codeql

mirror of https://github.com/github/codeql.git synced 2026-01-26 21:02:58 +01:00

Author	SHA1	Message	Date
thiggy1342	f6c4b5c44b	Merge branch 'experimental-manually-check-request-verb' of https://github.com/thiggy1342/codeql into experimental-manually-check-request-verb	2022-06-21 21:27:39 +00:00
thiggy1342	990747cd22	Limit findings to just those called in Controllers	2022-06-21 21:27:18 +00:00
thiggy1342	53729f99c5	restrict findings to just controller classes	2022-06-21 20:28:29 +00:00
thiggy1342	bbe17b3667	Merge branch 'experimental-strong-params' of https://github.com/thiggy1342/codeql into experimental-strong-params	2022-06-21 19:31:18 +00:00
thiggy1342	83b720d730	first draft of weak params query	2022-06-21 19:28:53 +00:00
Brandon Stewart	a2e2dcdfd5	Make ActiveRecordInstanceMethodCall Public	2022-06-21 14:44:52 -04:00
Ian Lynagh	52b229052d	Kotlin/Java: Add the beginnings of a "visibility" consistency query	2022-06-21 17:24:37 +01:00
Andrew Eisenberg	1ec838e671	Update docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>	2022-06-21 09:14:23 -07:00
Paolo Tranquilli	1e4ac44362	Swift: some expression extractions	2022-06-21 17:31:40 +02:00
Mathias Vorreiter Pedersen	9fe238f20c	Merge pull request #9637 from github/redsun82/swift-callable-extractor Swift: Callable abstraction	2022-06-21 16:04:23 +01:00
Dave Bartolomeo	39d77d8f20	Merge pull request #9633 from github/edoardo/rc3.6-mergeback Merge `rc/3.6` into `main`	2022-06-21 10:44:05 -04:00
Paolo Tranquilli	c77fc26c69	Swift: Callable abstraction This new class encompasses both `AbstractFunctionDecl` and `AbstractClosureExpr`, together with their common parts (namely parameters and the body). `ClosureExpr` and `AutoClosureExpr` got ported to structured C++ generated translation in the process.	2022-06-21 15:50:35 +02:00
Geoffrey White	8989210995	Swift: Fix some details so that the test works.	2022-06-21 14:22:35 +01:00
Mathias Vorreiter Pedersen	415e9742a7	Swift: Add a 'RemoteFlowSource' class.	2022-06-21 14:09:56 +01:00
Anders Schack-Mulligen	f8f9b7d3b4	Apply suggestions from code review	2022-06-21 14:11:36 +02:00
Erik Krogh Kristensen	e1c34c11ed	add all jquery plugin parameters as source to js/html-constructed-from-input	2022-06-21 13:22:56 +02:00
Erik Krogh Kristensen	dde7e9e2e8	add test for jquery plugin parameters in js/html-constructed-from-input	2022-06-21 13:21:57 +02:00
Chris Smowton	7bb0d62863	Update `comparisonBarrierGuard` qldoc	2022-06-21 12:12:17 +01:00
Chris Smowton	8ae4c21a3e	Update doc for `divideByZeroSanitizerGuard`	2022-06-21 12:11:19 +01:00
Asger F	a1af9c3d7d	Ruby: update predicate docs	2022-06-21 12:44:16 +02:00
Asger F	d15b90e21a	Ruby: Add deprecation	2022-06-21 12:44:16 +02:00
Asger F	9838e2e101	Ruby: Rename getAValueReachingRhs -> getAValueReachingSink	2022-06-21 12:44:16 +02:00
Asger F	7c877c7861	Ruby: Rename getARhs -> asSink	2022-06-21 12:44:16 +02:00
Asger F	2f8086bb57	Ruby: Rename getAUse -> getAValueReachableFromSource	2022-06-21 12:44:16 +02:00
Asger F	573c5c5efe	Ruby: Rename getAnImmediateUse -> asSource	2022-06-21 12:44:16 +02:00
Asger F	f2403e2610	Ruby: port API graph doc comment	2022-06-21 12:44:16 +02:00
Asger F	092a6a01ac	Python: Update member documentation	2022-06-21 12:44:06 +02:00
Asger F	fecbfa6ca3	Python: add deprecation	2022-06-21 12:44:06 +02:00
Asger F	3a669a8d21	Python: getAValueReachingRhs -> getAValueReachingSink	2022-06-21 12:44:06 +02:00
Asger F	b096f9ec72	Python: Rename getAUse -> getAValueReachableFromSource	2022-06-21 12:44:06 +02:00
Asger F	181a53bd03	Python: Rename getAnImmediateUse -> asSource	2022-06-21 12:44:06 +02:00
Asger F	60fde3c031	Python: Rename getARhs -> asSink	2022-06-21 12:44:06 +02:00
Asger F	8f259d4bb6	Python: port API graph doc comment	2022-06-21 12:44:06 +02:00
Erik Krogh Kristensen	73b657ce25	QL: focus alert locations	2022-06-21 12:26:18 +02:00
Edoardo Pirovano	70dbd92e25	Bump minor version of all regularly released packs	2022-06-21 11:22:58 +01:00
Edoardo Pirovano	ad02b85efa	Merge branch `main` into `rc/3.6`	2022-06-21 11:15:25 +01:00
Anders Schack-Mulligen	d7d409f125	Merge pull request #9565 from github/post-release-prep/codeql-cli-2.9.4 Post-release preparation for codeql-cli-2.9.4	2022-06-21 11:51:29 +02:00
Cornelius Riemenschneider	091299668a	Merge pull request #9617 from github/criemen/fix-go-pattern-lua-config Go: Properly escape dash in tracing-config.lua	2022-06-21 11:45:14 +02:00
Mathias Vorreiter Pedersen	916cf6eb41	Merge pull request #9631 from jketema/global-variable-test C++: Add global variable tests	2022-06-21 10:44:47 +01:00
Mathias Vorreiter Pedersen	f9c8926fcc	Swift: Fill in some easy TODOs in 'FlowSummaryImplSpecific' and implement a source model for 'String(contentsOf:)'.	2022-06-21 10:27:46 +01:00
Mathias Vorreiter Pedersen	184371f3ce	Swift: Implement 'interpretElement0'.	2022-06-21 10:22:02 +01:00
Anders Schack-Mulligen	736372ffd6	Ruby: Remove test.	2022-06-21 11:18:36 +02:00
Anders Schack-Mulligen	a4796e1542	Add change notes.	2022-06-21 11:17:47 +02:00
Mathias Vorreiter Pedersen	ace00c3d09	Swift: Add a 'getName' predicate to types that forwards to the 'getName' from the declaration.	2022-06-21 10:06:01 +01:00
Mathias Vorreiter Pedersen	cf08644b92	Swift: Add an AST class for possible method declarations.	2022-06-21 10:06:01 +01:00
Jeroen Ketema	1f97f1d931	C++: Add global variable tests	2022-06-21 10:43:40 +02:00
Mathias Vorreiter Pedersen	e2478d1106	Swift: 'getStaticCallTarget' should also return things like 'ConstructorDecl's.	2022-06-21 09:35:56 +01:00
Anders Schack-Mulligen	a6c0a9e480	Python: one more fix	2022-06-21 09:19:45 +02:00
Asger F	b46ba896dd	Merge pull request #9616 from asgerf/js/without-prop-step-await JS: Add withoutPropStep and model raw 'await' step with it	2022-06-21 09:06:01 +02:00
Erik Krogh Kristensen	79696c6c5f	Merge pull request #9572 from erik-krogh/heuristicSteps JS: add heuristic taint-step for potentially unmodelled libraries	2022-06-21 09:00:58 +02:00

... 20 21 22 23 24 ...

41812 Commits