codeql

mirror of https://github.com/github/codeql.git synced 2026-03-25 00:47:43 +01:00

Author	SHA1	Message	Date
Calum Grant	03cc4e179e	C#: Make fields readonly	2020-07-02 17:47:17 +01:00
Taus	ba634af86e	Merge pull request #3362 from RasmusWL/python-keyword-only-args Python: properly support keyword only arguments	2020-07-02 18:21:59 +02:00
Rasmus Lerchedahl Petersen	5f18fb427a	Python: update TODO	2020-07-02 16:20:38 +02:00
Erik Krogh Kristensen	261821b32c	Merge remote-tracking branch 'upstream/master' into queryStuff	2020-07-02 16:08:05 +02:00
Max Schaefer	534ab94067	Merge pull request #241 from max-schaefer/update-data-flow Update shared data-flow libraries	2020-07-02 14:07:32 +01:00
semmle-qlci	b5c8f2238b	Merge pull request #3805 from esbena/js/seal-freeze-flow Approved by asgerf	2020-07-02 13:54:54 +01:00
luchua-bc	a61f814b4b	Change to ServletResponse type and fix formatting error	2020-07-02 12:49:25 +00:00
Rasmus Wriedt Larsen	513c2974bd	Merge branch 'master' into python-keyword-only-args	2020-07-02 14:48:32 +02:00
Erik Krogh Kristensen	ceb19292cb	autoformat	2020-07-02 14:47:08 +02:00
Erik Krogh Kristensen	2b0a091921	split out type-tracking into two predicates, to avoid catastrophic join-order	2020-07-02 14:28:28 +02:00
Rasmus Wriedt Larsen	b2f8638ff0	Python: Update dbscheme with new comment	2020-07-02 14:17:55 +02:00
Taus	eecc3ca5dd	Merge pull request #3503 from RasmusWL/python-fix-django-taint-sinks Python: Fix django taint sinks	2020-07-02 13:32:35 +02:00
Tom Hvitved	7dfc584159	C#: Introduce delegate type in autobuilder	2020-07-02 13:29:49 +02:00
Tom Hvitved	527a099a26	C#: Fix CFG for conditional method calls with `out` parameters	2020-07-02 13:12:53 +02:00
Tom Hvitved	090205d9e9	C#: Add CFG test for conditional call to method with `out` parameter	2020-07-02 13:09:40 +02:00
Max Schaefer	b83076853f	Add change note.	2020-07-02 12:03:43 +01:00
Arthur Baars	21a4b8d6c0	Java: remove useless casts	2020-07-02 13:03:15 +02:00
Max Schaefer	89e9c6c2da	Teach clear-text logging query to ignore dummy passwords.	2020-07-02 12:02:56 +01:00
Max Schaefer	63187a0889	Make clear-text logging sources more precise.	2020-07-02 12:02:56 +01:00
Max Schaefer	7b903dd062	Teach `CleartextLogging` not to track through `error.Error()` and `fmt.Stringer.String()`. These two are very heavily overloaded and cause all sorts of false positives.	2020-07-02 12:02:56 +01:00
Arthur Baars	d80bf3395f	Add Navigable variants and sort method names	2020-07-02 13:02:38 +02:00
Max Schaefer	f807aa8b5e	Merge pull request #233 from owen-mc/library-modeling Create guide for modeling go libraries	2020-07-02 12:01:45 +01:00
semmle-qlci	97128b1475	Merge pull request #3829 from asger-semmle/js/xss-substr Approved by erik-krogh	2020-07-02 11:58:32 +01:00
Max Schaefer	dc5813b159	Data flow: Remove big-step relation in flow-through code cf https://github.com/github/codeql/pull/3857	2020-07-02 11:55:41 +01:00
Max Schaefer	09d2fe391e	Data flow: Replace `getErasedRepr()` and `Node::getTypeBound()` with `getNodeType()`. cf https://github.com/github/codeql/pull/3854	2020-07-02 11:55:41 +01:00
Arthur Baars	e7b495e7d3	Java: model Collections::addAll	2020-07-02 12:38:22 +02:00
Rasmus Wriedt Larsen	26b7a301d6	Merge branch 'master' into python-keyword-only-args	2020-07-02 12:27:02 +02:00
Arthur Baars	5cf5c77b09	Java: model java.util.Collections	2020-07-02 12:25:55 +02:00
Tom Hvitved	d01904d404	Merge pull request #3846 from hvitved/csharp/autobuilder-refactor C#: Factor C++ parts out of autobuilder	2020-07-02 12:02:04 +02:00
Rasmus Wriedt Larsen	67be45f045	Merge branch 'master' into python-fix-django-taint-sinks	2020-07-02 11:55:42 +02:00
Rasmus Wriedt Larsen	9a82927187	Python: Autoformat	2020-07-02 11:54:41 +02:00
Rasmus Wriedt Larsen	a947d151e5	Python: Django changes now backwards compatible deprecation	2020-07-02 11:53:25 +02:00
Rasmus Wriedt Larsen	4a7bfbe091	Python: Use .matches instead of .indexOf() = 0	2020-07-02 11:43:23 +02:00
Anders Schack-Mulligen	50fee5c4a1	Merge pull request #3817 from Marcono1234/patch-1 Fix outdated query console link	2020-07-02 11:41:19 +02:00
Max Schaefer	7925db7911	Merge pull request #240 from max-schaefer/fix-frontend-errors Fix frontend errors	2020-07-02 10:14:39 +01:00
Max Schaefer	25c969d14c	Model message components for `Fprintf` and friends more precisely.	2020-07-02 09:41:03 +01:00
Max Schaefer	c80314a3fb	Treat non-sensitive header retrieval as a barrier.	2020-07-02 09:41:03 +01:00
Erik Krogh Kristensen	f60a7489b5	ignore parents that doesn't have all constant roots when deciding which roots to compute getStringValue for	2020-07-02 10:39:41 +02:00
Erik Krogh Kristensen	bbdeca367b	use `getUnderlyingValue()` to find leafs of a string-concat	2020-07-02 10:38:02 +02:00
Erik Krogh Kristensen	226e066db8	use strictconcat instead of concat	2020-07-02 10:12:43 +02:00
semmle-qlci	0bf1f75274	Merge pull request #3850 from aschackmull/dataflow/doc Approved by hvitved	2020-07-02 09:04:35 +01:00
semmle-qlci	bfb734e1d7	Merge pull request #3832 from asger-semmle/js/typescript-in-html-files3 Approved by erik-krogh	2020-07-02 08:30:45 +01:00
Anders Schack-Mulligen	c78427569e	Update docs/ql-libraries/dataflow/dataflow.md Co-authored-by: Tom Hvitved <hvitved@github.com>	2020-07-02 09:24:33 +02:00
Max Schaefer	29cbac429f	Fix stub for `crypto/ssh`.	2020-07-02 07:51:29 +01:00
Max Schaefer	5ac8ba9cef	Fix an error in `Types` test.	2020-07-02 07:51:16 +01:00
Jonas Jensen	2bd84a3a5e	Merge pull request #3865 from geoffw0/bufferwrite-fixup C++: 'modelling' -> 'modeling' part 2.	2020-07-02 08:37:19 +02:00
Jonas Jensen	62a656de0f	Merge pull request #3860 from dbartol/codeql-c-analysis-team/40/2 C++: QLDoc cleanup	2020-07-02 08:32:44 +02:00
luchua-bc	1d0232b464	Add more servlet methods and fix formatting errors	2020-07-02 03:07:19 +00:00
semmle-qlci	45ef3ec4a8	Merge pull request #3619 from erik-krogh/CWE022-Correctness Approved by asgerf	2020-07-01 20:07:58 +01:00
Max Schaefer	eeae713c2f	Dataflow: Refactor dispatch with call context. cf https://github.com/github/codeql/pull/3804	2020-07-01 20:02:40 +01:00

... 672 673 674 675 676 ...

48840 Commits