codeql

mirror of https://github.com/github/codeql.git synced 2026-02-06 10:11:07 +01:00

Author	SHA1	Message	Date
Asger Feldthaus	8e2ffc2508	Ruby: add the inline test expectations	2022-03-25 11:31:22 +01:00
Asger Feldthaus	5703f63afa	Ruby: use InlineFlowTest in Summaries.ql test	2022-03-25 11:18:52 +01:00
Erik Krogh Kristensen	cf94c93b1a	Merge pull request #8481 from erik-krogh/schemeChain JS: recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check	2022-03-25 11:13:10 +01:00
Nick Rolfe	034fce0682	Ruby: show constant value type in tests	2022-03-25 08:25:07 +00:00
Andrew Eisenberg	99f14af56a	Suites: Remove self-referential `from` directives Fixes https://github.com/github/codeql/issues/8412 See https://github.com/github/codeql/issues/8412#issuecomment-1078281668 for more detail.	2022-03-24 14:19:20 -07:00
Nick Rolfe	0613fda57f	Ruby: separate constant propagation of regexps from strings	2022-03-24 17:46:58 +00:00
Erik Krogh Kristensen	47a9376e81	fix bad join in js/unreachable-method-overloads	2022-03-24 16:09:10 +01:00
Tom Hvitved	e12b6df118	Merge pull request #8484 from hvitved/ruby/constant-value-rework Ruby: Rework `getConstantValue` implementation	2022-03-24 14:32:31 +01:00
Rasmus Wriedt Larsen	d51aaf2f91	Python: Import framework-modeling in `regex.qll`	2022-03-24 14:28:44 +01:00
Mathias Vorreiter Pedersen	80630972b1	Merge branch 'main' into public-iterated-dominance-frontier	2022-03-24 12:50:29 +00:00
Rasmus Wriedt Larsen	98c0d73ffe	Merge pull request #8524 from RasmusWL/ruby-update-ssrf-concept Ruby: Minor change of SSRF concept	2022-03-24 13:48:06 +01:00
Stephan Brandauer	a28e9c5b6e	documentation for handlebars.js flow step	2022-03-24 13:08:52 +01:00
Rasmus Lerchedahl Petersen	ce017394e6	python: fix change note (hepofully)	2022-03-24 12:01:46 +01:00
Stephan Brandauer	0bd9e9f298	add handlebars taint step	2022-03-24 11:46:16 +01:00
Rasmus Lerchedahl Petersen	aecf4e48f8	python: add change note	2022-03-24 11:43:07 +01:00
Chris Smowton	005a020f04	Merge pull request #8508 from igfoo/igfoo/error_elements Java: Add ErrorExpr, ErrorStmt	2022-03-24 10:39:14 +00:00
Arthur Baars	15801fcc85	Apply suggestions from code review Co-authored-by: Nick Rolfe <nickrolfe@github.com>	2022-03-24 11:37:03 +01:00
Arthur Baars	eef0da09bb	Ruby: move RegExpTreeView.qll out of 'internal'	2022-03-24 11:37:03 +01:00
Arthur Baars	1a9aaf4543	Apply suggestions from code review Co-authored-by: yoff <lerchedahl@gmail.com>	2022-03-24 11:37:03 +01:00
Arthur Baars	5f787144c0	Add change note	2022-03-24 11:37:03 +01:00
Arthur Baars	3c434931ec	Ruby: make ParseRegExp.qll and RegExpTreeView.qll internal libraries	2022-03-24 11:37:03 +01:00
Arthur Baars	74aea81fe3	Ruby: refactor regex libraries	2022-03-24 11:37:02 +01:00
Arthur Baars	65f8f56095	Merge branch 'main' into incomplete-url-string-sanitization	2022-03-24 11:27:30 +01:00
Arthur Baars	496aab78a7	Merge pull request #8535 from aibaars/setter-method-arg-location Ruby: fix location of setter-call argument	2022-03-24 11:26:13 +01:00
Tom Hvitved	eff7cf6396	Merge pull request #8538 from hvitved/ruby/regexpterm-location-perf Ruby: Fix bad join-order in `RegExpTerm::hasLocationInfo`	2022-03-24 10:01:12 +01:00
Tom Hvitved	2699412160	Merge pull request #8543 from hmac/hmac/test-naming-fix Ruby: Fix bad name of lambda in test	2022-03-24 09:46:04 +01:00
Harry Maclean	28a430a2f2	Ruby: Fix bad name of lambda in test This isn't the identity function, so it's confusing for it to be named so.	2022-03-24 12:44:41 +13:00
Ahmed Farid	eab6568cda	Update zipslip_good.py	2022-03-24 00:35:24 +01:00
Ahmed Farid	8dea7248ea	Update zipslip_bad.py	2022-03-24 00:34:52 +01:00
Ahmed Farid	b5f1e9de08	Update zipslip_bad.py	2022-03-24 00:33:28 +01:00
Ahmed Farid	a05318f10c	Update zipslip_good.py	2022-03-24 00:32:11 +01:00
Ahmed Farid	1836723ecb	Merge branch 'main' into ZipSlip	2022-03-23 19:27:12 -04:00
Harry Maclean	3b4206cebf	Merge pull request #8517 from hmac/hmac/lambda-captured-var Ruby: fix bug with captured variable reads in lambdas	2022-03-24 10:00:19 +13:00
Mathias Vorreiter Pedersen	61c944201f	Merge pull request #8461 from Paul1nh0/dev_cve_2016_6480 Add query for double-fetch vulnerability	2022-03-23 18:15:05 +00:00
Asger Feldthaus	b0b795dbbb	JS: Autoformat	2022-03-23 19:15:01 +01:00
Mathias Vorreiter Pedersen	c76a323246	C++/C#: Sync identical files.	2022-03-23 17:27:25 +00:00
Mathias Vorreiter Pedersen	1b4fb45089	C++: Use the iterated (post)dominance frontier algorithm in the public '(post)dominanceFrontier' predicate on 'IRBlocks'.	2022-03-23 17:27:16 +00:00
Asger Feldthaus	69eb24e748	Ruby: fix toCsv representation of argument/parameter positions	2022-03-23 18:11:09 +01:00
Asger Feldthaus	6870a19ace	Ruby: autoformat	2022-03-23 18:06:12 +01:00
Asger Feldthaus	0d51804b5e	Ruby: update a comment mentioning Receiver	2022-03-23 18:06:12 +01:00
Asger Feldthaus	ce54eb3c78	Ruby: Add Argument[foo:] syntax for keyword arguments	2022-03-23 18:06:12 +01:00
Asger Feldthaus	c923b9bb9b	Ruby: Replace Receiver with Argument[self]	2022-03-23 18:06:12 +01:00
Asger Feldthaus	ec30a0f975	Ruby: replace BlockArgument with Argument[block]	2022-03-23 18:06:12 +01:00
Asger Feldthaus	6d84baf276	Ruby: Support self,block in Argument/Parameter tokens	2022-03-23 18:06:12 +01:00
Asger Feldthaus	95122b2b6c	JS: Support Argument[this] token	2022-03-23 18:06:12 +01:00
Asger Feldthaus	d476f976fe	JS: Support Parameter[this] token	2022-03-23 18:06:12 +01:00
Taus	af888f7604	Python: Add call graph meta-query	2022-03-23 16:36:28 +00:00
CodeQL CI	ac29d5f51b	Merge pull request #8523 from asgerf/js/api-graph-receiver-label Approved by erik-krogh	2022-03-23 15:31:12 +00:00
Mathias Vorreiter Pedersen	8b8f0ca6e5	Merge pull request #8479 from geoffw0/widecharperf C++: Fix expensive getWideCharType().	2022-03-23 14:22:17 +00:00
Anna Railton	41418e729e	Merge pull request #8536 from github/codeql-ci/js-atm-new-release JS: Bump version numbers of ML-powered packs after 0.2.0 release	2022-03-23 14:16:11 +00:00

... 204 205 206 207 208 ...

47078 Commits