hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,712 Branches 163 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
a89624698d Python: format ql 2020-08-05 14:28:28 +02:00
Rasmus Lerchedahl Petersen
2639e68a0d Python: format ql 2020-08-05 14:16:50 +02:00
Rasmus Lerchedahl Petersen
81ad4552c9 Python: full list of magic methods to be tested 2020-08-05 13:30:30 +02:00
Erik Krogh Kristensen
cc5ef4d5e1 rename JsonSerializeCall to JsonStringifyCall 2020-08-05 13:22:41 +02:00
james
364cc19dea docs: update styles 2020-08-05 11:39:43 +01:00
Erik Krogh Kristensen
b43d410ab1 add change log for JSON serializers 2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen
f70cb2e7b3 add test for new JSON serializers 2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen
5a3f67a682 introduce model for JSON.stringify and similar libraries 2020-08-05 12:14:51 +02:00
Anders Schack-Mulligen
9e78341e43 Merge pull request #3928 from rvermeulen/java-importable-cwe-113 
Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library
 2020-08-05 10:16:00 +02:00
Erik Krogh Kristensen
67c4320287 make JumpStmt non abstract 2020-08-05 10:03:46 +02:00
Erik Krogh Kristensen
016bdc1614 make ControlStmt non abstract 2020-08-05 09:59:30 +02:00
Anders Schack-Mulligen
32d9d270fc Merge pull request #3948 from aibaars/java-3941 
Java: stack trace exposure: address false positives
 2020-08-05 09:31:01 +02:00
Jonas Jensen
ea0896c78b Merge pull request #3999 from MathiasVP/mathiasvp/range-based-for-loop-taint-tests 
C++: Add tests for taint through range-based for loops
 2020-08-05 09:11:53 +02:00
Raul Garcia (MSFT)
aa27eaf7e0 Addrssing the comments from https://github.com/github/codeql/pull/3951#discussion_r464894547 that I missed previously 2020-08-04 15:50:58 -07:00
Slavomir
df71f0bf8b Remove ReadByte, WriteByte, ReadRune, WriteRune 2020-08-04 17:53:50 +03:00
Geoffrey White
9f5c37ccaa Merge branch 'master' into copymove 2020-08-04 15:41:27 +01:00
Slavomir
ff81ad622f Fix back ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected 2020-08-04 17:22:40 +03:00
Erik Krogh Kristensen
5727e6f9f8 make CompoundAssignExpr non-abstract 2020-08-04 16:17:08 +02:00
Slavomir
c1f2e77488 Fix generated codeql 2020-08-04 17:11:55 +03:00
Erik Krogh Kristensen
cf3f275aa1 make DestructuringPattern non-abstract 2020-08-04 16:02:32 +02:00
Rasmus Lerchedahl Petersen
d7c08f732d Merge branch 'master' of github.com:github/codeql into SharedDataflow_Classes 2020-08-04 16:01:42 +02:00
Slavomir
6b1bbf16aa Remove taint-tracking for objects that implement io.Reader 2020-08-04 16:01:30 +03:00
Slavomir
72254b7682 Fix ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected 2020-08-04 15:36:34 +03:00
Tom Hvitved
63115a36f7 Merge pull request #3994 from hvitved/csharp/dataflow/library-aps-adjust 
C#: More type-based adjustment of library-flow access paths
 2020-08-04 14:33:54 +02:00
Rasmus Lerchedahl Petersen
9312b42e79 Python: More easy-to-get content flow 
There are some things that should be rewritten, though,
but it may involve the extractor
 2020-08-04 13:54:50 +02:00
Erik Krogh Kristensen
0867c5567e rename getId() to getIdentifier() 2020-08-04 13:22:19 +02:00
Slavomir
3fd6062b3d Add taint-tracking for package "bytes" 2020-08-04 14:15:26 +03:00
Slavomir
dd8e1243a2 Add bufio taint-tracking 2020-08-04 14:11:00 +03:00
Anders Schack-Mulligen
68441bdf99 Merge pull request #3987 from Marcono1234/patch-1 
[Java] Improve InsecureJavaMail.qhelp references
 2020-08-04 12:12:38 +02:00
Luke Cartey
5a96ee1a7b Remove parameter names from signatures 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-08-04 09:41:40 +01:00
Luke Cartey
368572f1f0 Update java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-08-04 09:40:59 +01:00
Luke Cartey
7928a02424 Add missing full stop. 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-08-04 09:40:51 +01:00
Luke Cartey
e0c081a2af Add missing </p> tag 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-04 09:40:28 +01:00
Anders Schack-Mulligen
cdea0f05b0 Merge pull request #3946 from aibaars/util-collections-2 
Java: Clean up ContainerFlow: address outstanding comments
 2020-08-04 10:27:22 +02:00
Erik Krogh Kristensen
eccfade928 rewrite parts of the DeadStoreOfProperty query 2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen
e629e6bbb0 changes based on review 2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen
8131618382 revert making rankedAccessPath private 2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen
97aa3cc8a3 rewrite DeadStoreOfProperty to improve worst-case complexity 2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen
dbeef312ca add some TypeScript tests to DeadStoreOfProperty 2020-08-04 10:25:05 +02:00
Raul Garcia (MSFT)
c52064af78 Fixing problems based on CR feedback. 
https://github.com/github/codeql/pull/3951#pullrequestreview-458987208
 2020-08-03 16:39:41 -07:00
Tom Hvitved
71933a4d8a Merge pull request #4009 from hvitved/csharp/extractor-pack-files 
C#: Add CodeQL extractor pack files
 2020-08-03 19:33:26 +02:00
CodeQL CI
8855ab8c8c Merge pull request #3835 from Raz0r/js/xss-protocol-sinks 
Approved by erik-krogh
 2020-08-03 15:40:05 +01:00
CodeQL CI
a4f8b19ae4 Merge pull request #3876 from erik-krogh/CWE078-Correctness 
Approved by esbena
 2020-08-03 15:38:51 +01:00
Tom Hvitved
d1db7b350f C#: Add CodeQL extractor pack files 2020-08-03 14:36:06 +02:00
CodeQL CI
c8e5db189a Merge pull request #3913 from erik-krogh/topmost 
Approved by asgerf
 2020-08-03 13:18:22 +01:00
Erik Krogh Kristensen
f5cc14f980 fix typo 2020-08-03 13:49:21 +02:00
Max Schaefer
b057cbee7b Merge pull request #256 from smowton/smowton/admin/cwe-327-cleanup 
Polish CWE-327 (weak TLS config) query
 2020-08-03 10:28:53 +01:00
CodeQL CI
0bbdc70cdb Merge pull request #3864 from erik-krogh/exprString 
Approved by asgerf, esbena
 2020-08-03 09:25:17 +01:00
Tamás Vajk
dd1a8e9b28 Merge pull request #3991 from tamasvajk/feature/vscode 
Add VS Code tasks to build and test the C# bits
 2020-08-03 09:52:46 +02:00
Rasmus Lerchedahl Petersen
9d09b4c811 Python: Comprehension stores 2020-08-03 08:53:22 +02:00