Commit Graph

33872 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
fa2e7fd498 cache prepend 2021-03-11 11:59:54 +01:00
Artem Smotrakov
4b7c57c077 Added a comment for getBeanIdentifier()
Co-authored-by: Chris Smowton <smowton@github.com>
2021-03-11 11:52:07 +01:00
Asger Feldthaus
3fb810b540 JS: Add @kind problem meta queries 2021-03-11 10:46:18 +00:00
Asger Feldthaus
773cf0dcdd JS: Autoformat 2021-03-11 10:44:33 +00:00
Asger Feldthaus
0c6e161277 JS: Add source to XssThroughDom 2021-03-11 10:05:05 +00:00
Asger Feldthaus
18cfe72e99 JS: Add model of d3 2021-03-11 10:05:05 +00:00
Mathias Vorreiter Pedersen
01cc2f2c77 Merge pull request #5366 from MathiasVP/better-path-explanation-for-this-indirection
C++: Replace 'Argument -1 indirection' with 'This indirection'
2021-03-11 10:48:44 +01:00
Anders Schack-Mulligen
87e4dec86a Merge pull request #5300 from tamasvajk/feature/external-remote-flow-sources
Java: Convert remote flow sources to use new CSV format
2021-03-11 10:44:17 +01:00
CodeQL CI
25f4b76788 Merge pull request #5045 from erik-krogh/bindRoute
Approved by asgerf
2021-03-11 01:39:26 -08:00
CodeQL CI
ad665b765f Merge pull request #5323 from erik-krogh/staging
Approved by asgerf
2021-03-11 00:50:51 -08:00
Jonas Jensen
e1adf5e8b0 Merge pull request #5218 from MathiasVP/no-write-side-effects-for-const-pointer-params
C++: Don't generate write side effects for const parameter indirections
2021-03-11 09:48:05 +01:00
Mathias Vorreiter Pedersen
9439ed49c1 Merge branch 'main' into better-path-explanation-for-this-indirection 2021-03-11 09:39:18 +01:00
Mathias Vorreiter Pedersen
55da16c4a9 C++: Accept test changes. 2021-03-11 09:27:45 +01:00
Artem Smotrakov
0a5d58ed8a Cover more configurations in UnsafeSpringExporterInConfigurationClass.ql 2021-03-10 21:15:19 +03:00
luchua-bc
a0a1ddee86 Update class name 2021-03-10 17:07:31 +00:00
Anders Schack-Mulligen
674886a17d Dataflow: Sync. 2021-03-10 16:53:51 +01:00
Anders Schack-Mulligen
667dab28d4 Dataflow: Switch from unbind to pragma[only_bind_into]. 2021-03-10 16:52:45 +01:00
Mathias Vorreiter Pedersen
bc36e0db43 C++: Accept more test changes. 2021-03-10 16:51:13 +01:00
Rasmus Lerchedahl Petersen
ad35c01462 Python: purge old references 2021-03-10 16:38:00 +01:00
Erik Krogh Kristensen
ee9613fa79 import the Stages module from where it is used 2021-03-10 16:30:38 +01:00
Rasmus Lerchedahl Petersen
0ab4e3e041 Python: Fix old reference 2021-03-10 16:22:47 +01:00
Rasmus Lerchedahl Petersen
b865e88f59 Python, doc: Remove unused file 2021-03-10 16:09:52 +01:00
Mathias Vorreiter Pedersen
cc592b124b Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-10 15:59:48 +01:00
Rasmus Lerchedahl Petersen
fe975f25f9 Merge branch 'python-port-insecure-default-protocol' of github.com:yoff/codeql into python-port-insecure-default-protocol 2021-03-10 15:59:13 +01:00
Rasmus Lerchedahl Petersen
e726ff425c Python: simplify query code as suggested by review 2021-03-10 15:58:44 +01:00
Rasmus Lerchedahl Petersen
5c3d0c806d Python: remove unused file 2021-03-10 15:54:41 +01:00
Mathias Vorreiter Pedersen
0b6589c8be C++: Accept test changes. 2021-03-10 15:47:06 +01:00
Erik Krogh Kristensen
81efd726cb renamings - and simplifications of qldoc 2021-03-10 15:42:50 +01:00
Calum Grant
bf873c8ad1 Merge pull request #147 from github/calumgrant/use-detect
Ruby: New query UseDetect
2021-03-10 14:39:37 +00:00
Rasmus Lerchedahl Petersen
e4422fc939 Python, doc: Remove section on taint-tracking 2021-03-10 15:38:19 +01:00
Erik Krogh Kristensen
d3fca0a107 Apply suggestions from code review
Co-authored-by: Asger F <asgerf@github.com>
2021-03-10 15:24:05 +01:00
Erik Krogh Kristensen
c993f9a3a3 add instance methods in the same class to localFieldStep 2021-03-10 15:19:07 +01:00
Erik Krogh Kristensen
ea6d3bde9c Update javascript/ql/src/semmle/javascript/dataflow/internal/CallGraphs.qll
Co-authored-by: Asger F <asgerf@github.com>
2021-03-10 15:00:48 +01:00
CodeQL CI
2c4ba561bf Merge pull request #5360 from erik-krogh/regParse
Approved by asgerf
2021-03-10 05:57:19 -08:00
Geoffrey White
a2660e5996 Merge pull request #5326 from ihsinme/ihsinme-patch-244
CPP: Add query for CWE-20 Improper Input Validation
2021-03-10 13:53:26 +00:00
Tom Hvitved
fc5158c41c Merge pull request #5338 from hvitved/dataflow/performance-tweaks
Data flow: Performance tweaks
2021-03-10 13:56:57 +01:00
luchua-bc
f0ddfc9283 Minor qldoc changes 2021-03-10 12:18:55 +00:00
luchua-bc
72f28513eb Move test check to the sink 2021-03-10 12:12:27 +00:00
Asger Feldthaus
fbca06f4e1 JS: Move TaintMetrics.qll into internal folder 2021-03-10 11:53:44 +00:00
Cornelius Riemenschneider
16a3dfa30a C++: Update summary metrics query format. 2021-03-10 11:15:55 +00:00
Anders Schack-Mulligen
4941d9b7bf Java: Add query for CSV framework coverage. 2021-03-10 12:03:44 +01:00
Calum Grant
cb977cb290 Ruby: Use getAUniqueRead TC 2021-03-10 10:56:33 +00:00
Mathias Vorreiter Pedersen
0f6c56ad74 C++: Use names that better match the AST dataflow library. 2021-03-10 11:44:19 +01:00
Erik Krogh Kristensen
49b1bfc41b add a step for referencing instance/static methods on classes 2021-03-10 10:57:28 +01:00
Rasmus Lerchedahl Petersen
76e936c64d Python, doc: Add links to runs on LGTM.com 2021-03-10 10:52:22 +01:00
Anders Schack-Mulligen
ed250d5017 Merge pull request #5339 from smowton/smowton/feature/commons-regex-utils
Java: Add models for Commons-Lang's RegExUtils class
2021-03-10 10:23:37 +01:00
Chris Smowton
410f21cd55 Fix comment describing two-arg nextInt/nextLong
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
2021-03-10 08:43:37 +00:00
Artem Smotrakov
df60268023 Split qhelp files 2021-03-10 10:49:47 +03:00
luchua-bc
48975fa7d2 Replace sanitizers 2021-03-10 00:17:26 +00:00
Arthur Baars
3966de6b2b Merge pull request #151 from github/aibaars/scopes-refactor
Add Scopes.qll and remove VariableScopes IPA type
2021-03-09 20:55:18 +01:00