Robert Marsh
|
eddc2f3038
|
Merge pull request #11694 from MathiasVP/iterator-use-use-flow-using-ir-ssa
C++: Iterator flow for IR-based use-use flow (second attempt)
|
2022-12-16 10:51:19 -05:00 |
|
Mathias Vorreiter Pedersen
|
a36afc6bff
|
C++: Accept more test changes.
|
2022-12-15 13:29:05 +00:00 |
|
Mathias Vorreiter Pedersen
|
73b93be313
|
C++: Prevent non-termination in 'getTypeImpl' when a iterator defines itself as 'value_type'.
|
2022-12-15 11:55:25 +00:00 |
|
Mathias Vorreiter Pedersen
|
526b913f7d
|
C++: Fix join orders.
|
2022-12-15 11:55:25 +00:00 |
|
Mathias Vorreiter Pedersen
|
cb47bdd9fd
|
C++: Accept test changes.
|
2022-12-15 11:55:25 +00:00 |
|
Mathias Vorreiter Pedersen
|
f94ca0e087
|
C++: Add implicit defs and uses for iterators' underlying containers.
|
2022-12-15 11:55:21 +00:00 |
|
Mathias Vorreiter Pedersen
|
78b7e12b87
|
C++: Make 'DefImpl' and 'useImpl' abstract.
|
2022-12-15 11:54:32 +00:00 |
|
Mathias Vorreiter Pedersen
|
5d417d7a69
|
C++: Implement an 'Indirection' subtype for iterators.
|
2022-12-15 11:54:32 +00:00 |
|
Mathias Vorreiter Pedersen
|
ef110e77ff
|
C++: Remove an unnecessary predicate from the 'Indirection' class.
|
2022-12-15 11:54:32 +00:00 |
|
Jeroen Ketema
|
31b4dda7bd
|
Merge pull request #11687 from jketema/tainted-path-use-use
C++: Make `cpp/path-injection` work with use-use dataflow
|
2022-12-14 18:06:05 +01:00 |
|
Mathias Vorreiter Pedersen
|
22b04af0fa
|
Merge pull request #11658 from MathiasVP/uncertain-writes
C++: Flow through uncertain writes
|
2022-12-14 15:26:28 +00:00 |
|
Jeroen Ketema
|
bb256514c0
|
Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow
|
2022-12-14 15:52:20 +01:00 |
|
Asger F
|
a92acf5218
|
Merge pull request #11689 from asgerf/js/missing-csrf-qhelp
JS: Update MissingCsrfMiddleware after 'csurf' deprecation
|
2022-12-14 15:50:32 +01:00 |
|
Owen Mansel-Chan
|
38369a72dc
|
Merge pull request #11696 from github/smowton-patch-1
go: fix bug in zip-slip example fix
|
2022-12-14 14:31:58 +00:00 |
|
Jeroen Ketema
|
3b78860d8d
|
Merge pull request #11692 from jketema/itemization
C++: Fix itemization in QLDoc
|
2022-12-14 15:19:12 +01:00 |
|
Chris Smowton
|
5799287a2b
|
go: fix bug in zip-slip example fix
|
2022-12-14 13:51:32 +00:00 |
|
Jami
|
b248b44983
|
Merge pull request #11668 from jcogs33/jcogs33/update-isjdkinternal
Java: update `isJdkInternal`
|
2022-12-14 08:33:18 -05:00 |
|
Erik Krogh Kristensen
|
7615668f92
|
Merge pull request #11662 from erik-krogh/c-useInstanceOf
Swift/C++: Use instanceof in more places
|
2022-12-14 14:30:21 +01:00 |
|
Jami
|
f61b817751
|
Merge pull request #11631 from jcogs33/jcogs33/update-externalapi-charpredicate
Java/C#: add `isUninteresting` to `ExternalApi` characteristic predicate
|
2022-12-14 08:25:02 -05:00 |
|
Owen Mansel-Chan
|
0b849a319b
|
Merge pull request #11587 from owen-mc/go/remove-error-expr-from-dbscheme
Go: Remove @errorexpr from the dbscheme (use @badexpr)
|
2022-12-14 13:15:04 +00:00 |
|
Anders Schack-Mulligen
|
598b4c38b7
|
Merge pull request #11619 from aschackmull/java/typetrack-lambda
Java: Switch DispatchFlow to typetracking.
|
2022-12-14 14:08:29 +01:00 |
|
Jeroen Ketema
|
c18cfa7a7a
|
C++: Fix itemization in QLDoc
|
2022-12-14 13:46:07 +01:00 |
|
Jeroen Ketema
|
4075f693bd
|
C++: Make cpp/path-injection work with use-use dataflow
|
2022-12-14 13:38:55 +01:00 |
|
Mathias Vorreiter Pedersen
|
973aad5c17
|
Merge pull request #11677 from jketema/argv-flow-source
C++: Recognize indirect `argv` accesses as flow sources for use-use dataflow
|
2022-12-14 12:36:18 +00:00 |
|
Tom Hvitved
|
25b2d11368
|
Merge pull request #11635 from hvitved/dataflow/approx-content
Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3
|
2022-12-14 12:56:50 +01:00 |
|
Asger F
|
b63c658e3b
|
JS: recognize tiny-csrf
|
2022-12-14 12:30:15 +01:00 |
|
Asger F
|
162419138d
|
JS: Replace csurf -> lusca.csrf from example and qhelp
|
2022-12-14 12:30:15 +01:00 |
|
Owen Mansel-Chan
|
3c6f466e78
|
Include downgrade scripts in extractor pack
|
2022-12-14 10:46:20 +00:00 |
|
Owen Mansel-Chan
|
14e6f9fee2
|
Remove @errorexpr from the dbscheme (use @badexpr)
|
2022-12-14 10:46:19 +00:00 |
|
Henry Mercer
|
6023a1225c
|
Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4
JS: Bump version numbers of ML-powered packs after 0.4.4 release
|
2022-12-14 10:27:00 +00:00 |
|
Tamás Vajk
|
a6d227d52e
|
Merge pull request #11599 from igfoo/igfoo/diags
Java/Kotlin: Update the diagnostic severity documentation
|
2022-12-14 10:13:30 +01:00 |
|
Michael Nebel
|
54701f539e
|
Merge pull request #11683 from github/workflow/coverage/update
Update CSV framework coverage reports
|
2022-12-14 09:41:23 +01:00 |
|
Paolo Tranquilli
|
a80e9206c8
|
Merge pull request #11639 from github/alexdenisov/switch-to-bootstrapped-swift
Swift: switch to bootstrapped Swift compiler
|
2022-12-14 09:04:19 +01:00 |
|
github-actions[bot]
|
d905bed92f
|
Add changed framework coverage reports
|
2022-12-14 00:17:01 +00:00 |
|
Jami Cogswell
|
c956589945
|
Java: remove dot before percent
|
2022-12-13 17:46:20 -05:00 |
|
Jami Cogswell
|
dee251e5d6
|
Java: update isJdkInternal
|
2022-12-13 17:46:20 -05:00 |
|
Erik Krogh Kristensen
|
8a89849476
|
Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf
Py/JS/RB: Use instanceof in more places
|
2022-12-13 21:50:13 +01:00 |
|
Tamás Vajk
|
8e500ec0f3
|
Merge pull request #11675 from tamasvajk/kotlin-error-expr-consistency
Kotlin: Report CFG dead end consistency issues on `ErrorExpr`
|
2022-12-13 20:22:47 +01:00 |
|
Edward Minnix III
|
a85de2b5f4
|
Merge pull request #10865 from egregius313/egregius313/android-activity-alias
Java: Add library support for activity-alias elements in AndroidManifest.qll
|
2022-12-13 11:52:01 -05:00 |
|
Jami Cogswell
|
a889cc4f65
|
Java/C#: remove isTestLibrary
|
2022-12-13 10:34:04 -05:00 |
|
Jeroen Ketema
|
628f92a9fb
|
C++: Fix QL-for-QL warnings
|
2022-12-13 16:24:55 +01:00 |
|
Jeroen Ketema
|
3be0b3e6c7
|
C++: Recognize indirect argv accesses as flow sources for use-use dataflow
This fixes the test regression on `cpp/command-line-injection`.
|
2022-12-13 16:18:17 +01:00 |
|
Jami
|
9b0163ce22
|
Merge pull request #11624 from jcogs33/jcogs33/exclude-paramless-constructors-from-dataflowtargetapi
Java/C#: exclude parameterless constructors from `DataFlowTargetApi`
|
2022-12-13 10:05:57 -05:00 |
|
Tamas Vajk
|
5cc2868857
|
Kotlin: Report CFG dead end consistency issues on ErrorExpr
|
2022-12-13 15:51:33 +01:00 |
|
Anders Schack-Mulligen
|
a29e529690
|
Shared: Add missing qldoc.
|
2022-12-13 15:49:30 +01:00 |
|
Asger F
|
bfe9ee3ead
|
Merge pull request #11672 from asgerf/js/extensions
JS: Add data extension sinks
|
2022-12-13 15:34:11 +01:00 |
|
Henry Mercer
|
423374a7b8
|
Merge branch 'main' into codeql-ci/atm/release-0.4.4
|
2022-12-13 14:26:21 +00:00 |
|
github-actions[bot]
|
745823ca60
|
JS: Bump version of ML-powered library and query packs to 0.4.5
|
2022-12-13 13:32:52 +00:00 |
|
github-actions[bot]
|
ea13925a92
|
JS: Bump patch version of ML-powered library and query packs
|
2022-12-13 13:28:09 +00:00 |
|
Alex Denisov
|
ee94849528
|
Swift: switch to bootstrapped Swift compiler
|
2022-12-13 13:59:13 +01:00 |
|