hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-06 15:44:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
51,797 Commits 1,733 Branches 164 Tags
codeql-cli/v2.12.5
Commit Graph

51797 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
ba7a42328d Merge pull request #56 from github/hvitved/parameter-get-a-variable 
Introduce `Parameter::getAVariable()`
 2020-12-01 18:32:34 +01:00
Asger Feldthaus
5561e8f1f6 JS: Delete old query and update qhelp 2020-12-01 17:05:48 +00:00
Asger Feldthaus
6211fe718b JS: Add test 2020-12-01 17:05:48 +00:00
Asger Feldthaus
1459d9197d JS: Adjust alert message for template sinks 2020-12-01 17:05:48 +00:00
Asger Feldthaus
8412a6bcbb JS: Add template injection sinks to js/code-injection 2020-12-01 17:05:48 +00:00
Geoffrey White
7c00477736 C++: Combine getOutputParameterIndex and isOutputStream. 2020-12-01 16:27:30 +00:00
Geoffrey White
c9c159ad0b C++: Autoformat. 2020-12-01 15:37:26 +00:00
Geoffrey White
799b932c17 C++: Restore QLDoc on deprecated predicates. 2020-12-01 15:21:06 +00:00
Tamas Vajk
9ab930f812 C#: Remove marker interfaces from CIL extraction 2020-12-01 16:06:13 +01:00
Tamas Vajk
df28544020 C#: Separate all classes to dedicated files in CIL extractor 2020-12-01 15:20:02 +01:00
james
65a048b65c address docs review comments 2020-12-01 14:19:12 +00:00
Tom Hvitved
9dbcb7c642 C#: Improve various join orders 2020-12-01 15:16:33 +01:00
Tom Hvitved
931e695ac7 C#: Fix bad join-order in UselessTypeTest.ql 2020-12-01 15:16:00 +01:00
Tamas Vajk
dffd95cb85 Add nomagic to fix performance 2020-12-01 15:16:00 +01:00
Tamas Vajk
cf76d31161 C#: Add nomagic pragmas to fix performance issues 2020-12-01 15:16:00 +01:00
Tamas Vajk
b20a08dbac C#: Update DB stats file 2020-12-01 15:16:00 +01:00
Tom Hvitved
d50f5cc785 Address review comments 2020-12-01 15:14:14 +01:00
James Fletcher
f7fe7c03b8 Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-12-01 13:42:53 +00:00
Tom Hvitved
9820dcb363 Generate VariableAccesses also for defining accesses 2020-12-01 14:39:41 +01:00
Mathias Vorreiter Pedersen
df29a16365 Merge pull request #4748 from aschackmull/autoformat-callchain 
C++/C#/Java/JavaScript/Python: Autoformat.
 2020-12-01 13:21:19 +01:00
Tom Hvitved
bde9f59e0e Introduce Parameter::getAVariable() 2020-12-01 13:18:06 +01:00
Chris Smowton
f9fc01bd73 Merge pull request #415 from smowton/smowton/feature/errorf-returns-non-nil 
Note that `fmt.Errorf` returns non-nil
 2020-12-01 12:04:23 +00:00
james
5002968e86 restructure codeql docs 2020-12-01 12:00:37 +00:00
Calum Grant
9897a81a5c Merge pull request #4677 from jbj/largeVariable-overflow 
C++: Decrease largeVariable cut-off to 100k
 2020-12-01 11:54:17 +00:00
Chris Smowton
63079b3e9d Merge pull request #416 from smowton/smowton/admin/cherrypick-suspicious-char-fix 
Cherry-pick #395 (suspicious-char-in-regex FP fix) onto rc/1.26
 2020-12-01 11:45:14 +00:00
Tom Hvitved
965b351cde Merge pull request #54 from github/hvitved/ast-final 
Mark more AST predicates as `final`
 2020-12-01 12:38:28 +01:00
Owen Mansel-Chan
8c33979425 Merge pull request #388 from owen-mc/untrusted-data-flow-to-external-api 
Untrusted data flow to external API
 2020-12-01 11:25:58 +00:00
Geoffrey White
79f32b0e26 C++: Autoformat. 2020-12-01 10:51:51 +00:00
Tom Hvitved
311a0b6b20 Mark more AST predicates as final 2020-12-01 10:24:33 +01:00
Tom Hvitved
11927a930f Merge pull request #53 from github/user-facing 
Add some user-facing AST classes
 2020-12-01 10:23:37 +01:00
Tom Hvitved
e86db3c7a1 Merge pull request #4725 from hvitved/csharp/cfg/constant-condition-block 
C#: Always create basic blocks for nodes with a conditional predecessor
 2020-12-01 10:03:17 +01:00
Erik Krogh Kristensen
c50951cbae add missing qldoc 2020-12-01 09:48:35 +01:00
Erik Krogh Kristensen
afbb921c7e add change note 2020-12-01 09:18:40 +01:00
Erik Krogh Kristensen
9a31ed13ac add test case 2020-12-01 09:18:40 +01:00
Erik Krogh Kristensen
dea2eb5443 simplify the logging sink - using the new API-graph logging models 2020-12-01 09:18:40 +01:00
Erik Krogh Kristensen
6f29a877fa move logInjection out of experimental 2020-12-01 09:18:40 +01:00
Erik Krogh Kristensen
f6c358861c convert logging models to use API-graphs 2020-12-01 09:18:36 +01:00
Sauyon Lee
b2ae6550ec Add additional tests for suspicious character in regexp regexp 2020-11-30 19:15:17 +00:00
Sauyon Lee
09d41952dc SuspiciousCharacterInRegexp: Add fix for raw string literals 2020-11-30 19:15:17 +00:00
Sauyon Lee
568b365575 Add isRaw to StringLit 2020-11-30 19:15:17 +00:00
Chris Smowton
5d17b27770 Note that fmt.Errorf returns non-nil 
This enables recognising more guarding functions that return nil/non-nil conditional on a barrier guard.
 2020-11-30 19:10:58 +00:00
Geoffrey White
9c277b3cb1 C++: Fix a small bug in the ArrayFunction model for FormattingFunction. 2020-11-30 17:55:25 +00:00
Geoffrey White
510bce36f1 C++: Change note. 2020-11-30 17:55:24 +00:00
Geoffrey White
b52ddbfc42 C++: Implement isOutputStream, isOutputString for UserDefinedFormattingFunction as well. 2020-11-30 17:55:24 +00:00
Geoffrey White
c3b16a5fd2 C++: Implement FormattingFunction isOutputStream, isOutputString so that subclasses don't need to be accessed for this information, and can be private. 2020-11-30 17:55:23 +00:00
Rasmus Wriedt Larsen
a08e1db601 Python: Remove leftover note to self in qhelp file 2020-11-30 17:44:18 +01:00
Cornelius Riemenschneider
659e3d46e3 C++: Add vscode snippets for Inline Expectations test. 2020-11-30 17:34:02 +01:00
Cornelius Riemenschneider
0d0fa1b341 C++: Delete difference tests. 2020-11-30 17:33:27 +01:00
Cornelius Riemenschneider
b632ca40b4 C++: Port dataflow/taint-tests to inline expectations test. 2020-11-30 17:32:54 +01:00
Max Schaefer
978d2db252 JavaScript: Add models for more Mongoose methods. 2020-11-30 16:32:13 +00:00