hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 20:28:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,724 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
aadb148c1c Merge pull request #2855 from asger-semmle/js/returned-partial-call 
Approved by esbena
 2020-02-24 21:37:41 +00:00
yo-h
43bcd5b26c Add guidelines for experimental CodeQL queries and libraries 2020-02-24 15:08:31 -05:00
Robert Marsh
ea4ca31fb3 Merge pull request #2907 from geoffw0/argvlocal 
C++: Modify the argvlocal tests
 2020-02-24 10:55:21 -08:00
Erik Krogh Kristensen
afd6ea2628 small correction in doc + autoformat 2020-02-24 17:54:29 +01:00
Geoffrey White
4af0193c98 C++: Modify the argvlocal tests. 2020-02-24 16:51:47 +00:00
Geoffrey White
9f271949d5 C++: Adjust layout of the argvlocal test. 2020-02-24 15:52:31 +00:00
Anders Schack-Mulligen
67b32796dd Merge pull request #853 from joshhale/tweak-cwe-078-example 
doc: remove - from command arguments
 2020-02-24 16:15:58 +01:00
Asger F
e665e3c187 Update change-notes/1.24/analysis-javascript.md 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-02-24 15:07:28 +00:00
Geoffrey White
c641a31640 C++: Refine nodeIsBarrierIn using getNodeForSource. 2020-02-24 14:39:31 +00:00
Rasmus Wriedt Larsen
2b997ec94a Python: Add Python 3 Imports tests from internal repo 2020-02-24 15:36:45 +01:00
Asger Feldthaus
6360073da4 JS: Rephrase change note 2020-02-24 14:35:17 +00:00
Rasmus Wriedt Larsen
9d629aef95 Python: Highlight py/use-of-input is for Python 2 2020-02-24 15:13:19 +01:00
Geoffrey White
843b72b11a C++: hasGlobalOrStdName(). 2020-02-24 14:12:19 +00:00
Erik Krogh Kristensen
b20e8520f6 add default message if not pretty printed call can be created 2020-02-24 14:52:08 +01:00
semmle-qlci
317356e591 Merge pull request #2898 from asger-semmle/js/prototype-pollution-isobject-sanitizers 
Approved by erik-krogh
 2020-02-24 13:35:32 +00:00
Erik Krogh Kristensen
b72404dc99 add change note 2020-02-24 14:07:49 +01:00
Erik Krogh Kristensen
a779ae58a8 add qhelp 2020-02-24 14:03:41 +01:00
Jonas Jensen
2d9df70abc Merge pull request #2887 from MathiasVP/fix-ir-gen-switch 
C++: Fix IR generation for switch statements
 2020-02-24 13:29:27 +01:00
Erik Krogh Kristensen
fb94af9764 remove the last dependency on PrettyPrinting 2020-02-24 13:18:15 +01:00
Max Schaefer
0f99842f34 Make Field.getPackage() behave sensibly. 
Previously it was never defined, now it gives you the package of the type the field is declared in. This means we have to override `Field.hasQualifiedName/2` to avoid a field `f` in a package `pkg` being considered to have qualified name `pkg.f`.
 2020-02-24 12:14:51 +00:00
Erik Krogh Kristensen
051de247b0 change regexpMatch to regexpFind 2020-02-24 13:11:30 +01:00
Erik Krogh Kristensen
a768e937f0 complete qldoc 2020-02-24 13:08:50 +01:00
Jonas Jensen
ae68878476 C++: Cache DefaultTaintTracking 
This should speed up the overall suite, where `DefaultTaintTracking` is
used in several queries.
 2020-02-24 13:03:34 +01:00
Erik Krogh Kristensen
473787a426 refactor the getOptionsArg predicate into the SystemCommandExecution class 2020-02-24 12:59:20 +01:00
Geoffrey White
a0e839d3f1 C++: Block duplicate taint results from 'gets' and other functions. 2020-02-24 11:53:22 +00:00
Geoffrey White
06e649fc30 C++: Add support for fgetws. 2020-02-24 11:47:32 +00:00
Geoffrey White
5afebc8418 C++: Autoformat. 2020-02-24 11:40:47 +00:00
Asger Feldthaus
01309d7c2e TS: Add test for named re-export and exportsAs 2020-02-24 11:40:28 +00:00
Asger Feldthaus
78954489fb TS: Fix expected output 2020-02-24 11:40:28 +00:00
Asger Feldthaus
4e1bd9056c TS: Fix javadoc 2020-02-24 11:40:28 +00:00
Asger Feldthaus
05d9e64dab TS: Add change note 2020-02-24 11:40:27 +00:00
Asger Feldthaus
18974bad1c TS: Add upgrade script and stats 2020-02-24 11:40:27 +00:00
Asger Feldthaus
47673c6e21 TS: Disable export analysis for type-only exports 2020-02-24 11:40:27 +00:00
Asger Feldthaus
16c909b433 TS: Add test case for import type * as ns 2020-02-24 11:40:27 +00:00
Asger Feldthaus
260b243c28 TS: Add test case to DeclBeforeUse 2020-02-24 11:40:27 +00:00
Asger Feldthaus
8d58aad0f2 TS: Support type-only import/export 2020-02-24 11:40:27 +00:00
Asger Feldthaus
0351f0b775 TS: Add test and documentation for private fields 2020-02-24 11:40:27 +00:00
Asger Feldthaus
8531c113a1 TS: Fix imports 2020-02-24 11:40:27 +00:00
Asger Feldthaus
9b52acc62a TS: Handle export * as ns 2020-02-24 11:40:27 +00:00
Asger Feldthaus
7f939fe1e4 TS: Update to TypeScript 3.8.2 2020-02-24 11:40:27 +00:00
Geoffrey White
c45bf90e98 Update cpp/ql/src/semmle/code/cpp/models/implementations/Gets.qll 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2020-02-24 11:36:09 +00:00
Geoffrey White
34b790d601 C++: Change note. 2020-02-24 11:33:27 +00:00
semmle-qlci
94aa77748d Merge pull request #2810 from erik-krogh/CVE74 
Approved by asgerf
 2020-02-24 11:32:42 +00:00
Geoffrey White
e683f6113d C++: Model 'gets'. 2020-02-24 11:27:35 +00:00
Geoffrey White
8dcd46f9e7 C++: Add a taint test for gets. 2020-02-24 11:25:28 +00:00
Asger Feldthaus
f923b24bc5 JS: Fix test 2020-02-24 11:19:23 +00:00
Erik Krogh Kristensen
75c1852ee4 doc changes from review 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-02-24 11:58:59 +01:00
Max Schaefer
5fbae15d0e Don't track receivers into virtual calls. 2020-02-24 09:56:09 +00:00
Max Schaefer
d1e020f74d Treat receiver variables as parameters. 
The inter-procedural data-flow libraries expects this to be the case, but I actually never got round to implementing it.
 2020-02-24 09:56:09 +00:00
Max Schaefer
77613a38c5 Add test, which does not work yet. 2020-02-24 09:55:42 +00:00