codeql

mirror of https://github.com/github/codeql.git synced 2026-01-13 14:34:45 +01:00

Author	SHA1	Message	Date
Geoffrey White	0281456948	C++: Add a 1.26 change note file (what happened to the templates?)	2020-08-06 19:21:06 +01:00
Geoffrey White	0534c69c76	C++: Autoformat.	2020-08-06 19:11:46 +01:00
Geoffrey White	0b5b7fa095	C++: Fix another edge case.	2020-08-06 19:06:42 +01:00
Geoffrey White	b3f3f6d95a	C++: Fix edge case.	2020-08-06 19:03:43 +01:00
Geoffrey White	cbf30e37ed	C++: Fix the issue.	2020-08-06 18:50:18 +01:00
Geoffrey White	a7564c9e0e	C++: Add a test of unsigned count-down loops.	2020-08-06 18:44:22 +01:00
Arthur Baars	f16c263393	Java: remove security tag from java/integer-multiplication-cast-to-long	2020-08-06 17:42:01 +02:00
Rasmus Lerchedahl Petersen	3db1ceeb70	Python: format ql	2020-08-06 15:42:14 +02:00
Rasmus Lerchedahl Petersen	614103c3b6	Python: Test calls rather than flows	2020-08-06 15:40:41 +02:00
Jonas Jensen	7cc877cbbb	C++: Taint through RangeBasedForStmt (AST only)	2020-08-06 15:37:41 +02:00
Rasmus Lerchedahl Petersen	ce86a8b72e	Python: format ql	2020-08-06 14:42:56 +02:00
Rasmus Lerchedahl Petersen	e77ceaf4b8	Python: Track dictionary keys Also, less hacky comprehension, but I think we still want to fix the extractor	2020-08-06 13:31:54 +02:00
Remco Vermeulen	408db412dc	Add missing predicate qldoc	2020-08-06 13:29:02 +02:00
Remco Vermeulen	5a819422c1	Reuse `Unit` class from `TaintTracking`	2020-08-06 12:02:34 +02:00
Remco Vermeulen	7f7ad88dea	Limit LdapAdditionalTaintStep to Ldap configuration	2020-08-06 11:35:03 +02:00
Anders Schack-Mulligen	205dd1aead	Merge pull request #3881 from intrigus-lgtm/more-pathcreations Java: Centralize and model additional path creations.	2020-08-06 11:21:39 +02:00
luchua-bc	b821f918e5	Address issues with matching empty host and host in a concatenated string	2020-08-06 01:53:29 +00:00
luchua-bc	9a8eed8440	Enhance address match	2020-08-05 19:57:31 +00:00
intrigus	1011325cf7	Accept test changes.	2020-08-05 21:45:41 +02:00
Rasmus Lerchedahl Petersen	7c235597de	Python: More precise dataflow for tuples (and dictionaries, but that is not fleshed out)	2020-08-05 19:22:54 +02:00
Remco Vermeulen	a1411407c1	Consolidate sanitizers into default sanitizer	2020-08-05 17:07:05 +02:00
Remco Vermeulen	0c09d66d43	Consolidate different sinks into a default sink.	2020-08-05 16:53:50 +02:00
Erik Krogh Kristensen	f1dc36244c	update tests and queries that used getId()	2020-08-05 14:32:09 +00:00
James Fletcher	7f8bf21325	Merge pull request #4016 from jf205/learn-codeql/styles CodeQL docs: update CSS and master page template	2020-08-05 14:20:13 +01:00
yoff	e642808a75	Update python/ql/test/experimental/dataflow/coverage/classes.py Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2020-08-05 15:12:27 +02:00
Jonas Jensen	5f635aca36	Merge pull request #3768 from geoffw0/copymove C++: Clean up ConversionConstructor.	2020-08-05 14:35:05 +02:00
Rasmus Lerchedahl Petersen	a89624698d	Python: format ql	2020-08-05 14:28:28 +02:00
Rasmus Lerchedahl Petersen	2639e68a0d	Python: format ql	2020-08-05 14:16:50 +02:00
Rasmus Lerchedahl Petersen	81ad4552c9	Python: full list of magic methods to be tested	2020-08-05 13:30:30 +02:00
Erik Krogh Kristensen	cc5ef4d5e1	rename JsonSerializeCall to JsonStringifyCall	2020-08-05 13:22:41 +02:00
james	364cc19dea	docs: update styles	2020-08-05 11:39:43 +01:00
Erik Krogh Kristensen	b43d410ab1	add change log for JSON serializers	2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen	f70cb2e7b3	add test for new JSON serializers	2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen	5a3f67a682	introduce model for JSON.stringify and similar libraries	2020-08-05 12:14:51 +02:00
Anders Schack-Mulligen	9e78341e43	Merge pull request #3928 from rvermeulen/java-importable-cwe-113 Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library	2020-08-05 10:16:00 +02:00
Erik Krogh Kristensen	67c4320287	make JumpStmt non abstract	2020-08-05 10:03:46 +02:00
Erik Krogh Kristensen	016bdc1614	make ControlStmt non abstract	2020-08-05 09:59:30 +02:00
Anders Schack-Mulligen	32d9d270fc	Merge pull request #3948 from aibaars/java-3941 Java: stack trace exposure: address false positives	2020-08-05 09:31:01 +02:00
Jonas Jensen	ea0896c78b	Merge pull request #3999 from MathiasVP/mathiasvp/range-based-for-loop-taint-tests C++: Add tests for taint through range-based for loops	2020-08-05 09:11:53 +02:00
Raul Garcia (MSFT)	aa27eaf7e0	Addrssing the comments from https://github.com/github/codeql/pull/3951#discussion_r464894547 that I missed previously	2020-08-04 15:50:58 -07:00
Geoffrey White	9f5c37ccaa	Merge branch 'master' into copymove	2020-08-04 15:41:27 +01:00
Erik Krogh Kristensen	5727e6f9f8	make CompoundAssignExpr non-abstract	2020-08-04 16:17:08 +02:00
Erik Krogh Kristensen	cf3f275aa1	make DestructuringPattern non-abstract	2020-08-04 16:02:32 +02:00
Rasmus Lerchedahl Petersen	d7c08f732d	Merge branch 'master' of github.com:github/codeql into SharedDataflow_Classes	2020-08-04 16:01:42 +02:00
Tom Hvitved	63115a36f7	Merge pull request #3994 from hvitved/csharp/dataflow/library-aps-adjust C#: More type-based adjustment of library-flow access paths	2020-08-04 14:33:54 +02:00
Rasmus Lerchedahl Petersen	9312b42e79	Python: More easy-to-get content flow There are some things that should be rewritten, though, but it may involve the extractor	2020-08-04 13:54:50 +02:00
Erik Krogh Kristensen	0867c5567e	rename `getId()` to `getIdentifier()`	2020-08-04 13:22:19 +02:00
Anders Schack-Mulligen	68441bdf99	Merge pull request #3987 from Marcono1234/patch-1 [Java] Improve InsecureJavaMail.qhelp references	2020-08-04 12:12:38 +02:00
Luke Cartey	5a96ee1a7b	Remove parameter names from signatures Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>	2020-08-04 09:41:40 +01:00
Luke Cartey	368572f1f0	Update java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>	2020-08-04 09:40:59 +01:00

... 99 100 101 102 103 ...

19777 Commits