hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 15:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felicity Chapman
fa8fd0513c Update qhelp for queries with CWE tags 2018-11-12 18:00:17 +00:00
Geoffrey White
1c27c5e5ed CPP: Tag Padding queries. 2018-11-12 17:45:58 +00:00
Geoffrey White
bcb4ebffc3 CPP: Tag NVI queries. 2018-11-12 17:45:58 +00:00
Geoffrey White
850937efcc CPP: Tag Include queries. 2018-11-12 17:45:58 +00:00
Geoffrey White
93b3165e86 CPP: Tag Magic*UseConstant queries. 2018-11-12 17:45:58 +00:00
Max Schaefer
663bdd60a0 Merge pull request #396 from esben-semmle/js/unconditional-property-override 
JS: add query: js/unconditional-property-override
 2018-11-12 17:10:32 +00:00
Felicity Chapman
2847d5eaac Replace '&' symbols in URL 2018-11-12 16:34:19 +00:00
Geoffrey White
1d464ae35d CPP: Merge the ExprHasNoEffect tests. 2018-11-12 16:26:50 +00:00
Geoffrey White
1417929cdf CPP: Merge the Todo/FixmeComments tests. 2018-11-12 16:26:50 +00:00
Geoffrey White
03cad6c084 CPP: Move the AV Rule 97 test. 2018-11-12 16:07:03 +00:00
Geoffrey White
2d665e51d0 CPP: Move the BitwiseSignCheck.ql test. 2018-11-12 16:07:03 +00:00
Felicity Chapman
05930812a1 Update for feedback 2018-11-12 15:56:10 +00:00
Felicity Chapman
2e8f51a545 Update to bring into line with current guidelines 2018-11-12 15:30:19 +00:00
Arthur Baars
effabc667c Merge pull request #452 from adityasharad/version/1.18.3-dev 
Version: Bump to 1.18.3 dev.
 2018-11-12 16:01:22 +01:00
Aditya Sharad
271628c280 Version: Bump to 1.18.3 dev. 2018-11-12 14:55:26 +00:00
Jonas Jensen
0cb09b113f Merge pull request #251 from rdmarsh2/rdmarsh/cpp/sign-analysis 
C++: Sign analysis library
 2018-11-12 15:23:18 +01:00
Max Schaefer
2c1a37c652 JavaScript: Add WebRTC externs. 2018-11-12 12:25:32 +00:00
Jonas Jensen
1500237009 Merge remote-tracking branch 'upstream/master' into mergeback-20181112 2018-11-12 13:24:27 +01:00
Felicity Chapman
978fc4928f Fix syntax errors in qhelp files 2018-11-12 10:55:13 +00:00
Felicity Chapman
72ac2e5498 Fix typos 2018-11-12 09:52:00 +00:00
Tom Hvitved
dd6fd400aa Merge pull request #335 from calumgrant/cs/cwe-937 
C#: New query VulnerablePackage
 2018-11-12 10:34:53 +01:00
Esben Sparre Andreasen
eaad84bb4f JS: add support for dis- and conjunctions in SanitizingFunction 2018-11-12 10:23:52 +01:00
Esben Sparre Andreasen
ffc3d6ba49 JS: simplify test (move alerts four lines up) 2018-11-12 10:21:41 +01:00
Esben Sparre Andreasen
6d0c93b6a8 JS: introduce TaintTracking::AdditionalSanitizingCall 2018-11-12 10:21:39 +01:00
Esben Sparre Andreasen
2033bf81cc JS: address docstring review comments 2018-11-12 10:03:08 +01:00
Tom Hvitved
40def8d364 Merge pull request #418 from dave-bartolomeo/dave/FormatConfig 
Allow mixed whitespace in certain test and external directories
 2018-11-12 09:43:39 +01:00
Tom Hvitved
21887d7c6f C#: Refactor SSA liveness logic 
Simplify liveness analysis by avoiding the two extra copies of `liveAtRank()`
(and other auxiliary predicates) for fields/captured variables analysis.
 2018-11-12 09:41:53 +01:00
semmle-qlci
c9d77a2d6d Merge pull request #443 from xiemaisi/js/improve-stack-trace-exposure 
Approved by asger-semmle
 2018-11-12 08:40:26 +00:00
semmle-qlci
bf18175f7a Merge pull request #445 from xiemaisi/js/aliases 
Approved by esben-semmle
 2018-11-12 08:39:11 +00:00
Max Schaefer
01b43dff72 JavaScript: Make in-dist trap cache read-only. 2018-11-12 08:33:11 +00:00
Jonas Jensen
e9dac22cfd Merge pull request #446 from geoffw0/minor-corrections 
CPP: Minor corrections to examples
 2018-11-12 09:30:39 +01:00
Max Schaefer
032ed12242 JavaScript: Use in-dist trap cache when extracting externs. 2018-11-12 08:28:08 +00:00
Jonas Jensen
0caf0f1f15 Merge pull request #430 from geoffw0/exprtemplate 
CPP: Exclude template code from ExprHasNoEffect.ql
 2018-11-12 09:27:36 +01:00
Max Schaefer
f26d47aacb JavaScript: Bump extractor version. 
This is not so much because extractor output has changed (it hasn't, except for corner cases) but to disable trap caching so as to help us to flush out bugs.
 2018-11-12 08:19:17 +00:00
Max Schaefer
f06cef5d40 JavaScript: Port JSDoc parser to Java. 2018-11-12 08:18:53 +00:00
Max Schaefer
c14ebac455 JavaScript: Port regular expression parser to Java. 2018-11-12 08:18:53 +00:00
Max Schaefer
47fda72b91 Merge pull request #448 from adityasharad/merge/master-next-091118 
Merge master into next.
 2018-11-12 08:04:31 +00:00
Aditya Sharad
761e5efd60 Merge master into next. 
JavaScript semantic conflicts fixed by referring to the `LegacyLanguage` enum.
C++ conflicts fixed by accepting Qltest output.
 2018-11-09 18:49:35 +00:00
Robert Marsh
d9495da225 C++: fix test 2018-11-09 10:15:28 -08:00
yh-semmle
992a015467 Merge pull request #415 from aschackmull/java/obinit-extraction 
Java: Account for extraction of calls to <obinit>.
 2018-11-09 12:34:00 -05:00
Geoffrey White
09782d145e CPP: Annotate expr_has_no_effect test. 2018-11-09 17:23:59 +00:00
Geoffrey White
3f0e28aea9 CPP: Fix additional expr_has_no_effect test. 2018-11-09 17:23:59 +00:00
Max Schaefer
63933cdecd JavaScript: Don't extract extens with --experimental turned on. 
There isn't any particularly compelling reason for doing so.
 2018-11-09 16:22:55 +00:00
Max Schaefer
f7d693d06f JavaScript: Make default extractor options more sensible. 
We now use module auto-detection and no TypeScript mode.

This only affects extern extraction in `AutoBuild`, everything else sets these options explicitly.
We currently do not have any ES2015 modules or TypeScript code in our externs, so in practice this is behaviour-preserving.
 2018-11-09 16:21:35 +00:00
Geoffrey White
0e9c7fc085 Merge pull request #416 from raulgarciamsft/users/raulga/c6317 
cpp: Incorrect not operator usage
 2018-11-09 15:59:57 +00:00
Aditya Sharad
355473abb3 Merge pull request #439 from aschackmull/java/move-lgtm-suites 
Java: Move the LGTM query suites to the public repo.
 2018-11-09 12:56:44 +00:00
Anders Schack-Mulligen
f6941af86c Java: Move the LGTM query suites to the public repo. 2018-11-09 13:48:49 +01:00
Anders Schack-Mulligen
46bebc898a Java: Add test. 2018-11-09 13:36:05 +01:00
Anders Schack-Mulligen
6f791bb530 Java: Account for extraction of calls to <obinit>. 2018-11-09 13:36:05 +01:00
Geoffrey White
e645166fee CPP: Make InconsistentNullnessTest.cpp example plausible. 2018-11-09 11:41:02 +00:00