaScript: Await termination of extractor threadpool. 2019-01-17 09:29:49 +00:00
Max Schaefer
3b5315aa7e JavaScript: Improve logging. 2019-01-17 09:29:49 +00:00
Max Schaefer
a6cb63e9c8 JavaScript: Make number of threads configurable through LGTM_INDEX_THREADS. 
If the number of threads specified is one or lower, we fall back onto single-threaded extraction.
 2019-01-17 09:29:49 +00:00
Max Schaefer
d625ebf86d JavaScript: Extract JavaScript files after TypeScript files. 
This way we only start multi-threaded extraction after the TypeScript parser has already been shut down, reducing the chance of running out of memory.
 2019-01-17 09:29:49 +00:00
Max Schaefer
57133f91ff JavaScript: Prevent interleaved progress messages on stdout. 2019-01-17 09:29:49 +00:00
Max Schaefer
1c84dc011a JavaScript: Parallelise extraction of JavaScript (but not TypeScript) files. 2019-01-17 09:29:49 +00:00
Max Schaefer
8014ded973 JavaScript: Remove static state in JSDocParser. 2019-01-17 09:29:49 +00:00
Max Schaefer
5832f7c3ad JavaScript: Pull ExtractorState out of FileExtractor. 2019-01-17 09:29:49 +00:00
Max Schaefer
335d43b122 JavaScript: Make AutoBuild less stateful. 2019-01-17 09:29:49 +00:00
Max Schaefer
a058d7a502 JavaScript: Fix examples in flow-summaries.rst 
The S-expression examples still used the old order of parameters for `parameter` and `member`.
 2019-01-17 09:12:40 +00:00
Tom Hvitved
9031e19c88 C#: Recognize ref assignments through delegate calls 2019-01-16 15:53:31 +01:00
Max Schaefer
bca941ddf6 Merge pull request #765 from asger-semmle/class-receiver-propagation 
JS: support flow out of "this" in constructor call
 2019-01-16 14:40:19 +00:00
Tom Hvitved
fc5076b466 C#: Add test for assignment through delegate ref argument 2019-01-16 15:22:45 +01:00
Taus Brock-Nannestad
a422215272 Add change note for 1.20 2019-01-16 14:55:12 +01:00
Taus Brock-Nannestad
e8c092ad72 Python: Support the dill pickling library. 2019-01-16 14:53:42 +01:00
Mark Shannon
65337ef835 Merge pull request #564 from taus-semmle/python-insecure-ssl-version 
Python: Check for insecure versions of SSL and TLS.
 2019-01-16 12:32:30 +00:00
Asger F
a1c7f32fb6 JS: change note 2019-01-16 11:14:00 +00:00
Asger F
9aaea40719 JS: address comments and support TrackedNode 2019-01-16 11:12:38 +00:00
Asger F
6d1eab8a4b JS: support flow out of "this" in constructor call 2019-01-16 11:09:38 +00:00
Taus
370a9e491c Merge pull request #761 from markshannon/python-fix-regex-test-depth 
Python tests: Increase import depth to ensure sre_constants module is imported
 2019-01-16 11:38:02 +01:00
Max Schaefer
4a7e0fe104 Merge pull request #766 from asger-semmle/ts-compiler-3.2 
TS: Support TypeScript 3.2
 2019-01-16 08:49:45 +00:00
semmle-qlci
5bc17923b1 Merge pull request #665 from asger-semmle/js-property-concat-sanitizer 
Approved by esben-semmle, xiemaisi
 2019-01-16 08:44:55 +00:00
semmle-qlci
cf3a4ac956 Merge pull request #767 from esben-semmle/js/unknown-bound-event-handler-receiver 
Approved by xiemaisi
 2019-01-16 08:36:11 +00:00