codeql

mirror of https://github.com/github/codeql.git synced 2026-02-24 10:53:49 +01:00

Author	SHA1	Message	Date
Tom Hvitved	b2a7a3ed30	Merge pull request #5674 from hvitved/csharp/ssa/call-graph-perf C#: Improve performance of `SsaImpl::CallGraph::SimpleDelegateAnalysis`	2021-04-20 11:51:52 +02:00
Geoffrey White	2b7e599dc4	Merge pull request #5703 from MathiasVP/improve-access-of-memory-location-after-end-of-buffer-using-strncat C++: Improve cpp/access-memory-location-after-end-buffer-strncat	2021-04-20 10:44:24 +01:00
Alex Ford	28e46c8915	add FLinesOfCode.ql metric query	2021-04-20 10:12:52 +01:00
Mathias Vorreiter Pedersen	61d4d17225	C++: Simplify smart pointer model and accept test changes.	2021-04-20 09:57:58 +02:00
Tamás Vajk	408954e4d8	C#: Add Dapper to supported frameworks	2021-04-20 09:30:47 +02:00
haby0	0053158884	update qhelp file and ql comments	2021-04-20 10:58:54 +08:00
thank_you	c5fbbc0551	Refactor SqlAlchemy model - Replaced classes that look for SqlAlchemy instances with predicates - General clean-up of code	2021-04-19 18:56:00 -04:00
yo-h	87cd72496c	Java: add extractor `diagnostic` queries	2021-04-19 15:34:16 -04:00
yo-h	cb524b6c19	Merge pull request #5611 from github/yo-h/java16 Java: adjust test `options` for JDK 16 upgrade	2021-04-19 15:12:23 -04:00
Taus	bc6685aa3f	Python: Fix typo Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2021-04-19 19:57:35 +02:00
Alex Ford	7bfc61789d	line count MetricFile predicates	2021-04-19 18:08:01 +01:00
Alex Ford	62bf58b289	WIP: populate numlines table	2021-04-19 18:06:35 +01:00
Chris Smowton	027a540c67	Update test expectations now that tuple-extracts not method calls are sources	2021-04-19 17:05:50 +01:00
Chris Smowton	a367950014	Restore OpenRedirect's exclusion of POST-only request components	2021-04-19 17:05:23 +01:00
Chris Smowton	685f4fa2a6	Add change note	2021-04-19 16:13:16 +01:00
Chris Smowton	7d258ae722	Improve net/http taint-tracking fidelity * Don't taint error returns from http.Request methods * Track taint across mime/multipart.Part methods	2021-04-19 16:05:23 +01:00
Anders Schack-Mulligen	5458c02cc2	Merge pull request #5456 from aschackmull/java/adopt-flow-summary Java: Use shared flow summary library for CSV models.	2021-04-19 16:21:10 +02:00
Anders Schack-Mulligen	33db0c13cd	Merge pull request #5689 from github/aeisenberg/rework-staleness Actions: Change staleness calculation	2021-04-19 15:57:41 +02:00
Tom Hvitved	9128ec72ad	C#: A few minor SSA performance tweaks	2021-04-19 15:51:14 +02:00
Anders Schack-Mulligen	80eb0a2df6	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2021-04-19 15:45:58 +02:00
CodeQL CI	437bba1e3c	Merge pull request #5716 from erik-krogh/vscodeRegress Approved by esbena	2021-04-19 06:30:02 -07:00
Tom Hvitved	15e4b7f95d	C#: Remove CP from `HardcodedCredentials::getCredentialSink`	2021-04-19 15:03:11 +02:00
haby0	0159956fa5	Fix Modify the ql query (the qhelp part is not modified).	2021-04-19 21:03:01 +08:00
Rasmus Wriedt Larsen	d607c13ab6	Python: Taint tests: include elment for forgotten MISSING	2021-04-19 15:01:42 +02:00
haby0	8296abcea8	Fix Modify the ql query (the qhelp part is not modified).	2021-04-19 20:59:47 +08:00
Rasmus Wriedt Larsen	9585390941	Python: Taint tests, report error location first To better match the standard output from inline expectation tests	2021-04-19 14:59:47 +02:00
Rasmus Wriedt Larsen	b2cb284ff2	Python: Add more examples of what is ok with new taint tests	2021-04-19 14:56:20 +02:00
Anders Schack-Mulligen	7d84cfacef	Java: Add MapKeyContent and MapValueContent.	2021-04-19 14:06:27 +02:00
Anders Schack-Mulligen	39862740e0	Java: Convert support for fluent interfaces.	2021-04-19 14:06:27 +02:00
Anders Schack-Mulligen	579c955892	Java: Adjust some tests.	2021-04-19 14:06:27 +02:00
Anders Schack-Mulligen	175c71221a	Java: Adjust some test output with more edges/nodes.	2021-04-19 14:06:27 +02:00
haby0	23b508c5e7	Merge remote-tracking branch 'upstream/main' into UseOfLessTrustedSource	2021-04-19 20:05:49 +08:00
Anders Schack-Mulligen	60965b0d8c	Java: Adjust some csv models.	2021-04-19 14:02:19 +02:00
Anders Schack-Mulligen	a27dac029f	Java: Use shared flow summary library for csv models.	2021-04-19 14:02:19 +02:00
Chris Smowton	36abf8733e	Merge pull request #5714 from aschackmull/java/add-misc-qltests Java: Add a few qltests	2021-04-19 13:00:10 +01:00
Taus	9acc71a7cb	Python: Get rid of all `_attr` methods in `Django.qll`	2021-04-19 11:54:10 +00:00
Erik Krogh Kristensen	9e6f28e335	fix bad join order in Xss.qll	2021-04-19 13:17:49 +02:00
Anders Schack-Mulligen	29aec0d770	Java: Adjust expected output.	2021-04-19 13:16:46 +02:00
Anders Schack-Mulligen	c5193cf03f	Apply suggestions from code review	2021-04-19 13:14:56 +02:00
Anders Schack-Mulligen	06514159be	Java: Add XXE tests.	2021-04-19 10:58:21 +02:00
Anders Schack-Mulligen	daad62c4e0	Java: Add TaintedPath test.	2021-04-19 10:07:03 +02:00
Jonas Jensen	1ab75eb6f4	Merge pull request #5708 from github/fix-id-in-JsonpInjection-1 Java: Fix id in experimental JsonpInjection.ql query	2021-04-19 08:23:34 +02:00
yoff	118840dad4	Merge pull request #5690 from tausbn/python-disallow-post-update-nodes-as-local-source-nodes Python: Disallow `PostUpdateNode` as `LocalSourceNode`	2021-04-19 06:56:11 +02:00
ihsinme	c2d97b98e2	Merge branch 'main' into ihsinme-patch-259	2021-04-18 21:01:56 +03:00
Mathias Vorreiter Pedersen	e36b42a03f	Java: Fix invalid id in experimental query The invalid id broke CI here: https://github.com/github/codeql/pull/5703 (see https://github.slack.com/archives/CPSEA0G22/p1618602834224600)	2021-04-17 09:47:15 +02:00
edvraa	29e320627f	Regex injection	2021-04-16 23:29:08 +03:00
Taus	f3661c34ee	Python: Clean up Django models using API graphs First sweep. Takes care of most of the models.	2021-04-16 19:53:36 +00:00
Mathias Vorreiter Pedersen	95742aec69	C++: Accept test changes for the other experimental query in the directory. This is only a change in line numbers.	2021-04-16 21:29:17 +02:00
Mathias Vorreiter Pedersen	64f8316a6d	C++: Tidy up the ql file and accept test changes.	2021-04-16 21:22:13 +02:00
Mathias Vorreiter Pedersen	1e327289b2	C++: Add false negative test.	2021-04-16 18:38:51 +02:00

... 332 333 334 335 336 ...

41418 Commits