hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-21 17:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,692 Branches 161 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
88ceb42356 Packaging: Migrate cpp experimental/semmle folder to lib 
Also, fix up some library path dependencies.
 2021-08-17 14:41:41 -07:00
Andrew Eisenberg
d8e4e25c1e Packaging: Fix query pack references 
We can't have recursive references to query packs.
 2021-08-17 13:03:40 -07:00
Sauyon Lee
17cef3f498 Address review comments 2021-08-17 12:45:47 -07:00
Chris Smowton
10e362a0f2 Merge pull request #562 from sauyon/remove-binary 
Remove accidentally added binary
 2021-08-17 19:55:26 +01:00
Chris Smowton
2b6dde8e6c Merge pull request #561 from github/developer-happiness-query-suite 
Add a query suite for new experimental "developer happiness" queries
 2021-08-17 19:45:44 +01:00
Andrew Eisenberg
2c5dd2dfa3 Packaging: Refactor the cpp libraries 
This PR separates the core cpp packs into `codeql/cpp-queries` and
`codeql/cpp-all`.

There are very few lines of code changed. Almost all changes are moving
files around.
 2021-08-17 11:22:36 -07:00
Daniel Santos
5e155d25b1 new Experimental query ClipboardBasedXss 2021-08-17 12:57:26 -05:00
Sauyon Lee
dc50d73008 Remove accidentally added binary 2021-08-17 10:11:04 -07:00
Joe Farebrother
076aeb5d80 Update tests 2021-08-17 16:44:58 +01:00
Benjamin Muskalla
99e19e6d59 Fix predicate to only match the current API 2021-08-17 16:26:08 +02:00
Benjamin Muskalla
035f7b57e9 Improve query name 2021-08-17 16:25:49 +02:00
Harry Maclean
e82c21d35d Don't include desugared nodes in the printed AST 
The base `PrintAstConfiguration` class already has a predicate for
filtering out desugared nodes - this change just makes use of it in the
query.

This fixes https://github.com/github/codeql-team/issues/408, which was
caused by including nodes representing the desugaring of

    a[b] = c

in the query output. This would result in multiple edges to the same
target node (one from the surface AST and another from the desugared
AST), which the VSCode AST viewer cannot handle.
 2021-08-17 15:20:30 +01:00
Mathias Vorreiter Pedersen
88372df125 Merge pull request #6495 from andersfugmann/more_buffer_overrun_tests 
More buffer overrun tests
 2021-08-17 16:18:36 +02:00
yoff
50a4345235 Merge pull request #6161 from RasmusWL/peewee-modeling 
Python: Add modeling of `peewee`
 2021-08-17 16:06:35 +02:00
Anders Fugmann
666d5917fa C++: Avoid inclusion of standard headers 2021-08-17 15:56:28 +02:00
Anders Fugmann
469f8a638b C++: Add more tests for buffer overruns 2021-08-17 15:21:33 +02:00
Anders Fugmann
35b7808866 C++: Fix wrong comment on what is tested 2021-08-17 15:21:03 +02:00
Rasmus Wriedt Larsen
3231ae77ef Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-08-17 15:17:10 +02:00
Erik Krogh Kristensen
25d29b2c29 add change-note 2021-08-17 15:12:15 +02:00
Erik Krogh Kristensen
3f7f5d2418 performance improvements in ReDoSUtil 2021-08-17 15:10:33 +02:00
Erik Krogh Kristensen
49e47641e4 sync ReDoSUtil.qll with python 2021-08-17 15:10:33 +02:00
Erik Krogh Kristensen
9c2d83e82b add tests 2021-08-17 15:10:30 +02:00
Erik Krogh Kristensen
6d06550f7d update expected output 2021-08-17 15:10:30 +02:00
Erik Krogh Kristensen
5d4c434d34 restrict char class matches to alpha-numeric chars 2021-08-17 15:10:30 +02:00
Erik Krogh Kristensen
59f0a41665 support more regular expressions in js/incomplete-multi-character-sanitization 2021-08-17 15:10:20 +02:00
Chris Smowton
92d1becf08 Merge pull request #6474 from github/yo-h-patch-1 
Java: add `org.json` package to known frameworks
 2021-08-17 14:09:39 +01:00
Chris Smowton
c52a51e5c8 Merge pull request #6454 from smowton/smowton/admin/change-note-wording 
Java: Elaborate change note a little
 2021-08-17 14:08:04 +01:00
CodeQL CI
92804a3cc3 Merge pull request #6487 from erik-krogh/moreJquerySinks 
Approved by asgerf
 2021-08-17 11:46:24 +01:00
Arthur Baars
df4fb23f37 Merge pull request #246 from github/aibaars/tweaks 
Add an example snippet query
 2021-08-17 12:42:02 +02:00
Cornelius Riemenschneider
341dad5f73 Merge pull request #6490 from criemen/criemen/delete-flaky-test 
JS: Delete flaky test.
 2021-08-17 12:33:03 +02:00
CodeQL CI
e3cdc4522e Merge pull request #6450 from asgerf/js/query-suffix-convention2 
Approved by erik-krogh
 2021-08-17 11:31:21 +01:00
Arthur Baars
9b877dc6e1 Add an example snippet query 2021-08-17 11:29:44 +01:00
Rasmus Wriedt Larsen
15d483d56c Python: Use TypeTrackingNode in new PEP249 modeling 2021-08-17 12:03:40 +02:00
Rasmus Wriedt Larsen
b649f5f38c Merge branch 'main' into peewee-modeling 2021-08-17 12:03:18 +02:00
Tom Hvitved
44ff623d8c Merge pull request #5508 from edvraa/deserializers 
deserialization sinks
 2021-08-17 11:41:52 +02:00
Rasmus Lerchedahl Petersen
dee5535fbb Python: condense tests 
This also avoids potential licensing issues.
 2021-08-17 11:24:39 +02:00
Tom Hvitved
50cfd9c318 Merge pull request #257 from github/hvitved/cfg/erb 
CFG: Allow `erb` top-level scopes
 2021-08-17 11:21:44 +02:00
Sauyon Lee
390e48fdd2 Remove more redundant models 2021-08-17 02:17:36 -07:00
Arthur Baars
115a13f50c Merge pull request #258 from github/qltest-no-beta 
Exclude beta releases of code-cli for qltest job
 2021-08-17 11:09:53 +02:00
Cornelius Riemenschneider
59b3d55b9a JS: Delete flaky test. codeql-cli/v2.6.0 2021-08-17 10:58:39 +02:00
Alex Ford
8427a6bcee exclude beta releases of code-cli for qltest job 2021-08-17 09:57:52 +01:00
Sam Partington
78a4823bde Ensure all 3 IDs are considered 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-08-17 09:53:11 +01:00
Tom Hvitved
394c27a279 CFG: Allow erb top-level scopes 2021-08-17 10:46:15 +02:00
Andrew Eisenberg
e566fb9c5a Packaging: Update suite-helpers qlpack 
Uses new style naming scheme.
 2021-08-16 17:51:33 -07:00
Erik Krogh Kristensen
cc2a267b07 recognize array elements from JQuery objects as DOM values 2021-08-16 22:35:57 +02:00
Benjamin Muskalla
1d3bcdf522 Align tests with new query structure 2021-08-16 21:55:00 +02:00
Chris Smowton
ff3f85be49 Autoformat 2021-08-16 18:09:40 +01:00
Sam Partington
4e36d1f52f Add a query suite for new experimental "developer happiness" queries 
These are the queries added in https://github.com/github/codeql-go/pull/558.
 2021-08-16 18:05:31 +01:00
Owen Mansel-Chan
b23fabe8cb Fix errors from previous PR 2021-08-16 16:11:17 +01:00
Benjamin Muskalla
87ef540b52 Split out queries showing supported APIs 2021-08-16 16:38:32 +02:00