codeql

mirror of https://github.com/github/codeql.git synced 2026-01-15 15:34:49 +01:00

Author	SHA1	Message	Date
Jonas Jensen	3ce4cff183	Merge pull request #3802 from geoffw0/modeling C++: 'modelling' -> 'modeling'.	2020-06-25 14:07:57 +02:00
Jonas Jensen	f2ef088d4f	Merge pull request #3783 from geoffw0/qldoc2 C++: More QLDoc	2020-06-25 14:06:00 +02:00
Mathias Vorreiter Pedersen	a0bfbda51c	C++: Improve performance by not calling getDef, but instead refer to isDefinitionInexact. This gives roughly the same tuple numbers we had with only instruction nodes.	2020-06-25 13:37:14 +02:00
Dave Bartolomeo	6dc02c719b	C++: Fix typos	2020-06-25 07:19:15 -04:00
Geoffrey White	099e5891ae	C++: 'modelling' -> 'modeling'.	2020-06-25 11:50:43 +01:00
Geoffrey White	f956112042	C++: Autoformat.	2020-06-25 11:48:10 +01:00
Geoffrey White	b515c09946	C++: Autoformat.	2020-06-25 11:46:51 +01:00
Geoffrey White	6201796122	C++: modelling -> modeling Co-authored-by: Jonas Jensen <jbj@github.com>	2020-06-25 11:42:57 +01:00
Geoffrey White	89bea604d9	C++: Fix false positive.	2020-06-25 11:32:25 +01:00
Geoffrey White	720ac026dc	C++: Add false positive.	2020-06-25 11:21:08 +01:00
Geoffrey White	5489bb9946	C++: Autoformat.	2020-06-25 11:13:13 +01:00
Geoffrey White	8f6e56cb41	C++: Suggested change.	2020-06-25 11:13:00 +01:00
Asger Feldthaus	f9b796231b	JS: Add regression tests	2020-06-25 11:10:27 +01:00
Rasmus Wriedt Larsen	22ad8f717f	Python: Remove usage of .getASuccessor() in XSLT.qll	2020-06-25 12:07:45 +02:00
Rasmus Wriedt Larsen	1e5eeb8009	Python: Move lxml.etree library stub to reduce clutter	2020-06-25 12:07:41 +02:00
Esben Sparre Andreasen	4bfce4b8a3	JS: model npmlog (and recognize the "verbose" log level)	2020-06-25 12:06:51 +02:00
semmle-qlci	b24fba8df0	Merge pull request #3734 from dellalibera/loginjection Approved by esbena	2020-06-25 11:06:25 +01:00
Asger Feldthaus	a109c1fc96	JS: Change note	2020-06-25 11:04:08 +01:00
Geoffrey White	edc5d5d128	C++: Add a test of MissingNullTest.	2020-06-25 11:04:06 +01:00
Asger Feldthaus	ea3560fe07	JS: Ignore document.all checks explicitly	2020-06-25 11:03:06 +01:00
Rasmus Wriedt Larsen	3cc566f703	Merge branch 'master' into python-3521-revived	2020-06-25 12:02:21 +02:00
Asger Feldthaus	b867512db4	JS: Update test	2020-06-25 11:01:10 +01:00
Rasmus Wriedt Larsen	e60af68b29	Python: Move lxml.etree library stub (so merge is easy)	2020-06-25 11:54:34 +02:00
Rasmus Wriedt Larsen	994db060c7	Python: Use CWE-091 for XSLT As indicated here https://www.zaproxy.org/docs/alerts/90017/	2020-06-25 11:53:12 +02:00
Calum Grant	4642bb2767	Merge pull request #3774 from hvitved/csharp/tripleticks C#: Enable syntax highlighting in QLDoc snippets	2020-06-25 10:31:50 +01:00
Rasmus Wriedt Larsen	b36c23ef63	Merge pull request #3500 from yoff/UnmatchableDollar Python: Regexp: Handle repetions {n} (with no ,)	2020-06-25 11:26:52 +02:00
Rasmus Wriedt Larsen	0b36cd44b8	Merge pull request #3522 from porcupineyhairs/pythonXpath Python : Add Xpath injection query	2020-06-25 11:21:45 +02:00
Calum Grant	6e3609696a	C#: Address review comments.	2020-06-25 09:59:59 +01:00
Taus Brock-Nannestad	9f06e13313	Python: Fix incomplete renaming in `Thrift.qll`.	2020-06-25 10:48:26 +02:00
Rasmus Lerchedahl Petersen	415e0c4aac	Python: add suggestion for test cases	2020-06-25 10:46:33 +02:00
Erik Krogh Kristensen	2d7feb794f	Refactor Promises.qll to use PreCallGraphStep	2020-06-25 10:41:08 +02:00
Rasmus Lerchedahl Petersen	5973fe8411	Python: scaffold for testing data flow coverage	2020-06-25 10:32:10 +02:00
Tom Hvitved	b8ae4b7f64	C#: Move async data-flow tests from local to global	2020-06-25 10:04:18 +02:00
Tom Hvitved	3f91aa3b55	C#: More data-flow collection tests	2020-06-25 09:48:52 +02:00
Dave Bartolomeo	06a5242d76	Merge pull request #3793 from rdmarsh2/rdmarsh/cpp/ir-range-analysis-experimental C++: move IR range analysis to experimental	2020-06-24 20:51:07 -04:00
Dave Bartolomeo	2685aa4b8b	C++: Use fewer words	2020-06-24 20:42:02 -04:00
Dave Bartolomeo	8b02f121d6	C++: QLDoc for all of `Instruction.qll` I think I've now documented every class and public predicate in `Instruction.qll` I've tried to include detailed semantics of each instruction where appropriate.	2020-06-24 20:29:31 -04:00
Robert Marsh	362fbd12dc	C++: QLDoc for PrintAST.qll	2020-06-24 16:45:20 -07:00
Robert Marsh	39aaccc1ac	C++: Add QLDoc for AST range analysis libraries	2020-06-24 16:29:20 -07:00
Robert Marsh	3e6a19843d	Merge pull request #3727 from jbj/tainted-format-string-high C++: Raise cpp/tainted-format-string* precisions to high	2020-06-24 15:06:13 -07:00
Calum Grant	d32199cccc	C#: QLdoc for CIL instructions.	2020-06-24 22:01:33 +01:00
Calum Grant	262a20cea0	C#: Add qldocs for Concurrency.qll, Documentation.qll, cil.qll and dotnet.qll.	2020-06-24 22:01:33 +01:00
Taus Brock-Nannestad	02363d76c1	Python: Document `Comment.qll`. I didn't do the `toString` methods in this commit. I'm thinking they're better to do in a separate commit. (There are 48 undocumented instances!)	2020-06-24 22:43:59 +02:00
Taus Brock-Nannestad	fe78e68fd0	Python: Document a bunch of `hasLocationInfo` methods. If only we had been _somewhat consistent in how we named the parameters for these...	2020-06-24 22:38:03 +02:00
Rasmus Wriedt Larsen	155bbbdec9	Python: Add annotated call-graph tests See the added README for in-depth details	2020-06-24 22:15:39 +02:00
Taus Brock-Nannestad	682e1b6040	Python: Document `Comparisons.qll`.	2020-06-24 22:13:46 +02:00
Asger F	090a685d86	Merge pull request #3751 from toufik-airane/master [javascript] CWE-347: JWT Missing Secret Or Public Key Verification	2020-06-24 21:09:41 +01:00
Taus Brock-Nannestad	b8e744eade	Python: Document `Class.qll`.	2020-06-24 22:07:47 +02:00
Taus Brock-Nannestad	25122c9fb5	Python: Document (parts of) `ExternalArtifact.qll`. I don't think there's any need to document the parts specific to metrics or defects, as I don't believe these are used anywhere.	2020-06-24 21:53:37 +02:00
Robert Marsh	fb6e578618	C++: move IR range analysis to experimental	2020-06-24 12:50:14 -07:00

... 79 80 81 82 83 ...

17948 Commits