Robert Marsh
|
9f0499cce9
|
Merge pull request #2063 from jbj/dataflow-ref-parameter
C++: Data flow through reference parameters
|
2019-10-22 09:40:15 -07:00 |
|
semmle-qlci
|
1c79ec550e
|
Merge pull request #2092 from esben-semmle/js/brittle-system-reflection-command
Approved by mchammer01, xiemaisi
|
2019-10-22 08:36:44 +01:00 |
|
semmle-qlci
|
0dcb189e67
|
Merge pull request #2162 from xiemaisi/js/remove-deprecated-queries
Approved by esben-semmle
|
2019-10-22 07:15:58 +01:00 |
|
Esben Sparre Andreasen
|
5a983cb535
|
JS: add query js/shell-command-injection-from-environment
|
2019-10-21 23:31:55 +02:00 |
|
Max Schaefer
|
90cefead84
|
Merge pull request #1988 from erik-krogh/unreacableOverloads
JS: Unreachable overloads
|
2019-10-21 14:57:29 +01:00 |
|
Max Schaefer
|
55fb86d618
|
JavaScript: Remove deprecated queries.
These queries have all been deprecated since 1.17 (released in July 2018). I think it's time to say goodbye.
|
2019-10-21 14:42:02 +01:00 |
|
Rasmus Wriedt Larsen
|
016c95a69c
|
Merge pull request #2078 from taus-semmle/python-unreachable-suppressed
Python: Teach `py/unreachable-statement` about `contextlib.suppress`.
|
2019-10-21 15:14:39 +02:00 |
|
Taus Brock-Nannestad
|
99b99ef2b6
|
Python: Teach py/unreachable-statement about contextlib.suppress.
|
2019-10-21 14:31:05 +02:00 |
|
Erik Krogh Kristensen
|
9eda120de4
|
implement a new query to detect unreachable overloaded methods in TypeScript
|
2019-10-21 13:34:42 +02:00 |
|
yh-semmle
|
afcde14403
|
Merge pull request #2085 from aschackmull/java/overflow-check-fp
Java: Add another overflow check pattern to UselessComparisonTest.
|
2019-10-18 11:01:24 -04:00 |
|
Anders Schack-Mulligen
|
582a91f1e9
|
Java: Add change note.
|
2019-10-18 11:59:09 +02:00 |
|
Max Schaefer
|
a4bffe35fd
|
JavaScript: Add support for globalThis.
|
2019-10-17 12:04:01 +01:00 |
|
James Fletcher
|
d1a8152f29
|
update path to support docs in readme.md
|
2019-10-16 16:55:28 +01:00 |
|
Geoffrey White
|
6f96d1759f
|
Merge pull request #2077 from jbj/cfg-enable-pr
C++: enable the QL-based CFG code
|
2019-10-16 14:06:22 +01:00 |
|
Esben Sparre Andreasen
|
e1d7434be4
|
JS: add query js/useless-regexp-character-escape
|
2019-10-16 00:15:54 +02:00 |
|
Anders Schack-Mulligen
|
309961d493
|
Merge pull request #2118 from yh-semmle/java-non-sync-override
Java: restrict `java/non-sync-override` to immediate overrides
|
2019-10-15 16:40:00 +02:00 |
|
Tom Hvitved
|
b142113037
|
Merge pull request #2087 from calumgrant/cs/localexprflow
C#: Implement localExprFlow and localExprTaint
|
2019-10-15 15:33:50 +02:00 |
|
Jonas Jensen
|
527ec4a9e4
|
Merge pull request #2122 from geoffw0/bitsign2
CPP: BitwiseSignCheck.ql fix
|
2019-10-14 15:47:36 +02:00 |
|
Max Schaefer
|
dca808126f
|
Merge pull request #2032 from erik-krogh/lessSpaces
JS: remove false positive in js/missing-space-in-concatenation
|
2019-10-14 14:25:40 +01:00 |
|
Geoffrey White
|
62311eb37d
|
CPP: Change note.
|
2019-10-14 11:03:49 +01:00 |
|
yh-semmle
|
b37d92ac95
|
Java: add change note for java/non-sync-override
|
2019-10-11 19:36:45 -04:00 |
|
Jonas Jensen
|
c99845ce5d
|
Merge pull request #2035 from geoffw0/comparison
CPP: Unclear comparison precedence template fix
|
2019-10-10 16:31:54 +02:00 |
|
semmle-qlci
|
7ba04768cd
|
Merge pull request #2098 from asger-semmle/ts-computed-field-name-context
Approved by esben-semmle
|
2019-10-10 12:06:46 +01:00 |
|
Geoffrey White
|
cdf48cf0d4
|
CPP: Change note.
|
2019-10-10 09:23:03 +01:00 |
|
Esben Sparre Andreasen
|
0e79d3db46
|
Merge pull request #2065 from erik-krogh/noReturn
JS: use of returnless function
|
2019-10-09 13:44:39 +02:00 |
|
semmle-qlci
|
c8e5be74d5
|
Merge pull request #2093 from asger-semmle/ts-unused-var-fix
Approved by erik-krogh
|
2019-10-08 13:51:46 +01:00 |
|
Asger F
|
1fc01d9b5d
|
JS: Add change note
|
2019-10-08 13:51:13 +01:00 |
|
Jonas Jensen
|
5d7a0b8dd5
|
Merge remote-tracking branch 'upstream/master' into dataflow-ref-parameter
I've accepted the new test output, which shows that this branch fixes
two false negatives in the test cases from #2088.
|
2019-10-08 13:09:20 +02:00 |
|
Asger F
|
ea35b8418a
|
JS: Add change note
|
2019-10-08 12:05:31 +01:00 |
|
Erik Krogh Kristensen
|
be18adca3c
|
update description in change-notes
|
2019-10-08 11:54:56 +02:00 |
|
Erik Krogh Kristensen
|
9788b16dee
|
add change note for js/use-of-returnless-function
|
2019-10-08 11:54:08 +02:00 |
|
Esben Sparre Andreasen
|
24a5301d87
|
Merge pull request #2056 from erik-krogh/suspiciousMethodName
JS: add query for detecting suspicious method names in TypeScript
|
2019-10-08 10:49:57 +02:00 |
|
Calum Grant
|
af25536648
|
C#: Add localExprFlow and localExprTaint, and change notes.
|
2019-10-04 16:46:02 +01:00 |
|
Tom Hvitved
|
b55e2948be
|
Merge pull request #1986 from calumgrant/cs/switch-cfg
C#: Fix CFG for switch statements where the default case is not the last
|
2019-10-04 16:54:04 +02:00 |
|
Calum Grant
|
48dee29620
|
Merge pull request #2021 from hvitved/csharp/local-not-disposed
C#: Refactor `cs/local-not-disposed` using data flow library
|
2019-10-03 15:21:06 +01:00 |
|
AlexTereshenkov
|
3e6f8fb6be
|
Add bind-socket-all-network-interfaces Python query (#2048)
Add bind-socket-all-network-interfaces Python query
|
2019-10-03 11:23:11 +01:00 |
|
Jonas Jensen
|
8bed418022
|
C++: enable the QL-based CFG code
|
2019-10-03 10:04:24 +02:00 |
|
yh-semmle
|
3313af5189
|
Merge pull request #2036 from aschackmull/java/eq-ssa-guard
Java: Improve guards for equal ssa variables.
|
2019-10-02 12:00:59 -04:00 |
|
Tom Hvitved
|
b66479c028
|
C#: Add change note
|
2019-10-02 16:31:26 +02:00 |
|
Anders Schack-Mulligen
|
0154e31e64
|
Java: Add change note.
|
2019-10-02 11:47:53 +02:00 |
|
Erik Krogh Kristensen
|
aa1368741b
|
rename suspicious-method-name to suspicious-method-name-declaration
|
2019-10-01 14:37:07 +02:00 |
|
Jonas Jensen
|
7c319efb8b
|
C++: Data flow through reference parameters
|
2019-10-01 10:43:49 +02:00 |
|
Jonas Jensen
|
f417640da4
|
Merge pull request #1938 from dave-bartolomeo/dave/InNOut
C++: Rename predicates in `FunctionInputsAndOutputs.qll` and add QLDoc
|
2019-09-30 13:30:19 +02:00 |
|
Erik Krogh Kristensen
|
0320f0f26b
|
add query for detecting suspisous method names in TypeScript
|
2019-09-30 13:05:50 +02:00 |
|
Dave Bartolomeo
|
28aa7dcae2
|
C++: Fix PR feedback
|
2019-09-26 13:56:43 -07:00 |
|
Erik Krogh Kristensen
|
69365ccd03
|
remove false positive in missingSpaceInAppend by requring the presence of a word-like fragment
|
2019-09-26 12:59:05 +02:00 |
|
Max Schaefer
|
d4fca84898
|
JavaScript: Improve XSS sanitizer detection.
We now use local data flow to detect more regexp-based sanitizers.
|
2019-09-23 17:07:06 +01:00 |
|
Jonas Jensen
|
898976121b
|
Merge pull request #1987 from geoffw0/toomanyformat
CPP: WrongNumberOfFormatArguments.ql Fix
|
2019-09-23 16:05:11 +02:00 |
|
semmle-qlci
|
e2c941c577
|
Merge pull request #1916 from erik-krogh/taintedLength
Approved by asger-semmle, xiemaisi
|
2019-09-23 11:47:48 +01:00 |
|
semmle-qlci
|
7a57a3c743
|
Merge pull request #1996 from xiemaisi/js/fix-illegal-invocation-refl
Approved by esben-semmle
|
2019-09-23 09:16:33 +01:00 |
|