hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-13 19:14:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
51,797 Commits 1,736 Branches 164 Tags
codeql-cli/v2.12.5
Commit Graph

51797 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Slavomir
ee2804dfb1 Improve comments 2020-07-17 11:01:25 +03:00
Raul Garcia (MSFT)
5387294168 Moving to experimental as requested 2020-07-16 09:32:17 -07:00
Rasmus Wriedt Larsen
1c2e259970 Python: CG trace: Handle builtins 2020-07-16 18:04:04 +02:00
Slavomir
ee4356501a Apply suggestions from code review 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-07-16 18:36:40 +03:00
Slavomir
fb78818db7 Fix .expected 2020-07-16 18:33:35 +03:00
Slavomir
ef7198c0cb Improve query scenarios 2020-07-16 18:29:15 +03:00
Rasmus Wriedt Larsen
92e8e1622c Python: CG trace: move traces to own dir 2020-07-16 16:47:23 +02:00
Slavomir
282f7af6d9 Improve comments, naming, docs 2020-07-16 12:52:41 +03:00
Slavomir
8cc8b8ef47 Add CWE-352: CSRF because of constant oauth2 state value 2020-07-16 12:38:08 +03:00
Geoffrey White
2e5af67626 Merge pull request #3952 from MathiasVP/output-parameter-index-for-UserDefinedFormattingFunction 
C++: Add getOutputParameterIndex override to UserDefinedFormattingFunction class.
 2020-07-15 18:11:09 +01:00
Nick Rolfe
c7b668193b Merge pull request #3929 from igfoo/static_assert 
C++: Give static assertions an enclosing element
 2020-07-15 18:03:26 +01:00
Slavomir
437f4b7eab Fix go autoformat 2020-07-15 19:12:33 +03:00
Slavomir
9cd86f9be8 Generated Go files: add what they were generated with 2020-07-15 19:05:12 +03:00
Slavomir
f7a03c0862 Update main.go 2020-07-15 19:05:12 +03:00
Slavomir
19348d2773 Simplify tests 2020-07-15 19:05:12 +03:00
Slavomir
1591ed3440 Implement code review feedback 2020-07-15 19:05:12 +03:00
Slavomir
5b63228690 Add StdlibTaintFlow.expected 2020-07-15 19:05:12 +03:00
Slavomir
19287fb5ff Add taint-tracking for archive/tar and archive/zip 2020-07-15 19:05:12 +03:00
Mathias Vorreiter Pedersen
289a908eb8 C++: Update qldoc in reponse to PR comments 2020-07-15 16:24:47 +02:00
Mathias Vorreiter Pedersen
c4b97a3a62 C++: Accept more test changes 2020-07-15 16:19:51 +02:00
Geoffrey White
c4940aaa86 Merge branch 'master' into copymove 2020-07-15 15:01:01 +01:00
Rasmus Wriedt Larsen
abcc76baec Python: CG trace: use lxml to pretty-print xml 2020-07-15 14:48:58 +02:00
Mathias Vorreiter Pedersen
edc33b6516 C++: Add getOutputParameterIndex override to UserDefinedFormattingFunction and accept test changes 2020-07-15 14:46:08 +02:00
Mathias Vorreiter Pedersen
d711c22cd2 C++: Add testcase demonstrating lost query results 2020-07-15 14:42:45 +02:00
Rasmus Wriedt Larsen
7ac4ea9bf1 Python: CG trace: use standardized etree import 
makes it easy to switch out XML library.
 2020-07-15 14:41:39 +02:00
Rasmus Wriedt Larsen
ba4207fc90 Python: CG trace: sort output before writing/printing 
Allows comparing output of one run with another
 2020-07-15 14:37:41 +02:00
Rasmus Wriedt Larsen
e6873956ca Python: CG trace: add canonic_filename helper 2020-07-15 14:25:42 +02:00
Raul Garcia (MSFT)
3e0481b889 Queries to help on the detection based on misuse of DataSet and DataTable serialization that could lead to security problems. 
https://go.microsoft.com/fwlink/?linkid=2132227
 2020-07-14 17:54:54 -07:00
Robert Marsh
7dd2677746 Merge pull request #3950 from MathiasVP/simple-range-analysis-unsigned-multiplication-tests 
C++: Add test cases for range analysis for unsigned multiplication
 2020-07-14 14:18:06 -07:00
Raul Garcia (MSFT)
896cdf9b12 Merge branch 'master' of https://github.com/github/codeql 2020-07-14 11:16:51 -07:00
Mathias Vorreiter Pedersen
174b30461a C++: Fix syntax error in testfile 2020-07-14 19:47:21 +02:00
Calum Grant
dcff87fb2e Merge pull request #3366 from hvitved/csharp/dataflow/arrays 
C#: Precise data-flow for collections
 2020-07-14 17:12:29 +01:00
Mathias Vorreiter Pedersen
834ad92453 C++: Add test cases for unsigned multiplication and fix missing return value in existing tests 2020-07-14 16:57:47 +02:00
Geoffrey White
37158f46ed C++: Remove deprecated class from test. 2020-07-14 15:36:48 +01:00
semmle-qlci
0bee0687cb Merge pull request #3911 from RasmusWL/python-call-graph-tracing 
Approved by tausbn
 2020-07-14 15:33:45 +01:00
Geoffrey White
3f6d8490e0 C++: Autoformat. 2020-07-14 15:09:12 +01:00
Ian Lynagh
616bad7b5c C++: Add an upgrade script 2020-07-14 13:53:46 +01:00
Ian Lynagh
c254de464a C++: Update stats following static_asserts change 2020-07-14 13:53:01 +01:00
Rasmus Wriedt Larsen
f1601d643a Python: autoformat 2020-07-14 14:12:56 +02:00
Rasmus Wriedt Larsen
1d9c3b3bcd Python: call-graph tracing: callable => callee 
to use consistent naming
 2020-07-14 14:12:02 +02:00
semmle-qlci
f8c03dcae6 Merge pull request #3924 from RasmusWL/python-metrics-queries-for-dist-compare 
Approved by tausbn
 2020-07-14 13:03:02 +01:00
Rasmus Wriedt Larsen
ee42d0839e Python: Rename target => callee 
To use a standardised naming :)
 2020-07-14 11:26:05 +02:00
Rasmus Wriedt Larsen
d913d33289 Python: Autoformat 2020-07-14 11:21:55 +02:00
Taus
ee13e87f3b Merge pull request #3947 from RasmusWL/python-fix-tests 
Python: Make experimental/library-tests/CallGraph pass for Python 2
 2020-07-13 22:10:34 +02:00
Arthur Baars
67b6018079 Merge pull request #3729 from luchua-bc/java-hardcoded-aws-credentials 
Java: Hardcoded AWS credentials
 2020-07-13 18:04:42 +02:00
Chris Smowton
830f83f21a Merge pull request #257 from smowton/smowton/fix/go-mod-comment-group-indices 
Extractor: assign unique indices to comment-groups in go.mod files
 2020-07-13 15:40:14 +01:00
Rasmus Wriedt Larsen
dc7d92ba2f Python: Autoformat experimental/library-tests/CallGraph/ 2020-07-13 16:20:02 +02:00
Geoffrey White
646efe2a20 C++: Deprecate ConversionConstructor. 2020-07-13 15:04:39 +01:00
Arthur Baars
c585b2e483 Java: stack trace exposure: address false positives 2020-07-13 15:26:55 +02:00
Geoffrey White
61178c5330 Merge branch 'master' into copymove 2020-07-13 14:11:12 +01:00