hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 10:24:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,684 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
558beb7255 simplify the output file argument 2020-02-20 10:57:33 +01:00
semmle-qlci
091c6c063c Merge pull request #2856 from esbena/js/fix-RegExp-getPredecessor-getSuccessor 
Approved by max-schaefer
 2020-02-20 09:50:52 +00:00
Erik Krogh Kristensen
a5fdcb67f9 restricts alerts to the first line 2020-02-20 10:43:41 +01:00
Erik Krogh Kristensen
d4e73df92f remove dead predicate 2020-02-20 10:39:16 +01:00
Jonas Jensen
97035aeb63 Merge pull request #2848 from geoffw0/model-sideeffects 
C++: Disambiguate SideEffectFunction QLDoc.
 2020-02-20 10:30:53 +01:00
Erik Krogh Kristensen
56f3e431f9 update expected output 2020-02-20 10:28:53 +01:00
Erik Krogh Kristensen
80962803b0 update doc for VarAccessBarrier, and make the class private 2020-02-20 10:09:32 +01:00
Erik Krogh Kristensen
2d437efdfd corrections on qldoc 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-02-20 09:54:11 +01:00
Robert Marsh
bed6d2b225 Merge branch 'master' into rdmarsh/cpp/malloc-alias-locations 2020-02-19 16:44:13 -08:00
Dave Bartolomeo
4f1a23e248 "Fix" spelling 2020-02-19 15:57:31 -07:00
Dave Bartolomeo
5263222dc2 "Fix" spelling 2020-02-19 15:57:19 -07:00
Robert Marsh
d151c2eeb7 C++: change note for IR-based GVN 2020-02-19 14:39:36 -08:00
Robert Marsh
8ea5739b7a C++: release note for DefaultTaintTracking 2020-02-19 14:32:49 -08:00
Robert Marsh
de66841263 Merge pull request #2873 from geoffw0/fixasttest2 
C++: Fix another test that should be working on the AST dataflow.
 2020-02-19 14:13:44 -08:00
Robert Marsh
82f2540dde Merge pull request #2871 from geoffw0/fixasttest 
C++: Fix a test that should be working on the AST dataflow.
 2020-02-19 10:55:13 -08:00
Alistair Christie
eb2fdda6aa C# pre-migration changes: titles & intros 2020-02-19 17:18:29 +00:00
Asger Feldthaus
479770dc07 JS: Recognize class members in more cases 2020-02-19 17:04:41 +00:00
Shati Patel
2aed6fb971 Merge pull request #2878 from jf205/monotonic-aggregates-123 
QL handbook: updates for rc/1.23
 2020-02-19 16:55:11 +00:00
Shati Patel
38be2672a2 Merge pull request #2877 from jf205/123-mergeback 
Merge some rc/1.23 documentation changes into master
 2020-02-19 16:47:22 +00:00
james
fc3d30c10b docs: technical feedback 
(cherry picked from commit d5ff8f2b8e)
 2020-02-19 16:45:48 +00:00
james
100a603a86 docs: expand handbook entry on monotonic aggregates 
(cherry picked from commit b32683fc9f)
 2020-02-19 16:45:48 +00:00
Felicity Chapman
1da1d92170 Update intro for library overview topic 
Based on suggestions from James and Shati
 2020-02-19 16:39:29 +00:00
james
6467fa5272 Merge branch 'rc/1.23' into 123-mergeback 2020-02-19 16:36:39 +00:00
Felicity Chapman
552d2edb5b Correction one more mention of tutorials 2020-02-19 16:35:59 +00:00
Felicity Chapman
f8c876176a Apply suggestions from code review 
Many thanks for the review suggestions.

Co-Authored-By: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-02-19 16:31:15 +00:00
Shati Patel
c5d8aac2ce Merge pull request #2876 from jf205/advanced-ql-123 
docs: continue reorganizing 'Advanced QL' (rc/1.23)
 2020-02-19 16:29:57 +00:00
Anders Schack-Mulligen
91166431d2 Java/C++/C#: s/Callable/DataFlowCallable/ 2020-02-19 17:23:01 +01:00
james
2bc5d11610 docs: delete advanced-ql section 2020-02-19 16:20:09 +00:00
james
1f84722d2f docs: delete constraining-types.rst 
(cherry picked from commit 142106bc99)
 2020-02-19 16:12:07 +00:00
james
afbb70af47 docs: remove advanced ql topic about determining specific types 
(cherry picked from commit 3d90f6fe71)
 2020-02-19 16:12:07 +00:00
james
30913c9e7c docs: add info about using getAQlClass() 
(cherry picked from commit 3fb3b9b54a)
 2020-02-19 16:12:06 +00:00
Erik Krogh Kristensen
bdab9ee12b change useless cat query to only flag instances that can be re-written to 2020-02-19 16:59:28 +01:00
Jonas Jensen
1d2d8729b8 Merge pull request #2839 from MathiasVP/sync-ir-valuenumbering-internals 
C++/C#: Fix sync config file for value numbering sharing
 2020-02-19 16:57:16 +01:00
Rasmus Wriedt Larsen
fd270cc02c Python: Add basic taint support for urlsplit/urlparse 2020-02-19 16:31:10 +01:00
Rasmus Wriedt Larsen
4f3149d865 Python: Fix error after merge conflict 2020-02-19 16:27:31 +01:00
Rasmus Wriedt Larsen
74345b1c05 Python: Make library-tests/taint/strings tests more transparent 
Following the setup I invented for library-tests/taint/unpacking.

TestStep is still a bit annoying, since the output is not easy to eyeball; but
for now I guess we can live with it :)

I honestly didn't get the point of DistinctStringKinds.ql, other than showing we
can handle multiple taint kinds
 2020-02-19 16:24:22 +01:00
Rasmus Wriedt Larsen
e4b83855d9 Python: Autoformat security/strings/External.qll 2020-02-19 16:24:13 +01:00
Tom Hvitved
ddf6b4a342 Merge pull request #2862 from calumgrant/cs/project-rids 
C#: Add runtime identifiers to project files
 2020-02-19 16:11:10 +01:00
Geoffrey White
89bbb975f9 C++: Effects on tests. 2020-02-19 14:52:49 +00:00
Geoffrey White
4e2a45cd3e C++: Correct SideEffectFunction model for PureStrFunction. 2020-02-19 14:38:43 +00:00
Geoffrey White
22cba0f26e C++: Delete TODO. 2020-02-19 14:38:43 +00:00
Geoffrey White
5f7085937e C++: Improve the SideEffect library QLDoc. 2020-02-19 14:38:43 +00:00
Geoffrey White
c014ca6ed7 C++: Rename some tests for clarity / less emphasis on the AST. 2020-02-19 14:33:57 +00:00
Geoffrey White
3e49e12126 C++ Repair GlobalValueNumbering (AST) test. 2020-02-19 14:28:46 +00:00
Anders Schack-Mulligen
c6016bb08c Java/C++/C#: Improve join-order in pathStep predicate 2020-02-19 14:47:39 +01:00
Rasmus Wriedt Larsen
e7fdfd3d3e Python: Move subprocess.call so super-class detection works 
This is a temporary fix!

Added minimal working example (MWE) as a regression, so it's easier to fix the
real problem.

only Python 3 is facing the problem -- and without --max-import-depth=1 the test
times out at 10 minutes :O
 2020-02-19 14:12:22 +01:00
Rasmus Wriedt Larsen
d7b803a859 Python: Fix modernisation of py/iteration-string-and-sequence 
Introduced a regression, since the old code was:

```
predicate is_a_string_type(ClassObject seqtype) {
    seqtype = theBytesType() and major_version() = 2
    or
    seqtype = theUnicodeType()
}
```

but *now* we're good!
 2020-02-19 14:12:22 +01:00
Rasmus Wriedt Larsen
0509228296 Python: Make ModelUsage test language agnostic 2020-02-19 14:12:22 +01:00
Rasmus Wriedt Larsen
87eff7f062 Python: More iterator => iterable renaming 2020-02-19 14:12:22 +01:00
Rasmus Wriedt Larsen
82b29b5698 Python: Recognize shebangs in module usage detection 2020-02-19 14:12:22 +01:00