codeql

mirror of https://github.com/github/codeql.git synced 2025-12-31 08:06:36 +01:00

Author	SHA1	Message	Date
Mark Shannon	21246dcbf2	Python: clean up change notes and query help.	2018-11-28 15:02:47 +00:00
Geoffrey White	0eb0bf988e	CPP: Fix for virtual method calls.	2018-11-28 14:19:24 +00:00
Asger F	8017df1750	JS: add change note for UselessConditional.ql	2018-11-28 14:14:58 +00:00
Esben Sparre Andreasen	f3889e715e	JS: simplify `isReactImportForJSX` to `isReactForJSX`	2018-11-28 15:06:53 +01:00
Anders Schack-Mulligen	ae44b90456	Java: Normalize parentheses.	2018-11-28 15:01:25 +01:00
Max Schaefer	45574d4eaa	JavaScript: Minor change to documentation to facilitate opening another PR.	2018-11-28 13:53:28 +00:00
semmle-qlci	57a976d668	Merge pull request #555 from xiemaisi/js/invalid-dynamic-method-call Approved by esben-semmle	2018-11-28 13:52:51 +00:00
Anders Schack-Mulligen	e2dd0ea083	Java: Add 2 double-checked-locking queries.	2018-11-28 13:52:34 +01:00
Max Schaefer	fb78e14db1	JavaScript: Add support for sanitising dynamic property accesses. This generalises our previous handling of sanitisers operating on property accesses to support dynamic property accesses where the property name is an SSA variable by representing them as access paths.	2018-11-28 12:37:53 +00:00
Esben Sparre Andreasen	72092529d1	JS: add change note for js/unused-local-variable	2018-11-28 13:25:26 +01:00
Esben Sparre Andreasen	f3c90114df	JS: add empty 1.20 change note	2018-11-28 13:24:26 +01:00
Esben Sparre Andreasen	54e2215db4	JS: support `require` in isReactImportForJSX	2018-11-28 13:16:55 +01:00
Esben Sparre Andreasen	737a816e6f	JS: refactor isReactImportForJSX	2018-11-28 13:16:55 +01:00
Max Schaefer	9c98aaf4bd	JavaScript: Refactor a few predicates to avoid materialisations.	2018-11-28 10:51:29 +00:00
Mark Shannon	eefb45c94b	Python: jinja2-without-escaping query: Clean up query and account for Template class in tests.	2018-11-28 10:46:44 +00:00
Mark Shannon	dff36e22ff	Fix typo.	2018-11-28 10:46:44 +00:00
Mark Shannon	1080525d7d	Python: Add missing test stub.	2018-11-28 10:45:48 +00:00
Mark Shannon	2518ac561e	Python: Add change note for jinja2-autoescape query.	2018-11-28 10:45:48 +00:00
Mark Shannon	243280dc00	Python: New query to check for use of jinja2 templates without auto-escaping.	2018-11-28 10:45:19 +00:00
Max Schaefer	39f1c7904b	JavaScript: Address review comments.	2018-11-28 09:44:58 +00:00
semmle-qlci	e66691a90c	Merge pull request #551 from asger-semmle/js-extractor-shebang Approved by xiemaisi	2018-11-28 08:49:44 +00:00
Max Schaefer	31d23b6295	JavaScript: Sort change notes alphabetically.	2018-11-28 08:16:31 +00:00
Max Schaefer	f9de1d44ca	JavaScript: Add change notes.	2018-11-28 08:16:31 +00:00
Max Schaefer	f1c538a97b	JavaScript: Restrict `RemotePropertyInjection` query to avoid double-reporting. This query now only flags user-controlled property and header writes, method calls are handled by the new unsafe/unvalidated method call queries.	2018-11-28 08:16:31 +00:00
Max Schaefer	2889e07eb8	JavaScript: Add new query `UnvalidatedDynamicMethodCall`.	2018-11-28 08:16:31 +00:00
Dave Bartolomeo	5d997c7135	C++: Big QLDoc comment for `ChiInstruction`	2018-11-27 17:09:26 -08:00
Dave Bartolomeo	53cd5e9994	C++: Fix bug introduced by earlier commit	2018-11-27 14:57:58 -08:00
Dave Bartolomeo	7e6e6f00c1	C++: Fix IR for designated array initializers	2018-11-27 14:57:23 -08:00
Dave Bartolomeo	0a20f9ffbf	C++: Print field names and element indices for aggregate literals in PrintAST	2018-11-27 13:26:18 -08:00
Dave Bartolomeo	90b79eb5f3	C++: Accept GVN test expectations with Chi nodes	2018-11-27 12:56:23 -08:00
Mark Shannon	31ac33e723	Merge pull request #528 from taus-semmle/python-flask-debug Python: Implement check for flask debug mode.	2018-11-27 19:42:26 +00:00
Taus Brock-Nannestad	7f94c257a7	Change precision to `high`.	2018-11-27 19:02:44 +01:00
Taus	2b340b4804	Merge pull request #530 from markshannon/python-no-cert-validation New query to check for making a request without cert verification.	2018-11-27 19:01:10 +01:00
Geoffrey White	7107cec503	CPP: Add test cases.	2018-11-27 17:20:14 +00:00
Mark Shannon	435b309852	Python: Add utility predicate for finding ModuleObject by name.	2018-11-27 17:06:40 +00:00
Taus Brock-Nannestad	6ebf504d97	Update test results after stub change.	2018-11-27 16:59:19 +01:00
Taus Brock-Nannestad	8d341ab467	Fix stub file.	2018-11-27 16:56:09 +01:00
Arthur Baars	044dcfbf66	Merge pull request #549 from adityasharad/merge/1.19-next-271118 Merge rc/1.19 into next.	2018-11-27 16:54:43 +01:00
Asger F	623a80fe90	TS: declassify files with unrecognized shebang line	2018-11-27 14:59:03 +00:00
Taus Brock-Nannestad	b393d9ad04	Add change note.	2018-11-27 15:21:02 +01:00
Taus Brock-Nannestad	a4da245809	Python: Implement check for flask debug mode.	2018-11-27 15:14:38 +01:00
Tom Hvitved	41edd61e2e	Merge pull request #545 from calumgrant/cs/typemention-constraints C#: Fix for type mentions of type parameter constraints	2018-11-27 14:25:48 +01:00
Aditya Sharad	5d5bfc215e	Merge rc/1.19 into next.	2018-11-27 12:04:46 +00:00
Max Schaefer	cf1e7cff3f	JavaScript: Move an auxiliary predicate into shared library.	2018-11-27 12:03:25 +00:00
Mark Shannon	698957e2cf	Python: Correct case of query name and improve help.	2018-11-27 11:32:40 +00:00
Geoffrey White	a85dfb1c4e	Merge pull request #548 from jbj/security-tags-1.19 C++: Update security tag in change note	2018-11-27 11:13:56 +00:00
Jonas Jensen	c8e34bff6c	C++: Update security tag in change note These two queries have the `security` tag in the `.ql` file, but it was missing in the change note.	2018-11-27 11:03:42 +01:00
Jonas Jensen	c403bb1cad	Merge pull request #541 from kevinbackhouse/CppPostDominators Add post-dominators	2018-11-27 08:23:43 +01:00
Dave Bartolomeo	689002a22e	C++: Fix handling of Chi instructions in sign analysis	2018-11-26 16:46:39 -08:00
Robert Marsh	f4ce7b9648	C++: respond to further PR review comments	2018-11-26 16:16:46 -08:00

... 355 356 357 358 359 ...

19777 Commits