hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-18 13:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,714 Branches 162 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexandre Boulgakov
3ba308a69f C++: Allow querying for "C" language linkage on routine types. 2021-08-18 15:35:30 +01:00
Taus
021e5ff510 Python: Autoformat 2021-08-18 14:27:54 +00:00
Rasmus Wriedt Larsen
60eb81106a Python: Update comment for RegExpTreeView isExcluded 
I noticed after reading https://github.com/github/codeql/pull/6507, but didn't want to overload that PR.
 2021-08-18 16:16:26 +02:00
Chris Smowton
cc4fe7375c Merge pull request #5953 from github/sauyon/java/spring-webutil 
Java: Add models for the Spring `web.util` package
 2021-08-18 15:07:28 +01:00
Mathias Vorreiter Pedersen
27df2727e9 Merge pull request #6501 from erik-krogh/rank 
CPP/C#: use min() instead of rank[1]()
 2021-08-18 15:47:08 +02:00
Asger Feldthaus
eef7f559c6 JS: Change note 2021-08-18 15:36:41 +02:00
Asger Feldthaus
cde8059960 JS: Update some comments referring to Vue instances 2021-08-18 15:36:41 +02:00
Asger Feldthaus
165f6c6935 JS: Add a deprecated forwarder for Vue::Instance 2021-08-18 15:36:41 +02:00
Asger Feldthaus
7b6485c32a JS: Rename some test predicates to match class name 2021-08-18 15:36:41 +02:00
Asger Feldthaus
b21071923e JS: Rename variables to match new class name 2021-08-18 15:36:41 +02:00
Asger Feldthaus
0a98679f74 JS: Rename Vue::Instance to Vue::Component 2021-08-18 15:36:41 +02:00
Anders Fugmann
0b98b39f91 C++: Test dataflow tests for strdupa and strndupa functions 2021-08-18 15:22:14 +02:00
Taus
af91a2df00 Python: Prevent explosion in poly-ReDoS query 
I consider this to be a short-term solution to the performance problems
we identified. The choice of "at most ten occurrences of `.*`" is
somewhat arbitrary, and it's possible a higher limit would work just as
well.
 2021-08-18 13:21:46 +00:00
Owen Mansel-Chan
51b3f7f62d Merge pull request #555 from owen-mc/upstream-weak-crypto-key 
Promote weak crypto key from experimental
 2021-08-18 12:57:27 +01:00
james
dcbf766217 add new article to toc 2021-08-18 12:14:48 +01:00
Anders Fugmann
44752d5ee0 C++: Model strdupa and strndupa string functions returning memory allocated with alloca 2021-08-18 13:12:08 +02:00
james
8443d344a2 correct article name 2021-08-18 11:58:42 +01:00
Owen Mansel-Chan
b96efc655e Improve grammar and punctuation 2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
6f2040da51 Add security severity score 2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
8c97395884 Add change note 2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
3bf2cf0ed8 Add precision metadata 2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
9634e8d7b0 Update path in qlref file 2021-08-18 11:54:04 +01:00
Owen Mansel-Chan
ca01d55297 Promote insufficient key size query 
Files were just moved - changes made in next commit
 2021-08-18 11:54:04 +01:00
james
18b8244406 fix link 2021-08-18 11:47:16 +01:00
james
429decd7b6 tweak sojme text 2021-08-18 11:38:03 +01:00
james
ad2850dd5d add new tutorial 2021-08-18 11:27:53 +01:00
james
babec9bf79 add data flow debugging guide 2021-08-18 11:26:51 +01:00
Erik Krogh Kristensen
91b8c1c4a0 Update ql/src/queries/style/RankOne.ql 
Co-authored-by: Taus <tausbn@github.com>
 2021-08-18 11:25:36 +02:00
Erik Krogh Kristensen
23b2d43440 QL: Update ql/src/queries/style/RankOne.ql 
Co-authored-by: Taus <tausbn@github.com>
 2021-08-18 11:25:36 +02:00
Erik Krogh Kristensen
feb1ab86f0 add a query for finding rank[1] 2021-08-18 09:19:05 +00:00
Erik Krogh Kristensen
b45a793e28 QL: add a query for finding rank[1] 2021-08-18 09:19:05 +00:00
Asger Feldthaus
4a1fb5df5d JS: De-abstractify Vue::Instance class 2021-08-18 11:14:25 +02:00
Asger Feldthaus
40ae13a20e JS: Rename Vue::{Component -> ComponentRegistration} 2021-08-18 11:14:25 +02:00
Erik Krogh Kristensen
dd59f79947 use min() instead of rank[1]() 2021-08-18 11:09:03 +02:00
Erik Krogh Kristensen
4cc2ac9d35 exclude char classes that match everything 2021-08-18 08:59:17 +00:00
Harry Maclean
a2115f41e8 Merge pull request #259 from github/hmac-print-ast 
Don't include desugared nodes in the printed AST
 2021-08-18 09:16:36 +01:00
Aditya Sharad
21d03cd365 Merge pull request #6488 from github/aeisenberg/pack/cpp 
Packaging: Refactor cpp libraries
 2021-08-17 16:44:04 -07:00
Andrew Eisenberg
03d6b15401 Merge branch 'main' into aeisenberg/pack/cpp 2021-08-17 15:28:47 -07:00
Andrew Eisenberg
88ceb42356 Packaging: Migrate cpp experimental/semmle folder to lib 
Also, fix up some library path dependencies.
 2021-08-17 14:41:41 -07:00
Andrew Eisenberg
d8e4e25c1e Packaging: Fix query pack references 
We can't have recursive references to query packs.
 2021-08-17 13:03:40 -07:00
Sauyon Lee
17cef3f498 Address review comments 2021-08-17 12:45:47 -07:00
Chris Smowton
10e362a0f2 Merge pull request #562 from sauyon/remove-binary 
Remove accidentally added binary
 2021-08-17 19:55:26 +01:00
Chris Smowton
2b6dde8e6c Merge pull request #561 from github/developer-happiness-query-suite 
Add a query suite for new experimental "developer happiness" queries
 2021-08-17 19:45:44 +01:00
Andrew Eisenberg
2c5dd2dfa3 Packaging: Refactor the cpp libraries 
This PR separates the core cpp packs into `codeql/cpp-queries` and
`codeql/cpp-all`.

There are very few lines of code changed. Almost all changes are moving
files around.
 2021-08-17 11:22:36 -07:00
Daniel Santos
5e155d25b1 new Experimental query ClipboardBasedXss 2021-08-17 12:57:26 -05:00
Sauyon Lee
dc50d73008 Remove accidentally added binary 2021-08-17 10:11:04 -07:00
Joe Farebrother
076aeb5d80 Update tests 2021-08-17 16:44:58 +01:00
Benjamin Muskalla
99e19e6d59 Fix predicate to only match the current API 2021-08-17 16:26:08 +02:00
Benjamin Muskalla
035f7b57e9 Improve query name 2021-08-17 16:25:49 +02:00
Harry Maclean
e82c21d35d Don't include desugared nodes in the printed AST 
The base `PrintAstConfiguration` class already has a predicate for
filtering out desugared nodes - this change just makes use of it in the
query.

This fixes https://github.com/github/codeql-team/issues/408, which was
caused by including nodes representing the desugaring of

    a[b] = c

in the query output. This would result in multiple edges to the same
target node (one from the surface AST and another from the desugared
AST), which the VSCode AST viewer cannot handle.
 2021-08-17 15:20:30 +01:00