Mathias Vorreiter Pedersen
|
8c9f09195d
|
Merge pull request #4561 from criemen/varargs-hierarchy
C++: Make BuiltInVarArgs* classes subclasses of VarArgsExpr.
|
2020-10-28 13:03:57 +01:00 |
|
Asger Feldthaus
|
7a3f0095f6
|
JS: Autoformat
|
2020-10-28 11:57:23 +00:00 |
|
Asger Feldthaus
|
c03532edfb
|
JS: Change note
|
2020-10-28 11:57:11 +00:00 |
|
Asger Feldthaus
|
d116b424f4
|
JS: Add model of react hooks and react-router
|
2020-10-28 11:57:11 +00:00 |
|
Asger Feldthaus
|
42c03ab2fd
|
JS: Add flow steps through dynamic imports
|
2020-10-28 11:57:08 +00:00 |
|
Tom Hvitved
|
2fea6f05f1
|
Merge pull request #4489 from hvitved/csharp/cil-to-string
C#: Simplify `toString()` for CIL entities
|
2020-10-28 12:56:10 +01:00 |
|
CodeQL CI
|
8e57f57643
|
Merge pull request #4559 from erik-krogh/redis
Approved by asgerf
|
2020-10-28 11:47:12 +00:00 |
|
Taus Brock-Nannestad
|
1503c5ea16
|
Python: Remove refersTo from regex.qll
This was causing the old `Object` API stuff to be evaluated when using
our new library models (specifically the Django model).
|
2020-10-28 12:41:17 +01:00 |
|
Tamas Vajk
|
1830eea50a
|
C#: Cleanup TypeMentions in AST printing
|
2020-10-28 12:34:12 +01:00 |
|
Tamas Vajk
|
444b100c51
|
Minor fix in definitions.qll
|
2020-10-28 12:23:12 +01:00 |
|
Tamas Vajk
|
a9e93e5681
|
C#: Fix GenericType locations in jump-to-definition
|
2020-10-28 12:07:27 +01:00 |
|
Anders Schack-Mulligen
|
f3e2bd0fd9
|
Merge pull request #3141 from pwntester/InsecureBeanValidation
Insecure Bean Validation query
|
2020-10-28 12:04:12 +01:00 |
|
Erik Krogh Kristensen
|
75d996a0f9
|
make promisify smaller
|
2020-10-28 11:59:21 +01:00 |
|
Erik Krogh Kristensen
|
bce06d3194
|
add test that promisify is not imprecise
|
2020-10-28 11:59:03 +01:00 |
|
Erik Krogh Kristensen
|
c49d5081cc
|
Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll
Co-authored-by: Asger F <asgerf@github.com>
|
2020-10-28 11:45:58 +01:00 |
|
Tamas Vajk
|
64b584b4a3
|
C#: Fix PR review findings in NamespaceDeclaration
|
2020-10-28 11:30:17 +01:00 |
|
Tamas Vajk
|
9cc7424cd0
|
C#: Simplify TypeMentions in PrintAST
|
2020-10-28 11:28:06 +01:00 |
|
Tamas Vajk
|
c2e8d3fb3b
|
C#: Minor fix in TypeMention
|
2020-10-28 11:28:06 +01:00 |
|
Asger Feldthaus
|
a9adb2912a
|
JS: Improve lodash model
|
2020-10-28 10:09:41 +00:00 |
|
Asger Feldthaus
|
9fc5c0bdb8
|
JS: Update ComposedFunctions
|
2020-10-28 10:09:40 +00:00 |
|
Tom Hvitved
|
92461d41e0
|
C#: Add change note
|
2020-10-28 11:02:12 +01:00 |
|
Tom Hvitved
|
28607927ee
|
C#: Update CIL tests
|
2020-10-28 10:57:01 +01:00 |
|
Cornelius Riemenschneider
|
f1f64fb7df
|
C++: Make BuiltInVarArgs* classes subclasses of VarArgsExpr.
|
2020-10-28 10:48:00 +01:00 |
|
Tamás Vajk
|
7c3964a388
|
Merge pull request #4543 from tamasvajk/feature/configureawait
C#: Add flow summary for 'Task.ConfigureAwait()'
|
2020-10-28 10:42:44 +01:00 |
|
Rasmus Lerchedahl Petersen
|
9fd1bf60fa
|
Merge branch 'main' of github.com:github/codeql into python-port-path-injection
|
2020-10-28 10:24:23 +01:00 |
|
Geoffrey White
|
09372f5c81
|
C++: Remove misleading comment.
|
2020-10-28 09:04:10 +00:00 |
|
Erik Krogh Kristensen
|
2e514c4d7b
|
add model for Node Redis
|
2020-10-28 09:52:54 +01:00 |
|
Anders Schack-Mulligen
|
34ae6e0576
|
Apply suggestions from code review
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-28 09:15:08 +01:00 |
|
Tom Hvitved
|
02ca8fe3b7
|
Merge pull request #4556 from hvitved/csharp/dataflow/tuple-perf
C#: Fix bad join-order in `System.Tuple` flow-summaries
|
2020-10-28 08:50:37 +01:00 |
|
Tamas Vajk
|
7a1e1996e4
|
C#: Remove unneded class from CompilerServices.qll
|
2020-10-28 08:42:20 +01:00 |
|
luchua-bc
|
99c79f4aa3
|
Enhance the dataflow sink and update test cases
|
2020-10-28 03:07:01 +00:00 |
|
Dave Bartolomeo
|
27ad7bc297
|
Merge pull request #4560 from MathiasVP/instruction-tag-for-this-addr-and-load
C++: Make sure getInstructionTagId has a result for `this` related IPA branches
|
2020-10-27 21:01:09 -04:00 |
|
luchua-bc
|
3cc3fe9d37
|
Switch to TaintPreservingCallable and add test cases
|
2020-10-28 00:33:07 +00:00 |
|
Mathias Vorreiter Pedersen
|
ad9e7b7343
|
C++: Give getInstructionTagId a result when tag is ThisAddressTag or ThisLoadTag
|
2020-10-27 22:16:01 +01:00 |
|
Alvaro Muñoz
|
77b551b693
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:12:17 +01:00 |
|
Alvaro Muñoz
|
b9c75ea462
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:12:00 +01:00 |
|
Alvaro Muñoz
|
ac116da0dc
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:48 +01:00 |
|
Alvaro Muñoz
|
d5b470ea0c
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:27 +01:00 |
|
Alvaro Muñoz
|
9785013c29
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:15 +01:00 |
|
Alvaro Muñoz
|
d221930c81
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:10:56 +01:00 |
|
Alvaro Muñoz
|
a9ea63b976
|
Update java/change-notes/2020-10-27-insecure-bean-validation.md
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:10:46 +01:00 |
|
Tom Hvitved
|
de4ed59f62
|
C#: Simplify toString() for CIL entities
|
2020-10-27 20:58:40 +01:00 |
|
Robert Marsh
|
7d7b0eaa7b
|
C++: accept test changes
The conflation-related changes result from aliased accesses for which a
precise Phi node is generated.
|
2020-10-27 09:33:28 -07:00 |
|
Alvaro Muñoz
|
1fdf0556d2
|
more fixes to make qlhelp linter happy
|
2020-10-27 17:05:00 +01:00 |
|
Alvaro Muñoz
|
aa981caea5
|
more fixes to make qlhelp linter happy
|
2020-10-27 16:32:13 +01:00 |
|
Alvaro Muñoz
|
8974f252ac
|
fix format and qlhelp errors blocking the merge
|
2020-10-27 16:19:39 +01:00 |
|
Alvaro Muñoz
|
11e57bd2f8
|
add change note for new Insecure Bean Validation query
|
2020-10-27 16:11:51 +01:00 |
|
Alvaro Muñoz
|
3378dd526e
|
remove compiled classes from stubs
|
2020-10-27 15:56:26 +01:00 |
|
Alvaro Muñoz
|
99044fc6ab
|
remove experimental query forr bean validation
|
2020-10-27 15:55:19 +01:00 |
|
Alvaro Muñoz
|
40a2007497
|
Apply suggestions from code review
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2020-10-27 15:52:25 +01:00 |
|