hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 12:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,689 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
110302678c add model for EventEmitter in NodeJS, and base the Electron::IPC model on top of the new EventEmitter model 2019-12-09 14:27:35 +01:00
Calum Grant
3049bf2c85 Merge pull request #2358 from cldrn/ASPNetPagesValidateRequest 
Adds CodeQL query to check for Pages with disabled built-in validation
 2019-12-09 13:05:03 +00:00
Max Schaefer
7876c37998 Merge pull request #14 from henrymercer/fix-contributing-link 
Fix Code of Conduct link in CONTRIBUTING.md
 2019-12-09 12:55:33 +00:00
Henry Mercer
3c08314782 Fix Code of Conduct link in CONTRIBUTING.md 2019-12-09 12:42:46 +00:00
shati-patel
bc2e15c133 Merge pull request #2503 from jf205/support-notes 
CodeQL support docs: remove some full stops
 2019-12-09 12:32:16 +00:00
james
07f35e8b58 docs: remove some full stops 2019-12-09 12:26:53 +00:00
James Fletcher
61d4a87aa4 Merge pull request #2499 from felicitymay/1.23/update-supported-versions 
Update supported versions for 1.23 release
 2019-12-09 12:23:59 +00:00
Tom Hvitved
c562d6757c Merge pull request #2500 from shati-patel/typo 
Fix typos
 2019-12-09 13:06:39 +01:00
Tom Hvitved
25265bddc7 Merge pull request #2494 from calumgrant/cs/roslyn-3.4 
C#: Upgrade Roslyn to 3.4
 2019-12-09 12:21:30 +01:00
Sauyon Lee
bc8974d32d Merge pull request #201 from max/update-data-flow 
Update data flow and taint-tracking libraries
 2019-12-06 18:26:27 -08:00
Henning Makholm
073563a19b Python tests: explicitly specify --lang2 for python2 tests 
This allows them to work with the `LegacyQltLanguage.PYTHON3` extraction recipe.
 2019-12-07 02:38:02 +01:00
Henning Makholm
baacc6f66b Java tests: add queries.xml 
The `queries.xml` file defines which extractor the `codeql test` runner will use
to extract databases for the tests. In the future one will be able to write this
information in `qlpack.yml`, but we can't do that immediately because the
_existing_ CodeQL tooling would  refuse to parse  a `qlpack.yml` that has
the new field in it.
 2019-12-07 02:38:02 +01:00
Henning Makholm
66b3c7cf07 JS tests: add queries.xml 
The `queries.xml` file defines which extractor the `codeql test` runner will use
to extract databases for the tests. In the future one will be able to write this
information in `qlpack.yml`, but we can't do that immediately because the
_existing_ CodeQL tooling would refuse to parse a `qlpack.yml` that has the new
field in it.

Adding a queries.xml file means that the normalization of file names in the test
output changes even with the old QLTest, so there are a number of consequential
updates of expected output files.
 2019-12-07 02:38:02 +01:00
yo-h
ed97be459f Merge pull request #2454 from aschackmull/java/explicit-mul-zero 
Java: Allow explicit zero multiplication in java/evaluation-to-constant.
 2019-12-06 18:13:43 -05:00
Sauyon Lee
34d619038b Merge pull request #200 from Semmle/codeql-test 
Adapt Go tests to `codeql test`
 2019-12-06 10:34:59 -08:00
Henning Makholm
7bc68c4302 Adapt Go tests to codeql test 
These changes make the tests work with the coming `codeql test` support.

The `queries.xml` file defines which extractor the `codeql test`
runner will use to extract databases for the tests. In the future one
will be able to write this information in `qlpack.yml`, but we can't
do that immediately because the _existing_ CodeQL tooling would refuse
to parse a `qlpack.yml` that has the new field in it.
 2019-12-06 18:27:47 +01:00
Shati Patel
f40b1b570c Fix typo 2019-12-06 15:56:01 +00:00
Felicity Chapman
e59d65e67f Update supported versions for 1.23 release 2019-12-06 15:41:18 +00:00
Max Schaefer
62a50bac2a Update taint-tracking libraries. 
This brings `TaintTrackingImpl.qll` up-to-date with the other languages as of https://github.com/Semmle/ql/pull/2480.
 2019-12-06 14:07:35 +00:00
Jonas Jensen
0012fef504 Merge pull request #2497 from hvitved/csharp/remove-cp 
C#: Remove a Cartesian product
 2019-12-06 13:58:33 +00:00
Calum Grant
964f2f25dc Merge pull request #2462 from hvitved/csharp/localvars-refactor 
C#: Handle tuple patterns in `is` expressions
 2019-12-06 12:59:14 +00:00
Calum Grant
4b0a149704 C#: Update qltest output. 2019-12-06 12:41:20 +00:00
Calum Grant
5e6b7be5b8 C#: Update nullability tests. 2019-12-06 12:41:20 +00:00
Calum Grant
5f6527a183 C#: Compare symbols using SymbolEqualityComparer. 2019-12-06 12:41:20 +00:00
Calum Grant
ca195e9340 C#: Update project files to Roslyn 3.4 2019-12-06 12:41:20 +00:00
shati-patel
a5274ad5f2 Merge pull request #2496 from jf205/jf-mergeback-123 
Merge rc/1.23 into master
 2019-12-06 12:24:07 +00:00
Max Schaefer
53f5e13af1 Update data-flow libraries. 
This brings `DataFlowImpl.qll` and `DataFlowImplCommon.qll` up-to-date with the other languages as of https://github.com/Semmle/ql/pull/2480.
 2019-12-06 12:14:53 +00:00
Asger F
abec4badb5 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-06 11:53:09 +00:00
Asger F
344f0b4995 Fix typo in qldoc 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-06 11:53:09 +00:00
Asger F
c1da83bf6c Fix typo in qldoc 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-06 11:53:09 +00:00
Asger F
2acd616e6f JS: Review comments 2019-12-06 11:53:06 +00:00
Anders Schack-Mulligen
5a2ed9fd81 Java: Add change note. 2019-12-06 11:50:27 +00:00
Asger F
bbb6dad726 JS: Update koa testcase 2019-12-06 11:49:59 +00:00
Asger F
b407de01f8 JS: Update TaintBarriers test 2019-12-06 11:49:59 +00:00
Asger F
a6e75259d6 JS: More fine-grained regexp-based sanitizer guards 2019-12-06 11:49:59 +00:00
Asger F
ad6e949bad JS: Introduce RegExpCreationNode 2019-12-06 11:49:59 +00:00
Asger F
4354945c26 JS: Factor out recognition of RegExp flags 2019-12-06 11:49:59 +00:00
Luke Cartey
b940f3e637 Merge pull request #2461 from jf205/codeql-172 
CodeQL training: update QL4E links and provide database instructions
 2019-12-06 11:15:49 +00:00
Tom Hvitved
3a95cd5e9c C#: Remove a Cartesian product 2019-12-06 10:42:59 +00:00
Sauyon Lee
2fc9e37655 Merge pull request #199 from max/notype-test 
Add test for handling of expressions without extracted type.
 2019-12-06 01:59:32 -08:00
Max Schaefer
594824f19c Add test for handling of expressions without extracted type. 2019-12-06 09:21:55 +00:00
james
67eea44678 Merge branch 'rc/1.23' into jf-mergeback-123 2019-12-06 09:16:39 +00:00
Geoffrey White
a3efcf66a6 Merge pull request #2495 from hmakholm/pr/update-c-test 
C++ tests: generalize arguments tests
 2019-12-06 09:10:17 +00:00
Max Schaefer
47f449cc0c Merge remote-tracking branch 'external/master' 2019-12-06 09:04:16 +00:00
Max Schaefer
80e7376189 Merge pull request #198 from sauyon/hardcoded-cred-fix 
HardcodedCredentials: Exclude passwords that include '0123456789'
 2019-12-06 09:02:17 +00:00
Max Schaefer
6bda80a47b Merge pull request #197 from Semmle/rc/1.23 
Merge rc/1.23 into master
 2019-12-06 09:01:18 +00:00
Henning Makholm
6bdf186d1e C tests: generalize arguments tests 
With the coming `codeql test` support, the `predefined_macros` file will not
necessarily be located under a `tools` directory. Change the test to hide more
of its actual path, so it will work in both cases.
 2019-12-06 01:21:17 +01:00
Sauyon Lee
2de7c6f5fc HardcodedCredentials: Exclude passwords that include '0123456789' 2019-12-05 15:37:50 -08:00
Sauyon Lee
eb639c6cf7 Merge pull request #196 from max/no-type 
Make `Expr.getType()` robust against incomplete `type_of` table.
 2019-12-05 14:31:48 -08:00
Tom Hvitved
3e93aa9787 C#: Address review comments 
- Undo split of `localvars` relation.
- Properly extract tuple declarations in `is` expressions.
 2019-12-05 22:31:38 +00:00