hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 01:08:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,717 Branches 163 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
07c1520b4d C++/C#: Move ast out of TRawInstruction 2020-06-12 17:03:02 -04:00
Dave Bartolomeo
2aabe431f6 C++/C#: Stop caching getOldInstruction() 2020-06-12 16:22:58 -04:00
Dave Bartolomeo
ac169931b3 C++/C#: More efficient evaluation of SSA::hasInstruction() 2020-06-12 16:09:50 -04:00
Asger Feldthaus
315f3389d1 JS: Autoformat test 2020-06-12 19:58:05 +01:00
Sauyon Lee
66f733d798 Use allow or allowlist instead of whitelist 2020-06-12 09:16:41 -07:00
Asger F
d844e0025a Merge pull request #3651 from esbena/js/bad-multicharacter-sanitization 
JS: initial version of IncompleteMultiCharacterSanitization.ql
 2020-06-12 16:25:22 +01:00
Asger Feldthaus
b9cd157c0f JS: Autoformat 2020-06-12 15:36:02 +01:00
Dave Bartolomeo
4331b9b54e C++: Simplify logic to an implication 2020-06-12 09:31:19 -04:00
Esben Sparre Andreasen
678bb7c128 JS: simplify loop detection 2020-06-12 14:56:08 +02:00
Asger Feldthaus
eaf6be5fea JS: Fix lazy qldoc 2020-06-12 13:29:35 +01:00
Asger Feldthaus
91d98c0d00 JS: Change note 2020-06-12 13:12:55 +01:00
Asger Feldthaus
5548606f21 JS: Add test 2020-06-12 13:02:33 +01:00
Erik Krogh Kristensen
01c51eea89 Merge pull request #3680 from erik-krogh/bad-code-sanitizer 
JS: Add query to detect bad code sanitizers
 2020-06-12 14:00:21 +02:00
Asger Feldthaus
4795b87daa JS: Add model of Micro 2020-06-12 12:45:11 +01:00
Asger Feldthaus
230f78afb6 JS: Step through path.{format, parse} 2020-06-12 12:26:45 +01:00
semmle-qlci
2342d3dba3 Merge pull request #3662 from asger-semmle/js/package-export-fixes 
Approved by esbena
 2020-06-12 12:18:23 +01:00
Owen Mansel-Chan
282b8cb9e4 Merge pull request #175 from owen-mc/array-slice-literal 
Add classes for array and slice literals
 2020-06-12 12:12:02 +01:00
Max Schaefer
cafbe14dc8 Merge pull request #3703 from shati-patel/mergeback 
Merge rc/1.24 into master
 2020-06-12 11:37:47 +01:00
Shati Patel
07d5ee6126 Merge branch 'rc/1.24' into mergeback 2020-06-12 11:30:47 +01:00
Owen Mansel-Chan
e6217d90d7 Provide better strings for map and struct literals 2020-06-12 11:23:58 +01:00
Rasmus Lerchedahl Petersen
375da38765 Python: Minimal compilation of shared dataflow 2020-06-12 11:48:41 +02:00
Erik Krogh Kristensen
f0ec2eb37b add missing qldoc 2020-06-12 11:47:53 +02:00
Owen Mansel-Chan
dc113ab19f Update tests for new strings 2020-06-12 10:40:13 +01:00
Owen Mansel-Chan
e9c2958095 Add classes for array and slice literals 2020-06-12 10:40:13 +01:00
Erik Krogh Kristensen
c9fc1a378d Merge pull request #3663 from erik-krogh/bad-crypto 
JS: Introduce query to detect biased random number generators
 2020-06-12 11:32:12 +02:00
Erik Krogh Kristensen
1751fb6c47 add missing qldoc 2020-06-12 11:30:22 +02:00
Erik Krogh Kristensen
adabd2daca add qldoc and customizations module 2020-06-12 11:26:49 +02:00
Asger Feldthaus
4c536dde20 JS: Propagate locally returned functions out of calls 2020-06-12 10:07:37 +01:00
Erik Krogh Kristensen
908edb39b9 unsecure -> insecure 2020-06-12 11:02:26 +02:00
Erik Krogh Kristensen
86b23b239e Merge pull request #3656 from erik-krogh/destruct-yargs 
JS: support rest-patterns inside property patterns
 2020-06-12 10:57:24 +02:00
Asger Feldthaus
6531db3cca JS: Add test 2020-06-12 09:56:38 +01:00
Erik Krogh Kristensen
57d2226080 typo 2020-06-12 10:55:29 +02:00
Erik Krogh Kristensen
9780fcf8fe fix ftp protocol regexp 2020-06-12 10:54:56 +02:00
Erik Krogh Kristensen
3f957103ed improve alert message - and autoformat 2020-06-12 10:53:19 +02:00
Erik Krogh Kristensen
056a7e87ff refactor into customizations module - and move curl download to a ClientRequest 2020-06-12 10:51:09 +02:00
Erik Krogh Kristensen
8225adcaea move TODOs 2020-06-12 10:28:06 +02:00
Erik Krogh Kristensen
02c4a0477d add tests for js/build-artifact-leak 2020-06-12 10:21:37 +02:00
Anders Schack-Mulligen
041af38934 Merge pull request #3697 from intrigus-lgtm/patch-1 
Fix typo
 2020-06-12 10:04:40 +02:00
semmle-qlci
6f40fc2eae Merge pull request #3678 from Marcono1234/patch-1 
Approved by shati-patel
 2020-06-12 08:49:53 +01:00
Anders Schack-Mulligen
421a548e42 Update java/ql/src/semmle/code/java/Expr.qll 2020-06-12 09:24:37 +02:00
Jonas Jensen
abd05bcff1 Merge pull request #3596 from robertbrignull/more-suites 
Add more code-scanning suites
 2020-06-12 09:08:20 +02:00
semmle-qlci
035d8ea24c Merge pull request #3690 from asger-semmle/js/fix-lgtm-filters-comment 
Approved by max-schaefer
 2020-06-12 07:40:58 +01:00
Esben Sparre Andreasen
1bdae109c5 Merge pull request #3686 from esbena/js/insecure-http-options 
JS: add query js/disabling-certificate-validation
 2020-06-12 08:40:12 +02:00
semmle-qlci
5c2f1169d0 Merge pull request #3679 from asger-semmle/js/dom-value-ref-restriction 
Approved by erik-krogh, esbena
 2020-06-12 07:39:26 +01:00
Esben Sparre Andreasen
243e3ad9e3 Merge pull request #3672 from esbena/js/server-crashing-route-handler 
JS: add initial version of ServerCrash.ql
 2020-06-12 08:38:37 +02:00
Max Schaefer
47804d68c7 Merge pull request #176 from max-schaefer/update-data-flow 
Data flow: Allow nodes to be hidden from path explanations
 2020-06-12 07:23:15 +01:00
Robert Marsh
65f4ef712e C++: accept false positive tests after merge 
The IR false positives are due to the same path length limit as the AST
false positives on the same line.
 2020-06-11 15:27:13 -07:00
Erik Krogh Kristensen
5b491313ad add simple query for detecting sensitive files downloaded over unsecure connection 2020-06-11 23:19:28 +02:00
Erik Krogh Kristensen
065cb04202 make PropNode private again 2020-06-11 23:19:03 +02:00
Erik Krogh Kristensen
ef72c03ca9 use simpler taint-step for DestructingPattern 2020-06-11 23:16:46 +02:00