hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 17:28:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,721 Branches 163 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
b871f54e4d Fix frontend error in ql/test/query-tests/Security/CWE-079. 2020-05-20 14:34:36 +01:00
Max Schaefer
7773828347 Fix frontend errors in ql/test/library-tests/semmle/go/frameworks/Websocket. 2020-05-20 14:34:22 +01:00
Max Schaefer
7e314f037a Fix frontend errors in ql/test/library-tests/semmle/go/Packages. 2020-05-20 14:27:00 +01:00
Max Schaefer
806cfc7c5e Merge pull request #149 from max-schaefer/cleanup-130 
Clean up NoSQL library
 2020-05-20 13:55:54 +01:00
Max Schaefer
f5a8e07cf0 Merge pull request #107 from porcupineyhairs/ssrf 
Add SSRF query to codeql-go
 2020-05-20 13:55:07 +01:00
Tom Hvitved
011a95dcfa C#: Fix extracted type for nested object initializers 2020-05-20 14:20:41 +02:00
Tom Hvitved
70d47b76b1 C#: Add test for the type of an object initializer 2020-05-20 14:18:16 +02:00
Geoffrey White
9babd5dc10 C++: Another positive effect of the change. 2020-05-20 12:49:01 +01:00
Erik Krogh Kristensen
5a3eec87c0 rename isTaintedPathStep to isPosixPathStep 2020-05-20 13:44:14 +02:00
Erik Krogh Kristensen
97c199e10d update docstring 
Co-authored-by: Asger F <asgerf@github.com>
 2020-05-20 13:40:12 +02:00
Geoffrey White
f2436ff713 C++: Autoformat. 2020-05-20 12:39:54 +01:00
Rasmus Wriedt Larsen
712d4bd150 Python: Fix typo in docs 
Co-authored-by: Taus <tausbn@gmail.com>
 2020-05-20 13:06:24 +02:00
semmle-qlci
c15d22d9f8 Merge pull request #3516 from asger-semmle/js/typescript-3.9.2 
Approved by erik-krogh
 2020-05-20 11:31:57 +01:00
semmle-qlci
2bbc1c2af0 Merge pull request #3478 from erik-krogh/PromiseAll 
Approved by asgerf, esbena
 2020-05-20 11:03:05 +01:00
Tom Hvitved
7a54a90e61 C#: Fix CFG for C# 6 initializers 2020-05-20 12:01:22 +02:00
semmle-qlci
29b8a0db92 Merge pull request #3508 from asger-semmle/js/shared-data-flow-node 
Approved by esbena
 2020-05-20 10:58:09 +01:00
Max Schaefer
9a4bee9448 Add change note. 2020-05-20 10:10:28 +01:00
Max Schaefer
267416f61f Rename a predicate to clarify that it is MongoDB specific. 2020-05-20 10:08:49 +01:00
Max Schaefer
cc24a8879f Rewrite a taint step to make more idiomatic use of the data-flow library. 2020-05-20 10:05:43 +01:00
Max Schaefer
8cc76edee4 Rephrase a comment and split up some very long lines. 2020-05-20 10:05:26 +01:00
Max Schaefer
d7b82b2355 Rename a few modules and classes to reflect the fact that NoSQL queries are not usually strings. 2020-05-20 10:04:59 +01:00
Anders Schack-Mulligen
8cbc01d49b Java: Add a few qltest cases for nullness and range analysis FPs. 2020-05-20 10:44:15 +02:00
Erik Krogh Kristensen
33e0f25f3c use NodeJSLib::Path instead of DataFlow::moduleMember 2020-05-20 10:30:23 +02:00
Erik Krogh Kristensen
7c51dff0f7 share implementation between TaintedPath and ZipSlip 2020-05-20 10:10:04 +02:00
Tom Hvitved
36e29e0f75 C#: Add CFG tests for C# 6 initializers 2020-05-20 09:33:51 +02:00
Tom Hvitved
e9839198f4 Merge pull request #3484 from calumgrant/cs/index-initializers 
C#: Extract indexed initializers correctly
 2020-05-20 09:22:47 +02:00
Tom Hvitved
97080731ad Merge pull request #3486 from h3ku/master 
CSHARP: Add experimental query for tainted WebClient
 2020-05-20 08:17:05 +02:00
Rasmus Lerchedahl Petersen
4d6ad32f04 Python: Update test expectations. 
As ar as I can tell, all these are improvements
 2020-05-20 08:11:03 +02:00
Robert Marsh
28c2acabe5 Merge pull request #3505 from dbartol/github/codeql-c-analysis-team/69 
C++/C#: Remove `UnmodeledDefinition` instruction
 2020-05-19 17:17:53 -07:00
Dave Bartolomeo
3832d4cae6 C++: Mark deprecated overrides as deprecated 
The QL compiler is about to be changed to emit a warning when overriding a deprecated predicate. This PR marks the existing overrides of deprecated predicates as `deprecated` themselves, which avoids the warning.

The `Print.qll` models seem to preserve the `isWideCharDefault()` predicate for backwards compatibility, so we can't remove them and must continue overriding them.

The `XML.qll` override is necessary because both superclasses declare the `getName()` predicate. One is `deprecated`, and the other is `abstract`, so we have to have an override.
 2020-05-19 16:33:33 -04:00
semmle-qlci
0a8b3adc25 Merge pull request #3518 from felicitymay/merge-124-master 
Approved by shati-patel
 2020-05-19 19:30:47 +01:00
Felicity Chapman
99d7a21425 Merge branch 'rc/1.24' into merge-124-master 2020-05-19 19:04:44 +01:00
Felicity Chapman
cca3922d00 Merge pull request #3517 from felicitymay/1.24/SD-54-update-contact 
CodeQL 1.24: Update information on support
 2020-05-19 18:57:34 +01:00
Tom Hvitved
f0f833b58f Merge pull request #3512 from jbj/mergeback-2020-05-19 
Mergeback rc/1.24 -> master
 2020-05-19 19:51:36 +02:00
Felicity Chapman
70d642a956 Update information on support 2020-05-19 18:17:17 +01:00
Erik Krogh Kristensen
5b569a4d6d add a sanitizer for chained replace-calls 2020-05-19 19:16:58 +02:00
Geoffrey White
fdf4e83c25 C++: Solve tuple count bulge that may affect performance. 2020-05-19 16:59:37 +01:00
Jonas Jensen
d38700a87c Merge remote-tracking branch 'upstream/master' into mergeback-2020-05-19 
Conflicts:
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
 2020-05-19 17:44:15 +02:00
Asger Feldthaus
9d006327df JS: Update qldoc for ValueNode 2020-05-19 15:57:07 +01:00
semmle-qlci
26dfca80f6 Merge pull request #3510 from max-schaefer/cull-boring-queries 
Approved by asgerf, esbena
 2020-05-19 15:41:53 +01:00
Asger Feldthaus
b39e0ec091 JS: Update output due to whitelisting change 2020-05-19 15:30:36 +01:00
Sauyon Lee
f2bbbe30e2 Stub WebSocket dependencies 2020-05-19 19:53:03 +05:30
Porcupiney Hairs
2b5989cff2 Add improvements for codeql-go SSRF query 2020-05-19 19:53:03 +05:30
Hector Cuesta
66d77a43bd Fix typo in comment and TaintTrackingConfiguration name 2020-05-19 15:15:03 +01:00
Hector Cuesta
e18d8c5234 Remove duplicated CWE in security tag 2020-05-19 15:12:43 +01:00
Hector Cuesta
7d1ef92fbf Remove unnecessary CWE reference. 2020-05-19 15:09:17 +01:00
Mathias Vorreiter Pedersen
f0f7e531d7 Merge pull request #3511 from jbj/simplify-field-conflation-test 
C++: Simplify field conflation test
 2020-05-19 16:04:45 +02:00
yo-h
bfeaeccf60 Merge pull request #3507 from aschackmull/java/cleanup-deprecated-overrides 
Java: Clean up deprecated overrides.
 2020-05-19 09:47:57 -04:00
Tom Hvitved
431403f5db Data flow: Remove deprecated predicates 2020-05-19 15:42:59 +02:00
Tom Hvitved
2519e8a5f1 C#: Remove more deprecated classes and predicates 2020-05-19 15:39:17 +02:00