hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-31 16:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
a9ea63b976 Update java/change-notes/2020-10-27-insecure-bean-validation.md 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-10-27 21:10:46 +01:00
Tom Hvitved
de4ed59f62 C#: Simplify toString() for CIL entities 2020-10-27 20:58:40 +01:00
Alvaro Muñoz
1fdf0556d2 more fixes to make qlhelp linter happy 2020-10-27 17:05:00 +01:00
Alvaro Muñoz
aa981caea5 more fixes to make qlhelp linter happy 2020-10-27 16:32:13 +01:00
Alvaro Muñoz
8974f252ac fix format and qlhelp errors blocking the merge 2020-10-27 16:19:39 +01:00
Alvaro Muñoz
11e57bd2f8 add change note for new Insecure Bean Validation query 2020-10-27 16:11:51 +01:00
Alvaro Muñoz
3378dd526e remove compiled classes from stubs 2020-10-27 15:56:26 +01:00
Alvaro Muñoz
99044fc6ab remove experimental query forr bean validation 2020-10-27 15:55:19 +01:00
Alvaro Muñoz
40a2007497 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-27 15:52:25 +01:00
Alvaro Muñoz
8b5aed2fe1 move md links to <a> 2020-10-27 15:52:25 +01:00
Alvaro Muñoz
8904411fe6 address review comments 2020-10-27 15:52:24 +01:00
Alvaro Muñoz
debfc686d1 Insecure Bean Validation query 2020-10-27 15:52:24 +01:00
Alvaro Muñoz
7d7933a054 move query out of experimental 2020-10-27 15:52:20 +01:00
Alvaro Muñoz
d990f7a470 move md links to <a> 2020-10-27 15:51:40 +01:00
Alvaro Muñoz
65d01f5c9e address review comments 2020-10-27 15:51:36 +01:00
Alvaro Muñoz
f85778e9c7 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
6ca28a8bc6 move md links to <a> 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
27bd9044e7 address review comments 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
73fc9fda77 Insecure Bean Validation query 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
a36970f306 Add beanValidation remote source 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
3dcd8acf97 add expected results 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
671ea2f6c6 add test and stubs 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
a274a1516a move source to FlowSources.qll 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
2bab9d22e9 move query out of experimental 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
df4164f2c0 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
c1decf4d0d move md links to <a> 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
0bf3895327 address review comments 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
3b23cd5be3 Insecure Bean Validation query 2020-10-27 15:47:54 +01:00
Tom Hvitved
090ea01249 C#: Fix bad join-order in System.Tuple flow-summaries 2020-10-27 14:51:11 +01:00
Geoffrey White
c8783b5ea3 Revert "C++: Create a module for models of things in Std." 
This reverts commit ddc5150080.
 2020-10-27 13:31:16 +00:00
Alvaro Muñoz
a4a91eb1d2 new deserialization sink 2020-10-27 14:24:17 +01:00
Chris Smowton
3f298f3dc8 Add basic tests for Android intents as flow sources 2020-10-27 12:03:05 +00:00
Chris Smowton
54c1480fd6 Replace explicit extra step with TaintPreservingCallable 2020-10-27 12:02:29 +00:00
Chris Smowton
60e8910330 Follow taint across getExtras without qualifier 2020-10-27 12:01:30 +00:00
Rasmus Lerchedahl Petersen
164acf4055 Python: test that aliasing is not a problem 2020-10-27 11:25:58 +01:00
Geoffrey White
0b35b34288 C++: Add pointer tests. 2020-10-27 09:47:10 +00:00
Tom Hvitved
03a36760b8 C#: Add data-flow test for ConfigureAwait() 2020-10-27 10:23:39 +01:00
Tamas Vajk
342a711296 C#: Add flow summary for 'Task.ConfigureAwait()' 2020-10-27 10:23:39 +01:00
Asger Feldthaus
7345df63c0 JS: Include DataFlow::AdditionalFlowStep in TaintSteps metric 2020-10-27 08:41:50 +00:00
Jonas Jensen
8f6dbe982e Merge pull request #4468 from github/rdmarsh2/cpp/output-iterators-2 
C++: flow through output iterators with user-defined operator= and operator*
 2020-10-27 08:36:14 +01:00
Rasmus Lerchedahl Petersen
2baed20067 Python: Test false negative from review 2020-10-27 08:30:16 +01:00
Rasmus Lerchedahl Petersen
b6313dddb9 Python: Add concept tests 2020-10-27 08:26:00 +01:00
Jonas Jensen
45cd47ea77 Merge pull request #4535 from criemen/jump-to-def 
C++: Extend jump-to-def support to template instantiations.
 2020-10-27 08:16:57 +01:00
Rasmus Lerchedahl Petersen
8350d64763 Python: Add concept test definitions 2020-10-27 08:00:53 +01:00
Erik Krogh Kristensen
33465dbe6b refactor parameterPropRead and reachesReturn to get a slight performance improvement 2020-10-26 16:49:49 +01:00
Geoffrey White
12233e5874 Merge pull request #4533 from MathiasVP/mathiasvp/fix-broken-qhelp 
C++: Fix broken qhelp links
 2020-10-26 14:40:52 +00:00
Mathias Vorreiter Pedersen
9db66a1b94 Delete the msdn reference in NestedLoopSameVar 
It was a Visual Basic reference anyway, and it doesn't seem to provide more information than the link we have already.
 2020-10-26 15:27:24 +01:00
Rasmus Lerchedahl Petersen
601a803ee2 Python: DataFlow/TaintTrackin 3/4 2020-10-26 14:42:18 +01:00
Cornelius Riemenschneider
1b88ca1e81 C++: Simplify code, add comment explaining the logic. 2020-10-26 14:39:12 +01:00
Cornelius Riemenschneider
447ba205b4 C++: Move Conversions in PrintAST to the side. 2020-10-26 13:49:02 +01:00