hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 23:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,692 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
57d8ba649f Use flowsTo 2021-06-21 19:37:41 +02:00
Arthur Baars
d2e2901128 First version of ApiGraphs 2021-06-21 19:37:41 +02:00
Arthur Baars
f0c83288a7 Add test case for ApiGraph 2021-06-21 19:37:41 +02:00
Arthur Baars
4fa093048c Add inline expectations test framework 2021-06-21 19:37:41 +02:00
Taus
ba6ab8ff3d Python: Expand __main__.py comment 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-06-21 18:14:03 +02:00
Taus
768cab3642 Python: Address review comments 
- changes `getReceiver` to `getObject`
- fixes `calls` to avoid unwanted cross-talk
- adds some more documentation to highlight the above issue
 2021-06-21 14:57:19 +00:00
Mathias Vorreiter Pedersen
3bc6b11ae5 C++: Share the 'bounded' predicate from 'cpp/uncontrolled-arithmetic' and use it in 'cpp/tainted-arithmetic'. 2021-06-21 16:38:17 +02:00
Arthur Baars
33c5312842 Merge pull request #215 from github/bump-codeql 
Bump `codeql` submodule
 2021-06-21 16:18:04 +02:00
Anders Schack-Mulligen
c06e152e90 Java: Remove outdated test. 2021-06-21 16:08:59 +02:00
Anders Schack-Mulligen
27c973e157 Java: Fix some qltests. 2021-06-21 16:08:52 +02:00
Tom Hvitved
992d8faa06 Bump codeql submodule 2021-06-21 16:06:45 +02:00
Mathias Vorreiter Pedersen
05389bb9d4 Merge pull request #6099 from geoffw0/weak-crypto3 
Further improvements to cpp/weak-cryptographic-algorithm
 2021-06-21 15:46:50 +02:00
Rasmus Wriedt Larsen
1c48aca630 Merge branch 'main' into jmespath 2021-06-21 15:26:45 +02:00
CodeQL CI
565af1a879 Merge pull request #6071 from RasmusWL/fix-input-cwe 
Approved by calumgrant, tausbn
 2021-06-21 06:23:18 -07:00
Geoffrey White
05ed4ed739 Update cpp/change-notes/2021-06-21-weak-cryptographic-algorithm.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-06-21 14:22:56 +01:00
AlonaHlobina
281a619646 Merge branch 'main' into AlonaHlobina-patch-3 2021-06-21 16:22:10 +03:00
Rasmus Wriedt Larsen
a7170bedb6 Python: Mention modeling of mysqlclient PyPI package 
Just for completeness in terms of what we claim support for.
 2021-06-21 15:20:08 +02:00
yoff
baf8d0a990 Merge pull request #6045 from RasmusWL/twisted 
Python: Model twisted
 2021-06-21 14:52:57 +02:00
Anders Schack-Mulligen
810de73246 C/C++: Update qltest expected output. 2021-06-21 14:47:31 +02:00
Anders Schack-Mulligen
14b485efa4 Merge pull request #6119 from smowton/smowton/fix/jaxrs-tests-field-flow 
Increase field flow branch limit in Jax-RS tests
 2021-06-21 14:43:59 +02:00
Tom Hvitved
abe5e3d953 Merge pull request #210 from github/hvitved/dataflow/consistency 
Data flow: Add consistency queries
 2021-06-21 14:42:55 +02:00
Anders Schack-Mulligen
d383c0f69b Java: Remove temporary store-as-taint. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
65ac8be5ac Java: Add defaultImplicitTaintRead and sync. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
38319a4832 C/C++: Make Content public as DataFlow::Content. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
aa82d0b815 Java: Make Content public as DataFlow::Content. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
80880320d5 Dataflow: Sync. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
b7ac329ba1 DataFlow: Add support for configuration-specific implicit reads. 2021-06-21 14:41:19 +02:00
Mathias Vorreiter Pedersen
238c483e5b C++: Make any non-overflowing arithmetic operation a barrier. 2021-06-21 14:05:34 +02:00
Mathias Vorreiter Pedersen
18e5d3cce8 C++: Add false positive with multiplication. 2021-06-21 14:04:27 +02:00
Chris Smowton
e2aaae8181 Increase test fieldFlowBranchLimit to 1000 
Might as well head off future failures in this test

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-21 12:51:37 +01:00
Chris Smowton
c5eef7be8c Increase field flow branch limit in Jax-RS tests 
This fixes apparently-missing results by allowing the dataflow library to persist even when there are many Map implementations possibly available.
 2021-06-21 12:46:13 +01:00
Geoffrey White
6f808c9e4c C++: Update change note. 2021-06-21 12:32:48 +01:00
Geoffrey White
79198974dc Merge branch 'main' into weak-crypto3 2021-06-21 11:55:29 +01:00
Anders Schack-Mulligen
9110dfaeb3 Merge pull request #6095 from hvitved/dataflow/local-cc-join 
Data flow: Fix `getLocalCallContext` join-order
 2021-06-21 12:53:38 +02:00
Geoffrey White
90e2a2d222 C++: Change note. 2021-06-21 11:30:12 +01:00
Nick Rolfe
35eb4a3af4 Merge pull request #214 from github/regexp_naming 
Use RegExp prefix instead of Regex, for consistency with other languages.
 2021-06-21 11:06:19 +01:00
Asger Feldthaus
0754ed2b5c JS: Change note 2021-06-21 11:46:44 +02:00
Rasmus Wriedt Larsen
d6ec4d30fc Python: Twisted refactor of getRequestParamIndex 2021-06-21 10:54:28 +02:00
Tom Hvitved
b820f3f20d Merge pull request #212 from github/hvitved/ssa/assigns-pred 
Add `Ssa::WriteDefinition::assigns/1` predicate
 2021-06-21 10:46:48 +02:00
Rasmus Wriedt Larsen
8208aebd7e Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-06-21 10:43:25 +02:00
Shati Patel
bbb5a39c02 Merge pull request #6072 from shati-patel/shati-patel/vs-code-setting 
[Already shipped] Docs: Update setting in CodeQL for VS Code
 2021-06-21 08:34:14 +01:00
jorgectf
b10ade17be Update HeaderDeclaration input naming 2021-06-20 00:13:59 +02:00
jorgectf
0e61558644 Empty commit 2021-06-19 18:39:58 +02:00
Taus
e79ded9046 Add exclusions to Module consistency test 2021-06-19 12:41:16 +00:00
Taus
2515fc0ebc QL: Add exclusions to Module consistency test 2021-06-19 12:41:16 +00:00
Taus
6d1dc24fa7 Autoformat 2021-06-19 12:36:10 +00:00
Taus
7a117caaea QL: Autoformat 2021-06-19 12:36:10 +00:00
Taus
6bff0f48a2 Remove SuperAccess::getType() 
This had a bad effect on our call resolution, so I'm reverting it for
now. We may want to diverge from the language specification here.
 2021-06-19 12:17:17 +00:00
Taus
2fa4424f71 QL: Remove SuperAccess::getType() 
This had a bad effect on our call resolution, so I'm reverting it for
now. We may want to diverge from the language specification here.
 2021-06-19 12:17:17 +00:00
Taus
b9238ea436 Update printAst test 
to reflect the renaming of `Aggregate` to `FullAggregate`.
 2021-06-19 12:16:42 +00:00