hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-17 15:33:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,692 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felicity Chapman
aad738ba9f Update docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2021-06-07 17:05:40 +01:00
Tony Torralba
d77d0c9e10 Added summaries for Spring PropertyValues 2021-06-07 17:35:03 +02:00
Erik Krogh Kristensen
7f09edcf59 add change note 2021-06-07 17:25:18 +02:00
Erik Krogh Kristensen
bcf08e6472 add remote flow source for the serverless library 2021-06-07 17:19:19 +02:00
Alex Denisov
a12954a403 C++: Remove outdated comment 2021-06-07 17:15:21 +02:00
AlexDenisov
d254524f3f Merge pull request #6027 from AlexDenisov/alexdenisov/fix-string-literal-expectation 
C++: Fix string literal expectation
 2021-06-07 17:13:12 +02:00
Erik Krogh Kristensen
09a2c055a7 add test for the serverless express API 2021-06-07 16:50:01 +02:00
Asger Feldthaus
4cf3c11e83 JS: Add lines of user code summary query 2021-06-07 16:41:59 +02:00
Felicity Chapman
71019419e2 Update following writer review 2021-06-07 15:13:43 +01:00
Tamás Vajk
3f33f2de13 Merge pull request #5980 from tamasvajk/fix/extension-method-as-target 
C#: Extract correct method symbol as target of extension method calls
 2021-06-07 15:57:24 +02:00
Alex Ford
e26afe91b5 move rb/hardcoded-credential alert location to the source 2021-06-07 14:53:04 +01:00
Alex Ford
5d79a8cec0 account for keyword args in rb/hardcoded-credentials and simplify query 2021-06-07 14:49:49 +01:00
Erik Krogh Kristensen
a63b0b28d4 refactor the history library model, add support for the global variable 2021-06-07 15:42:13 +02:00
Erik Krogh Kristensen
5419143e72 remove createHashHistory from the history sink 2021-06-07 15:24:59 +02:00
CodeQL CI
4963a8f6b9 Merge pull request #6024 from erik-krogh/serialize-javascript 
Approved by asgerf
 2021-06-07 06:08:05 -07:00
Rasmus Wriedt Larsen
3819a361b5 Python: Autoformat 2021-06-07 14:16:33 +02:00
Felicity Chapman
d292be3880 Update the revised section 2021-06-07 12:00:20 +01:00
Felicity Chapman
e09774be03 Address technical review feedback 2021-06-07 11:49:28 +01:00
Geoffrey White
6f05fd4839 C++: Autoformat. 2021-06-07 11:01:00 +01:00
Tony Torralba
52f1930e1d Add key-read-steps as local additional taint steps 2021-06-07 11:37:05 +02:00
Mathias Vorreiter Pedersen
3923acb5e0 Merge pull request #6017 from github/dbartol/pack/extra-queries-xml 
C++: Replace an odd `queries.xml` with `qlpack.yml`
 2021-06-07 10:58:19 +02:00
Rasmus Wriedt Larsen
e82ad6fc22 Python: Add missing QLDoc 2021-06-07 10:13:26 +02:00
Rasmus Wriedt Larsen
9dcb26d151 Python: Autoformat 
I had not set up the pre-commit hook properly
 2021-06-07 10:05:48 +02:00
Anders Schack-Mulligen
96da85449d Merge pull request #5823 from atorralba/promote-jexl-injection 
Java: Promote JEXL Injection query from experimental
 2021-06-07 10:03:12 +02:00
Alex Denisov
17be6e1271 C++: Fix string literal expectation 2021-06-07 09:47:26 +02:00
Tamás Vajk
1a1b74cfcc Merge pull request #5998 from tamasvajk/fix/tuple-members 
C#: Fix container type extraction of tuple members
 2021-06-07 09:18:05 +02:00
Erik Krogh Kristensen
5961dd1459 add another test for the resolve library 2021-06-06 22:54:12 +02:00
Erik Krogh Kristensen
0adc001df0 add taint-step for serialize-javascript 2021-06-06 22:48:53 +02:00
Erik Krogh Kristensen
dd2fe2a489 add the resolve library as a sink to js/path-injection 2021-06-06 22:04:32 +02:00
Dave Bartolomeo
ac3ded7d5a Replace an odd queries.xml with qlpack.yml 
This one C++ test has its own `queries.xml` to make "outside-of-source" path filtering work, as detailed in commit 2550788598. I've replaced the `queries.xml` with `qlpack.yml`, added a comment, and added that pack to the `.codeqlmanifest.json` at the root of the repo. This will allow the library dependencies of this pack to be resolved without the need for a `--search-path` option with the upcoming packaging changes.
 2021-06-06 09:04:18 -04:00
Dave Bartolomeo
e276e2684e Merge pull request #5986 from MathiasVP/side-effects-for-nonconst-smart-pointers 
C++: Fix `hasDefaultSideEffect` for non-const smart pointers
 2021-06-04 13:57:44 -04:00
Tom Hvitved
962768e7c0 Disambiguate toStrings for nested synthetic local variables 2021-06-04 19:20:11 +02:00
Mathias Vorreiter Pedersen
8e8c2e677a C++: Accept test changes. 2021-06-04 18:49:20 +02:00
Mathias Vorreiter Pedersen
27586d77f8 C++: Copy isDeeplyConst{Below} into SideEffects and modify it so that it works for smart pointers. 2021-06-04 18:46:52 +02:00
Mathias Vorreiter Pedersen
f2d7988d72 C++: Add tests involving various non-const and const smart pointers. 2021-06-04 18:46:05 +02:00
Geoffrey White
799e19bdc2 C++: Update the other version as well. 2021-06-04 16:21:04 +01:00
CodeQL CI
eb0491598a Merge pull request #6009 from erik-krogh/whatwg-fetch 
Approved by esbena
 2021-06-04 08:19:36 -07:00
Geoffrey White
3c6a1f165b Update cpp/ql/src/semmle/code/cpp/Location.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-06-04 16:19:11 +01:00
Tom Hvitved
82fbc03889 Merge pull request #200 from github/hvitved/dataflow/call-sensitivity 
Data flow: Call-sensitive resolution of lambda/block calls
 2021-06-04 16:25:13 +02:00
Felicity Chapman
919555cae4 Remove info for legacy tools 2021-06-04 15:13:24 +01:00
Chris Smowton
4ddf4558a7 Merged simplified query 2021-06-04 16:07:15 +02:00
Mathias Vorreiter Pedersen
f21e949898 Merge pull request #6007 from geoffw0/weak_crypto2 
C++: Combine results for cpp/weak-cryptographic-algorithm
 2021-06-04 16:06:29 +02:00
Tom Hvitved
3c7c10a424 Merge pull request #5991 from hvitved/java/shared-external-source-sink 
Java: Move common CSV logic for sources and sinks into shared library
 2021-06-04 16:04:25 +02:00
Alex Ford
ec326bfcb7 Merge pull request #201 from github/perm-file-report-source 
Report rb/weak-file-permission alerts at source rather than sink and improve alert message
 2021-06-04 14:52:48 +01:00
Rasmus Wriedt Larsen
7f119dd5a9 Python: Add change-note 2021-06-04 15:27:36 +02:00
Geoffrey White
b24dc810c9 C++: Combine results from cpp/weak-cryptographic-algorithm that are in the same file. 2021-06-04 14:04:02 +01:00
Tamas Vajk
b3a2998d96 Fix failing test after rebase 2021-06-04 14:34:45 +02:00
Tamas Vajk
75060baaa3 Add change note 2021-06-04 14:33:12 +02:00
Tamas Vajk
33daa2c41d Fix container type extraction of tuple members 2021-06-04 14:33:12 +02:00
Tamas Vajk
4f4bf59cd4 C#: Add tuple member tests 2021-06-04 14:33:12 +02:00