hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-25 17:06:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,717 Branches 163 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
30d9c6b9e4 Merge pull request #3776 from geoffw0/qldoc 
C++: QLDoc ObjectiveC.qll, BufferWrite.qll, FileWrite.qll, OutputWrite.qll
 2020-06-23 22:23:03 +02:00
Slavomir
3aa9b25673 Fix comment 2020-06-23 22:40:25 +03:00
Robert Marsh
b402352321 Merge pull request #3775 from hvitved/dataflow/tripleticks 
Data flow: Enable syntax highlighting in QLDoc snippets
 2020-06-23 09:53:10 -07:00
Chris Smowton
4882f277f5 Remove spurious control-flow edge around switch block without a test-expression 
Previously we thought it possible to get from top to bottom of a block like "switch { case f(): ... }", when in fact this is only possible if there are no case blocks to execute.

I also add tests for two possible corner cases of a switch without a test-expression: a completely empty switch (the 'true' is indeed the last node) and switch with an empty default block (a single 'skip' is generated for the default block and the 'true' is not the last node)
 2020-06-23 17:46:08 +01:00
Chris Smowton
1dc427a2c5 Cleanup: use TypeSwitchStmt.getAssign, not a raw child accessor 2020-06-23 17:46:08 +01:00
Robert Marsh
edaa43ab0b C++: respond to PR comments on qldoc 2020-06-23 09:23:08 -07:00
Asger Feldthaus
63d48bfe5c JS: Move IgnoredFile to MetaMetrics 2020-06-23 17:08:09 +01:00
Asger Feldthaus
35bdb4127e JS: Add TypedExprs metric 2020-06-23 17:05:58 +01:00
Geoffrey White
fbaf398e7a C++: QLDoc FileWrite and OutputWrite. 2020-06-23 16:57:22 +01:00
Geoffrey White
e01f050db8 C++: QLDoc BufferWrite.qll. 2020-06-23 16:29:00 +01:00
Geoffrey White
dea9a13e44 C++: QLDoc ObjectiveC.qll (deprecated). 2020-06-23 16:28:51 +01:00
Rasmus Lerchedahl Petersen
c70cf6d780 Python: better (if imperfect) handling of phi node 2020-06-23 17:25:33 +02:00
Tom Hvitved
652de80fa5 C#: Enable syntax highlighting in QLDoc snippets 2020-06-23 16:56:56 +02:00
Tom Hvitved
a3e7fd60f2 Data flow: Enable syntax highlighting in QLDoc snippets 2020-06-23 16:54:34 +02:00
Bt2018
fffc88ea5b Metadata update 2020-06-23 10:34:28 -04:00
Max Schaefer
4e6d9b3811 Teach OpenUrlRedirect to propagate out of URL.Path and a few other fields. 2020-06-23 15:29:18 +01:00
Taus
a2677f8df0 Merge pull request #3758 from RasmusWL/python-methods-overrides-as-recommendation 
Python: Changing signature in overriden method is not an error
 2020-06-23 16:16:44 +02:00
Erik Krogh Kristensen
79599b6cc0 add change-note 2020-06-23 15:57:55 +02:00
Erik Krogh Kristensen
3f8881a334 don't report insecure randomness when the insecure random is just a fallback 2020-06-23 15:53:19 +02:00
Slavomir
561c5b91d2 Implement code review feedback 2020-06-23 16:07:05 +03:00
luchua-bc
f8c494716f Fix ending line error 2020-06-23 12:48:07 +00:00
Tom Hvitved
8d5077ae83 Suggest using target language syntax highlighting in QLDoc 2020-06-23 14:48:04 +02:00
luchua-bc
89260d6f8a Fix ending line error 2020-06-23 12:36:07 +00:00
Taus Brock-Nannestad
1e4ec5c987 Python: Make QLDoc for TObject.qll visible. 2020-06-23 14:31:30 +02:00
Taus Brock-Nannestad
ccf63e03bb Python: Document FileOpen.qll. 2020-06-23 14:31:06 +02:00
Taus Brock-Nannestad
f86011fb51 Python: Document RedundantComparison.qll. 2020-06-23 14:30:42 +02:00
Taus Brock-Nannestad
2f93b1458e Python: Document IsComparisons.qll. 2020-06-23 14:30:17 +02:00
Taus Brock-Nannestad
d6e5a5cb01 Python: Document AdvancedFormatting.qll. 2020-06-23 14:29:34 +02:00
Taus Brock-Nannestad
513ead66d3 Python: Document CallArgs.qll. 2020-06-23 14:28:40 +02:00
luchua-bc
deabfe6e5c Adjust id tag and fix ending line error 2020-06-23 12:24:03 +00:00
luchua-bc
7642b43990 Adjust id tag and fix ending line error 2020-06-23 12:10:07 +00:00
semmle-qlci
0d61443915 Merge pull request #3753 from asger-semmle/js/xss-dom-exception-rephrasing 
Approved by erik-krogh
 2020-06-23 13:01:41 +01:00
Asger F
552b7ad3ca Merge pull request #3765 from asger-semmle/js-team-sprint-merge2 
JS: Merge js-team-sprint
 2020-06-23 12:58:27 +01:00
semmle-qlci
a5a3573a3e Merge pull request #3757 from asger-semmle/js/unused-npm-dependencies 
Approved by erik-krogh
 2020-06-23 12:56:45 +01:00
Asger Feldthaus
4f67cc269b JS: Reduce ExpansiveTypes test 2020-06-23 11:44:07 +01:00
Asger Feldthaus
234f968294 JS: Deprecate property lookup on types 2020-06-23 11:42:28 +01:00
Toufik Airane
27f91b36b0 Update javascript/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-06-23 12:28:21 +02:00
toufik-airane
37f44d98ce fix minor issues 2020-06-23 12:28:03 +02:00
Max Schaefer
95011cebc2 Merge pull request #225 from sauyon/unqualify-functioninput 
Unqualify uses of FunctionInput and FunctionOutput
 2020-06-23 11:24:46 +01:00
Geoffrey White
dd19ee47a1 C++: Clean up ConversionConstructor. 2020-06-23 11:22:59 +01:00
Slavomir
56727b220b Try different ways of passing taint through a field 2020-06-23 12:14:49 +03:00
Rasmus Lerchedahl Petersen
b759b71ac8 Python: explain the regression test 2020-06-23 11:02:33 +02:00
Tom Hvitved
ff751ac0f8 Data flow: Sync files 2020-06-23 10:55:12 +02:00
Tom Hvitved
98ed2a18ac Data flow: Move field-clearing checks from flowCandFwf0 into flowCandFwd 2020-06-23 10:55:12 +02:00
Tom Hvitved
13b4dfa972 Data flow: Rename BigStepBarrierNode to FlowCheckNode 2020-06-23 10:55:12 +02:00
Tom Hvitved
3faca03de6 C#: Introduce ObjectInitializerNode 2020-06-23 10:55:12 +02:00
Tom Hvitved
83050d96f8 C++: Stub implementations for clearsContent() 2020-06-23 10:55:12 +02:00
Tom Hvitved
c01f570d9e Java: Implement clearsContent() 2020-06-23 10:55:12 +02:00
Tom Hvitved
c057e82efa Data flow: Sync files 2020-06-23 10:55:11 +02:00
Tom Hvitved
e578827626 Java: Add more field-flow tests 2020-06-23 10:55:11 +02:00