hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,105 Commits 1,673 Branches 157 Tags
e2af176727decaecbe2b591bbae32c8a6a807d86
Commit Graph

19105 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamás Vajk
e2af176727 Merge pull request #4974 from tamasvajk/feature/cleanup-db 
C#: Remove leftover DB upgrade folder
 2021-01-19 11:30:07 +01:00
Tamás Vajk
b228b7d17b Merge pull request #4975 from tamasvajk/feature/fix-build-error 
C#: Fix build error in RelationalPattern
 2021-01-19 10:10:53 +01:00
Tamas Vajk
be7d458dc6 C#: Fix build error in RelationalPattern 2021-01-19 09:49:51 +01:00
Tamas Vajk
6cafb281b5 C#: Remove leftover DB upgrade folder 2021-01-19 09:45:34 +01:00
Tamás Vajk
b775eb4cf7 Merge pull request #4789 from tamasvajk/feature/csharp9-relational-pattern2 
C#: Relational patterns
 2021-01-19 09:38:57 +01:00
Tom Hvitved
25095f919e Merge pull request #4962 from hvitved/csharp/nullability-extraction 
C#: Improved extraction of type nullability
 2021-01-19 09:34:38 +01:00
Anders Schack-Mulligen
b620e02000 Merge pull request #4973 from Marcono1234/patch-1 
Add ArrayInit.getSize(), improve documentation
 2021-01-19 09:06:45 +01:00
Anders Schack-Mulligen
dde8d320f3 Apply suggestions from code review 
Minor qldoc fixes.
 2021-01-19 08:24:24 +01:00
Marcono1234
703336a77f Add ArrayInit.getSize(), improve documentation 2021-01-18 16:44:53 +01:00
CodeQL CI
fc2fe6cccb Merge pull request #4928 from esbena/js/rewrite-multi-sanitization 
Approved by asgerf
 2021-01-18 05:11:42 -08:00
Tamas Vajk
8400a3862b Add DB upgrade folder 2021-01-18 09:19:27 +01:00
Tamas Vajk
ce58514453 Change release note date 2021-01-18 09:19:27 +01:00
Tamas Vajk
c0b31cbfe7 Add new stats file 2021-01-18 09:19:27 +01:00
Tamas Vajk
f235a28295 C# Add relational patterns extraction 2021-01-18 09:19:27 +01:00
Tom Hvitved
9a9a57716c C#: Improved extraction of type nullability 2021-01-15 16:01:14 +01:00
Anders Schack-Mulligen
545451e602 Merge pull request #4960 from github/yo-h/java15-change-note 
Java: update documentation on supported language versions
codeql-cli/v2.4.3 codeql-cli/v2.4.2 		2021-01-15 10:19:46 +01:00
Tamás Vajk
81ce29c6c8 Merge pull request #4656 from tamasvajk/feature/csharp9-not-pattern 
C#: Extract unary patterns
 2021-01-15 09:44:53 +01:00
yo-h
27fd16ae87 Java: update documentation on supported language versions 2021-01-14 20:29:16 -05:00
Tom Hvitved
d7ca065192 Merge pull request #4923 from hvitved/csharp/ssa/refactor 
C#: SSA refactorings
 2021-01-14 17:28:14 +01:00
Tom Hvitved
6cf684f615 C#: Fix QL doc 2021-01-14 15:59:22 +01:00
yoff
b5d40e4c9a Merge pull request #4944 from RasmusWL/flask-class-based-handlers 
Python: Add modeling of Flask class based (HTTP) request handlers
 2021-01-14 15:17:36 +01:00
yoff
de8ac6c12d Merge pull request #4869 from RasmusWL/tornado-source-modeling 
Python: Add Tornado source modeling
 2021-01-14 14:40:14 +01:00
Tamas Vajk
4b32fd0556 Update change note date 2021-01-14 14:29:13 +01:00
Tamas Vajk
b7b4ed8774 Add DB upgrade folder 2021-01-14 14:26:40 +01:00
Tamas Vajk
66d8b0f1a0 Add new .stats file 2021-01-14 14:11:28 +01:00
Rasmus Wriedt Larsen
4cb2f2ed1e Python: Proper models of flask MethodView classes 2021-01-14 13:42:18 +01:00
Rasmus Wriedt Larsen
e327fdb317 Python: Model flask View classes 2021-01-14 13:42:18 +01:00
Rasmus Wriedt Larsen
0b1cece523 Python: Add tests for class based handlers in Flask 2021-01-14 13:42:17 +01:00
Rasmus Wriedt Larsen
14bb10a361 Python: Use LocalSourceNode for TornadoRouteRegex 2021-01-14 13:39:41 +01:00
Rasmus Wriedt Larsen
f9a29cb886 Python: Add change-note for tornado source modeling 2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen
812ea5dde5 Python: Tornado: Model request handlers without known route 2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen
1849b9e771 Python: Tornado: Handle basic route setup with tuples 
The reason this becomes valueable right now, is that we can mark routed params
as taint-sources. Longer down the line, we can (hopefully) detect that a routed
param will only accept digits, and mark it safe for some of our taint-tracking
queries.
 2021-01-14 13:37:26 +01:00
Rasmus Wriedt Larsen
39d85896a1 Python: Add basic taint modeling of tornado request 2021-01-14 13:37:26 +01:00
Rasmus Wriedt Larsen
4641150d45 Python: Basic taint-modeling of tornado.web.RequestHandler classes 2021-01-14 13:37:25 +01:00
Rasmus Wriedt Larsen
9cd8a862a0 Python: Expand Tornado tests and add annotations 
I should probably have split this up into 2 commits, so sorry that didn't happen :|
 2021-01-14 13:37:24 +01:00
Rasmus Wriedt Larsen
b4f3399534 Python: Add reverse inheritance test for Tornado 2021-01-14 13:37:24 +01:00
Rasmus Wriedt Larsen
57d08a8523 Python: Rewrite old Tornado tests 
Now you can run them, and the examples have been adjusted so they actually work!
 2021-01-14 13:37:23 +01:00
Rasmus Wriedt Larsen
7db55906b9 Python: Copy old tornado tests 2021-01-14 13:37:22 +01:00
Tom Hvitved
f5eb131e2d C#: Address review comments 2021-01-14 12:42:43 +01:00
yoff
c69b776d34 Merge pull request #4864 from RasmusWL/django-request-handler-without-route 
Python: Model Django request handler without route
 2021-01-14 12:06:59 +01:00
Tamás Vajk
fa8e902fe4 Merge pull request #4922 from tamasvajk/feature/fix-finally-cfg-opass 
C#: Fix expanded assignment lookup in finally blocks for CFG
 2021-01-14 11:26:33 +01:00
Tamás Vajk
36a1293156 Merge pull request #4952 from tamasvajk/feature/type-mention-nullable 
C#: Fix type mention extraction of named types with nullability enabled
 2021-01-14 11:25:44 +01:00
Mathias Vorreiter Pedersen
3468593d3a Merge pull request #4915 from geoffw0/sqltaint 
C++: Fix FPs in cpp/sql-injection
 2021-01-14 11:20:08 +01:00
Tamas Vajk
48d8ee9166 Fix failing test 2021-01-14 09:47:46 +01:00
Tamas Vajk
927dd514ea C#: Extract unary patterns 2021-01-14 09:47:46 +01:00
Tamás Vajk
842ed62875 Merge pull request #4927 from tamasvajk/feature/comp-assembly 
C#: Add output assembly to compilation
 2021-01-14 09:45:11 +01:00
CodeQL CI
4229f556cb Merge pull request #4751 from erik-krogh/logInjection 
Approved by asgerf, mchammer01
 2021-01-14 00:32:46 -08:00
Tamas Vajk
05c858ec2c C#: Fix expanded assignment lookup in finally blocks for CFG 2021-01-14 08:54:10 +01:00
Tamas Vajk
5803a449be Add test case for assign operation in finally 2021-01-14 08:39:46 +01:00
Tamas Vajk
ec669c883a Add DB upgrade folder 2021-01-14 08:25:35 +01:00