codeql

mirror of https://github.com/github/codeql.git synced 2026-01-25 04:12:58 +01:00

Author	SHA1	Message	Date
james	6f9d4c8562	docs: remove VA section from writing-queries.rst	2019-09-05 12:33:49 +01:00
james	49955c56be	docs: rework ql-training.rst	2019-09-05 12:33:42 +01:00
james	593818b71a	docs: reorganize and add some ref bookmarks to learn-ql index	2019-09-05 12:33:33 +01:00
Taus Brock-Nannestad	2d45c23d19	Comment out diverging example for now. Otherwise it'll keep timing out until the fix has been pushed to LGTM.com	2019-09-05 13:18:01 +02:00
Asger F	61c4d30dd6	JS: Use express module instead	2019-09-05 12:09:24 +01:00
Ian Lynagh	99dd8d0c51	C++: Add an upgrade script	2019-09-05 12:01:02 +01:00
Ian Lynagh	acc1d664f6	C++: Updates stats to include mangled_name table	2019-09-05 12:01:02 +01:00
Ian Lynagh	0c09af977c	C++: Use mangled_name in ResolveClass.qll The old code is still around to handle upgraded databases.	2019-09-05 12:01:02 +01:00
Taus Brock-Nannestad	d336140c19	Python: Modernise the `py/non-iterable-in-for-loop` query. Also adds a small test case exhibiting the same false positive seen in ODASA-8042.	2019-09-05 12:24:51 +02:00
Esben Sparre Andreasen	a9665f53b8	JS: whitelist quote stripping for js/incomplete-sanitization	2019-09-05 09:47:49 +01:00
james	65573492e7	docs: rename ql-training-rst > ql-training	2019-09-05 08:40:36 +01:00
james	c8dd5e620c	docs: add ql-training page to learn-ql project	2019-09-05 08:40:33 +01:00
Jonas Jensen	79c713bd87	C++: Remark in DefinitionByReference charpred	2019-09-05 09:36:46 +02:00
Jonas Jensen	114c2fe0d4	Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref	2019-09-05 09:33:45 +02:00
Robert Marsh	1bb57daf6f	Merge pull request #1866 from jbj/dataflow-test-alias-nested C++: Tests for aliasing of nested structs	2019-09-04 10:48:20 -07:00
Robert Marsh	a3290503ec	Merge pull request #1806 from jbj/localExprFlow C++: Add localExprFlow and localExprTaint	2019-09-04 10:38:46 -07:00
Asger F	0e4c34bd81	JS: Add deprecated predicate alias	2019-09-04 16:14:51 +01:00
Asger F	93a3f571ec	JS: Add change note	2019-09-04 16:14:51 +01:00
Asger F	27567e41c5	JS: Add angular.fromJson as JSON parser	2019-09-04 16:14:51 +01:00
Asger F	5aa948cd17	JS: Add angular.merge sink to prototype pollution query	2019-09-04 16:14:51 +01:00
Felicity Chapman	ef7984d1cb	Merge pull request #1842 from jf205/add-java-slides/sd-3762 docs: add rst versions of java training slides	2019-09-04 13:53:13 +01:00
jf205	64c4548aca	Update docs/language/ql-training-rst/slide-snippets/local-data-flow.rst Co-Authored-By: Luke Cartey <5377966+lukecartey@users.noreply.github.com>	2019-09-04 12:53:51 +01:00
james	f0e2a2ea71	docs: update images	2019-09-04 12:51:14 +01:00
Taus Brock-Nannestad	4440e02fa5	Add test case for divergence.	2019-09-04 13:23:06 +02:00
Jonas Jensen	cdcc716675	Merge pull request #1867 from geoffw0/erafix9 CPP: Add date to JapaneseEraDate.ql	2019-09-04 13:16:04 +02:00
Jonas Jensen	bd32931f45	Merge pull request #1868 from geoffw0/tinyfix CPP: Tiny fixes	2019-09-04 13:15:38 +02:00
Asger F	9f8bf90424	JS: Update Express test	2019-09-04 11:43:21 +01:00
Asger F	744f0b1aa3	JS: Use type info to recognize routers	2019-09-04 11:43:21 +01:00
Asger F	c06fd451d6	JS: Handle router chaining in type tracking predicate	2019-09-04 11:43:21 +01:00
Asger F	f3aea0706a	JS: Use type info in Express Request/Response	2019-09-04 11:43:21 +01:00
Geoffrey White	707f95c829	CPP: Alignment.	2019-09-04 09:59:21 +01:00
Geoffrey White	13e2109a38	CPP: Remove an unnecessary include.	2019-09-04 09:42:07 +01:00
Jonas Jensen	8579d7d1cf	C++: Tests for aliasing of nested structs This test shows that local pointers into structs do propagate data flow like pass-by-reference does in calls.	2019-09-04 10:26:49 +02:00
Jonas Jensen	3ba650911c	Merge pull request #1847 from geoffw0/erafix8 CPP: Deal with two very similar Japanese era queries	2019-09-04 09:57:10 +02:00
Jonas Jensen	0e54709d47	Merge pull request #1859 from geoffw0/qldocpartialdef CPP: Document PartialDefinitions	2019-09-04 09:54:55 +02:00
Jonas Jensen	067c55adb9	C++: Fix ConditionDeclExpr data flow Data flow probably never worked when a variable declared in a `ConditionDeclExpr` was modeled with `BlockVar`. That combination did not come up in testing before the last commit.	2019-09-04 09:33:00 +02:00
Geoffrey White	84112d3630	CPP: Change note.	2019-09-03 18:30:24 +01:00
Geoffrey White	3a3bef3a03	CPP: Add the new Japanese era.	2019-09-03 18:28:24 +01:00
Geoffrey White	bac39e6288	CPP: Add test cases.	2019-09-03 17:46:30 +01:00
Taus Brock-Nannestad	1b432076c4	Python: Prevent divergence in type-hint analysis. (ODASA-8075)	2019-09-03 13:38:46 +02:00
james	acb3e742e6	docs: toctree path	2019-09-03 12:34:58 +01:00
Nick Rolfe	641232a9d7	Merge pull request #1855 from mgrettondann/cpp-343-lambda-names-simplification C++: Update tests for lambda description changes	2019-09-03 11:45:50 +01:00
james	8c88cbba3a	docs: address review comments	2019-09-03 11:16:45 +01:00
semmle-qlci	6778f28424	Merge pull request #1854 from asger-semmle/prototype-pollution-precision Approved by esben-semmle, xiemaisi	2019-09-03 10:50:24 +01:00
Jonas Jensen	d7681bf122	C++: Don't use definitionByReference for data flow The data flow library conflates pointers and objects enough for the `definitionByReference` predicate to be too strict in some cases. It was too permissive in other cases that are now (or will be) handled better by field flow. See also the change note entry.	2019-09-03 11:49:01 +02:00
semmle-qlci	e4d59c361a	Merge pull request #1856 from asger-semmle/ts-base-types Approved by xiemaisi	2019-09-03 10:12:30 +01:00
Geoffrey White	84da3e3431	CPP: Effect of 'Support nested field flow'.	2019-09-03 09:27:50 +01:00
Geoffrey White	8105d153b1	CPP: Add a test of PartialDefinitions.	2019-09-03 09:27:50 +01:00
Geoffrey White	0f295c65f9	CPP: Add QLDoc to the PartialDefinitions class.	2019-09-03 09:27:50 +01:00
Geoffrey White	d092905c66	Merge pull request #1772 from jbj/ast-field-flow-nested C++: Support nested field flow	2019-09-03 09:12:47 +01:00

... 256 257 258 259 260 ...

19777 Commits