hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 20:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,688 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
b9823cf335 fix ql/could-be-cast 2022-08-17 13:33:31 +02:00
erik-krogh
b2e3d8bb86 remove some more legacy code that existed to support deprecated code 2022-08-17 13:32:39 +02:00
erik-krogh
6ac898bad4 add desugered to the typo database 2022-08-17 13:13:43 +02:00
Ian Lynagh
0d4419dd8c Merge pull request #10071 from igfoo/igfoo/refactor 
Kotlin: Refactor TypeResults
 2022-08-17 11:58:33 +01:00
Joe Farebrother
5d00b871d4 Correct node type 2022-08-17 11:58:11 +01:00
Joe Farebrother
2bc2649204 Merge pull request #9853 from joefarebrother/static-init-vec 
Java: Promote Static Initialization Vector query
 2022-08-17 11:56:00 +01:00
Nick Rolfe
61db581512 Merge pull request #10080 from github/nickrolfe/desugared-typo 
Ruby: fix typo: s/Desugered/Desugared
 2022-08-17 11:54:15 +01:00
Anders Schack-Mulligen
c034a1e268 Java: Fix test. 2022-08-17 12:46:35 +02:00
Anders Schack-Mulligen
27f76330be Java: Fix models. 2022-08-17 12:46:09 +02:00
Anders Schack-Mulligen
857b473503 Java: Delete duplicate tests. 2022-08-17 12:44:42 +02:00
Nick Rolfe
94a51142d0 Ruby: fix typo in internal predicate name 2022-08-17 11:05:39 +01:00
Tamas Vajk
abc4405221 Kotlin: Change version numbers 2022-08-17 11:57:33 +02:00
Tamas Vajk
f12c73f472 Kotlin: Add support for version 1.7.20-Beta 2022-08-17 11:57:33 +02:00
Tom Hvitved
d8f7861ab1 C#: Include both source code and hand-written summaries in data flow 
Still, generated summaries are only included when there is no source code.
 2022-08-17 11:57:24 +02:00
Erik Krogh Kristensen
47353f6c28 Merge pull request #10067 from erik-krogh/paramSig 
QL: support signature parameters in QL-for-QL
 2022-08-17 11:50:39 +02:00
Joe Farebrother
de69827711 Use a full dataflow config rather than local flow 2022-08-17 10:35:48 +01:00
Joe Farebrother
fe5a61bdde Fix typos in docs and comments 2022-08-17 10:35:48 +01:00
Joe Farebrother
c77b17574a Use CryptoAlgoSpec rather than hadcoding Cipher.getInstance 2022-08-17 10:35:47 +01:00
Joe Farebrother
08b77493d2 Add security severity and change note 2022-08-17 10:35:47 +01:00
Joe Farebrother
9ae652dd6a Add tests 2022-08-17 10:35:47 +01:00
Joe Farebrother
41bdd6d4cc Add RSA without OEAP query and qhelp 2022-08-17 10:35:46 +01:00
Joe Farebrother
7c188a6b96 Apply doc suggestions 2022-08-17 10:35:16 +01:00
Joe Farebrother
7989ba3391 Replace a tainttracking instance with local flow 2022-08-17 10:35:16 +01:00
Joe Farebrother
5afc0b0c15 Add security severity 2022-08-17 10:35:15 +01:00
Joe Farebrother
bf32b5a8fd Reiview suggestions - add doc comment, reword description, simplify a part 2022-08-17 10:35:15 +01:00
Joe Farebrother
a62bb8e115 Add additional test case 2022-08-17 10:35:15 +01:00
Joe Farebrother
960a4e58a0 Add change note 2022-08-17 10:35:14 +01:00
Joe Farebrother
c152a27a68 Reword docs 2022-08-17 10:35:14 +01:00
Joe Farebrother
4d0957711b Reduce FPs from empty arrays 2022-08-17 10:35:14 +01:00
Joe Farebrother
c0a1300955 Improve initializedWthConstants to no longer need a workaround 2022-08-17 10:35:13 +01:00
Joe Farebrother
f8f21c7ee6 Move static init vector query and tests from experimental to main 2022-08-17 10:35:13 +01:00
Tom Hvitved
44e1ecdf94 Merge pull request #10060 from hvitved/ruby/pos-args-missing-flow-tests 
Ruby: Add tests that demonstrate missing flow through positional arguments
 2022-08-17 10:45:25 +02:00
Tony Torralba
1d12bd1521 Share SpringUrlRedirect library 2022-08-17 10:43:43 +02:00
Paolo Tranquilli
979706903a Merge pull request #10070 from github/redsun82/swift-self-apply-tests 
Swift: add more `SelfApplyExpr` testing
 2022-08-17 09:34:20 +02:00
Harry Maclean
1f4dad4167 Update for rename of ReDoSUtil to NfaUtils 2022-08-17 16:03:49 +12:00
Harry Maclean
f1a546c4d6 Rename IncompleteMultiCharacterSanitization[Query] 2022-08-17 16:03:49 +12:00
Harry Maclean
e48158b9ad JS: Share more code with Ruby 2022-08-17 16:03:49 +12:00
Harry Maclean
f2384a6a8f Ruby: Share more code with JS 2022-08-17 16:03:49 +12:00
Harry Maclean
025e34d8e1 Ruby: Simplify imports 2022-08-17 16:03:48 +12:00
Harry Maclean
ab6287aebd Ruby: Fix import 2022-08-17 16:03:48 +12:00
Harry Maclean
b7d9bf4066 Share IncompleteMultiCharacterSanitization JS/Ruby 
Most of the classes and predicates in this query can be shared between
the two languages. There's just a few language-specific things that we
place in IncompleteMultiCharacterSanitizationSpecific.
 2022-08-17 16:03:46 +12:00
Harry Maclean
3179c60a1e Ruby: Remove RegExpLiteral.getAMatch 
This predicate is a duplicate of getAMatchedString, which matches the
naming in the JS version.
 2022-08-17 16:02:48 +12:00
Harry Maclean
6bb24f9d7c Ruby: matchesEmptyString -> isNullable 
Rename RegExpLiteral.matchesEmptyString to isNullable, to match the JS
version.
 2022-08-17 16:02:48 +12:00
Harry Maclean
3fba4a5fa7 Ruby: Add change note for new query 2022-08-17 16:02:48 +12:00
Harry Maclean
c234bd94d1 Ruby: IncompleteMultiCharacterSanitization Query 
This query is similar to IncompleteSanitization but for multi-character
sequences.
 2022-08-17 16:02:48 +12:00
Harry Maclean
6e289a9db3 Ruby: Improvements to StringSubstitutionCall 
- Handle block arguments
- Recognise patterns passed via constants
 2022-08-17 16:02:48 +12:00
Harry Maclean
17dfb4e7b8 Ruby: Add RegExpTerm.getAMatch 2022-08-17 16:02:48 +12:00
Harry Maclean
c9fc43a4ba Ruby: Add matchesEmptyString to RegExpTerm 2022-08-17 16:02:47 +12:00
intrigus-lgtm
45f708bb58 Fix typo. 2022-08-17 00:00:32 +02:00
intrigus
dabccd8686 Add query for tainted wordexp calls. 2022-08-16 23:56:50 +02:00