hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,270 Commits 1,690 Branches 160 Tags
ee038373571b4d3fe2490c2fd19eaeb9afbbfa49
Commit Graph

20270 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
ee03837357 Python: small refactor 2021-03-03 23:46:18 +01:00
Rasmus Lerchedahl Petersen
cbbc7b2bcd Python: support unrestrictions 
Also pyOpenSSL allows SSL 2 and SSL 3 on `SSLv23`
 2021-03-03 23:42:48 +01:00
Rasmus Lerchedahl Petersen
97d26687fe Python: Improve logic of bit fields 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
7a1d953fca Python: More tests 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
60525ec301 Python: Also track offending call 
update test expectations at this point
 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
9e696ff0fb Python: Add false negative to test 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
d5171fc043 Python: Comment everything 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
3b856010f2 Python: add TODO comment 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
ea8c6f04e2 Python: Update old test and qlhelp 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
87e1a062ea Python: fluent api tests 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
186db7f43e Python: factor into modules and files 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
7ed018aff6 Python: refactor into modules 
and turn on the pyOpenSSL module
 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
72b37a5b1b Python: factor out barrier 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
86dde6eab1 Python: start of port 2021-03-03 17:50:46 +01:00
Jonas Jensen
2b54c33904 Merge pull request #5257 from MathiasVP/doh-its-2021-mathias 
C++: Turns out we're in 2021 and not 2020.
 2021-02-25 09:30:08 +01:00
Anders Schack-Mulligen
f0d3841369 Merge pull request #5105 from JLLeitschuh/feat/JLL/depricated_bintray_usage 
CWE-1104: Maven POM dependence upon Bintray/JCenter
 2021-02-25 09:08:31 +01:00
Jonathan Leitschuh
237fefbcf1 Add release notes 2021-02-24 11:19:20 -05:00
Mathias Vorreiter Pedersen
fc4162ba1a C++: Turns out we're in 2021 and not 2020. 2021-02-24 17:15:51 +01:00
Cornelius Riemenschneider
cea1049745 Merge pull request #5249 from geoffw0/cleanupstr 
C++: QLDoc Pure.qll
 2021-02-24 16:42:41 +01:00
CodeQL CI
bf66bdbb95 Merge pull request #5253 from RasmusWL/no-getAnArg 
Approved by tausbn
 2021-02-24 06:34:31 -08:00
Rasmus Wriedt Larsen
d05a8b8c46 Python: Remove getAnArg in DataFlow::CallCfgNode 
Until we've had further discussion on what is the right approach to
naming (internal discussion in https://github.com/github/codeql-python-team/issues/95)
 2021-02-24 14:58:48 +01:00
Felicity Chapman
a05904f812 Merge pull request #5216 from github/felicitymay-update-process 
Remove personal assignment to writers
 2021-02-24 12:59:08 +00:00
Tamás Vajk
fd4eca6039 Merge pull request #5254 from tamasvajk/feature/fix-merge 
C#: Fix merge conflict (with + refactoring)
 2021-02-24 12:07:34 +01:00
CodeQL CI
d2816b33e2 Merge pull request #5240 from erik-krogh/vsPerf 
Approved by asgerf
 2021-02-24 02:26:16 -08:00
Anders Schack-Mulligen
add960bc4d Merge pull request #4880 from luchua-bc/java/sensitive-query-with-get 
Java: Sensitive GET Query
 2021-02-24 11:08:47 +01:00
Tamas Vajk
380058a4bd C#: Fix merge conflict (with + refactoring) 2021-02-24 10:50:51 +01:00
yoff
8262f0343b Merge pull request #5208 from RasmusWL/flask-clean-models 
Python: Cleanup Flask models now that we have API graphs
 2021-02-24 10:36:30 +01:00
Geoffrey White
358a8fee7d C++: 'side-effect free'. 2021-02-24 09:25:11 +00:00
Rasmus Wriedt Larsen
5bb4a1a45a Python: Use explicit argument specification instead of getAnArg 
I've seen quite a few places where `getAnArg` leads to wrong behavior, and I
generally just don't like it.
 2021-02-24 10:19:34 +01:00
yoff
c3d2001e85 Merge pull request #5251 from tausbn/python-port-missing-host-key-validation-query 
Python: Port missing host key validation query
 2021-02-24 08:43:52 +01:00
yo-h
1d654febfd Merge pull request #5195 from aschackmull/java/cwe-548-test 
Java: Add empty file to test.
 2021-02-23 21:12:40 -05:00
Taus Brock-Nannestad
f241dbabab Python: Clean up query a bit 2021-02-23 22:33:18 +01:00
Taus Brock-Nannestad
002d0fe565 Python: Port missing host key query 2021-02-23 22:26:03 +01:00
Rasmus Wriedt Larsen
358ade67e5 Merge pull request #5248 from tausbn/python-port-insecure-temporary-file 
Python: Port `py/insecure-temporary-file`
 2021-02-23 21:37:59 +01:00
Tamás Vajk
91928fa098 Merge pull request #5220 from tamasvajk/feature/limit-codescanning-csharp 
Limit C# codeql analysis to the csharp folder
 2021-02-23 21:05:38 +01:00
Tamás Vajk
e6532cbd75 Merge pull request #4695 from tamasvajk/feature/csharp9-with-expr 
C#: Extract 'with' expressions
 2021-02-23 21:04:51 +01:00
Geoffrey White
431a004127 C++: QLDoc. 2021-02-23 19:10:03 +00:00
Taus Brock-Nannestad
b8ce5e969e Python: Port py/insecure-temporary-file 2021-02-23 20:02:22 +01:00
yoff
9eed17f647 Merge pull request #5152 from RasmusWL/improve-pyyaml-support 
Python: Improve pyyaml support
 2021-02-23 19:58:04 +01:00
CodeQL CI
c5ae8d2c53 Merge pull request #5210 from erik-krogh/barrierPerf 
Approved by asgerf
 2021-02-23 07:29:27 -08:00
luchua-bc
56e3b301e9 Resolve ambiguous method access 2021-02-23 15:18:07 +00:00
Rasmus Wriedt Larsen
6e2445cce6 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-02-23 15:19:29 +01:00
Rasmus Wriedt Larsen
42de872bfa Python: Add INTERNAL annotation to Response::InstanceSource 
Since we need to reserve the flexibility to change this setup within the next
few months, we don't want to commit to keeping this extension point around for
the 12 months that the normal API deprecation cycle requires.
 2021-02-23 15:10:58 +01:00
Rasmus Wriedt Larsen
8ebedf26d2 Python: Add comment for MethodView being known subclass 2021-02-23 15:08:07 +01:00
Anders Schack-Mulligen
b1bed2731d Merge pull request #5172 from smowton/smowton/feature/commons-strbuilder 
Java: Add support for commons-lang's StrBuilder class
 2021-02-23 14:39:11 +01:00
Taus
53711dc82f Merge pull request #5238 from RasmusWL/no-flow-default-value 
Python: Highlight missing flow from default value in functions
 2021-02-23 13:27:41 +01:00
CodeQL CI
3f7f963ed5 Merge pull request #5227 from erik-krogh/infTest 
Approved by asgerf
 2021-02-23 04:03:18 -08:00
Erik Krogh Kristensen
539ef49b11 change join order for SystemCommandExecutors - and use ApiGraphs::getACall 2021-02-23 12:49:25 +01:00
Erik Krogh Kristensen
56405f40b0 change join order for summarizedHigherOrderCall 2021-02-23 12:48:24 +01:00
Erik Krogh Kristensen
b3aa358177 outline callee computation - to avoid many joins on getACall 2021-02-23 12:48:20 +01:00