hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 15:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
544b3d9631 JS: Change note 2020-12-07 10:16:38 +00:00
Asger Feldthaus
e42ca881a3 JS: Update security suite after move to CWE-915 2020-12-07 10:16:38 +00:00
Asger Feldthaus
ca38a1c8b9 JS: Update CWE tags 2020-12-07 10:16:38 +00:00
Asger Feldthaus
25161ed338 JS: Move all prototype pollution queries to CWE-915 2020-12-07 10:16:38 +00:00
Asger Feldthaus
877b4b0752 JS: Move and rename other prototype pollution queries 2020-12-07 10:16:38 +00:00
Asger Feldthaus
972c4d61e5 JS: Add PrototypePollutingAssignment 2020-12-07 10:16:38 +00:00
Asger Feldthaus
ef52c46aed JS: Add spread step in TaintedObject 2020-12-07 10:16:37 +00:00
Sauyon Lee
b5ec26d935 Merge pull request #4744 from github/sauyon/html-refactor 
JavaScript: Factor out HTML extractor
 2020-12-07 02:06:42 -08:00
Sauyon Lee
17e450f227 JavaScript: Factor out HTML extractor 2020-12-06 05:04:10 -08:00
Tom Hvitved
3531dde032 C#: Simplify FinallySplit::toString() 2020-12-05 20:16:11 +01:00
Tom Hvitved
2f1057383e C#: Add missing CFG edges for nested finally blocks 2020-12-05 20:12:11 +01:00
Geoffrey White
998eaf90ee C++: Run through updated autoformat. 2020-12-04 18:53:24 +00:00
James Fletcher
45a4d5beb9 Update docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-go-programs.rst 2020-12-04 17:15:51 +00:00
james
d0a2582673 remove mention of odasa from javascript article 2020-12-04 17:15:51 +00:00
james
d19d23cc5e typo on landing page 2020-12-04 17:15:51 +00:00
james
f3642fcec2 fix indentation in cpp table 2020-12-04 17:15:51 +00:00
James Fletcher
1486aef5e1 Update docs/codeql/_templates/layout.html 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-12-04 17:15:50 +00:00
james
0316c673f8 add docs landing page to sphinx project 2020-12-04 17:09:21 +00:00
james
ac2d621558 update search settings in docs template 2020-12-04 17:08:26 +00:00
james
18fc33c78c update links to codeql cli manual 2020-12-04 17:08:26 +00:00
james
f659e6c9df fix table in go article 2020-12-04 17:08:26 +00:00
james
e346b479d2 update links in banner 2020-12-04 17:08:26 +00:00
james
5d717a53fa fix some table formatting and update some links 2020-12-04 17:08:26 +00:00
james
b62d01a74f update links to query help and libraries landing pages 2020-12-04 17:08:26 +00:00
james
8c4c6501ee update links to standard library reference pages 2020-12-04 17:08:26 +00:00
Jonas Jensen
bc340e210b Merge pull request #4745 from ihsinme/main 
CPP: Add query for CWE-191 into experimental this reveals a dangerous comparison
 2020-12-04 18:00:41 +01:00
yo-h
54d7cac46d Merge pull request #4718 from aschackmull/java/cleanup-deprecated 
Java: Remove some deprecated classes.
 2020-12-04 11:17:14 -05:00
yo-h
a5393b4661 Merge pull request #4746 from aschackmull/java/ssa-perf 
Java: Improve performance of SSA.
 2020-12-04 11:16:39 -05:00
Tom Hvitved
5d73566859 C#: Add tests for PersistentCookie.ql 2020-12-04 17:14:00 +01:00
Tamás Vajk
4226467556 Merge pull request #4678 from tamasvajk/feature/external-api-untrusted-data 
C#: Add queries to check untrusted data flow to external APIs
 2020-12-04 15:03:09 +01:00
Rasmus Wriedt Larsen
608ce50399 Python: Expose HTTP verbs in HTTP concept 
Let's discuss whether doing it this way is reasonable, since I'm not 100% sure
whether this fits into "concepts" or not.
 2020-12-04 14:04:56 +01:00
Rasmus Wriedt Larsen
c7ab78f8c2 Python: Add modeling of django class based view handlers 
BUT, since MyCustomViewBaseClass.post (django-v2-v3/testapp/views.py) and
Foo.post (django-v2-v3/routing_test.py) aren't handled, this raises important
question about how to do MRO without points-to :S
 2020-12-04 14:03:59 +01:00
Cornelius Riemenschneider
2ea9b4a62b Merge pull request #4719 from geoffw0/issue84 
C++: Create tests readme.
 2020-12-04 13:49:56 +01:00
Tamas Vajk
aa3ae0f567 Remove calls to deprecated predicates 2020-12-04 13:28:14 +01:00
Jonas Jensen
9cf318b72c C++: Autoformat the new query 
Tweak whitespace, also in the alert message.
 2020-12-04 13:27:07 +01:00
Rasmus Wriedt Larsen
4ead118a31 Python: Add class based route handler in django tests 
Disabled CSRF middleware for now, since it blocked my debugging curl POST requests :(
 2020-12-04 13:27:01 +01:00
Tamas Vajk
d55fbc8a05 Add test cases for safe API calls 2020-12-04 13:26:53 +01:00
Tamas Vajk
24670160c2 Address code review findings 2020-12-04 13:26:53 +01:00
Tamas Vajk
cd5c1f06ee C#: Add queries to check untrusted data flow to external APIs 2020-12-04 13:26:53 +01:00
Tom Hvitved
9afce31e92 C#: Add one more CFG test for nested finally blocks 2020-12-04 13:26:00 +01:00
Jonas Jensen
bf88df8134 C++: CRLF -> LF line endings 2020-12-04 13:25:32 +01:00
Tom Hvitved
37f32f4014 C#: Improve join-order in DefaultToString.qll 2020-12-04 13:05:53 +01:00
Rasmus Wriedt Larsen
ffdbecfbb7 Python: Simplify getARouteHandler for Django 2020-12-04 11:29:52 +01:00
CodeQL CI
0f5f0ed99e Merge pull request #4776 from asgerf/js/electron-openshell 
Approved by erik-krogh
 2020-12-04 09:12:44 +00:00
Asger F
22dbaf28ab Merge pull request #4709 from asgerf/js/typescript-4.1 
JS: Support for TypeScript 4.1
 2020-12-04 09:10:14 +00:00
Asger Feldthaus
f0516dd9e0 JS: Address review comments 2020-12-04 09:07:44 +00:00
Jonas Jensen
b4be72268d Merge pull request #4722 from rdmarsh2/rdmarsh2/cpp/range-analysis-overflow-perf 
C++: Filter out lower bounds on overflowing exprs
 2020-12-04 08:29:21 +01:00
ihsinme
69ed608a11 Update UnsignedDifferenceExpressionComparedZero.ql 2020-12-04 09:47:11 +03:00
Robert Marsh
b45f7846db C++: autoformat 2020-12-03 15:48:42 -08:00
Erik Krogh Kristensen
cc98c41dd6 revert marking repetitions with possibly empty body as forks 2020-12-03 20:08:07 +01:00