codeql

mirror of https://github.com/github/codeql.git synced 2026-02-19 08:23:45 +01:00

Author	SHA1	Message	Date
Tony Torralba	3edc8bc679	Doc improvements	2021-07-29 15:35:39 +02:00
Tony Torralba	d9fb650dfb	JacksonCreateParserMethod converted to CSV summay model	2021-07-29 15:19:30 +02:00
Tony Torralba	b20d53cfd4	Update java/ql/src/semmle/code/java/security/OgnlInjection.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-07-29 15:08:27 +02:00
Alexandre Boulgakov	e55bd4fb64	C++: Allow querying virtual, override, and final declaration specifiers.	2021-07-29 14:02:03 +01:00
Mathias Vorreiter Pedersen	41d233f086	C++: Make the 'definition by reference'-node in 'foo(a.b);' a source in the 'FieldConfiguration' configuration.	2021-07-29 14:49:59 +02:00
Mathias Vorreiter Pedersen	a082172422	C++: Add testcase demonstrating missing local flow out of fields that are defined by reference.	2021-07-29 14:46:32 +02:00
Nick Rolfe	e757d2e654	Merge pull request #241 from github/fix_yml Fix invalid file-type identifier	2021-07-29 12:05:10 +01:00
Arthur Baars	c568162256	Use a single TrapWriter The output of two distinct TrapWriters should not be written to the same TRAP file because this causes name clashes between TRAP labels.	2021-07-29 12:50:27 +02:00
Nick Rolfe	4aacdafb38	Fix invalid file-type identifier Upper-case characters are not allowed.	2021-07-29 11:49:22 +01:00
mc	8f1fc9e893	Update MvelInjection.qhelp Minor tweaks	2021-07-29 11:30:19 +01:00
Arthur Baars	cc1bdf1fc3	Add charpred to RubyFile class	2021-07-29 11:48:35 +02:00
Joe Farebrother	143b302eef	Merge pull request #6384 from joefarebrother/test-gen-improvements Java: Test generator: use getComponentType	2021-07-29 10:47:37 +01:00
Joe Farebrother	3b430d4925	Use getComponentType	2021-07-29 10:11:22 +01:00
Joe Farebrother	f7099f459f	Java: Test generator: use getComponentType	2021-07-29 10:08:45 +01:00
Artem Smotrakov	83a9b0ee28	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-07-29 11:04:21 +02:00
mc	ebf004a4df	Update MissingJWTSignatureCheck.qhelp Using same syntax as on other queries for 'BAD' and 'GOOD'.	2021-07-29 09:13:00 +01:00
Benjamin Muskalla	b7b74b51a3	Track taint for String.valueOf(..)	2021-07-29 09:14:03 +02:00
Arthur Baars	fcf2d4cbd2	Apply suggestions from code review Co-authored-by: Nick Rolfe <nickrolfe@github.com>	2021-07-29 09:02:57 +02:00
Geoffrey White	ae35ae10e6	C++: Fix readlink FPs.	2021-07-28 17:45:18 +01:00
Fosstars	893f84fbf4	Merge branch 'unsafe-jackson-deserialization' of github.com:artem-smotrakov/ql into unsafe-jackson-deserialization	2021-07-28 18:25:53 +02:00
Fosstars	50497eb747	Make imports as private as possible	2021-07-28 18:25:05 +02:00
ihsinme	2d5a263799	Update FindIncorrectlyUsedExceptions.ql	2021-07-28 18:46:49 +03:00
Geoffrey White	c2ef58d29d	C++: Support 'readlinkat'.	2021-07-28 16:15:28 +01:00
Geoffrey White	358d89f3ce	C++: Add tests.	2021-07-28 16:15:16 +01:00
Joe Farebrother	d900fcaf42	Merge pull request #6374 from joefarebrother/test-gen-improvements Java: Add support for synthetic fields to the test generator	2021-07-28 16:02:47 +01:00
Artem Smotrakov	7fec575df8	Simplify JsonTypeInfo stub Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-07-28 14:23:50 +02:00
Shati Patel	65e9262b41	Merge pull request #556 from github/shati-patel-patch-1 Update CODEOWNERS	2021-07-28 12:56:48 +01:00
Shati Patel	0c4674cf86	Update CODEOWNERS Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>	2021-07-28 11:54:25 +01:00
Shati Patel	e83af8e4ea	Update CODEOWNERS	2021-07-28 11:42:33 +01:00
Joe Farebrother	9ddae3e9f6	Fix spelling Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>	2021-07-28 10:12:17 +01:00
Tony Torralba	3248f458a5	Update java/change-notes/2021-06-14-groovy-code-injection-query.md Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2021-07-28 10:45:03 +02:00
haby0	eda3d864f5	Model written using smowton	2021-07-28 15:55:47 +08:00
valeria-meli	f3c0bf7826	copy-paste from our repo	2021-07-27 18:09:11 -03:00
Aditya Sharad	d7c29791de	Merge pull request #6368 from bmuskalla/addMissingKeywords Add missing keywords to language specification	2021-07-27 11:08:25 -07:00
Felicity Chapman	0714f4abbb	Merge pull request #6339 from github/package-manager-docs [July 27-8, 2021] CodeQL package manager: update CodeQL CLI docs (beta)	2021-07-27 18:24:03 +01:00
Arthur Baars	1d245b8d2e	Merge pull request #237 from github/aibaars/rules-sarif Build/Release: create rules.sarif file	2021-07-27 18:49:50 +02:00
Arthur Baars	dacd3f3d19	Update dbscheme stats	2021-07-27 18:43:51 +02:00
Arthur Baars	4d18ec226a	Fix dataset_measure.yml	2021-07-27 18:43:51 +02:00
Arthur Baars	38eb6c112f	Add ERB extraction	2021-07-27 18:43:51 +02:00
Arthur Baars	768a751271	Add upgrade script	2021-07-27 18:43:51 +02:00
Arthur Baars	866ff7b1f6	Replace Generated module with Ruby	2021-07-27 18:43:44 +02:00
Arthur Baars	02bf895a4a	Update dbscheme type references	2021-07-27 18:42:21 +02:00
Joe Farebrother	2d862ef119	Support synthetic fields	2021-07-27 17:28:53 +01:00
Arthur Baars	2e10f8f054	Prefix dbscheme entries with language name	2021-07-27 18:17:19 +02:00
Arthur Baars	fe868e4c05	Ruby-Generator: add --dbscheme and --library flags	2021-07-27 18:17:19 +02:00
Arthur Baars	fc8f5919f3	Remove Ruby specific parts from FileSystem.qll	2021-07-27 18:17:15 +02:00
Chris Smowton	23de0859ea	Add missing models and other minor improvements per Marcono1234's review	2021-07-27 16:03:39 +01:00
Joe Farebrother	a8cca4ba0e	Merge pull request #6373 from joefarebrother/test-gen-improvements Java: Test generator improvements	2021-07-27 15:44:56 +01:00
Chris Smowton	0049b8e3c4	Merge pull request #6371 from github/smowton/admin/test-generator-notice-bad-rows Add test-case generator check for non-parseable rows	2021-07-27 15:44:01 +01:00
Joe Farebrother	309f0e7c26	Fix handling of arrays	2021-07-27 15:05:57 +01:00

... 242 243 244 245 246 ...

40697 Commits