hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 05:42:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,685 Branches 159 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
0e64c84f7e Merge pull request #1656 from asger-semmle/rephrase-useless-def 
Approved by xiemaisi
 2019-07-31 09:55:38 +01:00
semmle-qlci
cff826221c Merge pull request #1655 from asger-semmle/hardcoded-creds-fp 
Approved by xiemaisi
 2019-07-31 09:55:16 +01:00
james
dc2d66c334 docs: gitignore rst vscode settings 2019-07-31 09:51:47 +01:00
Esben Sparre Andreasen
bf4a324a86 JS: add query js/indirect-command-line-injection 2019-07-31 09:24:25 +02:00
Asger F
7a27ccdaf3 JS: Move a comment 2019-07-31 08:19:26 +01:00
james
e69ba84e65 docs: gitignore .pyc files generated during sphinx-build 2019-07-31 06:38:49 +01:00
Dave Bartolomeo
972f0d97d3 C++: Stop generating NoOp instructions for declarations of externs 
Previously, where we had a function-scoped `DeclarationEntry` for an extern variable or function, we would generate a `NoOp` instruction for it. There's nothing wrong with this by itself, although it was unnecessary. However, I've hit an extractor issue (Jira ticket already opened) that commonly causes multiple `DeclStmt`s to share a single `DeclarationEntry` child on extern declarations, so removing the `NoOp` instructions is an easy way to work around the extractor issue.
 2019-07-30 16:49:24 -07:00
Ziemowit Laski
78ebdad1ea Add a __builtin_va_list type, to complement __builtin_va_* 
expressions.
 2019-07-30 16:36:37 -07:00
Ziemowit Laski
2a12bf8e62 [CPP-387] Add placeholder for declarations. 2019-07-30 15:55:04 -07:00
Ian Lynagh
8d8a2201b7 C++: Accept changes to getValueText 2019-07-30 23:24:52 +01:00
semmle-qlci
07fa55f331 Merge pull request #1647 from zlaski-semmle/zlaski/builtin-types-compatible-p 
Approved by dave-bartolomeo
 2019-07-30 20:43:39 +01:00
Ziemowit Laski
49adba0b51 [CPP-387] Create a new PR against new location of introduce-libraries-cpp.rst. 2019-07-30 12:32:01 -07:00
zlaski-semmle
075e4ab159 Update cpp/ql/src/semmle/code/cpp/exprs/BuiltInOperations.qll 
Co-Authored-By: Dave Bartolomeo <42150477+dave-bartolomeo@users.noreply.github.com>
 2019-07-30 11:39:42 -07:00
Nick Rolfe
9e8e63038f Merge pull request #1649 from ian-semmle/constexpr_if 
C++: Add 'constexpr if' support
 2019-07-30 18:45:08 +01:00
Asger F
eafd46221b JS: Add data flow cheat sheet 2019-07-30 18:11:32 +01:00
Asger F
ea563f8b97 JS: Rephrase dead store of local at declaration site 2019-07-30 18:02:27 +01:00
Asger F
378b0bfb74 JS: Do not treat the empty string as a credential 2019-07-30 17:29:12 +01:00
Felicity Chapman
2f9a3eb6fd Update the Spelling whitelist 2019-07-30 17:15:19 +01:00
Felicity Chapman
6ae842cec0 Update QL handbook issues highlighted by Vale 2019-07-30 17:11:34 +01:00
jf205
6d10731b8f Merge pull request #1653 from felicity-semmle/learn-ql/SD-3690-vale-corrections 
Learn QL: corrections for issues found using Vale
 2019-07-30 16:43:40 +01:00
Max Schaefer
3e6629d007 JavaScript: Deprecate multi-argument isBarrier and isSanitizer predicates. 
We informally deprecated them in 1.21, this commit deprecates them properly and removes support from the implementation. The predicates themselves will be removed in a future release.
 2019-07-30 16:32:08 +01:00
Max Schaefer
ad5194e8c1 JavaScript: Add tutorial on flow labels. 2019-07-30 16:31:12 +01:00
Felicity Chapman
2060fdc581 Update whitelist for Headings and Spelling rules 2019-07-30 16:29:05 +01:00
Felicity Chapman
91101632ad Update learning QL topics for issues found by Vale 2019-07-30 16:27:53 +01:00
Felicity Chapman
bf0201a36e Merge pull request #1641 from jf205/move-ql-docs 
Docs: add QL language documentation to `semmle/ql` repo
 2019-07-30 15:59:21 +01:00
Ian Lynagh
96a21238d1 C++: Add an upgrade script 2019-07-30 14:07:35 +01:00
Ian Lynagh
5d9d289eb7 C++: Add stats for 'constexpr if' 2019-07-30 14:07:35 +01:00
Ian Lynagh
6cce7ef2b7 C++: Add CFG test for constexpr_if 2019-07-30 14:07:35 +01:00
Ian Lynagh
7c763cc3bd C++: Add a test for constexpr if 2019-07-30 14:07:35 +01:00
Ian Lynagh
f705c25c74 C++: Add support for constexpr if 2019-07-30 14:07:35 +01:00
semmle-qlci
9f97165e7b Merge pull request #1650 from xiemaisi/js/fix-semantic-merge-conflict 
Approved by asger-semmle
 2019-07-30 14:02:59 +01:00
Max Schaefer
7b3c835bc6 JavaScript: Fix semantic merge conflict. 
https://github.com/Semmle/ql/pull/1621 vs https://github.com/Semmle/ql/pull/1613
 2019-07-30 12:34:30 +01:00
semmle-qlci
0f9a286284 Merge pull request #1621 from asger-semmle/no-recursive-import 
Approved by xiemaisi
 2019-07-30 11:25:11 +01:00
semmle-qlci
d63e53f3a4 Merge pull request #1628 from asger-semmle/self-globalobj 
Approved by xiemaisi
 2019-07-30 11:23:54 +01:00
yh-semmle
37395877a7 Merge pull request #1633 from aschackmull/java/taint-string-concat 
Java: Add taint step for String::concat.
 2019-07-30 00:21:52 -04:00
Ziemowit Laski
2abf7681e0 Point the old BuiltInOperationBuiltInTypes at our new BuiltInOperationBuiltInTypesCompatibleP, 
for backward compatibility.
 2019-07-29 19:43:18 -07:00
Tom Hvitved
5c127ef20d C#: Fix false positives in cs/unchecked-return-value 2019-07-29 17:32:21 -07:00
Ziemowit Laski
889408be8f Add test case. 2019-07-29 17:17:42 -07:00
Ziemowit Laski
80ca950ae7 Change __builtin_types to __builtin_types_compatible_p 2019-07-29 15:41:41 -07:00
Tom Hvitved
b6f3f7866b C#: Add more tests for cs/unchecked-return-value 2019-07-29 15:40:22 -07:00
Robert Marsh
6bd22b01b3 Merge pull request #1607 from dave-bartolomeo/dave/CrossLanguageIR 
C++: Start preparing IR for supporting multiple languages
 2019-07-29 12:34:21 -07:00
semmle-qlci
5125a41345 Merge pull request #1645 from Semmle/js/fix-missing-regexp-anchor-qhelp 
Approved by asger-semmle
 2019-07-29 16:46:36 +01:00
Mark Shannon
6b2938a387 Python: Extends new Value API a bit to support callable subclasses and sequences. 2019-07-29 16:25:31 +01:00
Tom Hvitved
902825f8ac Merge pull request #1564 from calumgrant/cs/no-logger-writethrough 
C#: Disable logger AutoFlush
 2019-07-29 15:20:00 +00:00
Max Schaefer
d3016593e4 JavaScript: Remove extra backslashes in MissingRegExpAnchor.qhelp. 2019-07-29 15:23:09 +01:00
semmle-qlci
3dfc697585 Merge pull request #1642 from xiemaisi/json_locations 
Approved by asger-semmle
 2019-07-29 14:55:33 +01:00
semmle-qlci
904c94ec9e Merge pull request #1644 from xiemaisi/js/more-examples 
Approved by asger-semmle
 2019-07-29 14:36:20 +01:00
Max Schaefer
d282ba04ae JavaScript: Add concrete syntax examples to JSDoc, RegExp, Tokens, Variables and XML. 2019-07-29 12:17:25 +01:00
Nick Rolfe
54b30f5cb9 Merge pull request #1611 from ian-semmle/lambda 
C++: Follow changes to how lambdas are extracted
 2019-07-29 10:52:50 +01:00
Max Schaefer
fcf35dc3c2 JavaScript: Add configuration-file snippet to dbscheme. 2019-07-29 10:46:56 +01:00