codeql

mirror of https://github.com/github/codeql.git synced 2026-01-13 06:24:46 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	fa8edeed6a	change StoredXss example to use TypeTracking	2020-08-20 15:05:38 +02:00
Erik Krogh Kristensen	906705f84c	add `SourceNode` example to the `TrackedNode` deprecation description	2020-08-20 15:01:40 +02:00
Rasmus Lerchedahl Petersen	5a734730de	Python: Control flow nodes are dataflow nodes iff they are expression nodes We could refine this later, but it seems to work for now...	2020-08-20 15:00:42 +02:00
Rasmus Wriedt Larsen	7fb8e0e277	Python: Add basic shared taint tracking test	2020-08-20 14:49:17 +02:00
Rasmus Wriedt Larsen	0baac8fd54	Python: Adjust shared taint tracking skeleton So it fits the setup from Java/Go, with AdditionalTaintStep class.	2020-08-20 14:49:09 +02:00
Geoffrey White	3d171f358a	Merge remote-tracking branch 'upstream/main' into vecmethods	2020-08-20 13:29:28 +01:00
Erik Krogh Kristensen	372e1a3d84	support the "type" field on `package.json` files while extracting	2020-08-20 14:26:15 +02:00
Tamás Vajk	2a8ff8785a	C#: Add AST printing (#4038 )	2020-08-20 14:24:43 +02:00
Geoffrey White	258b61c5f8	Update cpp/ql/src/semmle/code/cpp/models/implementations/StdContainer.qll Co-authored-by: Jonas Jensen <jbj@github.com>	2020-08-20 12:53:23 +01:00
Geoffrey White	689c637d48	C++: Rename things.	2020-08-20 12:52:40 +01:00
Anders Schack-Mulligen	ec7a65777b	Merge pull request #3855 from JLLeitschuh/feat/JLL/jOOQ_SQL_injection Add jOOQ methods as SQL Injection Sinks	2020-08-20 13:17:07 +02:00
Erik Krogh Kristensen	bf88c81f78	bump extractor version	2020-08-20 12:57:48 +02:00
Erik Krogh Kristensen	a347569385	inline StandardCharsets.UTF_8	2020-08-20 12:57:05 +02:00
Erik Krogh Kristensen	410ef8fe0e	exit early if the default encoding is not UTF-8	2020-08-20 12:50:43 +02:00
Erik Krogh Kristensen	fe41521e0c	add tutorial for how to get around TrackedNodes deprecation	2020-08-20 12:46:17 +02:00
Geoffrey White	61158e759b	C++: Improve StdContainerConstructor model.	2020-08-20 11:04:59 +01:00
Geoffrey White	acd1437103	C++: Change note.	2020-08-20 10:46:12 +01:00
Geoffrey White	f2ac4fa94a	C++: Autoformat.	2020-08-20 10:44:54 +01:00
Geoffrey White	cda9fd250b	C++: Model vector methods.	2020-08-20 10:30:01 +01:00
Geoffrey White	620126d38c	C++: Add vector taint cases to test.	2020-08-20 10:27:25 +01:00
Erik Krogh Kristensen	8f68f512df	deprecate TrackedNodes.qll	2020-08-20 11:26:22 +02:00
Geoffrey White	43c8efdf63	C++: Repair the range based for test.	2020-08-20 10:19:54 +01:00
CodeQL CI	6adedac337	Merge pull request #4096 from erik-krogh/qlMod Approved by esbena	2020-08-20 10:05:30 +01:00
Geoffrey White	8afa92d881	C++: Add more detail to the vector class in the test stl.h.	2020-08-20 09:39:35 +01:00
Tom Hvitved	65b4d35add	Merge pull request #4055 from tamasvajk/feature/partial-methods C#: Add body to partial methods	2020-08-20 10:14:56 +02:00
Tom Hvitved	6dc1244410	Merge pull request #4064 from hvitved/csharp/gvn-speedup C#: Speed up `Implements.qll` and `Unification.qll`	2020-08-20 10:11:36 +02:00
Mathias Vorreiter Pedersen	aa522b54c1	Merge pull request #4098 from jbj/SimpleRangeAnalysis-mul-constant C++: Support multiplication by constants in range analysis	2020-08-20 09:22:05 +02:00
Erik Krogh Kristensen	5b42e242af	add change note for supporting ".cjs" files	2020-08-20 09:18:26 +02:00
Jonas Jensen	b1c0e6f626	Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-mul-constant	2020-08-20 08:20:31 +02:00
Robert Marsh	6b1243e8b4	C++: respond to PR comments on Iterator.qll	2020-08-19 16:23:00 -07:00
Robert Marsh	20188b7bc2	C++: input iterator models	2020-08-19 12:11:36 -07:00
Robert Marsh	d32d6c9d8d	WIP: more iterator cases	2020-08-19 11:51:41 -07:00
Robert Marsh	d50dd090be	C++: rename to Iterator*Operator	2020-08-19 11:51:41 -07:00
Robert Marsh	85af74eb06	C++: Models for bidirectional input iterators	2020-08-19 11:51:41 -07:00
Robert Marsh	a457d54ad1	Merge pull request #4078 from jbj/SimpleRangeAnalysis-AssignMulExpr C++: Range analysis for unsigned AssignMulExpr	2020-08-19 14:42:04 -04:00
Rasmus Lerchedahl Petersen	18e946d4aa	Python: Small rearrangement	2020-08-19 17:56:02 +02:00
Jonas Jensen	b14bc42756	Merge pull request #4090 from geoffw0/strmethods C++: Model taint through many more methods in std::string	2020-08-19 16:40:46 +02:00
Tom Hvitved	a23bb6d5ec	Merge pull request #4095 from hvitved/csharp/dataflow/ap5 C#: Increase `accessPathLimit` from 3 to 5	2020-08-19 16:12:22 +02:00
Jonas Jensen	21d16d13fc	Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-AssignMulExpr	2020-08-19 14:50:40 +02:00
Anders Schack-Mulligen	e7709f73e9	Merge pull request #4099 from hvitved/java/dataflow/unique-encl-callable Java: Use `unique` aggregate in `Node::getEnclosingCallable()`	2020-08-19 13:30:01 +02:00
Anders Schack-Mulligen	28578fd572	Java: Autoformat.	2020-08-19 13:12:24 +02:00
Jonas Jensen	83884c0dc5	Merge pull request #4089 from jbj/jbj/printFloat-precise C++: Accept float.toString changes in tests	2020-08-19 12:58:27 +02:00
Rasmus Lerchedahl Petersen	bd53a711d3	Merge branch 'main' of github.com:github/codeql into SharedDataflow_SequenceFlow	2020-08-19 11:42:41 +02:00
Mathias Vorreiter Pedersen	eed6fe96ae	Merge branch 'main' into alternative-instruction-operand-flow	2020-08-19 11:18:51 +02:00
Erik Krogh Kristensen	3d5c1560e4	basic support for `.cjs` files	2020-08-19 10:53:57 +02:00
Erik Krogh Kristensen	103f739d16	add test for types of modules	2020-08-19 10:52:38 +02:00
Jonas Jensen	3e8f62fa5f	Merge pull request #4100 from nickrolfe/ssa_errors C++: fix compilation errors in ssa.cpp	2020-08-19 09:58:49 +02:00
CodeQL CI	2319c289aa	Merge pull request #4092 from erik-krogh/strictExtractor Approved by esbena	2020-08-19 08:47:07 +01:00
Rasmus Lerchedahl Petersen	176aa06fad	Python: Address review comments	2020-08-19 09:21:16 +02:00
yoff	5e84754f73	Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-08-19 08:03:47 +02:00

... 92 93 94 95 96 ...

19777 Commits