codeql

mirror of https://github.com/github/codeql.git synced 2025-12-27 22:26:31 +01:00

Author	SHA1	Message	Date
Anders Schack-Mulligen	74d35f4f37	Java: Add support for value-preserving steps.	2021-02-18 11:26:15 +01:00
Anders Schack-Mulligen	04eeeda2c9	Java: Add documentation for the final column.	2021-02-18 11:23:49 +01:00
Anders Schack-Mulligen	6f583baa90	Java: More documentation and support for field writes.	2021-02-18 11:18:31 +01:00
CodeQL CI	d94f20ff2f	Merge pull request #5194 from RasmusWL/type-tracking-snippets Approved by tausbn	2021-02-18 02:13:21 -08:00
Mathias Vorreiter Pedersen	88263cb89e	Merge pull request #5114 from geoffw0/codeqltestdoc Documentation: Make our policy for copied example code clear and visible.	2021-02-18 10:43:17 +01:00
Erik Krogh Kristensen	6f384630f1	Apply suggestions from code review Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2021-02-18 10:36:49 +01:00
Mathias Vorreiter Pedersen	3082d70345	Merge branch 'main' into fix-dataflow-regression-const-member-function	2021-02-18 09:34:51 +01:00
luchua-bc	e916ce8b9b	Exclude test directories of typical build tools	2021-02-18 00:50:38 +00:00
Taus Brock-Nannestad	23e9785efd	Python: Add missing QLDoc	2021-02-17 21:38:48 +01:00
Erik Krogh Kristensen	f4e6f49ae7	change join order for API::Impl::trackDefNode	2021-02-17 21:23:11 +01:00
Erik Krogh Kristensen	dcef6cb974	change join order for API::InvokeNode::getParameter	2021-02-17 21:23:11 +01:00
Erik Krogh Kristensen	c80365c48a	change join order for API::Impl::useStep	2021-02-17 21:23:11 +01:00
Taus Brock-Nannestad	99f3a61f61	Python: Add `TypeBackTracker` This is a fairly straight port of the JS equivalent. Also adds `Node::getALocalSourceNode` which seems like it might come in handy.	2021-02-17 21:14:20 +01:00
CodeQL CI	8716cbd7ee	Merge pull request #5140 from erik-krogh/mark Approved by asgerf	2021-02-17 11:50:11 -08:00
Raul Garcia (MSFT)	cba9f421ad	Changes to the Readme file	2021-02-17 10:05:22 -08:00
luchua-bc	5e36eedcb6	Add check for test packages	2021-02-17 18:04:55 +00:00
Erik Krogh Kristensen	4df85b44de	Update javascript/change-notes/2021-02-10-markdown.md Co-authored-by: Asger F <asgerf@github.com>	2021-02-17 18:30:31 +01:00
Cornelius Riemenschneider	ebcecca9f1	Merge pull request #5157 from geoffw0/modelsbsl2 C++: Improve Iterator models	2021-02-17 18:04:07 +01:00
Jonathan Leitschuh	c43765917f	Fix formatting of MavenPom.qll	2021-02-17 11:55:10 -05:00
CodeQL CI	a81592dbd1	Merge pull request #5111 from asgerf/js/angular-framework-note Approved by erik-krogh	2021-02-17 08:48:00 -08:00
Taus	593a96ffbb	Merge pull request #5182 from RasmusWL/update-supported-python-frameworks-docs Docs: Update list of support frameworks in Python	2021-02-17 17:44:18 +01:00
CodeQL CI	3e1d2c3f81	Merge pull request #5198 from RasmusWL/revert-structure-change Approved by tausbn	2021-02-17 08:36:04 -08:00
Rasmus Wriedt Larsen	4880350420	Python: Add a single missing QLDoc	2021-02-17 16:33:12 +01:00
Rasmus Wriedt Larsen	7afe3972d8	Revert "Merge pull request #5171 from RasmusWL/restructure-queries" This reverts commit `8caafb3710`, reversing changes made to `ec79094957`.	2021-02-17 16:32:53 +01:00
Erik Krogh Kristensen	bc4ff813f3	Merge pull request #5193 from erik-krogh/aceLog JS: avoid cartesian product in isFilteredPropertyName	2021-02-17 16:27:33 +01:00
Rasmus Wriedt Larsen	63a09fccdd	Python: Use this = <...>.getACall() for DataFlow::CallCfgNode I think this reads a bit cleaner	2021-02-17 14:43:48 +01:00
Mathias Vorreiter Pedersen	908f24d23f	C++: Fix missing AST flow.	2021-02-17 14:33:58 +01:00
Anders Schack-Mulligen	862c41632e	Java: Add empty file to test.	2021-02-17 13:23:18 +01:00
Taus	ce1d8ded22	Merge pull request #5192 from RasmusWL/framework-for-routed-params Python: Expose framework identifier for route-setup and request handler	2021-02-17 13:19:43 +01:00
Rasmus Wriedt Larsen	0cdb5c48cf	Python: Remove type-tracking snippets for framework modeling We won't need these anymore, since we can now use API graphs	2021-02-17 13:14:23 +01:00
Rasmus Wriedt Larsen	a4de88d39c	Python: Update type-tracking snippet based on what I learned in https://github.com/github/codeql/pull/5184	2021-02-17 13:13:25 +01:00
Erik Krogh Kristensen	a03507a544	avoid cartesian product in isFilteredPropertyName	2021-02-17 13:12:35 +01:00
Mathias Vorreiter Pedersen	e0dca2be20	Merge pull request #5185 from MathiasVP/block-integral-types-in-cgixss-query C++: Add isBarrier to cpp/cgi-xss	2021-02-17 12:44:45 +01:00
Rasmus Wriedt Larsen	eee49cde85	Merge pull request #5184 from tausbn/python-move-type-tracker-tests-to-source-nodes Python: Use `LocalSourceNode` in type tracker tests	2021-02-17 12:13:47 +01:00
Taus	8caafb3710	Merge pull request #5171 from RasmusWL/restructure-queries Python: Restructure query file layout	2021-02-17 12:09:32 +01:00
Geoffrey White	ec79094957	Merge pull request #5191 from MathiasVP/regression-test-const-member-function C++: Add test for missing flow due to const specifier	2021-02-17 10:59:20 +00:00
Mathias Vorreiter Pedersen	25beadcb05	Update cpp/ql/test/query-tests/Security/CWE/CWE-079/semmle/CgiXss/search.c Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2021-02-17 11:54:24 +01:00
Geoffrey White	c07a60818c	C++: Simplify IteratorAssignArithmeticOperator.	2021-02-17 10:49:28 +00:00
Mathias Vorreiter Pedersen	e1c4406fd4	Merge pull request #5187 from geoffw0/modelsbsl5 C++: Support BSL in Allocation.qll, Deallocation.qll.	2021-02-17 11:48:53 +01:00
Mathias Vorreiter Pedersen	6db75df943	Merge pull request #5186 from geoffw0/modelsbsl4 C++: More models work	2021-02-17 11:46:23 +01:00
Rasmus Wriedt Larsen	cf9ad0cdc5	Python: Move ExternalAPI queries back under Security This was raised as a question at review, and I don't really have a good enough argument for moving it under POI. At the end of the day, they are _security_ related enough I guess :)	2021-02-17 11:29:33 +01:00
Rasmus Wriedt Larsen	dec026a820	Python: Fix security qlref to have single empty line	2021-02-17 11:26:02 +01:00
Rasmus Wriedt Larsen	1adb510578	Python: Add a single missing QLDoc	2021-02-17 11:24:11 +01:00
Mathias Vorreiter Pedersen	1b148c4c90	C++: Add reduced testcase demonstrating the problem in codeql-c-analysis-team/issues/231.	2021-02-17 11:20:00 +01:00
Rasmus Wriedt Larsen	2927d888cf	Python: Fix location of PathInjection tests	2021-02-17 11:20:00 +01:00
Mathias Vorreiter Pedersen	f5d5460dde	C++: Fix testcase.	2021-02-17 10:53:31 +01:00
Chris Smowton	c700d004e0	Commons Lang/Text StrBuilder: propagate taint from constructors	2021-02-17 09:51:28 +00:00
Chris Smowton	c243e03133	Lang3 StrBuilder: fix typo and coding style	2021-02-17 09:50:56 +00:00
Erik Krogh Kristensen	408ac2729d	Merge pull request #5066 from CaptainFreak/express-hbs-lfr JS: add query for Express-HBS LFR	2021-02-17 10:41:38 +01:00
Chris Smowton	10112c50ab	Add support for StrBuilder and TextStringBuilder in commons-text These are identical to the current deprecated StrBuilder in commons-lang3.	2021-02-17 09:36:28 +00:00

... 3 4 5 6 7 ...

20357 Commits