hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,693 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
4094fa9db3 Docs: Query classification and display 
Converted from Semmle wiki
 2020-07-27 10:06:16 +01:00
ubuntu
8dee3da4fe Update .qhelp 2020-07-26 23:50:22 +02:00
ubuntu
ac7c511d86 Update .qhelp 2020-07-26 23:47:53 +02:00
ubuntu
2cec8f7e9d Update .qhelp 2020-07-26 23:23:56 +02:00
ubuntu
c469f71957 Add Codeql query to detect if cookies are sent without the flag being set 2020-07-26 22:56:36 +02:00
luchua-bc
01fb51829c Unsecure basic authentication 2020-07-24 20:35:09 +00:00
Rasmus Wriedt Larsen
e0016f6c52 Python: CG trace: Mention adding projects in README 2020-07-24 20:08:39 +02:00
Rasmus Wriedt Larsen
aca703e131 Python: CG trace: Add support for flask 2020-07-24 20:06:53 +02:00
Rasmus Wriedt Larsen
bb80635dc3 Python: CG trace: Updated README 2020-07-24 19:35:06 +02:00
Rasmus Wriedt Larsen
ecafc760e8 Python: CG trace: Improved debugging queries a bit 2020-07-24 19:34:51 +02:00
Rasmus Wriedt Larsen
2407c8b07e Python: CG trace: Better handling of builtins without __module__ 
Not 100% perfect, but better
 2020-07-24 19:13:53 +02:00
Rasmus Wriedt Larsen
9c76618d8b Python: CG trace: Make ./helper.sh show help again 2020-07-24 18:59:29 +02:00
Rasmus Wriedt Larsen
8057e11fe4 Python: CG trace: Add ./helper.sh metrics command 2020-07-24 18:38:12 +02:00
Rasmus Wriedt Larsen
779a82ee07 Python: CG trace: Minor cleanup in helper.sh 2020-07-24 18:37:48 +02:00
Rasmus Wriedt Larsen
4c689434c3 Python: CG trace: Restructure QL code 2020-07-24 17:00:13 +02:00
Rasmus Wriedt Larsen
321d5104f0 Python: CG trace: Autogenerate BytecodeExpr.qll 
Some code I had lying around, just hadn't comitted.

Not that useful since most of these have been disabled in 55404ae98 for now.
 2020-07-24 16:51:14 +02:00
Rasmus Wriedt Larsen
a7bc9544b6 Python: CG trace: Metrics, number of recorded calls not ignored 
turned out to be useful after all :P
 2020-07-24 16:49:54 +02:00
Chris Smowton
75d69efb15 Merge pull request #267 from smowton/smowton/feature/print-ast-label-package-node 
PrintAst: Label File nodes' package-name children, and ensure that child comes before all declarations
 2020-07-24 13:30:12 +01:00
Chris Smowton
b4e15fb17a Merge pull request #268 from smowton/smowton/admin/downgrade-checkout-action 
Downgrade to checkout@v1 to work around https://github.com/actions/checkout/issues/237
 2020-07-24 13:28:06 +01:00
Chris Smowton
8aaa7c8925 Downgrade to checkout@v1 to work around https://github.com/actions/checkout/issues/237 2020-07-24 11:24:51 +01:00
Chris Smowton
454993fe64 PrintAst: Label File nodes' package-name children, and ensure that child comes before all declarations 2020-07-24 11:08:57 +01:00
Shati Patel
bb05db5c98 Convert C/C++ article 2020-07-24 12:07:17 +02:00
Rasmus Wriedt Larsen
367a49803b Python: CG trace: handle class instantiation properly in points-to 2020-07-24 11:19:11 +02:00
Porcupiney Hairs
7a71ca3e0f fix tests. 2020-07-24 00:57:19 +05:30
Rasmus Wriedt Larsen
3ead2e3dc7 Python: CG trace: Improve performance by only logging when needed 
Seems like a 2x performance overall

wcwidth:
  - DEBUG=True 5.78 seconds
  - DEBUG=False 2.70 seconds

youtube-dl
  - DEBUG=True 238.90 seconds
  - DEBUG=False 120.70 seconds
 2020-07-23 20:14:49 +02:00
Rasmus Wriedt Larsen
c49311e69e Python: Fix JinjaSSTISinks.expected 2020-07-23 20:11:27 +02:00
Rasmus Wriedt Larsen
fbd939133e Python: CG trace: More caching 
Improves runtime of tracing youtube-dl from 296.19 seconds to 224.50 seconds.

Better, but still not that amazing :|
 2020-07-23 18:07:55 +02:00
Rasmus Wriedt Larsen
ce42221cf7 Python: CG trace: Fix some printing in helper.sh 2020-07-23 17:57:52 +02:00
Rasmus Wriedt Larsen
55404ae980 Python: CG trace: Experiment with disabling some opcodes 
Currently not supported in the QL code, so no reason to pay performance to
record them right now :P
 2020-07-23 17:39:43 +02:00
Rasmus Wriedt Larsen
14c51eb3c7 Python: CG trace: XML exporter will tell what file it wrote to 2020-07-23 17:38:54 +02:00
Rasmus Wriedt Larsen
c45cc2aa2f Python: CG trace: Add helper.sh to run tracing against real projects 2020-07-23 17:37:01 +02:00
Rasmus Wriedt Larsen
5d031d7abe Python: CG trace: Fix sorting of ExternalCallee 
Also exposed that the better_compare_for_dataclass was exposed to bad loop
variable capture :|
 2020-07-23 17:36:31 +02:00
Rasmus Wriedt Larsen
03d22fa8e3 Python: Fix filenames in qhelp 2020-07-23 17:32:01 +02:00
Rasmus Wriedt Larsen
e283d289fd Python: Update TemplateInjection.qhelp 
Moved things around so there is only a single `<example>` tag (and had to rewrite contents a bit).
 2020-07-23 17:23:26 +02:00
Ricter Z
bb2d5ea6b5 add some sinks in commonly-used SQL libraries 2020-07-23 16:19:42 +01:00
Porcupiney Hairs
1e7921e575 add qhelp and fix tests. 2020-07-23 20:04:32 +05:30
porcupineyhairs
8e85dc755a Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-23 19:37:40 +05:30
Rasmus Wriedt Larsen
da518ed0d5 Python: CG trace: Remove Python 3.8 only f"{var=}" usage 2020-07-23 14:01:29 +02:00
Rasmus Wriedt Larsen
bb4b8dceaa Python: CG trace: More robust logging setup 2020-07-23 14:01:29 +02:00
semmle-qlci
bb5b161d72 Merge pull request #3972 from shati-patel/merge-rc 
Approved by mchammer01
 2020-07-23 11:30:45 +01:00
Shati Patel
2326f31749 Merge branch 'rc/1.24' into merge-rc 2020-07-23 12:18:30 +02:00
Rasmus Wriedt Larsen
a97f942a17 Python: Autoformat 2020-07-23 11:38:34 +02:00
Felicity Chapman
40c998fa13 Merge pull request #3969 from alexey-tereshenkov-oxb/master 
Python: Fix typo in qhelp file
 2020-07-23 10:37:37 +01:00
Mathias Vorreiter Pedersen
a4242bcb5d Merge pull request #3962 from rdmarsh2/ir-barrierguard-checks-expr 
C++: make IR BarrierGuard::checks match AST
 2020-07-23 09:21:37 +02:00
Alexey Tereshenkov
7840dfce3b Put the closing tag back 2020-07-22 20:51:29 +01:00
Alexey Tereshenkov
e2939377e9 Update python/ql/src/Expressions/WrongNumberArgumentsForFormat.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-07-22 20:07:34 +01:00
Alexey Tereshenkov
a6eb3caa5f Update python/ql/src/Expressions/WrongNumberArgumentsForFormat.qhelp 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-07-22 20:07:27 +01:00
Rasmus Wriedt Larsen
9157385571 Python: CG trace: XML can export list of dataclass 2020-07-22 17:40:59 +02:00
Alexey Tereshenkov
a5f566b563 Fix typo 2020-07-22 15:39:50 +01:00
Chris Smowton
b9e61115f3 Merge pull request #266 from sauyon/query-tags 
Add correctness tag to MistypedExponentiation
 2020-07-22 15:27:46 +01:00