hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 11:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
5f32e1f637 CPP: Fix name of example file in qhelp. 
This seems to have been missed in https://github.com/Semmle/ql/pull/1315.
 2019-06-03 08:54:54 +01:00
Esben Sparre Andreasen
14644270ac JS: fix comment typo 2019-06-03 08:32:35 +02:00
Esben Sparre Andreasen
7018a38691 JS: improve tests and regexp for js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
3289c629f7 JS: address minor review comments 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
0fa73b8331 JS: add query js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
69db54a03a JS: add anchors to js/incomplete-hostname-regexp examples 2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen
3358e49698 JS: refactor the predicate RegExp::regexp to three classes. 
This preserves the ad hoc message formatting in IncompleteHostnameRegExp.ql
 2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen
98ae2597bb JS: refactor IncompleteHostnameRegExp::regexp to RegExp.qll 2019-06-03 08:27:49 +02:00
semmle-qlci
79406f8387 Merge pull request #987 from rdmarsh2/rdmarsh/cpp/ir-asm-stmt 
Approved by dave-bartolomeo
 2019-06-03 07:03:28 +01:00
Jonas Jensen
c9a0eed6e8 Merge pull request #1379 from geoffw0/ctime-repair 
CPP: Add DangerousFunctionOverflow.ql to the security suite.
 2019-06-02 09:56:01 +02:00
Robert Marsh
4371d02a1f C++: accept SignAnalysis.expected 2019-05-31 13:35:05 -07:00
Robert Marsh
5dd8c9cd4e C++: revert InlineAsm subclassing SideEffectOpcode 2019-05-31 13:28:26 -07:00
Robert Marsh
2770b2a9b9 C++: respond to PR comments 2019-05-31 13:19:40 -07:00
Robert Marsh
98d6f5919f C++: Treat asmStmt operands as input/output in IR 2019-05-31 12:51:44 -07:00
Robert Marsh
66d1efdb97 C++: respond to PR comments 2019-05-31 12:42:04 -07:00
Dave Bartolomeo
0bfc559cb1 Apply suggestions from code review 
Co-Authored-By: rdmarsh2 <rdmarsh2@gmail.com>
 2019-05-31 12:29:23 -07:00
Robert Marsh
23560436a7 C++: add minimal AsmStmt support to IR 2019-05-31 12:29:19 -07:00
semmle-qlci
3851261230 Merge pull request #1378 from jbj/hasQualifiedName-inline-namespace 
Approved by dave-bartolomeo
 2019-05-31 19:39:42 +01:00
semmle-qlci
c0440cf7f5 Merge pull request #1386 from asger-semmle/prototype-change-note 
Approved by xiemaisi
 2019-05-31 19:30:30 +01:00
semmle-qlci
d741e0b20c Merge pull request #1382 from jbj/redundant-null-check-gvn 
Approved by dave-bartolomeo
 2019-05-31 16:28:01 +01:00
Mark Shannon
66ba1079f3 Python points-to: Cache objects. 2019-05-31 16:26:43 +01:00
Mark Shannon
f6cc0be4a4 Python points-to. Move extension to prevent points-to being recomputed. 2019-05-31 16:26:43 +01:00
Mark Shannon
f311c2013e Python points-to: Cache a few key predicates. 2019-05-31 16:26:43 +01:00
Mark Shannon
1de0dc9282 Python taint-tracking: Fix performance of pathalogically slow predicate. 2019-05-31 16:26:43 +01:00
Mark Shannon
b182abd119 Python points-to: Fix up a number of overly slow predicates. 2019-05-31 16:26:43 +01:00
Mark Shannon
8e2d6c4fc6 Python points-to: Simplify logic w.r.t. comparisons. 2019-05-31 15:58:35 +01:00
Max Schaefer
c560096b17 JavaScript: Make Script and CodeInAttribute concrete. 2019-05-31 12:04:14 +01:00
Asger F
a4a9e951d5 JS: Add query ID to change note 2019-05-31 11:44:06 +01:00
Asger F
ffb3265b26 JS: Mention results are shown on LGTM 2019-05-31 11:35:35 +01:00
Asger F
5170fa2ded JS: Add change note for prototype pollution 2019-05-31 10:58:56 +01:00
semmle-qlci
653c8b8496 Merge pull request #1358 from AlexTereshenkov/master 
Approved by taus-semmle
 2019-05-31 10:16:44 +01:00
Max Schaefer
74688bb600 Merge pull request #1341 from esben-semmle/js/sync-suites 
JS: Add queries to the manual suite for LGTM constistency
 2019-05-31 08:18:08 +01:00
Jonas Jensen
fff6c386c9 Merge pull request #1381 from dave-bartolomeo/dave/CopyCtor 
C++: Make `constructor-used-as-copy-constructor` warning/low
 2019-05-31 09:15:37 +02:00
Max Schaefer
3097037a6f Merge pull request #1290 from esben-semmle/js/semver-lib 
JS: add SemVer library
 2019-05-31 08:09:24 +01:00
Calum Grant
5b8c6d4789 Merge pull request #1377 from hvitved/csharp/useless-upcast 
C#: Teach `cs/useless-upcast` about disambiguating constructor calls
 2019-05-31 06:51:39 +01:00
Robert Marsh
6167a556fd Merge pull request #1380 from dave-bartolomeo/dave/RangeFor 
C++: IR support for range-based `for` loops
 2019-05-30 17:21:42 -07:00
semmle-qlci
0fa06e5c8d Merge pull request #1180 from asger-semmle/tainted-path-squashed 
Approved by xiemaisi
 2019-05-30 17:20:19 +01:00
Mark Shannon
6689994285 Python points-to: Minor refactoring for clarity. 2019-05-30 17:18:16 +01:00
Dave Bartolomeo
f4d41a15d7 C++: Add change not 2019-05-30 08:33:57 -07:00
Dave Bartolomeo
e90403be31 C++: Make constructor-used-as-copy-constructor warning/low 
This query is supposed to look for constructors that unintentionally qualify as copy constructors due to default arguments. There are quite a few real-world projects that define such constructors intentionally. I've reduced the severity to "warning" and the precision to "low" due to the high false positive rate.
 2019-05-30 08:33:26 -07:00
semmle-qlci
b17eb5cc9d Merge pull request #1384 from asger-semmle/typescript-3.5 
Approved by xiemaisi
 2019-05-30 15:53:27 +01:00
semmle-qlci
9614a1a039 Merge pull request #1385 from xiemaisi/js/lgtm-yml-change-notes 
Approved by mc-semmle
 2019-05-30 15:25:49 +01:00
Asger F
be5173680d Merge pull request #2 from xiemaisi/tainted-path-squashed 
JavaScript: Update expected test output.
 2019-05-30 15:16:19 +01:00
Max Schaefer
a3be6be17d JavaScript: Add change notes for newly added lgtm.yml properties. 2019-05-30 15:11:35 +01:00
Max Schaefer
3c8aea26da JavaScript: Update expected test output. 2019-05-30 15:05:43 +01:00
Asger F
9b28a3adf0 Merge pull request #1 from xiemaisi/tainted-path-squashed 
JavaScript: Remove a few more configurations from AllConfigurations.qll.
 2019-05-30 13:26:42 +01:00
Max Schaefer
5ac408d641 JavaScript: Remove a few more configurations from AllConfigurations.qll. 
This works around BDD node exhaustion we get due to the complex type
hierarchy caused by importing many configurations at once. I've also
renamed the library accordingly.
 2019-05-30 13:13:16 +01:00
Asger F
320f484e7e TS: Rephrase change note 2019-05-30 12:48:05 +01:00
Asger F
d6010d7be7 TS: Update supported compiler version range 2019-05-30 12:45:26 +01:00
Asger F
72c0925967 TS: Bump to TypeScript 3.5.1 2019-05-30 11:40:25 +01:00