Rasmus Wriedt Larsen
58baec5b06
Merge pull request #4364 from yoff/SharedDataflow_ArgumentPassing
...
Python: Shared dataflow, argument passing
2020-10-15 17:10:59 +02:00
Joe Farebrother
388f60f818
Merge pull request #4430 from joefarebrother/tainttrackingutils-refactor
...
Java: Refactor part of TaintTrackingUtil.qll
2020-10-15 16:05:38 +01:00
Rasmus Lerchedahl Petersen
89f5352324
Python: fix QL format
2020-10-15 16:41:41 +02:00
Dave Bartolomeo
f32a7be874
Fix formatting
2020-10-15 10:16:13 -04:00
luchua-bc
b359802dd4
Replace non-ASCII apostrophe in Java stub classes
2020-10-15 14:53:32 +01:00
luchua-bc
6f6ec9d51a
Change the source class type and simplify the data-flow step
2020-10-15 14:53:32 +01:00
luchua-bc
f5e9690594
Update the doc comments
2020-10-15 14:53:32 +01:00
luchua-bc
c7750fd8c2
Fine tune the query
2020-10-15 14:53:32 +01:00
luchua-bc
5338332648
Enhance the query and add more test cases
2020-10-15 14:53:31 +01:00
luchua-bc
55af37312b
Text changes to the help file
2020-10-15 14:53:31 +01:00
luchua-bc
ebc2bd9a58
Text changes to the help file
2020-10-15 14:53:31 +01:00
luchua-bc
bd0c577ffd
Unsafe resource loading in Android webview
2020-10-15 14:53:30 +01:00
Rasmus Lerchedahl Petersen
ef32488596
Merge branch 'main' of github.com:github/codeql into python-port-unsafe-deserialization
2020-10-15 15:45:35 +02:00
James Fletcher
b05cc2eafd
Merge pull request #4475 from github/banner-template
...
[CodeQL docs] Update footer in Sphinx template
2020-10-15 14:39:52 +01:00
James Fletcher
fb05f02489
Apply suggestions from code review
...
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com >
2020-10-15 14:24:28 +01:00
CodeQL CI
ab7d28b3fb
Merge pull request #4482 from RasmusWL/promote-script
...
Approved by tausbn
2020-10-15 06:15:55 -07:00
Jonathan Leitschuh
a9c5551284
Fix formatting in Lang.qll
2020-10-15 08:52:02 -04:00
Erik Krogh Kristensen
ff054b985b
add change note
2020-10-15 14:51:02 +02:00
Erik Krogh Kristensen
8206933e85
add test for home grown CSRF protection
2020-10-15 14:51:02 +02:00
Erik Krogh Kristensen
4d1a9740f0
add support for home made CSRF protection middlewares in js/missing-token-validation
2020-10-15 14:50:59 +02:00
Geoffrey White
1b8d14077a
Merge pull request #4481 from rvermeulen/patch-1
...
C++: Fix qldoc for getIncludeText
2020-10-15 13:00:33 +01:00
Erik Krogh Kristensen
1d2ca42d49
update expected output
2020-10-15 13:42:13 +02:00
Erik Krogh Kristensen
d629eea54e
aggregate the arguments of a call into a synthetic node
2020-10-15 13:35:19 +02:00
Erik Krogh Kristensen
5770d0256f
fixing printing of NameConstants
2020-10-15 13:32:22 +02:00
Rasmus Wriedt Larsen
43cee8567c
Python: Add script to promote experimental security queries
2020-10-15 13:25:01 +02:00
Erik Krogh Kristensen
2a5dd2c8a3
fix pretty-printing of number literals
2020-10-15 13:04:52 +02:00
Rasmus Lerchedahl Petersen
cc7d32c27c
Merge branch 'python-port-unsafe-deserialization' of github.com:yoff/codeql into python-port-unsafe-deserialization
2020-10-15 13:01:38 +02:00
Erik Krogh Kristensen
1d4a605517
remove location for synthetic nodes
2020-10-15 12:57:46 +02:00
Erik Krogh Kristensen
9da8c23717
change the order of the children from FunctionDef
2020-10-15 12:57:17 +02:00
Rasmus Lerchedahl Petersen
172e058438
Python: unsafe -> mayExecuteInput
2020-10-15 12:56:29 +02:00
Rasmus Lerchedahl Petersen
00566f0eee
Python: Extend DataFlow::CfgNode when appropriate
2020-10-15 12:40:16 +02:00
yoff
c36ad7dd9b
Apply suggestions from code review
...
Co-authored-by: Taus <tausbn@github.com >
2020-10-15 12:35:21 +02:00
Tamás Vajk
e62c9b1382
Merge pull request #4472 from tamasvajk/feature/cleanup-3
...
C#: Change public fields to properties
2020-10-15 12:16:53 +02:00
Erik Krogh Kristensen
11ee7c7946
update expected output
2020-10-15 12:06:17 +02:00
Erik Krogh Kristensen
f9f29f53cf
remove locations where we have no exact location
2020-10-15 11:59:51 +02:00
Tom Hvitved
36f6e97cad
Merge pull request #4371 from hvitved/csharp/library-flow-refactor
...
C#: Reimplement flow-summary compilation
2020-10-15 11:56:32 +02:00
Erik Krogh Kristensen
2bb8b78a29
remove "</>" from the end when printing HTML
2020-10-15 11:56:00 +02:00
Remco Vermeulen
7848c5f54d
Fix qldoc for getIncludeText
...
The '<' was HTML encoded for some reason.
2020-10-15 11:49:18 +02:00
Erik Krogh Kristensen
a019312953
improve printing of JS object literals
2020-10-15 11:47:45 +02:00
Rasmus Lerchedahl Petersen
9c8e968cba
Python: Fix bad merge
2020-10-15 11:47:34 +02:00
Erik Krogh Kristensen
ab7542c0d2
improve printing of JSON values
2020-10-15 11:05:22 +02:00
Taus
c8b93148a2
Merge pull request #4424 from RasmusWL/python-model-python2-specific-command-execution
...
Python: model Python 2 specific command execution
2020-10-15 10:52:43 +02:00
Erik Krogh Kristensen
1ebd49b0eb
remove location from "mapping i" print node
2020-10-15 10:51:34 +02:00
Erik Krogh Kristensen
3e2d266343
improve YAMLMapping printing
2020-10-15 10:49:37 +02:00
Anders Schack-Mulligen
60ce02ac18
Merge pull request #4469 from JLLeitschuh/additional-file-taint
...
Java: Track taint through java.io.File::toPath & java.nio.file.Path::toFile
2020-10-15 10:46:35 +02:00
Erik Krogh Kristensen
1b908ce030
improve printing of DeclStmt, and remove escaped whitespace chars from printed output
2020-10-15 10:43:32 +02:00
Tom Hvitved
8728017328
C#: Increase fieldFlowBranchLimit in test
...
68014fd3bf
2020-10-15 10:40:19 +02:00
Rasmus Wriedt Larsen
c5810d623b
Merge pull request #4474 from tausbn/python-fix-tostring-divergence
...
Python: Fix divergence in tuple/subscripted type `toString`
2020-10-15 10:29:33 +02:00
Erik Krogh Kristensen
c033ae9b7f
add one more case to getAPrimaryQlClass
2020-10-15 10:05:07 +02:00
Arthur Baars
a10c0138e9
Merge commit '78c58c24158e3ee4fd78318194d56591af90da69' into lgtm.com
2020-10-15 10:00:43 +02:00
