hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 00:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,693 Branches 160 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
ee51e1593f Merge pull request #6217 from hvitved/csharp/dataflow/csv-override-fix 
C#: Fix CSV overrides logic
 2021-08-03 12:11:26 +02:00
Chris Smowton
36379146c5 Resync dataflow clone 2021-08-03 11:03:30 +01:00
Joe Farebrother
a4659f4e96 Exclude package protected members 2021-08-03 10:51:39 +01:00
Chris Smowton
afa827829a Make imports private where possible 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-08-03 10:36:46 +01:00
Chris Smowton
a52c4746bc Improve docs 2021-08-03 10:36:46 +01:00
Chris Smowton
75310a6609 Create a dataflow instance specifically for the Serializability library 
Otherwise because this dataflow instance populates AdditionalTaintStep there is an ever-present danger that a user will stumble into creating a recursive configuration, or at least that by using DataFlow5::Configuration for any other purpose they will needlessly recalculate the Serializability dataflow results.
 2021-08-03 10:36:46 +01:00
Chris Smowton
f83f950be6 Merge pull request #6325 from smowton/smowton/feature/org-json-models 
Java: add models of JSON-java, aka `org.json`
 2021-08-03 10:33:49 +01:00
Mathias Vorreiter Pedersen
3a456577d8 Merge pull request #6378 from geoffw0/impropnull 
C++: Test and improve cpp/improper-null-termination
 2021-08-03 11:32:15 +02:00
CodeQL CI
07f6ce7f3b Merge pull request #6398 from erik-krogh/authHeader 
Approved by esbena
 2021-08-03 02:04:35 -07:00
CodeQL CI
394d3349ac Merge pull request #6213 from asgerf/js/vuex 
Approved by erik-krogh
 2021-08-03 01:49:06 -07:00
Geoffrey White
bb96ca3e00 Merge branch 'main' into impropnull 2021-08-03 09:37:58 +01:00
Anders Schack-Mulligen
62adefb015 Merge pull request #6400 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-03 10:36:27 +02:00
Geoffrey White
db292287db Merge branch 'main' into impropnull 2021-08-03 09:34:16 +01:00
Tony Torralba
084cda6daa Merge branch 'main' into atorralba/promote-groovy-injection 2021-08-03 09:53:46 +02:00
Tony Torralba
36565802dc Delete unnecesary file 
RequestForgery.expected in experimental was an artifact from a merge that wasn't adequately removed
 2021-08-03 09:48:04 +02:00
Tony Torralba
8852f69d36 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-08-03 09:46:32 +02:00
CodeQL CI
a27cb4b1ae Merge pull request #6399 from erik-krogh/nunjucks 
Approved by esbena
 2021-08-03 00:45:37 -07:00
Erik Krogh Kristensen
f1f44ceee7 add change-note 2021-08-03 09:11:27 +02:00
Erik Krogh Kristensen
6b579dfad3 normalize auth-headers to lowercase 2021-08-03 09:09:47 +02:00
Erik Krogh Kristensen
116679d8b6 simplify union 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
8f613b6b16 rename seq to visitSequence 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
e56e56c14e use Collection instead of Iterable 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
1479376f23 rename visit to visitWithSuccessors to avoid ambiguity 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
4289875747 make utility methods static 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
94a593b208 rename entry and exit to getEntryNode and getExitNode respectively 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
366a16f700 rename the V class to WriteSuccessorsVisitor 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
c059ceaee9 add qldoc to union(xs, ys) 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
8db10aeb9d add JavaDoc to createIterable and createReversedIterable 2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen
8fdcd917ee rename foreach and hcaerof to createIterable and createReversedIterable respectively 2021-08-03 08:59:32 +02:00
Erik Krogh Kristensen
014728a66a implement hcaerof in terms of foreach 2021-08-03 08:59:32 +02:00
Erik Krogh Kristensen
ca26b5ebbc rename succ to writeSuccessor/writeSuccessors 2021-08-03 08:59:32 +02:00
Asger Feldthaus
c88d213f37 JS: Use appendToNamespace 2021-08-03 08:52:19 +02:00
Asger Feldthaus
f5f255d93d JS: Rename getPrefix -> getNamespace 2021-08-03 08:51:35 +02:00
Asger F
ff17d298b0 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-08-03 08:45:56 +02:00
github-actions[bot]
cd65baf481 Add changed framework coverage reports 2021-08-03 00:07:34 +00:00
Ethan Palm
2c6977e5e2 Merge pull request #6327 from ethanpalm/cwe-coverage-tables 
CodeQL: Display CWE coverage information by language
 2021-08-02 18:00:01 -04:00
Erik Krogh Kristensen
87c0c60c22 don't report dummy authentication headers as hardcoded-crendentials 2021-08-02 22:56:14 +02:00
Erik Krogh Kristensen
f719e0ca1b remove nunjucks template URLs from the target-blank query 2021-08-02 22:46:59 +02:00
Ethan P
6a6993248d Add note to readme about CWE coverage tables 2021-08-02 13:34:26 -07:00
Nick Rolfe
f2af68f8cf Clean up script file locations 2021-08-02 18:21:50 +01:00
Arthur Baars
2c8b1fa6da Merge pull request #231 from github/aibaars/makefile 
Add makefile
 2021-08-02 18:31:16 +02:00
Arthur Baars
38f82ffc3c Update Makefile 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-08-02 18:01:59 +02:00
Benjamin Muskalla
60c7003667 Optimize return type check 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
fda394858b Turn external API query into diagnostics query 
* Expose (partial) CSV model for the API
* Rework and simplify predicates
 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
8595ae71f7 Simplify api coverage detection 
Fixes a bug that doesn't take super types into account
when computing the usage of a specific API.
 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
3365634259 Expose csv parameter format predicate 2021-08-02 17:14:44 +02:00
Benjamin Muskalla
aab633eced Reformat 2021-08-02 17:14:43 +02:00
Benjamin Muskalla
2064915d3b Fold JDK API query into external API query 2021-08-02 17:14:43 +02:00
Benjamin Muskalla
0c04c9a2c2 Fix aggregation of jar usages 2021-08-02 17:14:43 +02:00
Benjamin Muskalla
722889e881 Make id unique 2021-08-02 17:14:42 +02:00