codeql

mirror of https://github.com/github/codeql.git synced 2026-01-13 14:34:45 +01:00

Author	SHA1	Message	Date
Robert Marsh	bc0d21879d	Merge branch 'main' into rdmarsh2/cpp/input-iterators-1 Resolve test conflict	2020-08-21 14:36:27 -07:00
Robert Marsh	141d240813	C++: autoformat	2020-08-21 14:22:44 -07:00
Robert Marsh	4c82753e8d	C++: remove constexpr in stl.h temporarily	2020-08-21 14:22:32 -07:00
Robert Marsh	94d4e05c25	C++: Fix iterator taint flow	2020-08-21 14:04:45 -07:00
Robert Marsh	656340f5c6	C++: more tests for string iterator flow	2020-08-21 13:48:36 -07:00
Erik Krogh Kristensen	db57f3661e	Merge branch 'main' into ts4	2020-08-21 15:08:30 +02:00
Erik Krogh Kristensen	65a1769d43	Merge branch 'main' into asyncCalls	2020-08-21 14:58:27 +02:00
Erik Krogh Kristensen	1b655f9046	use threadsafe cache stored in ExtractorState	2020-08-21 14:45:24 +02:00
Erik Krogh Kristensen	7aca84cd45	search directly for "package.json" instead of iterating through the files in a folder	2020-08-21 14:31:49 +02:00
Erik Krogh Kristensen	3f0f2c796c	pass `extension` instead of `locationManager` to `isAlways*Module`	2020-08-21 14:27:47 +02:00
Erik Krogh Kristensen	bbbb0a2c5e	specialize `module.createRequire` support to ES2015 modules	2020-08-21 14:14:05 +02:00
Calum Grant	a93a84fb2e	Merge pull request #4065 from hvitved/csharp/dataflow-type-restriction C#: Restrict `DataFlowType` to types belonging to `Node`s	2020-08-21 11:57:29 +01:00
yoff	d05954e5cc	Merge pull request #4109 from RasmusWL/python-basic-taint-tracking Python: Basic taint tracking with shared library	2020-08-21 12:20:22 +02:00
Rasmus Lerchedahl Petersen	e1343c7f1e	Python: Support set literals.	2020-08-21 11:15:04 +02:00
Rasmus Lerchedahl Petersen	ccff84d546	Python: Test flow into conprehension	2020-08-21 10:40:22 +02:00
Rasmus Lerchedahl Petersen	f9b1c5e4bd	Python: Fix bug pointed out by reviewer	2020-08-21 10:04:27 +02:00
Erik Krogh Kristensen	e00951edf0	update TypeScript to 4.0.2	2020-08-21 09:50:27 +02:00
yoff	bfd9c0860f	Apply suggestions from code review Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-08-21 09:43:29 +02:00
yoff	8e2b2540fa	Apply suggestions from code review Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-08-21 09:39:00 +02:00
Tom Hvitved	86b91cec8a	Merge pull request #4111 from tamasvajk/feature/nullability-extraction C#: Fix nullability warning in Semmle.Extraction	2020-08-21 09:22:05 +02:00
Tom Hvitved	ea77828a6a	Merge pull request #4116 from hvitved/csharp/print-ast-order-top-level C#: Order top-level elements by location in `PrintAst.qll`	2020-08-21 09:09:20 +02:00
Tom Hvitved	b8cde180b9	C#: Order top-level elements by location in `PrintAst.qll`	2020-08-21 06:17:37 +02:00
CodeQL CI	29183fa0a1	Merge pull request #4067 from erik-krogh/noBin Approved by esbena	2020-08-20 23:07:02 +01:00
CodeQL CI	508ade29f4	Merge pull request #4106 from erik-krogh/depTracked Approved by esbena	2020-08-20 21:23:24 +01:00
Tamas Vajk	9cdee63ed7	C#: Enable nullability checks on Semmle.Extraction.CIL	2020-08-20 16:46:42 +02:00
Tamas Vajk	b9e3b327d6	C#: Fix nullability warning in Semmle.Extraction	2020-08-20 16:33:02 +02:00
Erik Krogh Kristensen	cef681d009	bump extractor version (again)	2020-08-20 15:58:44 +02:00
Erik Krogh Kristensen	68f7942820	Merge branch 'main' into noBin	2020-08-20 15:58:15 +02:00
Jonas Jensen	d56a03389c	Merge pull request #4107 from geoffw0/vecmethods C++: Initial models for std::vector	2020-08-20 15:53:35 +02:00
Anders Schack-Mulligen	bcad18f490	Java: Use the instance argument type in call contexts.	2020-08-20 15:17:04 +02:00
Rasmus Lerchedahl Petersen	94e6fd9199	Python: Convenience methods asVar, asCfgNode, and asExpr	2020-08-20 15:16:23 +02:00
Erik Krogh Kristensen	fa8edeed6a	change StoredXss example to use TypeTracking	2020-08-20 15:05:38 +02:00
Erik Krogh Kristensen	906705f84c	add `SourceNode` example to the `TrackedNode` deprecation description	2020-08-20 15:01:40 +02:00
Rasmus Lerchedahl Petersen	5a734730de	Python: Control flow nodes are dataflow nodes iff they are expression nodes We could refine this later, but it seems to work for now...	2020-08-20 15:00:42 +02:00
Rasmus Wriedt Larsen	7fb8e0e277	Python: Add basic shared taint tracking test	2020-08-20 14:49:17 +02:00
Rasmus Wriedt Larsen	0baac8fd54	Python: Adjust shared taint tracking skeleton So it fits the setup from Java/Go, with AdditionalTaintStep class.	2020-08-20 14:49:09 +02:00
Geoffrey White	3d171f358a	Merge remote-tracking branch 'upstream/main' into vecmethods	2020-08-20 13:29:28 +01:00
Erik Krogh Kristensen	372e1a3d84	support the "type" field on `package.json` files while extracting	2020-08-20 14:26:15 +02:00
Tamás Vajk	2a8ff8785a	C#: Add AST printing (#4038 )	2020-08-20 14:24:43 +02:00
Geoffrey White	258b61c5f8	Update cpp/ql/src/semmle/code/cpp/models/implementations/StdContainer.qll Co-authored-by: Jonas Jensen <jbj@github.com>	2020-08-20 12:53:23 +01:00
Geoffrey White	689c637d48	C++: Rename things.	2020-08-20 12:52:40 +01:00
Anders Schack-Mulligen	ec7a65777b	Merge pull request #3855 from JLLeitschuh/feat/JLL/jOOQ_SQL_injection Add jOOQ methods as SQL Injection Sinks	2020-08-20 13:17:07 +02:00
Erik Krogh Kristensen	bf88c81f78	bump extractor version	2020-08-20 12:57:48 +02:00
Erik Krogh Kristensen	a347569385	inline StandardCharsets.UTF_8	2020-08-20 12:57:05 +02:00
Erik Krogh Kristensen	410ef8fe0e	exit early if the default encoding is not UTF-8	2020-08-20 12:50:43 +02:00
Erik Krogh Kristensen	fe41521e0c	add tutorial for how to get around TrackedNodes deprecation	2020-08-20 12:46:17 +02:00
Geoffrey White	61158e759b	C++: Improve StdContainerConstructor model.	2020-08-20 11:04:59 +01:00
Geoffrey White	acd1437103	C++: Change note.	2020-08-20 10:46:12 +01:00
Geoffrey White	f2ac4fa94a	C++: Autoformat.	2020-08-20 10:44:54 +01:00
Geoffrey White	cda9fd250b	C++: Model vector methods.	2020-08-20 10:30:01 +01:00

... 55 56 57 58 59 ...

17948 Commits