hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
5,591 Commits 1,741 Branches 165 Tags
e9ba66f5eb2d9ba1aa42e481d7f253d19007a82b
Commit Graph

5591 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
e9ba66f5eb JavaScript: Address review comments. 2019-07-09 12:01:30 +01:00
Max Schaefer
9479ae3069 JavaScript: Add concrete syntax examples to all API classes in Expr.qll. 2019-07-09 10:01:53 +01:00
Geoffrey White
1fd08f4e47 CPP: Change note. 2019-07-04 17:27:40 +01:00
Geoffrey White
73c7bc1db9 CPP: Generalize a little. 2019-07-04 17:27:40 +01:00
Geoffrey White
7fc31f263a CPP: Basic fix. 2019-07-04 17:27:40 +01:00
Geoffrey White
34d307ecef CPP: Test a common false positive. 2019-07-04 17:27:40 +01:00
Tom Hvitved
a54ee160a3 C#: Update change note 2019-07-02 14:17:28 +02:00
Tom Hvitved
b6bbe1a5c0 C#: Add DB upgrade script 2019-07-02 14:01:41 +02:00
Tom Hvitved
9a24d3a69c C#: Remove libraries and queries related to version history 
The VCS relations are no longer populated, so there is no reason to keep them,
and the queries/libraries that use the relations.
 2019-07-02 10:43:38 +02:00
semmle-qlci
71c86fa69b Merge pull request #1527 from esben-semmle/js/classify-more-generated-and-tests 
Approved by asger-semmle
 2019-07-02 07:38:10 +01:00
semmle-qlci
26fd1b91cf Merge pull request #1485 from esben-semmle/js/fix-yaml-strings 
Approved by xiemaisi
 2019-07-02 07:00:43 +01:00
semmle-qlci
b0b152aaaa Merge pull request #1529 from xiemaisi/js/getter-summaries 
Approved by asger-semmle
 2019-07-02 06:16:34 +01:00
Max Schaefer
7f95c20345 JavaScript: Add support for tracking flow into receivers of reflective calls. 2019-07-01 17:54:43 +01:00
semmle-qlci
3b126d9c4e Merge pull request #1488 from asger-semmle/call-graph-metric 
Approved by xiemaisi
 2019-07-01 16:09:34 +01:00
Max Schaefer
a04c2c65cb JavaScript: Add change note. 2019-07-01 15:45:57 +01:00
Max Schaefer
895055f30e JavaScript: Avoid unhelpful magic. 
The constraint `exists(callback.getParameter(i))` was getting pushed into `higherOrderCall`, which isn't a bad thing to do. However, this then led to a join on `i`, which is a very bad thing to do.
 2019-07-01 15:45:57 +01:00
Max Schaefer
b5b89c0eac JavaScript: Track flow into method receivers. 2019-07-01 15:45:57 +01:00
Esben Sparre Andreasen
062778bdd8 JS: heuristically recognize x.spec.y and x.test.y as test files 2019-07-01 15:49:17 +02:00
Esben Sparre Andreasen
7cab308205 fixup! JS: classify numeric file names as generated 2019-07-01 15:49:03 +02:00
Jonas Jensen
757ec97e7a Merge pull request #1251 from zlaski-semmle/zlaski/cpp370 
[CPP-370] Non-constant `format` arguments to `printf` and friends
 2019-07-01 14:43:19 +02:00
Asger F
ff4d6ece80 JS: Rename metrics to ResolvableCallX 2019-07-01 12:34:48 +01:00
Asger F
16e6dd12d0 JS: Address review comments part 1 2019-07-01 12:30:51 +01:00
semmle-qlci
a4fa2982de Merge pull request #1526 from xiemaisi/js/remove-TrackedExpr 
Approved by esben-semmle
 2019-07-01 11:10:44 +01:00
semmle-qlci
4f3cbe0029 Merge pull request #1521 from hvitved/csharp/constant-condition-fp 
Approved by calumgrant
 2019-07-01 10:52:14 +01:00
Esben Sparre Andreasen
2eb7e4a818 JS: classify x.test.js files with test(...) calls as jest tests 2019-07-01 10:28:10 +02:00
Esben Sparre Andreasen
5ebcef41fa JS: classify numeric file names as generated 2019-07-01 10:25:38 +02:00
Tom Hvitved
e6e606232d C#: Address review comments 2019-07-01 09:37:15 +02:00
semmle-qlci
ae3a48db58 Merge pull request #1510 from hvitved/csharp/date-queries-remove-precision 
Approved by calumgrant
 2019-07-01 08:28:08 +01:00
zlaski-semmle
bc98a80efe Merge pull request #1 from jbj/NonConstantFormat-ArrayExpr 
C++: NonConstantFormat taint only for string types
 2019-06-28 12:03:31 -07:00
yh-semmle
a0dc84010a Merge pull request #1518 from Semmle/rc/1.21 
Merge rc/1.21 into master
 2019-06-28 13:52:18 -04:00
Arthur Baars
af68fd4904 Merge pull request #1408 from calumgrant/cs/suppress-null-expr 
C#: C#8 Nullable expressions and type annotations
 2019-06-28 19:21:46 +02:00
yh-semmle
01028812a9 Merge pull request #1524 from aschackmull/java/dead-lambda 
Java: Don't report lambdas (or other anonymous classes) as dead.
 2019-06-28 10:48:17 -04:00
Taus
61a196d2d4 Merge pull request #1523 from markshannon/python-speed-up-get-a-child 
Python speed up calculation of ControlFlowNode.getAChild()
 2019-06-28 15:23:08 +02:00
Calum Grant
8130342062 Merge pull request #1520 from hvitved/csharp/mono-tracing 
C#: Generalize `mono` pattern in tracer config
 2019-06-28 14:21:35 +01:00
Calum Grant
4d383001ac C#: Address review comment 2019-06-28 14:17:16 +01:00
Calum Grant
a5543699b2 Merge pull request #1460 from hvitved/csharp/cfg-last 
C#: Refactor `last` predicate
 2019-06-28 14:13:43 +01:00
Taus
fbe7615258 Merge pull request #1512 from markshannon/python-better-handling-decorators 
Python: Add opaque 'decorated object' object.
 2019-06-28 14:10:49 +02:00
Mark Shannon
8570b4117f Python: Add opaque 'decorated function' for complex decorated functions. Allows finding calls in taint-tracking without contaminating points-to results. 2019-06-28 12:14:10 +01:00
Tom Hvitved
3d4316da1c C#: Address review comments 2019-06-28 13:00:18 +02:00
Anders Schack-Mulligen
a93ecae1ae Java: Don't report lambdas (or other anon classes) as dead. 2019-06-28 12:59:54 +02:00
Taus
8251553771 Merge pull request #1494 from markshannon/python-better-handling-calls-on-edge-of-context 
Python: better handling calls on edge of context
 2019-06-28 12:39:09 +02:00
Mark Shannon
775214e467 Python speed up calculation of ControlFlowNode.getAChild() 2019-06-28 11:19:25 +01:00
Tom Hvitved
db565c5a88 C#: Remove false positives in cs/constant-condition 2019-06-28 11:50:53 +02:00
Taus
1b98f248e5 Merge branch 'master' into python-better-handling-calls-on-edge-of-context 2019-06-28 11:27:42 +02:00
Max Schaefer
3c3422e221 JavaScript: Refactor unpromoted-candidate queries to no longer rely on tracked nodes. 2019-06-28 10:25:23 +01:00
Tom Hvitved
4da7a17f4b C#: Add more tests for cs/constant-condition 2019-06-28 11:25:18 +02:00
Taus
fad37bd6c9 Merge pull request #1487 from markshannon/python-tuple-assignment-points-to 
Python ESSA dataflow: better handling of tuple unpacking.
 2019-06-28 11:05:03 +02:00
Max Schaefer
ff62c56df1 JavaScript: Replace remaining uses of TrackedExpr with type tracking. 2019-06-28 09:21:41 +01:00
Max Schaefer
b3e8103dce JavaScript: Track flow through property getter functions. 2019-06-28 08:51:27 +01:00
Max Schaefer
1c175cbe71 JavaScript: Rename loadStep to basicLoadStep. 2019-06-28 08:51:27 +01:00