hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 10:23:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,693 Branches 161 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
dc2cb9bd62 C++: Fix numbering. 2021-07-02 18:33:36 +01:00
Geoffrey White
bc3b347569 C++: Another test case to consider. 2021-07-02 18:32:46 +01:00
Geoffrey White
a53b161afb C++: Move some variant tests to a case we definitely do want to flag the base case of. 2021-07-02 18:18:11 +01:00
Geoffrey White
c3cd1359d6 C++: Mark the cases we're not sure about. 2021-07-02 18:18:10 +01:00
Geoffrey White
cf8fa830a9 C++: Clarify the note about file descriptors. 2021-07-02 18:18:10 +01:00
Geoffrey White
d86a0ab7a5 C++: Add test cases involving file descriptor versions. 2021-07-02 18:17:59 +01:00
CodeQL CI
1d56748eed Merge pull request #6200 from yoff/pythonJS-make-expbtlib-private 
Approved by RasmusWL, esbena
 2021-07-02 09:09:18 -07:00
Joe Farebrother
4d459f24d9 Fix up tests and update models 2021-07-02 14:46:33 +01:00
Joe Farebrother
fc017b7934 Use ArrayElement of in flow step specifications 2021-07-02 14:46:31 +01:00
Joe Farebrother
15415931ce Use Argument ranges in CSV rows 2021-07-02 14:46:03 +01:00
Joe Farebrother
5325622813 Convert sql-related flow steps to CSV 2021-07-02 14:46:03 +01:00
Anders Schack-Mulligen
3c6604daa7 Java: Fix subtypes interpretation. 2021-07-02 14:43:56 +02:00
Anders Schack-Mulligen
6813a79423 Java: Add test for override of Map.put highlighting problem. 2021-07-02 14:41:59 +02:00
Anders Schack-Mulligen
55ebbc3e01 Java: Add signature to Map.put. 2021-07-02 14:41:32 +02:00
Geoffrey White
cfbfe924ef C++: Replace cached with more efficient QL. 2021-07-02 13:03:46 +01:00
Tom Hvitved
23447e6d58 Reduce size of lookupMethodOrConst 2021-07-02 14:02:26 +02:00
Tom Hvitved
bf696df788 Data flow through constants 2021-07-02 14:02:26 +02:00
Tom Hvitved
3b6e5881c8 Update constants.rb test 2021-07-02 14:02:26 +02:00
Arthur Baars
0eae89a41b Merge pull request #228 from github/qhelp 
QHelp preview
 2021-07-02 14:00:51 +02:00
CodeQL CI
a25933aa56 Merge pull request #5926 from RasmusWL/small-cleanups 
Approved by tausbn
 2021-07-02 04:59:54 -07:00
Arthur Baars
5afd3c7846 Merge pull request #213 from github/aibaars/api-graphs2 
First version of ApiGraphs
 2021-07-02 13:58:00 +02:00
Arthur Baars
48ad0aa1ee Escape file paths 2021-07-02 13:51:22 +02:00
Asger Feldthaus
457ce14ca6 JS: Summarize steps into captured variables 2021-07-02 13:42:42 +02:00
Rasmus Wriedt Larsen
3c8c2d1da1 Merge pull request #6209 from yoff/python-add-redos-queryhelp 
Python: port redos .qhelp from js
 2021-07-02 13:42:39 +02:00
Arthur Baars
b2ba8e664c Handle .inc.qhelp files 2021-07-02 13:32:43 +02:00
Asger Feldthaus
093ff41170 JS: Update tests 2021-07-02 13:31:17 +02:00
haby0
b866f1b21e Add CWE-348 ClientSuppliedIpUsedInSecurityCheck 2021-07-02 19:30:33 +08:00
Rasmus Wriedt Larsen
81fab487a4 Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-07-02 13:27:41 +02:00
Rasmus Wriedt Larsen
22c155687e Python: Fix code after removing getPostUpdateNode 2021-07-02 13:25:25 +02:00
Rasmus Wriedt Larsen
7a6eee50ff Revert "Python: Add getPostUpdateNode to DataFlow::Node" 
This reverts commit 9137f04bd3.
 2021-07-02 13:23:02 +02:00
Rasmus Wriedt Larsen
e56dfe75bd Python: AttrRef getOjbect/1 -> accesses/2 
See this thread for discussion:
https://github.com/github/codeql/pull/5926#discussion_r635384981
 2021-07-02 13:21:12 +02:00
Asger Feldthaus
ff49aaa684 JS: Do not capture own variables 2021-07-02 13:17:32 +02:00
Asger Feldthaus
8befb03cb9 JS: Add test case with spurious call/return flow 2021-07-02 13:17:32 +02:00
Arthur Baars
20570eb1d1 QHelp preview 2021-07-02 13:10:51 +02:00
Asger Feldthaus
a2b913119d JS: Change note 2021-07-02 12:47:55 +02:00
Asger Feldthaus
ee608540c5 JS: Add support for createNamespacedHelpers 2021-07-02 12:47:55 +02:00
Asger Feldthaus
dd1e21c713 JS: Model vuex 2021-07-02 12:47:55 +02:00
Asger Feldthaus
fefe30a9fa JS: Add API graph edges for indirect propref members 2021-07-02 12:47:54 +02:00
Asger Feldthaus
2a3bc0f110 JS: Add spread step when bactracking in API graphs 2021-07-02 12:47:54 +02:00
Asger Feldthaus
9f2897b179 JS: Make VueRouterFlowSource a subclass of ClientSideRemoteFlowSource 2021-07-02 12:47:54 +02:00
CodeQL CI
38f763dd6a Merge pull request #6192 from asgerf/js/string-literals-as-source-nodes 
Approved by esbena
 2021-07-02 03:47:20 -07:00
Rasmus Lerchedahl Petersen
6f2642607e Python: make the import of RedosUtil public 
This mirrors `SuperlinearBacktracking.qll`
An alternative is to keep it private and import it again
in the query files.
 2021-07-02 12:32:04 +02:00
Chris Smowton
6823855e9c Merge pull request #6203 from smowton/smowton/admin/avoid-config-imports-from-qlls 
Java: Reduce DataFlow Configuration pollution from Random.qll and JexlInjection.qll
 2021-07-02 11:27:27 +01:00
Chris Smowton
ca1bf7791e Merge pull request #6210 from tamasvajk/fix/large-coverage-comment 
Fix markdown link in framework coverage PR comment
 2021-07-02 11:27:17 +01:00
Rasmus Lerchedahl Petersen
77c329fb0f Python/JS: Make much more private 2021-07-02 12:13:52 +02:00
Tamás Vajk
4a5fe75d8c Merge pull request #6207 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-07-02 12:00:31 +02:00
Asger Feldthaus
c3b7d85341 JS: Update test output after rebasing 2021-07-02 11:57:45 +02:00
Tamas Vajk
f3f069fed5 Fix markdown link in framework coverage PR comment 2021-07-02 11:56:00 +02:00
Asger Feldthaus
7249d2892a JS: Add comment to VueTemplateSink class 2021-07-02 11:55:56 +02:00
Asger Feldthaus
0105b829c4 JS: Update test output 2021-07-02 11:55:56 +02:00