hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-19 09:24:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,679 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rebecca Valentine
f80e206d33 Merge pull request #3008 from RasmusWL/python-modernise-security-files 
Python: modernise remaining security files
 2020-03-11 08:56:19 -07:00
Shati Patel
92d82a9dd1 Updates intros 2020-03-11 15:44:39 +00:00
Erik Krogh Kristensen
26d8e33434 Autoformat 2020-03-11 16:42:48 +01:00
Shati Patel
59691a1c6f Apply suggestions from code review 
Co-Authored-By: James Fletcher <42464962+jf205@users.noreply.github.com>
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-11 15:33:54 +00:00
James Fletcher
554981e787 Merge pull request #2869 from jf205/codeql-migration-2163 
CodeQL docs: update titles, add intros, and a few content updates
 2020-03-11 14:29:56 +00:00
Jonas Jensen
86ad4d0357 Docs: Remove some Semmle references 
The only Semmle references now left in the public Markdown files are in
URLs and in legal text. There are also two Semmle references left in
`docs/language/vale-styles/README.md` because I didn't understand them
well enough to change them.
 2020-03-11 15:20:15 +01:00
Rasmus Wriedt Larsen
6d72e77cdf Python: Django: Handle Class-based views 2020-03-11 14:44:14 +01:00
Erik Krogh Kristensen
dd261c51f7 add change note 2020-03-11 14:42:57 +01:00
Erik Krogh Kristensen
e88dac3dea remove FP for js/redundant-operation 2020-03-11 14:42:32 +01:00
yo-h
38581663a4 Merge pull request #3047 from aschackmull/java/typeflow-testcase 
Java: Add test case to typeflow qltest.
 2020-03-11 09:25:36 -04:00
Asger Feldthaus
6645df93ad JS: Blacklist another cyclic property 2020-03-11 13:09:37 +00:00
semmle-qlci
1d5fba85f9 Merge pull request #3034 from esbena/js/sharpen-useless-regexp-character-escape 
Approved by asgerf
 2020-03-11 12:29:45 +00:00
Ian Lynagh
9265540704 Merge pull request #2911 from matt-gretton-dann/ql-docs/update-supported-languages 
QL docs: update supported C/C++ language versions
 2020-03-11 12:14:14 +00:00
Anders Schack-Mulligen
e1a0c2d846 Java: Add minor test case to typeflow qltest. 2020-03-11 13:13:19 +01:00
Erik Krogh Kristensen
cb5ef7dbed add basic support for jqXHR with ajax calls 2020-03-11 13:05:41 +01:00
Rasmus Wriedt Larsen
b760b1f1f2 Python: Django: Don't require viewFunction to mark as route 
It's very nice to be able to see all the DjangoRoutes even if we don't know the
function that is used to handle the request, at least for debugging.
 2020-03-11 12:37:18 +01:00
Alistair
d383c5973e Merge pull request #3046 from hubwriter/remove-gh-variable 
docs: Remove GitHub variable
 2020-03-11 11:29:19 +00:00
Alistair Christie
d6b666cf8f docs: Remove GitHub variable 2020-03-11 11:03:18 +00:00
Rasmus Wriedt Larsen
2da1503942 Merge branch 'master' into python-support-django2 2020-03-11 11:21:47 +01:00
Erik Krogh Kristensen
b987f2cf29 autoformat 2020-03-11 10:54:20 +01:00
Rasmus Wriedt Larsen
f5a8084a33 Merge pull request #2827 from BekaValentine/objectapi-to-valueapi-expectedmappingforformatstring 
Python: ObjectAPI to ValueAPI: ExpectedMappingForFormatString
 2020-03-11 10:52:48 +01:00
Rasmus Wriedt Larsen
47cd9c8956 Merge pull request #3038 from BekaValentine/python-objectapi-to-valueapi-deprecatedslicemethod 
Python: ObjectAPI to ValueAPI: DeprecatedSliceMethod
 2020-03-11 10:51:01 +01:00
Anders Schack-Mulligen
85d6b7c2ed C++: Add tests. 2020-03-11 10:49:21 +01:00
Erik Krogh Kristensen
7f147221f5 refactor to include promise tracking as a core part of type tracking 2020-03-11 10:44:11 +01:00
Anders Schack-Mulligen
a9d76cbe64 Dataflow: Add consistency checks for toString and location. 2020-03-11 10:29:48 +01:00
Mathias Vorreiter Pedersen
f4e8f7a1cc Merge pull request #2970 from jbj/multiple-types-test 
C++: Tests for variables with ambiguous types
 2020-03-11 09:53:59 +01:00
Erik Krogh Kristensen
fa26ce9f4b update expected output 2020-03-11 09:36:12 +01:00
Esben Sparre Andreasen
4dac835bb0 JS: loosen qldoc for barrierGuardIsRelevant 2020-03-11 07:54:38 +01:00
Shati Patel
327486dc58 Update title and intro for river crossing puzzle 2020-03-11 02:35:21 +00:00
Shati Patel
52ffd91a26 Move "River crossing puzzle" into tutorial folder 
- Update links
- Delete "QL etudes" folder
 2020-03-11 02:25:56 +00:00
Shati Patel
30e41dd4da Update references to QL tutorials 2020-03-11 02:14:39 +00:00
Shati Patel
8c5580fe5b Reorganize map topic 2020-03-11 02:13:51 +00:00
Shati Patel
fe71cc79ba Add intro to third tutorial 2020-03-11 01:53:47 +00:00
Shati Patel
fdfa2e1aeb Rename third detective tutorial 2020-03-11 01:49:28 +00:00
Shati Patel
570e726ab5 Add intro to second tutorial 2020-03-11 01:46:40 +00:00
Shati Patel
992c61a0a3 Combine and rename second detective tutorial 2020-03-11 01:46:28 +00:00
Shati Patel
d0d34d6762 Add intro to first tutorial 2020-03-11 01:46:28 +00:00
Shati Patel
43347d006c Combine and rename first detective tutorial 2020-03-11 01:46:22 +00:00
Ted Reed
107662fc67 Move Security/CWE/CWE-273 into experimental 2020-03-10 18:58:43 -04:00
Dave Bartolomeo
66fd566b66 Merge pull request #3006 from jbj/ir-no-static-init 
C++: IR: Ignore constant static initializers
 2020-03-10 15:46:56 -04:00
Alistair
44b9773ace Merge pull request #2866 from hubwriter/alistairs-docs-preparation-1 
CodeQL migration: Java topics - change titles & add intros (2164)
 2020-03-10 19:23:09 +00:00
Robert Marsh
ba8ebe9f3a C++: accept test changes 2020-03-10 11:41:59 -07:00
Robert Marsh
bba6b23019 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-03-10 11:12:19 -07:00
Dave Bartolomeo
ef194d3332 C++: Accept test output 2020-03-10 13:49:20 -04:00
Felicity Chapman
a567dba109 Merge pull request #2823 from felicitymay/2166-python-pre-migration-tasks 
CodeQL: Python topics (2166) - WIP
 2020-03-10 17:14:43 +00:00
Felicity Chapman
f1238f1ec9 Update docs/language/learn-ql/python/introduce-libraries-python.rst 2020-03-10 17:11:59 +00:00
Felicity Chapman
9a30df3a6d Merge branch 'rc/1.23' into merge-123-master-2 2020-03-10 17:03:53 +00:00
Erik Krogh Kristensen
13e855910e add more ClientRequest models for JQuery 2020-03-10 17:21:22 +01:00
Jonas Jensen
bf43475ff7 C++: Unroll recursion in inStaticInitializer 
This gets rid of some slow recursive magic.

On Wireshark, this improves the timing of the involved predicates from

    m#Variable::runtimeExprInStaticInitializer#b ..................... 3.1s (executed 86 times)
    Variable::runtimeExprInStaticInitializer#b#antijoin_rhs .......... 1.6s
    Variable::runtimeExprInStaticInitializer#b ....................... 985ms (executed 6 times)
    Variable::runtimeExprInStaticInitializer#b#loop_invariant_prefix . 845ms
    #Expr::Expr::getParent_dispred#fbPlus ............................ 3.6s (executed 86 times)
    #Expr::Expr::getParent_dispred#fbPlus_10#join_rhs ................ 988ms

to

    Variable::runtimeExprInStaticInitializer#f#antijoin_rhs . 1.8s
    Variable::runtimeExprInStaticInitializer#f .............. 1.1s (executed 6 times)
    Variable::inStaticInitializer#f ......................... 3.2s (executed 86 times)
 2020-03-10 17:07:44 +01:00
Jonas Jensen
5e01b4b858 C++: Share the constant initializer detection 
Since this code is shared between the AST CFG and the IR construction,
it seems right to have only one copy. That copy lives on a new class
`StaticStorageDurationVariable`, which may prove useful on its own.
 2020-03-10 17:05:22 +01:00