codeql

mirror of https://github.com/github/codeql.git synced 2026-06-18 03:11:07 +02:00

Author	SHA1	Message	Date
Taus Brock-Nannestad	35e3e3d2a1	Python: Update change note for 1.23.	2019-11-26 13:58:22 +01:00
Tom Hvitved	355c4f7154	C#: Add change note	2019-11-26 13:54:19 +01:00
Tom Hvitved	71e958eabc	C#: Add taint-tracking steps through conversion operator calls	2019-11-26 13:53:50 +01:00
Tom Hvitved	acb069f69b	C#: Add data flow tests for conversion operators	2019-11-26 13:53:17 +01:00
Erik Krogh Kristensen	4a94c49d37	changes based on review feedback	2019-11-26 13:40:48 +01:00
Jonas Jensen	b1745f588c	Merge pull request #2402 from geoffw0/nospace CPP: Make NoSpaceForZeroTerminator.ql more conservative.	2019-11-26 13:36:05 +01:00
Erik Krogh Kristensen	97718bf1d4	the callback function can both be the second and third argument	2019-11-26 13:00:00 +01:00
semmle-qlci	3d5d178b19	Merge pull request #2439 from erik-krogh/useOfReturnlessFunctionHotfix Approved by max-schaefer	2019-11-26 11:56:57 +00:00
Erik Krogh Kristensen	b06acd1ed0	add change note	2019-11-26 12:52:41 +01:00
Erik Krogh Kristensen	0f948339af	add change note	2019-11-26 11:23:30 +01:00
Erik Krogh Kristensen	b6106f9638	keep the ResolvedPromiseDefinition class as a subclass of PromiseCreationCall	2019-11-26 11:16:59 +01:00
Erik Krogh Kristensen	f284b3a2bb	Merge remote-tracking branch 'upstream/master' into exceptionXss	2019-11-26 10:54:04 +01:00
Erik Krogh Kristensen	7ee12a3420	change doc based on review feedback	2019-11-26 10:48:24 +01:00
Anders Schack-Mulligen	18e1708036	Merge pull request #2412 from Cornelius-Riemenschneider/nullness-corr-cond Java: Nullness library: track instanceof expressions in correlated conditions	2019-11-26 10:33:34 +01:00
Erik Krogh Kristensen	fed2675f76	remove FP in use-of-returnless-function FP related to calls to super()	2019-11-26 10:17:04 +01:00
Erik Krogh Kristensen	89dac23969	remove 3 FP sources from use-of-returnless-function	2019-11-26 10:16:18 +01:00
semmle-qlci	fb44aa18bd	Merge pull request #2428 from erik-krogh/useOfReturnlessFunctionSuperCalls Approved by max-schaefer	2019-11-26 09:14:08 +00:00
semmle-qlci	cf92022c89	Merge pull request #2420 from erik-krogh/safeStringSink Approved by asgerf	2019-11-26 08:09:05 +00:00
Robert Marsh	60b384a6e5	C++/C#: use line numbers for instruction IDs This should reduce the number of merge conflicts in the IR tests resulting from instruction ID changes due to inserting or removing instructions	2019-11-25 18:27:59 -05:00
yo-h	1a07f215ad	Merge pull request #2436 from felicitymay/1.23/SD-4095-finalize-change-notes-java 1.23: SD-4095 finalize change notes for Java	2019-11-25 18:19:25 -05:00
Sauyon Lee	1d21347578	Merge pull request #194 from max/field-write-through-embedded-pointer Fix DeadStoreOfField false positive.	2019-11-25 13:14:24 -08:00
Max Schaefer	ee723d8a4f	Fix DeadStoreOfField false positive. We should look into properly desugaring embedded types in the IR, but for now this workaround should suffice.	2019-11-25 20:21:16 +00:00
Sauyon Lee	2c921d9418	Merge pull request #193 from max/header-xss Don't flag header injection as XSS.	2019-11-25 11:56:54 -08:00
Calum Grant	113df4ea1d	Merge pull request #2278 from hvitved/csharp/autobuilder/shared-compilation C#: Only set `UseSharedCompilation=false` in autobuilder when needed	2019-11-25 18:37:09 +00:00
Dave Bartolomeo	7d48220a76	C++/C#: Make QLDoc conform to style guide	2019-11-25 11:26:45 -07:00
Dave Bartolomeo	44c1c5a7ab	C++: Update `points_to.ql` test to use new bit offset format	2019-11-25 11:13:02 -07:00
Dave Bartolomeo	521fbb125e	C++/C#: Fix formatting	2019-11-25 11:12:23 -07:00
Felicity Chapman	775ed381e1	Update to clarify status of one new query	2019-11-25 17:35:01 +00:00
Asger F	e3e15a6015	JS: Rephrase change note	2019-11-25 17:20:42 +00:00
Sauyon Lee	61c2478541	Merge pull request #12 from github/rc/1.23 Merge rc/1.23 into master	2019-11-25 09:20:17 -08:00
Asger F	df97ab2cb8	TS: Add INDEX prefix to env variables	2019-11-25 17:10:00 +00:00
Asger F	2508da7971	JS: Add change note	2019-11-25 17:01:32 +00:00
Asger F	7e515aeb72	TS: Verify yarn installation	2019-11-25 16:22:21 +00:00
Cornelius Riemenschneider	37f162106a	Fix formatting of file.	2019-11-25 17:04:38 +01:00
Tom Hvitved	fede9aed04	Merge pull request #2355 from cldrn/AspNetMaxRequestLength CodeQL query to check for insecure MaxLengthRequest values in ASP.NET applications	2019-11-25 17:02:22 +01:00
Felicity Chapman	87fca1fde6	Remove backticks from 'struct'	2019-11-25 15:56:29 +00:00
Max Schaefer	8bd45593e0	Merge pull request #11 from github/1.23/SD-4095-finalize-change-notes-go 1.23: SD-4095 Minor text changes to analysis change notes	2019-11-25 15:56:17 +00:00
Tom Hvitved	07e18c88a8	C#: Address review comments	2019-11-25 16:51:09 +01:00
Felicity Chapman	de2c7d8884	Minor text changes	2019-11-25 15:48:58 +00:00
Felicity Chapman	49bdf7ed1c	Fix table sort order	2019-11-25 15:36:58 +00:00
Felicity Chapman	f75b61e2f0	Minor text changes	2019-11-25 15:36:37 +00:00
semmle-qlci	d58a6b02bf	Merge pull request #2396 from hvitved/dataflow/erased-type-class Approved by aschackmull, jbj	2019-11-25 15:22:13 +00:00
Felicity Chapman	f5bf877671	Fix table sort order	2019-11-25 15:18:30 +00:00
Felicity Chapman	dc258f13e3	Minor text changes	2019-11-25 15:17:02 +00:00
Geoffrey White	1d26d4c5e4	Merge pull request #2404 from jbj/signed-overflow-macro C++: Fix SignedOverflowCheck.ql performance	2019-11-25 15:15:57 +00:00
Max Schaefer	adf9764085	Don't flag header injection as XSS. All results I have seen from this are uninteresting.	2019-11-25 15:06:53 +00:00
Asger F	e5ba80b18c	JS: Add test	2019-11-25 15:05:33 +00:00
Asger F	82b35a116c	JS: Handle .js import of .ts file	2019-11-25 14:58:12 +00:00
Asger F	b306eeeb6e	TS: Option to install dependencies	2019-11-25 14:42:17 +00:00
Dave Bartolomeo	4a21123107	Merge pull request #2427 from jbj/comparison-with-wider-type-notc C++: Stricter loop-variant check	2019-11-25 07:38:02 -07:00

... 1571 1572 1573 1574 1575 ...

87608 Commits