hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 21:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,687 Branches 159 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
bf99a0ee15 C++: expand MacroInvocation.getExpr QLDoc 2019-07-01 20:22:24 +02:00
Max Schaefer
7f95c20345 JavaScript: Add support for tracking flow into receivers of reflective calls. 2019-07-01 17:54:43 +01:00
semmle-qlci
3b126d9c4e Merge pull request #1488 from asger-semmle/call-graph-metric 
Approved by xiemaisi
 2019-07-01 16:09:34 +01:00
Max Schaefer
a04c2c65cb JavaScript: Add change note. 2019-07-01 15:45:57 +01:00
Max Schaefer
895055f30e JavaScript: Avoid unhelpful magic. 
The constraint `exists(callback.getParameter(i))` was getting pushed into `higherOrderCall`, which isn't a bad thing to do. However, this then led to a join on `i`, which is a very bad thing to do.
 2019-07-01 15:45:57 +01:00
Max Schaefer
b5b89c0eac JavaScript: Track flow into method receivers. 2019-07-01 15:45:57 +01:00
Esben Sparre Andreasen
062778bdd8 JS: heuristically recognize x.spec.y and x.test.y as test files 2019-07-01 15:49:17 +02:00
Esben Sparre Andreasen
7cab308205 fixup! JS: classify numeric file names as generated 2019-07-01 15:49:03 +02:00
Jonas Jensen
757ec97e7a Merge pull request #1251 from zlaski-semmle/zlaski/cpp370 
[CPP-370] Non-constant `format` arguments to `printf` and friends
 2019-07-01 14:43:19 +02:00
Asger F
0c04580b5e JS: fix typo in doc 2019-07-01 13:25:55 +01:00
Asger F
ff4d6ece80 JS: Rename metrics to ResolvableCallX 2019-07-01 12:34:48 +01:00
Asger F
16e6dd12d0 JS: Address review comments part 1 2019-07-01 12:30:51 +01:00
Esben Sparre Andreasen
41e568d1f7 JS: classify files with many short variables as minified 2019-07-01 13:25:07 +02:00
Asger F
2ab72c4eef JS: Support line breaks in types 2019-07-01 11:46:30 +01:00
Asger F
625cdb8765 JS: Update test output 2019-07-01 11:29:55 +01:00
Asger F
4f05eab3fd JS: Make docs match reality 2019-07-01 11:29:55 +01:00
Asger F
2822e493ae JS: Switch to absolute offsets 2019-07-01 11:29:55 +01:00
Asger F
d6ba1ffa8a JS: Some loc() fixes 2019-07-01 11:29:55 +01:00
Asger F
fd0791bd8c JS: Parse types from original source string 2019-07-01 11:29:55 +01:00
Asger F
a3c7b631f4 JS: Extract type source text with substring 2019-07-01 11:29:55 +01:00
Asger F
edd96b056e JS: Remove redundant source field 2019-07-01 11:29:55 +01:00
Asger F
9403834af5 JS: Include leading star in parsed source 2019-07-01 11:29:55 +01:00
Asger F
9b4bdaecce JS: Remove unneeded replace call 2019-07-01 11:29:55 +01:00
semmle-qlci
a4fa2982de Merge pull request #1526 from xiemaisi/js/remove-TrackedExpr 
Approved by esben-semmle
 2019-07-01 11:10:44 +01:00
semmle-qlci
4f3cbe0029 Merge pull request #1521 from hvitved/csharp/constant-condition-fp 
Approved by calumgrant
 2019-07-01 10:52:14 +01:00
Esben Sparre Andreasen
2eb7e4a818 JS: classify x.test.js files with test(...) calls as jest tests 2019-07-01 10:28:10 +02:00
Esben Sparre Andreasen
5ebcef41fa JS: classify numeric file names as generated 2019-07-01 10:25:38 +02:00
Tom Hvitved
e6e606232d C#: Address review comments 2019-07-01 09:37:15 +02:00
semmle-qlci
ae3a48db58 Merge pull request #1510 from hvitved/csharp/date-queries-remove-precision 
Approved by calumgrant
 2019-07-01 08:28:08 +01:00
zlaski-semmle
bc98a80efe Merge pull request #1 from jbj/NonConstantFormat-ArrayExpr 
C++: NonConstantFormat taint only for string types
 2019-06-28 12:03:31 -07:00
yh-semmle
a0dc84010a Merge pull request #1518 from Semmle/rc/1.21 
Merge rc/1.21 into master
 2019-06-28 13:52:18 -04:00
Arthur Baars
af68fd4904 Merge pull request #1408 from calumgrant/cs/suppress-null-expr 
C#: C#8 Nullable expressions and type annotations
 2019-06-28 19:21:46 +02:00
yh-semmle
01028812a9 Merge pull request #1524 from aschackmull/java/dead-lambda 
Java: Don't report lambdas (or other anonymous classes) as dead.
 2019-06-28 10:48:17 -04:00
Arthur Baars
9197c186e1 Drop: ImportAdditionalLibraries.ql 2019-06-28 15:53:07 +02:00
Tom Hvitved
f91e460869 C#: Introduce inherited CFG completions 
When completions are inherited by elements inside `finally` blocks, we previously
threw away the underlying completion. For example, in

```
try
{
    if (b)
        throw new Exception();
}
finally
{
    if (b)
        ...
}
```

the completions for `b` inside the `finally` block are `true` and `throw(Exception)`,
where the latter is inherited from the `try` block, with an underlying `false`
completion. Throwing away the `false` completion meant that we were unable to prune
the `false` edge (Boolean CFG splitting).
 2019-06-28 15:41:49 +02:00
Tom Hvitved
8d7ea2f49f C#: Add CFG test that mixes Boolean/finally/catch splitting 2019-06-28 15:41:49 +02:00
Taus
61a196d2d4 Merge pull request #1523 from markshannon/python-speed-up-get-a-child 
Python speed up calculation of ControlFlowNode.getAChild()
 2019-06-28 15:23:08 +02:00
Calum Grant
8130342062 Merge pull request #1520 from hvitved/csharp/mono-tracing 
C#: Generalize `mono` pattern in tracer config
 2019-06-28 14:21:35 +01:00
Calum Grant
4d383001ac C#: Address review comment 2019-06-28 14:17:16 +01:00
Calum Grant
a5543699b2 Merge pull request #1460 from hvitved/csharp/cfg-last 
C#: Refactor `last` predicate
 2019-06-28 14:13:43 +01:00
Taus
fbe7615258 Merge pull request #1512 from markshannon/python-better-handling-decorators 
Python: Add opaque 'decorated object' object.
 2019-06-28 14:10:49 +02:00
Mark Shannon
8570b4117f Python: Add opaque 'decorated function' for complex decorated functions. Allows finding calls in taint-tracking without contaminating points-to results. 2019-06-28 12:14:10 +01:00
Tom Hvitved
3d4316da1c C#: Address review comments 2019-06-28 13:00:18 +02:00
Anders Schack-Mulligen
a93ecae1ae Java: Don't report lambdas (or other anon classes) as dead. 2019-06-28 12:59:54 +02:00
Taus
8251553771 Merge pull request #1494 from markshannon/python-better-handling-calls-on-edge-of-context 
Python: better handling calls on edge of context
 2019-06-28 12:39:09 +02:00
Mark Shannon
775214e467 Python speed up calculation of ControlFlowNode.getAChild() 2019-06-28 11:19:25 +01:00
Asger F
aff90b1082 TS: Add a missing semicolon 2019-06-28 10:53:33 +01:00
Asger F
f5569b8b58 TS: Avoid infinite recursion in stringifyType 2019-06-28 10:53:33 +01:00
Tom Hvitved
db565c5a88 C#: Remove false positives in cs/constant-condition 2019-06-28 11:50:53 +02:00
Taus
1b98f248e5 Merge branch 'master' into python-better-handling-calls-on-edge-of-context 2019-06-28 11:27:42 +02:00