hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 04:01:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,689 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felicity Chapman
4f6660887c Update shared data-flow note for feedback 2019-11-26 16:41:30 +00:00
Taus Brock-Nannestad
118275e948 Python: Use import python consistently in all queries. 2019-11-26 17:37:09 +01:00
Anders Schack-Mulligen
deb6a6e5c6 Java: Improve performance by normalizing import order to reduce cache invalidation. 2019-11-26 17:20:01 +01:00
Max Schaefer
f4a24b0353 Improve type information for tuple elements. 
We would previously rely on the type information of the target variable into which the element is stored, but that could be a more general type.

For example, in the assignment

```go
x, y := f()
```

the type of `x` might be an interface while the type of `f()[0]` is a concrete type implementing that interface.
 2019-11-26 16:19:17 +00:00
Taus
e585f1ba85 Merge pull request #1332 from lcartey/python/change-kind 
Python: Update filter queries to have appropriate kind
 2019-11-26 17:15:38 +01:00
Erik Krogh Kristensen
b5a57986c6 small changes based on review feedback 2019-11-26 15:57:31 +01:00
Esben Sparre Andreasen
9ffe03bcce JS: support additional Flow syntax: ... in object types 2019-11-26 15:24:27 +01:00
Erik Krogh Kristensen
7b262fa9cf update expected output 2019-11-26 14:39:09 +01:00
Erik Krogh Kristensen
5a0cabb039 Merge remote-tracking branch 'upstream/master' into typeAheadSink 2019-11-26 14:37:40 +01:00
Erik Krogh Kristensen
ace484a519 change the typeahead.js model to be semantically correct 2019-11-26 14:35:13 +01:00
Taus Brock-Nannestad
35e3e3d2a1 Python: Update change note for 1.23. 2019-11-26 13:58:22 +01:00
Tom Hvitved
355c4f7154 C#: Add change note 2019-11-26 13:54:19 +01:00
Tom Hvitved
71e958eabc C#: Add taint-tracking steps through conversion operator calls 2019-11-26 13:53:50 +01:00
Tom Hvitved
acb069f69b C#: Add data flow tests for conversion operators 2019-11-26 13:53:17 +01:00
Erik Krogh Kristensen
4a94c49d37 changes based on review feedback 2019-11-26 13:40:48 +01:00
Jonas Jensen
b1745f588c Merge pull request #2402 from geoffw0/nospace 
CPP: Make NoSpaceForZeroTerminator.ql more conservative.
 2019-11-26 13:36:05 +01:00
Erik Krogh Kristensen
97718bf1d4 the callback function can both be the second and third argument 2019-11-26 13:00:00 +01:00
semmle-qlci
3d5d178b19 Merge pull request #2439 from erik-krogh/useOfReturnlessFunctionHotfix 
Approved by max-schaefer
 2019-11-26 11:56:57 +00:00
Erik Krogh Kristensen
b06acd1ed0 add change note 2019-11-26 12:52:41 +01:00
Erik Krogh Kristensen
0f948339af add change note 2019-11-26 11:23:30 +01:00
Erik Krogh Kristensen
b6106f9638 keep the ResolvedPromiseDefinition class as a subclass of PromiseCreationCall 2019-11-26 11:16:59 +01:00
Erik Krogh Kristensen
f284b3a2bb Merge remote-tracking branch 'upstream/master' into exceptionXss 2019-11-26 10:54:04 +01:00
Erik Krogh Kristensen
7ee12a3420 change doc based on review feedback 2019-11-26 10:48:24 +01:00
Anders Schack-Mulligen
18e1708036 Merge pull request #2412 from Cornelius-Riemenschneider/nullness-corr-cond 
Java: Nullness library: track instanceof expressions in correlated conditions
 2019-11-26 10:33:34 +01:00
Erik Krogh Kristensen
fed2675f76 remove FP in use-of-returnless-function FP related to calls to super() 2019-11-26 10:17:04 +01:00
Erik Krogh Kristensen
89dac23969 remove 3 FP sources from use-of-returnless-function 2019-11-26 10:16:18 +01:00
semmle-qlci
fb44aa18bd Merge pull request #2428 from erik-krogh/useOfReturnlessFunctionSuperCalls 
Approved by max-schaefer
 2019-11-26 09:14:08 +00:00
semmle-qlci
cf92022c89 Merge pull request #2420 from erik-krogh/safeStringSink 
Approved by asgerf
 2019-11-26 08:09:05 +00:00
Robert Marsh
60b384a6e5 C++/C#: use line numbers for instruction IDs 
This should reduce the number of merge conflicts in the IR tests resulting
from instruction ID changes due to inserting or removing instructions
 2019-11-25 18:27:59 -05:00
yo-h
1a07f215ad Merge pull request #2436 from felicitymay/1.23/SD-4095-finalize-change-notes-java 
1.23: SD-4095 finalize change notes for Java
 2019-11-25 18:19:25 -05:00
Sauyon Lee
1d21347578 Merge pull request #194 from max/field-write-through-embedded-pointer 
Fix DeadStoreOfField false positive.
 2019-11-25 13:14:24 -08:00
Max Schaefer
ee723d8a4f Fix DeadStoreOfField false positive. 
We should look into properly desugaring embedded types in the IR, but for now this workaround should suffice.
 2019-11-25 20:21:16 +00:00
Sauyon Lee
2c921d9418 Merge pull request #193 from max/header-xss 
Don't flag header injection as XSS.
 2019-11-25 11:56:54 -08:00
Calum Grant
113df4ea1d Merge pull request #2278 from hvitved/csharp/autobuilder/shared-compilation 
C#: Only set `UseSharedCompilation=false` in autobuilder when needed
 2019-11-25 18:37:09 +00:00
Dave Bartolomeo
7d48220a76 C++/C#: Make QLDoc conform to style guide 2019-11-25 11:26:45 -07:00
Dave Bartolomeo
44c1c5a7ab C++: Update points_to.ql test to use new bit offset format 2019-11-25 11:13:02 -07:00
Dave Bartolomeo
521fbb125e C++/C#: Fix formatting 2019-11-25 11:12:23 -07:00
Felicity Chapman
775ed381e1 Update to clarify status of one new query 2019-11-25 17:35:01 +00:00
Asger F
e3e15a6015 JS: Rephrase change note 2019-11-25 17:20:42 +00:00
Sauyon Lee
61c2478541 Merge pull request #12 from github/rc/1.23 
Merge rc/1.23 into master
 2019-11-25 09:20:17 -08:00
Asger F
df97ab2cb8 TS: Add INDEX prefix to env variables 2019-11-25 17:10:00 +00:00
Asger F
2508da7971 JS: Add change note 2019-11-25 17:01:32 +00:00
Asger F
7e515aeb72 TS: Verify yarn installation 2019-11-25 16:22:21 +00:00
Cornelius Riemenschneider
37f162106a Fix formatting of file. 2019-11-25 17:04:38 +01:00
Tom Hvitved
fede9aed04 Merge pull request #2355 from cldrn/AspNetMaxRequestLength 
CodeQL query to check for insecure MaxLengthRequest values in ASP.NET applications
 2019-11-25 17:02:22 +01:00
Felicity Chapman
87fca1fde6 Remove backticks from 'struct' 2019-11-25 15:56:29 +00:00
Max Schaefer
8bd45593e0 Merge pull request #11 from github/1.23/SD-4095-finalize-change-notes-go 
1.23: SD-4095 Minor text changes to analysis change notes
 2019-11-25 15:56:17 +00:00
Tom Hvitved
07e18c88a8 C#: Address review comments 2019-11-25 16:51:09 +01:00
Felicity Chapman
de2c7d8884 Minor text changes 2019-11-25 15:48:58 +00:00
Felicity Chapman
49bdf7ed1c Fix table sort order 2019-11-25 15:36:58 +00:00