hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 10:18:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,856 Commits 1,723 Branches 164 Tags
e648477d144aaa42e7e25ac02419b6c1994fd00a
Commit Graph

267 Commits

Author SHA1 Message Date
Taus
95eb4cf90d Merge pull request #1089 from markshannon/python-fix-redundant-comparison-complex-test 
Fix false positive for redundant comparison query
 2019-03-14 17:12:44 +01:00
semmle-qlci
bd3792a49a Merge pull request #1108 from xiemaisi/js/make-zipslip-visible-by-default 
Approved by esben-semmle
 2019-03-14 11:58:00 +00:00
Felicity Chapman
01b8770b7c Merge pull request #1065 from yh-semmle/java-frameworks-notes 
Java: update frameworks list for 1.20 release
 2019-03-14 09:15:46 +00:00
Max Schaefer
cc8d68082e JavaScript: Show ZipSlip results by default. 2019-03-14 08:50:47 +00:00
yh-semmle
d7925ee2ec Java: tweak change note as per review comment 2019-03-13 14:31:13 -04:00
Tom Hvitved
5b491a8564 Merge pull request #1100 from felicity-semmle/1.20/csharp-change-notes 
1.20: minor updates to C# change notes
 2019-03-13 13:31:23 +01:00
Max Schaefer
bce3cd8d2f Merge pull request #1097 from felicity-semmle/1.20/javascript-change-notes 
1.20: minor updates to the javascript change notes
 2019-03-13 12:28:31 +00:00
Mark Shannon
3fbe3c37aa Add change note. 2019-03-13 12:00:42 +00:00
Felicity Chapman
7c4ab6f2ae Text updates for consistency 2019-03-13 10:31:44 +00:00
Felicity Chapman
e46eb36e58 Duplicate information for easier look up 2019-03-13 10:25:41 +00:00
Felicity Chapman
a5fbad858b Sort table alphabetically 2019-03-13 09:49:09 +00:00
Felicity Chapman
7da36081b2 Minor text updates for consistency 2019-03-13 09:03:29 +00:00
Felicity Chapman
5c29a2641c Sort table alphabetically 2019-03-13 08:51:49 +00:00
Felicity Chapman
eae6d92dc3 Minor text changes for consistency 2019-03-13 08:06:50 +00:00
Felicity Chapman
53d9f0b033 Sort tables into alphabetic order 2019-03-13 07:54:20 +00:00
Tom Hvitved
fe3f25864f Merge pull request #1064 from calumgrant/cs/framework-support 
C#: Updated framework support list
 2019-03-11 16:49:02 +01:00
calum
383e29ce13 C#: Analysis change notes. 2019-03-11 09:38:23 +00:00
Tom Hvitved
548a28ff7d Merge pull request #912 from calumgrant/cs/ef 
C#: Model EntityFrameworkCore
 2019-03-08 22:13:13 +01:00
calum
3bdaf7c14e C#: Updated framework support list. 2019-03-08 15:12:50 +00:00
Jason Reed
126e207bd0 JS: Add change note. 2019-03-06 09:46:41 +00:00
Max Schaefer
b1033b079f JavaScript: Make configuration of parallel extraction consistent with parallel evaluation. 
Just like parallel evaluation, the number of extractor threads is now determined by the `LGTM_THREADS` environment variable, and defaults to one.
 2019-03-05 10:06:32 +00:00
yh-semmle
4908ccc493 Java: update frameworks list for 1.20 release 2019-03-04 20:31:34 -05:00
semmle-qlci
9a2a328243 Merge pull request #1025 from xiemaisi/js/fix-exports-assign 
Approved by asger-semmle
 2019-03-04 21:25:56 +00:00
Max Schaefer
7f5e2630a1 Merge pull request #1032 from xiemaisi/master-for-merge 
Merge master into rc/1.20
 2019-03-04 21:23:51 +00:00
calum
d77b60bba8 C#: Add preservesValue to NonLocalJumpNode.getAJumpSuccessor. Allow DataFlow::Configuration::isAdditionalFlowStep to jump between callables. 2019-03-04 09:54:28 +00:00
calum
57ff775c08 C#: Change notes. 2019-03-04 09:54:02 +00:00
Max Schaefer
3cabc12be3 JavaScript: Teach InvalidExport to never flag module.exports = exports = ... and similar. 
This was previously flagged if `exports` wasn't used any further. While it's true that the assignment to `exports` is redundant in this case, the assignment is also flagged by DeadStorOfLocal, so there is no point in InvalidExport flagging it as well.
 2019-03-04 09:53:37 +00:00
Jonas Jensen
c49c23068a Merge pull request #923 from geoffw0/potentialbufferoverflow 
CPP: Deprecate PotentialBufferOverflow.ql
 2019-03-04 08:11:27 +00:00
Robert Marsh
b8f8ed55e6 Merge pull request #1000 from jbj/dataflow-defbyref 
C++: Support definition by reference in data flow library
 2019-03-01 13:54:37 -08:00
Nick Rolfe
e6ddf7f48a Merge pull request #1012 from ian-semmle/constexpr 
C++: Add Variable.isConstexpr()
 2019-03-01 14:42:35 +00:00
Ian Lynagh
af397d3546 Changenotes: Fix copy/paste-o. 2019-03-01 13:30:05 +00:00
Mark Shannon
8a16164270 Merge pull request #878 from taus-semmle/python-mutable-default-with-flow 
Python: Make "Modification of parameter with default" flow-sensitive.
 2019-03-01 11:22:21 +00:00
Max Schaefer
83e0f3bc8d Merge pull request #946 from esben-semmle/js/captured-nodes-query-and-type-inference-1 
JS: Captured Nodes, type inference + a query
 2019-03-01 10:48:52 +00:00
Max Schaefer
a6f3305edc Merge pull request #1006 from asger-semmle/express-end 
JS: Treat res.end() as alias for res.send() in Express
 2019-03-01 10:30:06 +00:00
Taus Brock-Nannestad
64e6974aac Merge branch 'master' into python-mutable-default-with-flow 2019-03-01 11:10:56 +01:00
Asger F
2dc7f32ca3 JS: add Express to list of updated frameworks 2019-02-28 15:28:42 +00:00
Ian Lynagh
a709a2d0f3 C++: Add Variable.isConstexpr() 2019-02-28 15:26:15 +00:00
Mark Shannon
faf9b4886d Python: Add change note for CherryPy support. 2019-02-28 15:25:41 +00:00
Taus
b8b4216352 Merge pull request #979 from markshannon/python-falcon 
Python: Add support for falcon web API framework.
 2019-02-28 15:47:35 +01:00
Jonas Jensen
7afb4898e6 C++: Change note for def-by-ref data flow 2019-02-28 09:39:51 +01:00
semmle-qlci
6602b4dbda Merge pull request #992 from xiemaisi/js/socket.io 
Approved by asger-semmle
 2019-02-27 18:43:40 +00:00
Mark Shannon
f7d7b8eef2 Merge pull request #785 from taus-semmle/python-unsafe-use-of-mktemp 
Python: Add query for unsafe use of `tempfile.mktemp`.
 2019-02-27 15:01:06 +00:00
Geoffrey White
74f7379ab9 CPP: Change note. 2019-02-27 13:09:10 +00:00
Mark Shannon
6a48420191 Python: Basic support for falcon framework; routing and requests. 2019-02-27 09:55:52 +00:00
Max Schaefer
37a3085466 Merge pull request #993 from asger-semmle/getacallee 
JS: document new behavior of overriding InvokeNode.getACallee()
 2019-02-27 09:00:59 +00:00
Taus
dcaf0f8ba8 Merge pull request #978 from markshannon/python-turbogears 
Python: Add support for turbogears; requests and responses.
 2019-02-26 21:46:01 +01:00
Dave Bartolomeo
84c7f195d6 Merge pull request #994 from geoffw0/msalloc 
CPP: Add lots more allocation functions to Alloc.qll
 2019-02-26 11:59:45 -08:00
Geoffrey White
c637bc5fcc CPP: Change note. 2019-02-26 17:17:16 +00:00
Asger F
eaf3f52372 JS: document new behavior of overriding InvokeNode.getACallee() 2019-02-26 16:09:19 +00:00
Max Schaefer
cc6ca8bc62 JavaScript: Add change note. 2019-02-26 15:53:29 +00:00