hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-12 02:24:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
51,797 Commits 1,740 Branches 164 Tags
codeql-cli/v2.12.5
Commit Graph

51797 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthew Gretton-Dann
5df5e6dfce Add initial QL support classes for coroutines 
Add classes for expressions co_yield and co_await.
Adds classes for statements co_return and `for co_await`.
 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
8199b3a230 C++: Add DB schema support for coroutines 2020-09-07 20:37:01 +01:00
Geoffrey White
6ef67af743 C++: Add models for stringstream methods. 2020-09-07 18:27:42 +01:00
Geoffrey White
fafd2f0a7c C++: Add test cases for stringstream / ostream. 2020-09-07 18:27:42 +01:00
CodeQL CI
22b3b0a5f1 Merge pull request #3953 from RasmusWL/python-more-call-graph-tracing 
Approved by tausbn
 2020-09-07 17:34:14 +01:00
Max Schaefer
b8a492473b JavaScript: Stop tracking canonical function names in API graphs. 
This blows up on the TypeScript compiler, and is likely to be much less useful than tracking type names and namespaces, which we still do.
 2020-09-07 16:47:45 +01:00
Asger F
d3f19721e6 Merge pull request #4153 from erik-krogh/snake_case_pr 
JS: rename dbscheme predicates to consistently use snake_case in dbscheme
 2020-09-07 16:21:32 +01:00
Max Schaefer
52a659183d Merge pull request #314 from smowton/smowton/admin/bump-golang-tools 
Bump to latest version of golang.org/x/tools
 2020-09-07 16:02:55 +01:00
Mathias Vorreiter Pedersen
9c1837e3b3 C++: Rename getField to getAField following review comments. 2020-09-07 16:52:04 +02:00
Max Schaefer
655e229d1e Revert "Revert "autobuilder: Add support for GITHUB_REPOSITORY environment variable"" 
This reverts commit ccfccb4828.
 2020-09-07 15:14:52 +01:00
Jonas Jensen
3493c93d7b Merge pull request #4218 from MathiasVP/mathiasvp/fix-fp-av82 
C++: Add cases for conditional and comma operator in AV Rule 82
 2020-09-07 15:27:07 +02:00
Tom Hvitved
6c716331d9 C#: Skip foreach loop bodies in the CFG when the iteration expression is empty 2020-09-07 15:26:28 +02:00
Tom Hvitved
9e240b7397 C#: Add more CFG loop unrolling tests 2020-09-07 15:26:25 +02:00
Rasmus Wriedt Larsen
61998afc56 Python: Remove unnecessary comment 
Was introduced in 5d031d7abe when I actually fixed
the loop variable capture problem.
 2020-09-07 15:06:07 +02:00
Tom Hvitved
37f1ce3122 C#: Implement support for path transformers 2020-09-07 15:02:50 +02:00
Max Schaefer
423d87b812 JavaScript: Rename TNode to TApiNode. 
This prevents spurious recomputation of a cached stage.
 2020-09-07 14:02:37 +01:00
Rasmus Wriedt Larsen
fb37330f5e Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-07 14:59:07 +02:00
Erik Krogh Kristensen
55b79f445c recognize commands with slash and underscore 2020-09-07 14:28:28 +02:00
Jonas Jensen
3a7bf2a15a Merge pull request #3933 from MathiasVP/alternative-instruction-operand-flow 
C++: Alternate instruction -> operand flow
 2020-09-07 13:37:20 +02:00
Erik Krogh Kristensen
320879bc1e recognize colon in command-prefixes 2020-09-07 13:12:38 +02:00
Jonas Jensen
0fe5d75375 Merge pull request #4196 from MathiasVP/mathiasvp/field-to-object-taint-tests 
C++: Add field to object taint tests
 2020-09-07 13:02:22 +02:00
Max Schaefer
1821cca5d2 Merge pull request #285 from smowton/protobufs 
Protobuf modelling
 2020-09-07 11:42:37 +01:00
CodeQL CI
85f6388a19 Merge pull request #4206 from erik-krogh/consistentJquery 
Approved by esbena
 2020-09-07 11:23:23 +01:00
Tom Hvitved
68f421f9c3 Merge pull request #4205 from tamasvajk/feature/printast-accessor 
C#: Add stable order for generated accessors in printed AST
 2020-09-07 11:25:46 +02:00
Erik Krogh Kristensen
8ada928b16 Merge branch 'main' into snake_case_pr 2020-09-07 11:12:57 +02:00
Erik Krogh Kristensen
4175637631 add change note for unsafe-jquery 2020-09-07 11:08:21 +02:00
Erik Krogh Kristensen
61e2e5647c autoformat 2020-09-07 11:05:56 +02:00
CodeQL CI
b5872fe848 Merge pull request #3873 from asger-semmle/js/type-qualified-name-fallback 
Approved by erik-krogh
 2020-09-07 09:48:05 +01:00
yoff
2a70da4da6 Merge pull request #4210 from tausbn/python-remove-spurious-global-flow 
Python: Remove implicit uses from `essaFlowStep`
 2020-09-07 10:16:18 +02:00
yoff
ae9f58489d Merge pull request #4159 from RasmusWL/python-port-dataflow-tests 
Python: port dataflow tests
 2020-09-07 09:54:12 +02:00
Tom Hvitved
14567f5314 C#: Support wild-cards in file patterns 
Implements the specification at https://wiki.semmle.com/display/SDmaster/project-layout+format
by compiling file path specifications to regular expressions.
 2020-09-07 09:03:56 +02:00
Mathias Vorreiter Pedersen
b3d18ef610 C++: Add cases for conditional and comma operator in AV RUle 82 2020-09-07 08:59:08 +02:00
Slavomir
25e3f75ddc Add taint-tracking for mime/quotedprintable package. 2020-09-06 17:45:09 +02:00
Slavomir
99b251d4f0 Add taint-tracking for mime/multipart 2020-09-06 17:42:57 +02:00
Slavomir
c44d426794 Add taint-tracking for mime package. 2020-09-06 17:39:41 +02:00
Slavomir
3b2e16e292 Move text/template classes to TextTemplate module inside stdlib. 2020-09-06 17:32:34 +02:00
Slavomir
0d5c7e3132 Add taint-tracking for text/template template. 2020-09-06 17:32:34 +02:00
Slavomir
db0b09beb4 Add taint-tracking for text/tabwriter package. 2020-09-06 17:32:34 +02:00
Slavomir
4df363d2ce Add taint-tracking for text/scanner package. 2020-09-06 17:32:34 +02:00
Mathias Vorreiter Pedersen
a5ac8ebc2f C++: Don't import internals. 2020-09-05 11:47:22 +02:00
Robert Marsh
4be138d790 C++: Improve performance of getExplicitlyConverted 2020-09-04 14:17:56 -07:00
Mathias Vorreiter Pedersen
a4890ef99c C++: Add annotations describing whether the flow is an instance of field-to-object flow 2020-09-04 18:32:28 +02:00
Mathias Vorreiter Pedersen
cfd606a4e0 Merge branch 'main' into alternative-instruction-operand-flow 2020-09-04 18:26:38 +02:00
Chris Smowton
cfba0896f0 Improve code style 
No behavioural changes
 2020-09-04 17:05:32 +01:00
Mathias Vorreiter Pedersen
208b85c7fc Merge branch 'main' into mathiasvp/read-step-without-memory-operands 2020-09-04 18:04:15 +02:00
Chris Smowton
fb85ccb2a5 Look through implicit deref operations when propagating taint down a chain of field- and element-access instructions. 
This enables us to use PostUpdateNode properly. Also introduce a test showing a case where this doesn't work, because the underlying variable doesn't have a post-update node.
 2020-09-04 17:03:52 +01:00
Chris Smowton
3635d7d007 Introduce and use writeComponent 2020-09-04 17:03:52 +01:00
Chris Smowton
2a863fbbe7 Abbreviate protobuf package names 2020-09-04 17:03:52 +01:00
Chris Smowton
18ed6bd1ee Add missing qldoc 2020-09-04 17:03:52 +01:00
Chris Smowton
90915284ba Move getUnderlyingNode into Protobuf.qll 
This is its only user for now.
 2020-09-04 17:03:52 +01:00