hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
24,160 Commits 1,741 Branches 166 Tags
eaef1c146cd501372cef8fdbff191132878133ad
Commit Graph

24160 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
0be280c608 Python: Port py/sql-injection to use proper source/sink customization 2021-07-12 16:22:10 +02:00
Tom Hvitved
6ba6d9931c C#: Skip dotnet restore in standalone extraction when nuget_restore: false is set 2021-07-12 15:16:16 +02:00
Asger F
d8927e5612 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-07-12 14:23:58 +02:00
Erik Krogh Kristensen
c4f5009917 make explicit calls to member predicates 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-07-12 14:22:08 +02:00
Erik Krogh Kristensen
d22ebadcf2 add support for many more case changing libraries 2021-07-12 14:09:34 +02:00
Mathias Vorreiter Pedersen
dec747f6f0 Merge branch 'main' into more-random-sources-in-uncontrolled-arithmetic 2021-07-12 13:48:48 +02:00
Erik Krogh Kristensen
a5d1325d3f add support for the change-case library 2021-07-12 13:37:06 +02:00
Mathias Vorreiter Pedersen
c47d680d65 Merge pull request #6168 from criemen/fix-warning 
C++: Fix warning from compile-query.
 2021-07-12 12:41:29 +02:00
Tom Hvitved
47d126e681 Data flow: Sync 2021-07-12 12:09:51 +02:00
Tom Hvitved
09daf86e33 Data flow: Fix bad join-orders in summaryNodeType 2021-07-12 12:09:06 +02:00
Mathias Vorreiter Pedersen
04dcef5ec4 C++: Include ComplementExpr as a sanitizer. 2021-07-12 11:53:47 +02:00
Cornelius Riemenschneider
d34f7b941a C++: Address code review. 2021-07-12 11:43:43 +02:00
Cornelius Riemenschneider
e821b8be99 C++: Fix warning from compile-query. 2021-07-12 11:43:43 +02:00
Mathias Vorreiter Pedersen
d2cc0d3925 C++: Fix annotations. 2021-07-12 11:30:43 +02:00
Erik Krogh Kristensen
bef7e61e76 add support for the fast-json-stringify library 2021-07-12 11:13:01 +02:00
Erik Krogh Kristensen
40aa970db3 add support for the strip-json-comments library 2021-07-12 11:08:50 +02:00
Erik Krogh Kristensen
23c3be6860 add support for the json-cycle library 2021-07-12 11:03:39 +02:00
Asger Feldthaus
5df961c4ed JS: Add change note 2021-07-12 10:53:41 +02:00
Erik Krogh Kristensen
94cbc4b2c0 add step through the fclone library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
f99a33598f add support for the safe-stable-stringify library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
d6300bced3 add support for the replicator library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
babf657d9d add support for the teleport-javascript library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
9261b7f859 add support for the flatted library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
1792c9a611 add taint step through the prettyjson library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
0bfff1eb7e add support for the json5 library 2021-07-12 10:51:42 +02:00
Erik Krogh Kristensen
cb3bd4901b add taint step through the json2csv library 2021-07-12 10:51:42 +02:00
Tom Hvitved
db4c8dfd3c Merge pull request #6208 from hvitved/csharp/query-modules 
C#: Add `Query` suffix to libraries that should only be imported by queries
 2021-07-12 10:26:45 +02:00
Anders Schack-Mulligen
0e913a19aa Merge pull request #6220 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-07-12 09:54:18 +02:00
github-actions[bot]
56419bc74b Add changed framework coverage reports 2021-07-12 00:06:55 +00:00
Erik Krogh Kristensen
440e4b9a92 enable unicode support in the Python ReDoS query 2021-07-11 21:28:40 +02:00
Tom Hvitved
4de4753c67 C#: Remove Query.qll top-level modules 2021-07-04 09:35:27 +02:00
Tom Hvitved
c812d4e4e8 C#: Add Query suffix to libraries that should only be imported by queries 2021-07-04 09:35:26 +02:00
CodeQL CI
1d56748eed Merge pull request #6200 from yoff/pythonJS-make-expbtlib-private 
Approved by RasmusWL, esbena
 2021-07-02 09:09:18 -07:00
Joe Farebrother
4d459f24d9 Fix up tests and update models 2021-07-02 14:46:33 +01:00
Joe Farebrother
fc017b7934 Use ArrayElement of in flow step specifications 2021-07-02 14:46:31 +01:00
Joe Farebrother
15415931ce Use Argument ranges in CSV rows 2021-07-02 14:46:03 +01:00
Joe Farebrother
5325622813 Convert sql-related flow steps to CSV 2021-07-02 14:46:03 +01:00
Anders Schack-Mulligen
3c6604daa7 Java: Fix subtypes interpretation. 2021-07-02 14:43:56 +02:00
Anders Schack-Mulligen
6813a79423 Java: Add test for override of Map.put highlighting problem. 2021-07-02 14:41:59 +02:00
Anders Schack-Mulligen
55ebbc3e01 Java: Add signature to Map.put. 2021-07-02 14:41:32 +02:00
CodeQL CI
a25933aa56 Merge pull request #5926 from RasmusWL/small-cleanups 
Approved by tausbn
 2021-07-02 04:59:54 -07:00
Asger Feldthaus
457ce14ca6 JS: Summarize steps into captured variables 2021-07-02 13:42:42 +02:00
Rasmus Wriedt Larsen
3c8c2d1da1 Merge pull request #6209 from yoff/python-add-redos-queryhelp 
Python: port redos .qhelp from js
 2021-07-02 13:42:39 +02:00
Asger Feldthaus
093ff41170 JS: Update tests 2021-07-02 13:31:17 +02:00
Rasmus Wriedt Larsen
81fab487a4 Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-07-02 13:27:41 +02:00
Rasmus Wriedt Larsen
22c155687e Python: Fix code after removing getPostUpdateNode 2021-07-02 13:25:25 +02:00
Rasmus Wriedt Larsen
7a6eee50ff Revert "Python: Add getPostUpdateNode to DataFlow::Node" 
This reverts commit 9137f04bd3.
 2021-07-02 13:23:02 +02:00
Rasmus Wriedt Larsen
e56dfe75bd Python: AttrRef getOjbect/1 -> accesses/2 
See this thread for discussion:
https://github.com/github/codeql/pull/5926#discussion_r635384981
 2021-07-02 13:21:12 +02:00
Asger Feldthaus
ff49aaa684 JS: Do not capture own variables 2021-07-02 13:17:32 +02:00
Asger Feldthaus
8befb03cb9 JS: Add test case with spurious call/return flow 2021-07-02 13:17:32 +02:00