hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 03:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,685 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
0c0073fb02 Merge pull request #2582 from asger-semmle/spurious-css-import 
Approved by max-schaefer
 2020-01-06 14:00:08 +00:00
semmle-qlci
7e9b5b1036 Merge pull request #2590 from asger-semmle/ts-install-deps-unverbose 
Approved by max-schaefer
 2020-01-06 13:57:43 +00:00
Asger F
9928762769 JS: Add RegExpAlwaysMatches query 2020-01-06 13:48:02 +00:00
Mathias Vorreiter Pedersen
9ed1510a8c C++: Improved query precision using SimpleRangeAnalysis 2020-01-06 14:16:52 +01:00
semmle-qlci
39531c6516 Merge pull request #2574 from max-schaefer/js/fix-17 
Approved by erik-krogh
 2020-01-06 12:43:56 +00:00
Taus Brock-Nannestad
851d692996 Python: Remove manual TC from ssaShortCut. 
This caused a massive slowdown on certain snapshots.
 2020-01-06 13:40:52 +01:00
Rasmus Wriedt Larsen
5d01cb7c28 Python: Fix bad QL-rewriting 
Original code:

exists(Expr e, For forloop | forloop = loop and e.pointsTo(_, _, capturing) |
    not loop.contains(e)
)

The new version will preserve the same semantics. The problem with the first
rewrite was that `not loop.(For).somethingMore` would hold for any AstNode that
was not a For
 2020-01-06 13:30:37 +01:00
Asger F
79f8d02019 JS: Add change note 2020-01-06 11:38:13 +00:00
Asger F
4d25bfc038 JS: Fix copy pasta 2020-01-06 11:37:21 +00:00
Asger F
142c83f38f JS: Add negative dominance test 2020-01-06 11:37:21 +00:00
Asger F
aa6572b5c8 JS: Sanitize phi edges from barrier guards 2020-01-06 11:37:21 +00:00
Asger F
0b04f0d8f7 JS: Add test case for phi input 2020-01-06 11:37:20 +00:00
Max Schaefer
9391d36699 JavaScript: Teach extractor to tolerate assignment patterns in AST. 
Our database representation of ASTs does not use assignment patterns, instead encoding the relevant information directly in the associated function/loop/assignment. We convert from an AST with assignment patterns to one without during parsing, so the extractor does not expect any assignment patterns to be present in the AST.

Due to a bug in the parser, this can currently happen for malformed programs. While we should fix that bug once it gets fixed in Acorn, it also makes sense for the extractor to be more robust, so this PR teaches the `ASTExtractor` pass to raise a parse error when it encounters an assignment pattern, and all other passes to simply ignore them.
 2020-01-06 11:31:36 +00:00
Asger F
a3481b3713 TS: Do not pass --verbose to yarn 2020-01-06 11:18:58 +00:00
semmle-qlci
48deb30756 Merge pull request #2573 from max-schaefer/js/generalise-alert-suppression 
Approved by asgerf
 2020-01-06 10:43:17 +00:00
Rasmus Wriedt Larsen
9b0b0c338f Python: Cleanup overrides tests 2020-01-06 10:55:37 +01:00
Mathias Vorreiter Pedersen
7b5dd56009 C++: Added .stats file 2020-01-06 09:45:58 +01:00
semmle-qlci
5dcc5b3b1e Merge pull request #2581 from erik-krogh/FlowUselessExpr 
Approved by max-schaefer
 2020-01-06 08:33:36 +00:00
Esben Sparre Andreasen
9279bfc8a2 JS: add test case for arrow functions with duplicate parameter names 2020-01-06 09:21:36 +01:00
Esben Sparre Andreasen
96748ca32e JS: sharpen js/duplicate-parameter-name 2020-01-06 08:51:00 +01:00
Esben Sparre Andreasen
5718fbd98a JS: update test 2020-01-06 08:33:38 +01:00
Grzegorz Golawski
4ce25c045d Simplify the query 2020-01-05 22:05:00 +01:00
Grzegorz Golawski
ab49397bb8 Add check for disabled CSRF protection in Spring 2020-01-03 21:52:50 +01:00
Calum Grant
41b4d70504 C#: Refactor, improve documentation and add tests for cs/serialization-check-bypass 2020-01-03 18:46:39 +00:00
shati-patel
9b9d7121e8 Merge pull request #2583 from jf205/advanced-ql 
CodeQL documentation: reorganize 'Advanced QL' topics
 2020-01-03 16:02:28 +00:00
James Fletcher
47f61f3569 Update docs/language/learn-ql/writing-queries/debugging-queries.rst 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2020-01-03 15:55:14 +00:00
james
537739c42d docs: address review comments 2020-01-03 15:31:31 +00:00
Anders Schack-Mulligen
e74aa33f9d Java: Include non-null final fields in clearlyNotNull. 2020-01-03 16:24:54 +01:00
Asger F
503bcdc5d7 JS: Dont capitalize Promise in prose 2020-01-03 14:16:31 +00:00
Asger F
3c601fce74 Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-03 14:15:52 +00:00
Asger F
30a8769dad JS: Add more bad promise contexts 2020-01-03 14:12:55 +00:00
Mathias Vorreiter Pedersen
e926966e73 C++: Added more tests 2020-01-03 14:08:12 +01:00
Mathias Vorreiter Pedersen
cea78879b2 C++: Rename variables in tests to reflect their types 2020-01-03 14:07:19 +01:00
semmle-qlci
dc7863ce29 Merge pull request #2579 from asger-semmle/typescript-trace-resolution 
Approved by max-schaefer
 2020-01-03 12:57:43 +00:00
Jonathan Leitschuh
0e2c5db7b1 Netty Response Splitting use CompileTimeConstantExpr 
Co-Authored-By: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-01-03 07:51:55 -05:00
james
23d1e06aa4 docs: move abstract classes topic to handbook 2020-01-03 12:07:01 +00:00
james
e8016a2303 docs: delete equivalence topic 2020-01-03 12:07:01 +00:00
james
fe18c18619 docs: move folding predicates topic 2020-01-03 12:06:55 +00:00
Asger F
4772798d7b JS: do not resolve arbitrary extensions to JavaScript files 2020-01-03 11:37:51 +00:00
Asger F
c5f73cb868 JS: Add test showing spurious .css import 2020-01-03 10:59:10 +00:00
semmle-qlci
29be46169a Merge pull request #2576 from asger-semmle/typescript-cyclic-prop-fallthroughnode 
Approved by max-schaefer
 2020-01-03 10:50:05 +00:00
Asger F
f31d47c66e TS: explain test case 2020-01-03 10:48:15 +00:00
Asger F
36546ce7fe TS: Print warning when bailing out of symbol type 2020-01-03 10:45:18 +00:00
Erik Krogh Kristensen
c22d3d0b3a add test for block-level flow type annotations 2020-01-03 11:07:35 +01:00
semmle-qlci
06d812a6ff Merge pull request #2556 from erik-krogh/RegexpVoidCxt 
Approved by max-schaefer
 2020-01-03 08:38:56 +00:00
Asger F
3a4771c29c TS: Wrap getTypeOfSymbolAtLocation in try/catch 2020-01-02 16:55:17 +00:00
Asger F
202746e92d TS: Guard getTypeAtLocation with try/catch 2020-01-02 16:31:23 +00:00
Asger F
0388e9ca0c TS: Add regression test 2020-01-02 16:28:49 +00:00
shati-patel
564013d188 Merge pull request #2578 from jf205/ql-spec-fixes 
QL spec: fix bullet list in 'Aggregations' section
 2020-01-02 15:55:49 +00:00
james
618a3f91d8 docs: fix list 2020-01-02 15:48:57 +00:00