hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,358 Commits 1,673 Branches 157 Tags
codeql-cli/v2.5.8
Commit Graph

24358 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
28b98c1bfa update expected output 2021-07-15 15:51:01 +02:00
Tom Hvitved
4180528d02 C#: Do not inline getLeafTypeAt 2021-07-15 15:41:16 +02:00
Tom Hvitved
7e4d761aa3 C#: Add nomagic to NamedElement::getQualifiedName() 2021-07-15 15:40:26 +02:00
Chris Smowton
712b0d866e Merge pull request #6297 from aschackmull/java/query-metadata4 
Java: More missing metadata.
 2021-07-15 14:32:47 +01:00
Arthur Baars
a47002c6d8 Merge pull request #6302 from github/aibaars/drop-spaces 
C# remove spurious spaces in <code> tag
 2021-07-15 14:57:21 +02:00
Arthur Baars
e387d602b2 C# remove spurious spaces in <code> tag 2021-07-15 14:38:01 +02:00
Rasmus Wriedt Larsen
900cbc9a2f Merge pull request #6265 from tausbn/python-performance-fixes 
Python: Fix a few performance issues.
 2021-07-15 14:19:37 +02:00
Rasmus Wriedt Larsen
a5834c4d78 Python: Fix py/polynomial-redos 2021-07-15 14:16:19 +02:00
Rasmus Wriedt Larsen
76caf43b54 Python: Add tests for py/polynomial-redos 2021-07-15 14:15:44 +02:00
Rasmus Wriedt Larsen
1be0dc0876 Python: Move test for ReDoS 2021-07-15 14:15:24 +02:00
Arthur Baars
d059ec0c93 CPP: drop opaque-id properties 
The undocumented @opaque-id property takes precendence over the normal @id
property and causes the SARIF output produced by CodeQL to use that ID for
rules.
 2021-07-15 14:12:01 +02:00
Erik Krogh Kristensen
ae2fc7171b add a taint step through the ansi-to-html library 2021-07-15 14:04:16 +02:00
Anders Schack-Mulligen
5b7c2d133f Merge pull request #6291 from aschackmull/java/csv-synthfield 
Java: Add support for synthetic fields in csv rows.
 2021-07-15 13:43:56 +02:00
Anders Schack-Mulligen
9b2b593cb4 Java: More missing metadata. 2021-07-15 13:41:12 +02:00
Geoffrey White
e3e7b00986 Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis 
C++: Add path-sensitivity to `StackVariableReachability`
 2021-07-15 12:34:33 +01:00
Erik Krogh Kristensen
aaa8969537 add sort-keys as a clone call 2021-07-15 13:16:17 +02:00
Erik Krogh Kristensen
d2c74480b9 add taint step through flatten libraries 2021-07-15 12:36:07 +02:00
Erik Krogh Kristensen
77f4d56cd9 add taint step through array-union, array-uniq, and uniq 2021-07-15 12:32:29 +02:00
Anders Schack-Mulligen
8ccdd4fb9f Merge pull request #6211 from aschackmull/dataflow/refactor-call-context-check 
Dataflow: Refactor call context check
 2021-07-15 12:27:23 +02:00
Tom Hvitved
caf88a2d31 C#: Remove redundant conjunct in ssaDefReachesReadWithinBlock 2021-07-15 12:25:33 +02:00
Anders Schack-Mulligen
7339bd89ba Java: Add support for synthetic fields in csv rows. 2021-07-15 12:19:34 +02:00
Joe Farebrother
0e8dd9f335 Use generated stubs 2021-07-15 11:03:51 +01:00
Joe Farebrother
e7e432d7fd Fix incorrect row 2021-07-15 10:39:05 +01:00
Joe Farebrother
f3ab295f0f Fix up tests 2021-07-15 10:34:21 +01:00
Joe Farebrother
bbc4d4855c Move tests 2021-07-15 10:34:18 +01:00
Joe Farebrother
51045a83c2 Add change note 2021-07-15 10:33:33 +01:00
Joe Farebrother
df74a142dd Update for collection flow and add more tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
8f89d748fe Add spring tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
4be7e94dcc Add more spring stubs 2021-07-15 10:33:30 +01:00
Joe Farebrother
c1555b36a1 Add additional HTTP flow steps 2021-07-15 10:32:13 +01:00
Joe Farebrother
9b6213dbf0 Convert existing spring http steps to csv 2021-07-15 10:32:10 +01:00
Erik Krogh Kristensen
5ff7d208b7 add taint step through arrify 2021-07-15 11:24:50 +02:00
Erik Krogh Kristensen
e64f29fe8f add support for Array.prototype.find and polyfills 2021-07-15 11:16:06 +02:00
Erik Krogh Kristensen
f6f63e2811 add model for the array-from polyfill 2021-07-15 10:51:55 +02:00
Anders Schack-Mulligen
d34e748c83 Merge pull request #6290 from aschackmull/java/query-metadata3 
Java: Add metadata.
 2021-07-15 09:59:45 +02:00
Anders Schack-Mulligen
60b3dbd217 Java: Add metadata. 2021-07-15 09:16:56 +02:00
Anders Schack-Mulligen
bf0877c5cb Merge pull request #6289 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-07-15 09:15:51 +02:00
Anders Schack-Mulligen
e18a20fedb Merge pull request #6285 from smowton/smowton/feature/spring-jdbc-object 
Add models for org.springframework.jdbc.object
 2021-07-15 09:06:56 +02:00
Robert Marsh
4d8e882214 Merge pull request #6186 from geoffw0/formatarg 
C++: Fix FPs from cpp/wrong-type-format-argument
 2021-07-14 17:20:46 -07:00
github-actions[bot]
d6186e8d0f Add changed framework coverage reports 2021-07-15 00:06:37 +00:00
Erik Krogh Kristensen
22dfe84ee8 add xss sink for react-tooltip 2021-07-14 20:03:50 +02:00
Erik Krogh Kristensen
14b26f2a68 add mkdirp as a sink for tainted-path 2021-07-14 19:32:22 +02:00
Chris Smowton
f2b232f276 Add change note 2021-07-14 17:39:58 +01:00
Chris Smowton
0b2750828e Add models for org.springframework.jdbc.object 
Also add tests for the existing Spring JDBC SQL injection sinks in the process
 2021-07-14 17:25:00 +01:00
Taus
fb57c5f6f0 Merge pull request #6143 from RasmusWL/concepts-private-import-python 
Python: Make `import python` private in Concepts.qll
 2021-07-14 17:49:06 +02:00
Taus
5c5ee85332 Merge pull request #6122 from RasmusWL/mention-mysqlclient 
Python: Mention modeling of `mysqlclient` PyPI package
 2021-07-14 17:48:40 +02:00
Taus
30d61045d2 Python: Mention nameIndicatesSensitiveData 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-07-14 17:33:39 +02:00
Erik Krogh Kristensen
f462c9bb76 add taint through the parseqs library 2021-07-14 17:22:35 +02:00
Erik Krogh Kristensen
bec1818fc7 add taint through the normalize-url library 2021-07-14 17:15:14 +02:00
Erik Krogh Kristensen
86de10e6a1 simplify some implementations in UriLibraries.qll 2021-07-14 17:01:40 +02:00