hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 04:08:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,724 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sauyon Lee
6c78490bbe Add libraries modeling dependencies 2020-03-06 06:51:18 -08:00
Sauyon Lee
d92e49fb17 Add libraries for go.mod expressions 2020-03-06 06:51:17 -08:00
Jonas Jensen
cc38abd228 C++: Ignore constant static initializers 2020-03-06 15:05:28 +01:00
Jonas Jensen
02f0b89a0d C++: Test for constant static initializer 2020-03-06 15:05:28 +01:00
Rasmus Wriedt Larsen
2416cac8f4 Python: Modernise StringKind files 2020-03-06 14:45:03 +01:00
Alistair
40e8ccc020 Merge pull request #2879 from hubwriter/alistairs-docs-preparation-csharp 
CodeQL migration: C# topics - change titles & add intros (2174)
 2020-03-06 13:07:15 +00:00
mc
2c542df576 Merge pull request #2897 from mchammer01/js-migration-work 
Code QL pre-migration tasks: update articles relating to CodeQL for JavaScript
 2020-03-06 11:31:08 +00:00
Max Schaefer
f875afca53 Merge pull request #47 from sauyon/use-bufio 
Use bufio and don't sync FS
 2020-03-06 10:59:30 +00:00
mc
3558bb8bc0 Update docs/language/learn-ql/javascript/dataflow-cheat-sheet.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 10:51:13 +00:00
mc
d777c08fc2 Update docs/language/learn-ql/javascript/type-tracking.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 10:50:59 +00:00
Max Schaefer
3a7910da5a Introduce (un-)marshaling functions as a concept and instantiate it with the functions in encoding/json. 2020-03-06 10:07:54 +00:00
semmle-qlci
3ae1aada37 Merge pull request #2995 from tausbn/python-fix-nested-sequence-assign-cp 
Approved by RasmusWL
 2020-03-06 09:43:24 +00:00
Max Schaefer
9bcbfb2911 Fix flow step from global functions to their use. 
How does anything work.
 2020-03-06 09:41:35 +00:00
Max Schaefer
a7ecb50a34 Add taint-tracking model for append. 2020-03-06 09:41:35 +00:00
Max Schaefer
4f061005cb Add a taint-tracking model for copy. 2020-03-06 09:41:35 +00:00
Max Schaefer
3f8d2117d8 Introduce post-update nodes for arguments with a mutable type. 2020-03-06 09:41:35 +00:00
Max Schaefer
b99c63d180 Factor out an auxiliary predicate. 2020-03-06 09:41:35 +00:00
Max Schaefer
af2c7aae5d Don't rely on flow through function models in definition of PostUpdateNode. 2020-03-06 09:41:35 +00:00
Max Schaefer
185d0910c3 Sharpen stringConcatStep to exclude addition. 2020-03-06 09:41:35 +00:00
mchammer01
0a2ca55374 Merge branch 'js-migration-work' of github.com:mchammer01/ql into js-migration-work 2020-03-06 09:24:01 +00:00
mchammer01
fbe0735a5e pre-migration tasks: address review comments 2020-03-06 09:20:40 +00:00
semmle-qlci
7891f8621e Merge pull request #2982 from esbena/js/request-model-with-chaining 
Approved by asgerf
 2020-03-06 08:57:42 +00:00
semmle-qlci
ddc2f973d1 Merge pull request #3001 from asger-semmle/js/autoformat 
Approved by erik-krogh
 2020-03-06 08:53:56 +00:00
mc
e0ceeef4dc Update docs/language/learn-ql/javascript/type-tracking.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 08:18:07 +00:00
mc
0773bfc2d7 Update docs/language/learn-ql/javascript/introduce-libraries-ts.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 08:17:52 +00:00
Jonas Jensen
a13f355a85 C++: autoformat fixup 2020-03-06 08:29:46 +01:00
Sauyon Lee
c027bbaadf Use buffered writers 2020-03-05 21:12:15 -08:00
Sauyon Lee
14e758a6ea HTTP: Add model for Header.Values() 2020-03-05 13:44:16 -08:00
Sauyon Lee
c243bb4243 Add tests for go1.14 overlapping embedded methods 2020-03-05 13:44:15 -08:00
Sauyon Lee
85c8893f57 Action: Use go 1.14 2020-03-05 13:44:14 -08:00
Sauyon Lee
a758ececd9 go.mod: Use go 1.14 and update dependencies 2020-03-05 13:44:11 -08:00
Ted Reed
8e1a7fef30 CPP: Add query for CWE-273 that detects out-of-order setuid 2020-03-05 14:21:32 -05:00
Asger Feldthaus
2c8eae22d1 JS: Autoformat 2020-03-05 16:58:49 +00:00
Taus Brock-Nannestad
2face94fa5 Python: Mitigate CP in nested_sequence_assign. 
The problem here was that in the base case, there was no relationship between
`left_parent` and `right_parent`. These could be any two tuples or lists, even
if they were not part of an assignment statement.

To fix this, we add a bit of manual "magic", requiring that both of these
arguments must belong to the left and right-hand sides of the same assignment
statement.

(Note that this is in principle _still_ a gross overapproximation, but since
assignment statements are usually quite restricted in size, I don't expect this
to be a major problem.)
 2020-03-05 14:09:50 +01:00
Rasmus Wriedt Larsen
fb1e993c0f Merge pull request #2963 from BekaValentine/python-objectapi-to-valueapi-advancedformatting 
Python: ObjectAPI to ValueAPI: AdvancedFormatting
 2020-03-05 13:40:02 +01:00
Jonas Jensen
e29f517af2 C++: Move InstructionSanity out of Instruction.qll 
Having that module in `Instruction.qll` slowed down the parsing of that
file both humans and the compiler.

This commit moves the `InstructionSanity` module to `IRSanity.qll`
without making any changes to its contents apart from adding some
imports.
 2020-03-05 12:11:50 +01:00
mchammer01
162a683075 pre-migration task: update links 2020-03-05 10:33:39 +00:00
Felicity Chapman
62bcc1a512 Merge pull request #2986 from felicitymay/1.23/2210-replace-links-semmle.com 
1.23: Update or remove unwanted links
 2020-03-05 10:20:35 +00:00
semmle-qlci
0d76c71ed7 Merge pull request #2981 from asger-semmle/js/lower-syntax-error-severity 
Approved by max-schaefer
 2020-03-05 09:47:56 +00:00
semmle-qlci
98cee5cc1d Merge pull request #2967 from asger-semmle/js/flow-through-prop 
Approved by esbena
 2020-03-05 09:46:35 +00:00
Max Schaefer
b8338896be Merge pull request #33 from sauyon/extract-go-mod 
Add extraction for go.mod files
 2020-03-05 09:38:21 +00:00
semmle-qlci
85ee5fc988 Merge pull request #2955 from erik-krogh/BetterHeader 
Approved by asgerf
 2020-03-05 08:24:43 +00:00
Rebecca Valentine
d535246703 Python: Modernizes query 2020-03-04 17:28:44 -08:00
Rebecca Valentine
646bc29e76 Python: Modernizes query 2020-03-04 17:22:21 -08:00
Rebecca Valentine
b09ab67e75 Python: Modernizes query 2020-03-04 17:10:32 -08:00
Sauyon Lee
f2358a0a86 Find all go.mod files before extraction 2020-03-04 16:08:55 -08:00
semmle-qlci
98034aaa53 Merge pull request #2988 from asger-semmle/js/autoformat-again-again 
Approved by esbena
 2020-03-04 21:20:52 +00:00
semmle-qlci
c6e3d8df49 Merge pull request #2969 from esbena/js/process-as-event-emitter 
Approved by erik-krogh
 2020-03-04 20:24:12 +00:00
Asger Feldthaus
53569453ba JS: Autoformat again 2020-03-04 19:28:24 +00:00
Robert Marsh
d9d6960110 Merge pull request #2985 from MathiasVP/bounded-uncontrolled-alloc-size 
C++: Add testcase for cpp/uncontrolled-allocation-size
 2020-03-04 10:00:43 -08:00