hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-26 23:27:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,446 Commits 1,784 Branches 169 Tags
codeql-cli/v2.25.5
Commit Graph

87446 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
1608758219 Python: Apply suggestions from documentation review. 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-06-25 14:16:44 +02:00
Jonas Jensen
3ce4cff183 Merge pull request #3802 from geoffw0/modeling 
C++: 'modelling' -> 'modeling'.
 2020-06-25 14:07:57 +02:00
Jonas Jensen
f2ef088d4f Merge pull request #3783 from geoffw0/qldoc2 
C++: More QLDoc
 2020-06-25 14:06:00 +02:00
Mathias Vorreiter Pedersen
a0bfbda51c C++: Improve performance by not calling getDef, but instead refer to isDefinitionInexact. This gives roughly the same tuple numbers we had with only instruction nodes. 2020-06-25 13:37:14 +02:00
Dave Bartolomeo
6dc02c719b C++: Fix typos 2020-06-25 07:19:15 -04:00
Geoffrey White
099e5891ae C++: 'modelling' -> 'modeling'. 2020-06-25 11:50:43 +01:00
Geoffrey White
f956112042 C++: Autoformat. 2020-06-25 11:48:10 +01:00
Geoffrey White
b515c09946 C++: Autoformat. 2020-06-25 11:46:51 +01:00
Geoffrey White
6201796122 C++: modelling -> modeling 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-06-25 11:42:57 +01:00
Geoffrey White
89bea604d9 C++: Fix false positive. 2020-06-25 11:32:25 +01:00
Geoffrey White
720ac026dc C++: Add false positive. 2020-06-25 11:21:08 +01:00
Geoffrey White
5489bb9946 C++: Autoformat. 2020-06-25 11:13:13 +01:00
Geoffrey White
8f6e56cb41 C++: Suggested change. 2020-06-25 11:13:00 +01:00
Asger Feldthaus
f9b796231b JS: Add regression tests 2020-06-25 11:10:27 +01:00
Rasmus Wriedt Larsen
22ad8f717f Python: Remove usage of .getASuccessor() in XSLT.qll 2020-06-25 12:07:45 +02:00
Rasmus Wriedt Larsen
1e5eeb8009 Python: Move lxml.etree library stub to reduce clutter 2020-06-25 12:07:41 +02:00
Esben Sparre Andreasen
4bfce4b8a3 JS: model npmlog (and recognize the "verbose" log level) 2020-06-25 12:06:51 +02:00
semmle-qlci
b24fba8df0 Merge pull request #3734 from dellalibera/loginjection 
Approved by esbena
 2020-06-25 11:06:25 +01:00
Asger Feldthaus
a109c1fc96 JS: Change note 2020-06-25 11:04:08 +01:00
Geoffrey White
edc5d5d128 C++: Add a test of MissingNullTest. 2020-06-25 11:04:06 +01:00
Asger Feldthaus
ea3560fe07 JS: Ignore document.all checks explicitly 2020-06-25 11:03:06 +01:00
Rasmus Wriedt Larsen
3cc566f703 Merge branch 'master' into python-3521-revived 2020-06-25 12:02:21 +02:00
Asger Feldthaus
b867512db4 JS: Update test 2020-06-25 11:01:10 +01:00
Rasmus Wriedt Larsen
e60af68b29 Python: Move lxml.etree library stub (so merge is easy) 2020-06-25 11:54:34 +02:00
Rasmus Wriedt Larsen
994db060c7 Python: Use CWE-091 for XSLT 
As indicated here https://www.zaproxy.org/docs/alerts/90017/
 2020-06-25 11:53:12 +02:00
Calum Grant
4642bb2767 Merge pull request #3774 from hvitved/csharp/tripleticks 
C#: Enable syntax highlighting in QLDoc snippets
 2020-06-25 10:31:50 +01:00
Rasmus Wriedt Larsen
b36c23ef63 Merge pull request #3500 from yoff/UnmatchableDollar 
Python: Regexp: Handle repetions {n} (with no ,)
 2020-06-25 11:26:52 +02:00
Rasmus Wriedt Larsen
0b36cd44b8 Merge pull request #3522 from porcupineyhairs/pythonXpath 
Python : Add Xpath injection query
 2020-06-25 11:21:45 +02:00
Calum Grant
6e3609696a C#: Address review comments. 2020-06-25 09:59:59 +01:00
Taus Brock-Nannestad
9f06e13313 Python: Fix incomplete renaming in Thrift.qll. 2020-06-25 10:48:26 +02:00
Rasmus Lerchedahl Petersen
415e0c4aac Python: add suggestion for test cases 2020-06-25 10:46:33 +02:00
Erik Krogh Kristensen
2d7feb794f Refactor Promises.qll to use PreCallGraphStep 2020-06-25 10:41:08 +02:00
Rasmus Lerchedahl Petersen
5973fe8411 Python: scaffold for testing data flow coverage 2020-06-25 10:32:10 +02:00
Max Schaefer
a89e4971ac Merge pull request #221 from gagliardetto/bad-tls 
Add CWE-327 (unsafe TLS)
 2020-06-25 09:18:42 +01:00
Tom Hvitved
b8ae4b7f64 C#: Move async data-flow tests from local to global 2020-06-25 10:04:18 +02:00
Tom Hvitved
3f91aa3b55 C#: More data-flow collection tests 2020-06-25 09:48:52 +02:00
Sauyon Lee
380060c7e4 extractor: Refactor regexp compilation for the relative directory check 2020-06-24 23:29:55 -07:00
Sauyon Lee
9e8d386f3c Clarify change note 2020-06-24 23:29:55 -07:00
Sauyon Lee
fa391b1516 extractor: Factor out common bits for running go list 2020-06-24 23:29:54 -07:00
Sauyon Lee
ebdd724b75 Simplify logic for deciding whether to extract a package 2020-06-24 23:29:53 -07:00
Sauyon Lee
e25b882e42 Clarify some comments 
As suggested in code review

Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-06-24 23:29:52 -07:00
Sauyon Lee
9bd1f87d66 Address review comments 2020-06-24 23:29:51 -07:00
Sauyon Lee
de2f407c69 Add change note for more dependency AST extraction 2020-06-24 23:29:50 -07:00
Sauyon Lee
7863bb656e Use the -mod argument from the build when calling go list 2020-06-24 23:29:49 -07:00
Sauyon Lee
296d2d5fd3 extractor: modify FileExists to check that the path isn't a directory 2020-06-24 23:29:48 -07:00
Sauyon Lee
3513c352e6 extractor: Factor out FileExists utility function 2020-06-24 23:29:48 -07:00
Sauyon Lee
f197975c6e Extract packages more intelligently 
We now extract packages that have the same module root as the specified packages, as determined by
the `go list` command.
 2020-06-24 23:29:47 -07:00
Dave Bartolomeo
06a5242d76 Merge pull request #3793 from rdmarsh2/rdmarsh/cpp/ir-range-analysis-experimental 
C++: move IR range analysis to experimental
 2020-06-24 20:51:07 -04:00
Dave Bartolomeo
2685aa4b8b C++: Use fewer words 2020-06-24 20:42:02 -04:00
Dave Bartolomeo
8b02f121d6 C++: QLDoc for all of Instruction.qll 
I think I've now documented every class and public predicate in `Instruction.qll` I've tried to include detailed semantics of each instruction where appropriate.
 2020-06-24 20:29:31 -04:00