codeql

mirror of https://github.com/github/codeql.git synced 2025-12-31 08:06:36 +01:00

Author	SHA1	Message	Date
Mark Shannon	4f5cfbc336	Correct change for extractor logging levels.	2018-11-23 13:03:16 +00:00
Mark Shannon	95f1935eaa	Python change notes: Merge in internal change notes.	2018-11-23 12:55:04 +00:00
semmle-qlci	04c2b23abd	Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds Approved by asger-semmle	2018-11-23 12:40:40 +00:00
Mark Shannon	61bd8682df	Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly.	2018-11-23 12:32:14 +00:00
calum	b67bc7b612	C#: Fix id generation of constructed methods, by avoid id clashes by ensuring that method type parameters are qualified where necessary. Add a qltest.	2018-11-23 12:11:10 +00:00
calum	051dd191ac	C#: Change notes.	2018-11-23 12:11:10 +00:00
calum	e00807d66b	C#: Fix decoding method type parameters in FSharp.Core.	2018-11-23 12:09:52 +00:00
semmle-qlci	817456ee9f	Merge pull request #529 from asger-semmle/js-line-map Approved by xiemaisi	2018-11-23 12:00:17 +00:00
Anders Schack-Mulligen	a0d8888224	Merge pull request #531 from yh-semmle/java/deprecate-vcs Java: deprecate queries that use `VCS.qll`	2018-11-23 11:59:17 +01:00
Geoffrey White	0855543ac4	CPP: Tag the JPL_C LOC-4 queries.	2018-11-23 10:31:37 +00:00
Geoffrey White	e6dddd90b7	CPP: Add a test of FunctionPointerConversions.ql.	2018-11-23 10:31:36 +00:00
Geoffrey White	0a27022dd4	Merge pull request #523 from jbj/placement-new-never-freed C++: Detect non-allocating placement new in cpp/memory-never-freed	2018-11-23 09:40:11 +00:00
Tom Hvitved	1939773684	C#: Address review comments	2018-11-23 09:32:12 +01:00
Tom Hvitved	c3ccdfa7f9	C#: Guard against cyclic inclusions in project files	2018-11-23 09:32:12 +01:00
Tom Hvitved	e4f68ae324	C#: Address review comments	2018-11-23 09:32:12 +01:00
Tom Hvitved	836daaf07b	C#: Recognize `.proj` files in autobuilder When determining the target of `msbuild` or `dotnet build`, first look for `.proj` files, then `.sln` files, and finally `.csproj`/`.vcxproj` files. In all three cases, choose the project/solution file closest to the root.	2018-11-23 09:32:12 +01:00
Tom Hvitved	b95d7e5302	C#: Move autobuilder into separate folder	2018-11-23 09:32:12 +01:00
Jonas Jensen	4ad59235d8	Merge pull request #524 from geoffw0/cpp-299 CPP: Add (partial) dataflow to OverflowStatic.ql	2018-11-23 08:46:07 +01:00
Sebastian Bauersfeld	4eabca6dde	Update java schema to accommodate for key-value configuration files.	2018-11-22 19:08:43 -05:00
yh-semmle	1b84fceb3c	Java: deprecate queries that use `VCS.qll`	2018-11-22 16:21:44 -05:00
semmle-qlci	816a94eaa9	Merge pull request #525 from jbj/uninit-badast-mergefix Approved by geoffw0, ian-semmle	2018-11-22 21:05:54 +00:00
Geoffrey White	5d8e34a55f	CPP: Add a test of NonConstFunctionPointer.ql.	2018-11-22 17:48:40 +00:00
Geoffrey White	17560cf92e	CPP: Tag the JPL_C LOC-3 queries.	2018-11-22 17:48:35 +00:00
Geoffrey White	9cc39ae875	CPP: Tag the JPL_C LOC-2 queries.	2018-11-22 16:31:08 +00:00
Geoffrey White	a47db56a68	CPP: Tag DuplicateBlock.ql.	2018-11-22 16:31:08 +00:00
Asger F	b5008d8685	TS: only transfer offsets as part of the AST	2018-11-22 16:20:47 +00:00
Geoffrey White	cb609f4be0	CPP: Be conservative where there are multiple flow sources.	2018-11-22 15:50:13 +00:00
Geoffrey White	d57574e92c	CPP: localFlowStep* -> localFlow.	2018-11-22 15:50:13 +00:00
Geoffrey White	16be502d61	CPP: Add change note.	2018-11-22 15:50:13 +00:00
Geoffrey White	ea56a5d9ce	CPP: Add local dataflow to (one bit of) OverflowStatic.ql.	2018-11-22 15:49:13 +00:00
Geoffrey White	01ba635e1d	CPP: Add some test cases involving dataflow.	2018-11-22 15:49:13 +00:00
Geoffrey White	dc224c5c94	Merge pull request #521 from felicity-semmle/cpp/update-qhelp C++: Update qhelp for consistency	2018-11-22 15:31:34 +00:00
Pavel Avgustinov	b9a3a71406	Merge pull request #518 from jbj/vcs-deprecate-queries C++: Deprecate queries using VCS.qll	2018-11-22 15:07:19 +00:00
semmle-qlci	472c0429b5	Merge pull request #526 from esben-semmle/js/flow-parsing-improvements Approved by xiemaisi	2018-11-22 15:02:21 +00:00
Esben Sparre Andreasen	8c7ca38b8d	JS(extractor): improve parser support for flowtype syntax	2018-11-22 14:09:09 +01:00
Jonas Jensen	da26b4f856	C++: Accept test changes for IR This test was failing due to a semantic merge conflict between #509, which added `UninitializedInstruction`, and #517, which added new test code that would get `UninitializedInstruction`s in it after merging with #509.	2018-11-22 13:52:33 +01:00
Esben Sparre Andreasen	b780f82869	JS: sharpen `js/clear-text-logging` (ODASA-7485)	2018-11-22 13:38:43 +01:00
calum	36d9520f87	C#: Address doc comments.	2018-11-22 11:52:00 +00:00
calum	6b2e339ec5	C#: Address QL review comments.	2018-11-22 11:45:41 +00:00
calum	64de7489fe	C#: Analysis change notes.	2018-11-22 11:21:35 +00:00
calum	1bfa4d59e7	C#: Documentation for cs/uncontrolled-format-string	2018-11-22 11:21:35 +00:00
calum	fb09360ad6	C#: New query for cs/uncontrolled-string-format	2018-11-22 11:21:35 +00:00
Mark Shannon	c01db23f58	Python: Fix up expected results of SqlInjection.ql	2018-11-22 11:05:09 +00:00
Mark Shannon	bfb7e17ebf	Python: Move library to correct location.	2018-11-22 11:05:09 +00:00
Mark Shannon	f3fedcdf38	Python tests: Move security test stubs to correct location.	2018-11-22 11:05:09 +00:00
Mark Shannon	04e5b8927a	Python tests: use a more accurate form os os.path.join() in test lib.	2018-11-22 11:05:09 +00:00
Mark Shannon	88d82017b3	Python: Convert stack-trace-exposure query to path-problem.	2018-11-22 11:05:08 +00:00
Mark Shannon	2a24723cc3	Python: Update test results for path queries.	2018-11-22 11:05:08 +00:00
Mark Shannon	722d89fc75	Upgrade taint-tracking security queries to path-problem queries.	2018-11-22 11:05:01 +00:00
Tom Hvitved	201f64ef8e	Merge pull request #367 from calumgrant/cs/path-problems C#: Update all security queries to path-problems	2018-11-22 12:02:11 +01:00

... 357 358 359 360 361 ...

19777 Commits