codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Author	SHA1	Message	Date
Felicity Chapman	e34cf86c47	Move support information to QL repository for easier maintenance	2019-02-22 15:21:16 +00:00
Jonas Jensen	7649e8758b	Merge pull request #846 from geoffw0/returnstack CPP: Improve ReturnStackAllocatedMemory.ql	2019-02-21 22:04:53 +01:00
Jonas Jensen	1bc967c1d1	Merge pull request #819 from geoffw0/newdelete CPP: Improve dataflow in newdelete.qll	2019-02-21 15:09:49 +01:00
Taus	ed3a8f0bee	Merge pull request #799 from markshannon/python-api-tidy-up Python API tidy up, part 1	2019-02-21 13:25:17 +01:00
Jonas Jensen	1e0a385d41	C++: Put ReturnStackAllocatedMemory.ql on LGTM	2019-02-21 11:39:05 +01:00
Tom Hvitved	a382a5876f	Merge pull request #808 from calumgrant/cs/double-checked-locks C#: Work on cs/unsafe-double-checked-lock	2019-02-21 11:17:35 +01:00
calum	40f3b8b439	C#: Address review comments (documentation).	2019-02-20 18:00:30 +00:00
Mark Shannon	98be27a73e	Python: Add 'attr' predicate as a synomnym for 'getAttribute' to help readability.	2019-02-20 11:08:44 +00:00
Geoffrey White	7b0f310856	CPP: Add query IDs to change note.	2019-02-20 10:38:49 +00:00
Geoffrey White	bc0387dc9a	CPP: Change note.	2019-02-20 10:21:49 +00:00
semmle-qlci	62c0eea572	Merge pull request #939 from yh-semmle/java-frameworks Approved by pavgust	2019-02-18 17:06:34 +00:00
Taus	1b25573cc0	Merge pull request #872 from markshannon/python-bottle Python: Add support for bottle framework.	2019-02-18 12:34:44 +01:00
yh-semmle	ca3aaa8c75	Java: add change note for additional framework support	2019-02-15 20:01:08 -05:00
Max Schaefer	41eb1ff9d0	JavaScript: Drop precision of `AmbiguousIdAttribute` to 'high'.	2019-02-12 16:31:29 +00:00
Max Schaefer	25f95d9fb1	JavaScript: Be more conservative about templates in `AmbiguousIdAttribute`. Previously, we only excluded attributes where the value of the attribute itself suggests templating happening. Now we exclude all attributes in documents where _any_ attribute value suggests templating.	2019-02-12 16:31:01 +00:00
Mark Shannon	aab0a243dc	Python: Add redirects to bottle framework support.	2019-02-12 14:26:06 +00:00
semmle-qlci	c133362660	Merge pull request #910 from xiemaisi/js/regexp-taint Approved by esben-semmle	2019-02-12 13:15:16 +00:00
Felicity Chapman	8c5b495c97	Merge pull request #917 from markshannon/python-extractor-change-note Python: Add change note for unified parser.	2019-02-12 12:24:07 +00:00
Mark Shannon	384fa5db3f	Python: clarfiy change note.	2019-02-12 09:53:00 +00:00
Tom Hvitved	14bdea1cf2	Merge pull request #847 from calumgrant/cs/json.net C#: Model Json.NET dataflow	2019-02-11 15:48:01 +01:00
Anders Schack-Mulligen	52ad816074	Merge pull request #904 from rneatherway/zipslip-fix Java: Add a flow step for `Path::toFile` in ZipSlip	2019-02-11 13:08:38 +01:00
Robin Neatherway	409733838b	Java: Add a flow step for `Path::toFile` in ZipSlip	2019-02-11 10:33:44 +00:00
Mark Shannon	ee143ee041	Python: Add change note for unified parser.	2019-02-08 16:44:01 +00:00
calum	b473d2f7a8	C#: Update change notes. Decrease the priority of this query because the `volatile` keyword is no longer needed on modern .Net runtimes.	2019-02-08 14:59:45 +00:00
calum	15a2f9dc13	C#: Add change note.	2019-02-08 14:38:51 +00:00
Taus	90eccbdf76	Merge pull request #836 from markshannon/python-mutating-descriptor Python: Fix up mutating-descriptor query	2019-02-08 15:10:30 +01:00
Max Schaefer	6ce77ea1ef	JavaScript: Add change note.	2019-02-08 09:57:07 +00:00
semmle-qlci	0558b58193	Merge pull request #907 from asger-semmle/reapply-closure-modules Approved by xiemaisi	2019-02-08 09:23:47 +00:00
calum	65b3771f85	C#: Add changenote.	2019-02-07 12:10:18 +00:00
Asger F	e4b230ba60	Revert "Merge pull request #897 from Semmle/revert-817-closure-modules" This reverts commit `95185345fd`, reversing changes made to `b8be66ec48`.	2019-02-07 11:58:38 +00:00
Jonas Jensen	47ad280e34	Merge pull request #842 from geoffw0/gets CPP: Clean up PotentialBufferOverflow.ql, PotentiallyDangerousFunction.ql	2019-02-07 09:27:00 +01:00
Max Schaefer	812cba0fe3	Merge pull request #828 from esben-semmle/js/vue-support-1 JS: basic Vue support	2019-02-07 08:00:17 +00:00
Asger F	e46e2b2515	Revert "JS: Add support for Closure modules"	2019-02-06 17:30:45 +00:00
semmle-qlci	b13c11017c	Merge pull request #885 from asger-semmle/async-waterfall Approved by xiemaisi	2019-02-06 16:30:17 +00:00
Esben Sparre Andreasen	235625d03a	Merge branch 'master' into js/vue-support-1	2019-02-06 16:57:16 +01:00
semmle-qlci	09825f28ed	Merge pull request #817 from asger-semmle/closure-modules Approved by esben-semmle, xiemaisi	2019-02-06 15:51:53 +00:00
semmle-qlci	a2691b32b5	Merge pull request #851 from xiemaisi/js/post-message-star Approved by esben-semmle	2019-02-06 09:57:04 +00:00
Esben Sparre Andreasen	fb19032038	JS: change notes for Vue support	2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen	a78dd422b6	JS: add query `js/vue/arrow-method-on-vue-instance`	2019-02-06 09:38:00 +01:00
Geoffrey White	2a708d3243	CPP: Change note.	2019-02-05 17:58:30 +00:00
Asger F	ddd72190cb	JS: change note	2019-02-05 16:59:29 +00:00
Tom Hvitved	37c55750f7	Merge pull request #873 from calumgrant/cs/format-getresource-strings C#: Fix FP in cs/format-argument-unused	2019-02-05 17:12:04 +01:00
yh-semmle	3e8f7a740c	Merge pull request #838 from aschackmull/java/taint-collections Java: Add additional taint steps through collections.	2019-02-05 09:59:24 -05:00
Asger F	9fd4e81f20	JS: add change note	2019-02-04 14:21:34 +00:00
Tom Hvitved	b4b6fdd12b	C#: Revert recent change to `AccessorCall` The recent change to `AccessorCall` on `dd99525566` resulted in some bad join-orders, so I have (partly) reverted them. This means that the issues orignally addressed by that change are now reintroduced, and I plan to instead apply a fix to the CFG, which--unlike the original fix--should be able to handle multi-property-tuple assignments.	2019-02-04 15:14:18 +01:00
calum	d79201ec47	C#: Change notes.	2019-02-04 12:53:18 +00:00
semmle-qlci	222738072d	Merge pull request #840 from esben-semmle/js/propagate-sound-avalue Approved by xiemaisi	2019-02-01 09:23:43 +00:00
Robert Marsh	e1d289ffb4	Merge pull request #759 from calumgrant/cs/interface-tostring C#: Remove FPs from cs/call-to-object-tostring	2019-01-31 12:03:49 -08:00
Dave Bartolomeo	ab1f96fb2c	Merge pull request #770 from jbj/cfg-static-init-pr C++: Add addresses to `Expr.isConstant`	2019-01-31 10:24:48 -08:00
Max Schaefer	aeb8cc62b2	JavaScript: Reclassify `PostMessageStar` as CWE-201.	2019-01-31 08:08:52 +00:00

1 2 3 4 5 ...

553 Commits