hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 18:21:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felicity Chapman
4952ad5cff Merge pull request #1896 from shati-semmle/vale-typo 
Vale linter: fix typo
 2019-09-06 16:56:22 +01:00
shati-semmle
4d98b4c3a1 Vale linter: fix typo 2019-09-06 16:47:20 +01:00
Calum Grant
3734552081 C#: Add change note for datetime queries. 2019-09-06 16:45:02 +01:00
Calum Grant
f9b99ae245 C#: Adjust date query severity and add precisions. Tidy up tags. 2019-09-06 16:44:29 +01:00
Nick Rolfe
09036a3bdf Merge pull request #1760 from ian-semmle/mangling 
C++: Use mangled names to resolve classes
 2019-09-06 16:38:47 +01:00
Asger F
dfd18a51ee JS: Change note 2019-09-06 16:03:16 +01:00
shati-semmle
486707c90e Merge pull request #1891 from jf205/slide-fixes 
docs: improve slide layout for printing
 2019-09-06 15:52:32 +01:00
Asger F
7007698de4 JS: Fix the FP 2019-09-06 15:39:40 +01:00
Asger F
ebd7875cae JS: Add regression test 2019-09-06 15:38:55 +01:00
yh-semmle
79a0a56adf Merge pull request #1890 from aschackmull/java/best-bound-rangeanalysis 
Java: Restrict the output of Range Analysis to the best bounds.
 2019-09-06 10:35:11 -04:00
Erik Krogh Kristensen
ccdc821c5d add xlink:href as xss target when using setAttribute 2019-09-06 14:43:47 +01:00
Asger F
f7654d6f1c JS: Add test 2019-09-06 14:42:07 +01:00
james
f78ce146f1 docs: improve slide layout for printing 2019-09-06 14:42:06 +01:00
Anders Schack-Mulligen
6b85fe087a Java: Restrict the output of Range Analysis to the best bounds. 2019-09-06 15:39:46 +02:00
AlexTereshenkov
523d055194 Add a new issue template for false positive in LGTM.com 
Add a new issue template for false positive in LGTM.com
 2019-09-06 14:39:06 +01:00
Calum Grant
d2336dc8cf Merge pull request #1882 from aschackmull/lang/autoformat 
Java/C#/JavaScript: Autoformat
 2019-09-06 14:37:40 +01:00
Asger F
fa95871f46 JS: Add event handler sink to code injection 2019-09-06 14:33:00 +01:00
Jonas Jensen
e4c9dd79ca C++: Hide that IR DataFlow::Node is Instruction 
We haven't come to a conclusion on whether these two types will remain
identical forever. To make sure we're able to change it in the future,
this change makes it impossible to cast between the two types. Callers
must use the `asInstruction` member predicate to convert.
 2019-09-06 15:31:41 +02:00
shati-semmle
434c20f294 Merge pull request #1887 from jf205/slide-fixes 
docs: a couple of slide fixes
 2019-09-06 14:28:14 +01:00
james
ecc2449c1c docs: updated slide background 2019-09-06 14:00:57 +01:00
james
f93359a472 docs: slides fix for edge and ff 2019-09-06 14:00:19 +01:00
Taus Brock-Nannestad
8882f1410a Add test cases for nested subscripts. 2019-09-06 12:01:18 +02:00
Anders Schack-Mulligen
ae351be968 C++: Sync files. 2019-09-06 09:05:29 +02:00
Anders Schack-Mulligen
ca45fb5a60 JavaScript: Autoformat. 2019-09-06 09:04:51 +02:00
Anders Schack-Mulligen
343230402a C#: Autoformat. 2019-09-06 09:04:16 +02:00
Anders Schack-Mulligen
aa07020d9d Java: Autoformat. 2019-09-06 09:03:45 +02:00
Robert Marsh
94c625f03f Merge pull request #1777 from jbj/ast-field-flow-defbyref 
C++: Don't use definitionByReference for data flow
 2019-09-05 10:23:28 -07:00
semmle-qlci
33329f95c2 Merge pull request #1874 from asger-semmle/express-types 
Approved by esben-semmle, xiemaisi
 2019-09-05 16:42:28 +01:00
semmle-qlci
48b6b67994 Merge pull request #1880 from ian-semmle/clang 
Approved by jbj
 2019-09-05 16:13:53 +01:00
shati-semmle
6b0bbd5a9e Merge pull request #1878 from jf205/training-homepage/sd-3764 
docs: rework ql training homepage (sd-3764)
 2019-09-05 16:05:14 +01:00
Ian Lynagh
1d56407c72 C++: Pull some of library-tests/dataflow/dataflow-tests into clang.cpp 
g++ doesn't support this code:

    sorry, unimplemented: non-trivial designated initializers not supported
       twoIntFields sSwapped = { .m2 = source(), .m1 = 0 };

so we need to build it in clang mode.
 2019-09-05 15:12:17 +01:00
james
131e88dfbe Merge remote-tracking branch 'origin/training-homepage/sd-3764' into training-homepage/sd-3764 2019-09-05 14:53:04 +01:00
james
09a0b562e5 docs: fix typo 2019-09-05 14:50:14 +01:00
jf205
ce2326cc6e Update docs/language/README.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
 2019-09-05 14:29:23 +01:00
jf205
1f67d71f5f Update docs/language/learn-ql/ql-training.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
 2019-09-05 14:29:11 +01:00
jf205
4ec828a719 Update docs/language/learn-ql/ql-training.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
 2019-09-05 14:24:36 +01:00
semmle-qlci
fd2e8486e4 Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge 
Approved by esben-semmle
 2019-09-05 12:50:58 +01:00
semmle-qlci
e6bfe2bd5d Merge pull request #1873 from asger-semmle/type-inf-consistency 
Approved by xiemaisi
 2019-09-05 12:46:59 +01:00
james
1a7c79bd7c docs: update layout.html 2019-09-05 12:33:55 +01:00
james
99614d98e1 docs: specify sphinx 1.7.9 in readme 2019-09-05 12:33:55 +01:00
james
16aaa95566 docs: fix a couple of links 2019-09-05 12:33:54 +01:00
james
6f9d4c8562 docs: remove VA section from writing-queries.rst 2019-09-05 12:33:49 +01:00
james
49955c56be docs: rework ql-training.rst 2019-09-05 12:33:42 +01:00
james
593818b71a docs: reorganize and add some ref bookmarks to learn-ql index 2019-09-05 12:33:33 +01:00
Taus Brock-Nannestad
2d45c23d19 Comment out diverging example for now. 
Otherwise it'll keep timing out until the fix has been pushed to LGTM.com
 2019-09-05 13:18:01 +02:00
Asger F
61c4d30dd6 JS: Use express module instead 2019-09-05 12:09:24 +01:00
Ian Lynagh
99dd8d0c51 C++: Add an upgrade script 2019-09-05 12:01:02 +01:00
Ian Lynagh
acc1d664f6 C++: Updates stats to include mangled_name table 2019-09-05 12:01:02 +01:00
Ian Lynagh
0c09af977c C++: Use mangled_name in ResolveClass.qll 
The old code is still around to handle upgraded databases.
 2019-09-05 12:01:02 +01:00
Taus Brock-Nannestad
d336140c19 Python: Modernise the py/non-iterable-in-for-loop query. 
Also adds a small test case exhibiting the same false positive seen in
ODASA-8042.
 2019-09-05 12:24:51 +02:00