hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 05:13:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,689 Branches 159 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
4cfaa86d5d Ruby: Update new-style barrier-guard 2022-07-13 18:20:14 +12:00
Harry Maclean
5f17d8370c Ruby: Small change to isArrayExpr 2022-07-13 18:20:14 +12:00
Harry Maclean
63dcce9a31 Ruby: Refactor isArrayConstant 2022-07-13 18:20:14 +12:00
Harry Maclean
b5a3d3c488 Ruby: Extract isArrayConstant 
This predicate might be useful elsewhere.
 2022-07-13 18:20:14 +12:00
Harry Maclean
301914d80c Ruby: Add an extra barrier guard test 2022-07-13 18:20:14 +12:00
Harry Maclean
706d1d2eee Ruby: Make StringArrayInclusion more sensitive 
We now recognise the following pattern as a barrier guard for `x`:

    values = ["foo", "bar"]

    if values.include? x
      sink x
    end
 2022-07-13 18:20:12 +12:00
Raul Garcia
0dbb03f732 Adding CVE information. 2022-07-12 21:49:19 -07:00
thiggy1342
7df7b92d86 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-12 20:36:34 -04:00
thiggy1342
7129002573 tweak tests more 2022-07-13 00:33:58 +00:00
thiggy1342
b3f1a513d1 Update tests 2022-07-13 00:25:43 +00:00
thiggy1342
9a0a9491da Merge branch 'main' into add-activerecord-annotate 2022-07-12 20:13:56 -04:00
thiggy1342
2566ae9889 Merge branch 'main' into experimental-strong-params 2022-07-12 20:12:51 -04:00
thiggy1342
db5f63b208 add tests 2022-07-12 23:14:16 +00:00
thiggy1342
7facc63699 remove predicate 2022-07-12 22:59:48 +00:00
Erik Krogh Kristensen
2aaedacd5d Merge pull request #9593 from erik-krogh/param2 
QL: followup fixes to parameterized modules
 2022-07-13 00:23:11 +02:00
Erik Krogh Kristensen
89043ec4ef Merge branch 'main' into param2 2022-07-12 23:21:11 +02:00
thiggy1342
74d6061082 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-12 17:15:54 -04:00
Erik Krogh Kristensen
5cbe01d8dc Merge pull request #8351 from erik-krogh/inconsistentDep 
QL: add query detecting inconsistent deprecations
 2022-07-12 23:12:24 +02:00
Erik Krogh Kristensen
e092cb02cd Merge pull request #8937 from erik-krogh/qlFocusedLocations 
QL: more precise alert locations
 2022-07-12 23:11:22 +02:00
Raul Garcia
a4adf06713 Addressing feedback for the qhelp file. 2022-07-12 13:51:12 -07:00
Jeroen Ketema
c18428f1a9 Merge pull request #9785 from bdrodes/main 
C++: Nullness.qll bug fixes
 2022-07-12 21:43:44 +02:00
Raul Garcia
d929b1338b Addressing API::Node feedback for all predicates 2022-07-12 11:55:06 -07:00
ihsinme
e77a989133 Update DangerousUseMbtowc.expected 2022-07-12 20:22:31 +03:00
ihsinme
98af52fba5 Update DangerousUseMbtowc.ql 2022-07-12 20:19:59 +03:00
ihsinme
1291f33c39 Merge pull request #1 from geoffw0/test123 
C++: Accept test results.
 2022-07-12 20:18:59 +03:00
Ian Lynagh
83edb3b5e9 Kotlin: Remove the last uses of fakeLabel 2022-07-12 17:43:50 +01:00
Geoffrey White
f29104ccce C++: Accept test results. 2022-07-12 16:49:04 +01:00
Raul Garcia
64343e00f4 Update java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-07-12 08:14:25 -07:00
Raul Garcia
8a48708014 Update java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-07-12 08:14:13 -07:00
Raul Garcia
2bac181094 Update java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-07-12 08:13:53 -07:00
Raul Garcia
a4e35a97ea Update java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-07-12 08:13:38 -07:00
Raul Garcia
a51d713925 Update java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-07-12 08:13:12 -07:00
Jeroen Ketema
f7c4fa691d Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-07-12 16:59:15 +02:00
Erik Krogh Kristensen
8e52fc97fc changes based on review by Shack 2022-07-12 16:02:50 +02:00
Erik Krogh Kristensen
220ff3cb2e convert tabs to spaces in qhelp 2022-07-12 16:02:50 +02:00
Erik Krogh Kristensen
712805f3bf add a!=b to the overlap predicate 2022-07-12 16:02:50 +02:00
Erik Krogh Kristensen
592464d98b simplify the overlap computation 2022-07-12 16:02:50 +02:00
Erik Krogh Kristensen
aae3e2ddde other changes based on Esbens review 2022-07-12 16:02:50 +02:00
Erik Krogh Kristensen
ff25451699 rename query to overly-large-range, and rewrite the @description 2022-07-12 16:02:46 +02:00
Ian Lynagh
a0636ff843 Merge pull request #9545 from igfoo/igfoo/type_cycles 
Java: Fix RefType.getAStrictAncestor() in the presence of type hierarchy cycles
 2022-07-12 14:28:54 +01:00
Jeroen Ketema
8f9d419441 C++: Add change note 2022-07-12 15:24:09 +02:00
Jeroen Ketema
e5eabc4e47 C++: Slightly tweak nullness test and update test results 2022-07-12 15:23:33 +02:00
Jeroen Ketema
d63b0946d9 C++: Use ConditionDeclExpr in AnalysedExpr::isDef 2022-07-12 15:22:13 +02:00
Jeroen Ketema
2ceb25dc9a C++: Order left and right operands in the logical left to right order 2022-07-12 15:21:37 +02:00
Ian Lynagh
d0bf424b19 Merge pull request #9806 from igfoo/igfoo/useType 
Kotlin: Extract an ErrorType if we fail to correctly extract a type
 2022-07-12 13:45:04 +01:00
Ian Lynagh
1bcb17b760 Update java/ql/lib/change-notes/2022-07-12-errortype.md 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-07-12 12:16:24 +01:00
Paolo Tranquilli
48c71c9407 Swift: add comment about TypeRepr in ASTNode fetching 2022-07-12 12:10:22 +02:00
Jeroen Ketema
de6a9375ba Merge pull request #9804 from jketema/get-target 
C++: Clarify the "most-specific" part of `FunctionCall:getTarget`
 2022-07-12 12:06:50 +02:00
Ian Lynagh
2edeeaac0e Merge pull request #9801 from igfoo/igfoo/psi 
Kotlin: We can't extract comments for < 1.5.20
 2022-07-12 11:01:30 +01:00
Ian Lynagh
965f5a980a Java/Kotlin: Add changenote for ErrorType 2022-07-12 10:58:16 +01:00