hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,693 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
1e511c0a9e Merge pull request #6137 from smowton/smowton/feature/java-util-optional 
Java: Model java.util.Optional
 2021-06-24 13:21:36 +02:00
Arthur Baars
6bed50a86b Rename predicate with snake cased name 2021-06-24 11:59:13 +02:00
Tamás Vajk
173be0cce0 Merge pull request #6144 from tamasvajk/feature/stub-dapper 
C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlC…
 2021-06-24 11:41:12 +02:00
Rasmus Wriedt Larsen
686638a65f Merge pull request #6049 from RasmusWL/jmespath 
Python: Add modeling of `jmespath`
 2021-06-24 11:13:19 +02:00
Tamas Vajk
477dfa28ec Fix framework coverage commenting action 
This commit handles the case when the current run finds no coverage change and the previous run is identified,
but it doesn't have the required artifacts.
 2021-06-24 10:44:36 +02:00
Mathias Vorreiter Pedersen
c8c77396fa C++: Get rid of the trivial 'True' condition. Turns out it's not actually needed. 2021-06-24 09:57:54 +02:00
Mathias Vorreiter Pedersen
656ff4aee9 C++: Add more QLDoc. 2021-06-24 09:57:25 +02:00
Mathias Vorreiter Pedersen
d70ea5f6e0 Update cpp/ql/src/semmle/code/cpp/controlflow/StackVariableReachability.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-06-24 09:27:11 +02:00
Edoardo Pirovano
0909c9ff22 Performance: Fix bad join order in dataflow library 2021-06-24 08:24:17 +01:00
Tamas Vajk
ad6e47be39 Apply code review findings 2021-06-24 09:13:08 +02:00
Tamas Vajk
7557b7a67d Add scheduled coverage job to open PR with changes 2021-06-24 09:13:08 +02:00
Tamás Vajk
4a19a9978a Merge pull request #6115 from tamasvajk/feature/framework-coverage-comment-noise 
Only post comment with framework coverage change if it changed or wasn't done before
 2021-06-24 08:44:03 +02:00
CodeQL CI
c02c96369d Merge pull request #6139 from erik-krogh/colors 
Approved by esbena
 2021-06-23 14:02:17 -07:00
Mathias Vorreiter Pedersen
2938ad5f8f C++: Add testcase demonstrating the fix from a8c57ec4aa. 2021-06-23 23:01:49 +02:00
jorgectf
e0013fcdbb Fix Concepts.qll dependencies 2021-06-23 21:29:35 +02:00
jorgectf
7b9cbafd62 Move flask_mail to libraries/ 2021-06-23 21:28:11 +02:00
jorgectf
70d651184b Optimize Flask.qll 2021-06-23 21:21:45 +02:00
jorgectf
5e8f9959ef Extend Sendgrid setters 2021-06-23 20:56:48 +02:00
jorgectf
9563faf918 Add Sendgrid modeling 2021-06-23 20:53:17 +02:00
yo-h
ffdc752720 Merge pull request #6059 from smowton/smowton/fix/qualified-name-generic-types 
Adapt to static methods and nested types returning unbound declaring types
 2021-06-23 14:45:51 -04:00
Arthur Baars
b2be1c3b3d Update ql/src/codeql_ruby/ApiGraphs.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2021-06-23 20:40:22 +02:00
Chris Smowton
4c777eb04a Add change note 2021-06-23 18:54:27 +01:00
Geoffrey White
06591956ff C++: Rename some variables. 2021-06-23 17:54:47 +01:00
jorgectf
bf1eb7238e Cover django.core.mail 2021-06-23 18:37:55 +02:00
jorgectf
8ae864827a Format ReflectedXSS.qll 2021-06-23 18:37:33 +02:00
jorgectf
355bb5c734 Format Flask.qll 2021-06-23 18:37:11 +02:00
jorgectf
eac5eba9d2 Move tests and qlref to test/ 2021-06-23 18:36:44 +02:00
Mathias Vorreiter Pedersen
43bbd4f7ad C++: Fix join order with 'pragma[noopt]'. 2021-06-23 18:34:04 +02:00
Geoffrey White
a2c904d0c0 C++: Clarify the meanings of predicates. 2021-06-23 17:17:50 +01:00
Geoffrey White
eeb84d4209 C++: Add more test cases for the toctou query. 2021-06-23 17:12:53 +01:00
Tamás Vajk
8518e7c5a3 Merge pull request #6146 from tamasvajk/feature/stub-nhibernate 
C#: Change nHibernate stub to nuget-based one
 2021-06-23 18:00:45 +02:00
Tamás Vajk
4dc70fa959 Merge pull request #6145 from tamasvajk/feature/stub-jsonnet 
C#: Change Newtonsoft.Json stub to nuget-based one
 2021-06-23 18:00:27 +02:00
Chris Smowton
f6ba4e0235 Merge pull request #6142 from artem-smotrakov/better-spring-exporters 
Added sinks for RmiBasedExporter and HessianExporter
 2021-06-23 16:39:10 +01:00
CodeQL CI
469e709113 Merge pull request #6055 from RasmusWL/rsa-modeling 
Approved by yoff
 2021-06-23 08:35:25 -07:00
jorgectf
c323fbbf3c Cover Flask-SendMail (Flask-Mail copy) 2021-06-23 17:26:14 +02:00
Chris Smowton
9c91d1a965 Add change note 2021-06-23 16:09:29 +01:00
jorgectf
ae84df817a Extend ReflectedXSS query 2021-06-23 17:08:28 +02:00
Chris Smowton
74feaf2893 Adapt to static methods and nested types returning unbound declaring types 
Previously these returned raw declaring types instead
 2021-06-23 16:03:18 +01:00
Chris Smowton
b34448af87 {Generic,Parameterized,Raw}Type: implement getAPrimaryQlClass 
An aid to debugging
 2021-06-23 15:58:31 +01:00
Tom Hvitved
9438885776 Merge pull request #216 from github/hvitved/synthesis-location 
AST synthesis: Move location information into a separate predicate
 2021-06-23 16:50:17 +02:00
Mathias Vorreiter Pedersen
9b8f558fb8 Merge pull request #6125 from MathiasVP/improve-tainted-arithmetic 
C++: Add more barriers to `cpp/tainted-arithmetic`
 2021-06-23 16:44:20 +02:00
Nick Rolfe
c784e37089 Add regexp parser and exponential ReDoS query 2021-06-23 15:29:49 +01:00
Mathias Vorreiter Pedersen
295e022df3 Merge branch 'main' into improve-tainted-arithmetic 2021-06-23 15:45:18 +02:00
Ian Lynagh
089e4e2e1e Merge pull request #6147 from AlexDenisov/adjust_test_expectation 
C++: Adjust test expectations after frontend upgrade
 2021-06-23 14:43:47 +01:00
Alex Ford
e5f0206c6d Merge pull request #208 from github/action-controller-1 
Model accesses to `ActionController` parameters via `params` method
 2021-06-23 14:21:55 +01:00
Alex Ford
0238c19085 remove TODO 2021-06-23 14:11:38 +01:00
Alex Ford
5941eb2be4 model some ActionController user input sources (params) 2021-06-23 14:11:38 +01:00
Alex Ford
9227f3a0c3 Add RemoteFlowSources.qll 2021-06-23 14:11:38 +01:00
Mathias Vorreiter Pedersen
a8c57ec4aa C++: Prevent false negatives caused by incorrectly concluding that a loop variant condition refutes itself across loop iterations. 2021-06-23 15:08:16 +02:00
Tamas Vajk
b0447089d9 C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlClient) 2021-06-23 15:04:57 +02:00