codeql

mirror of https://github.com/github/codeql.git synced 2026-02-22 18:03:39 +01:00

Author	SHA1	Message	Date
CodeQL CI	d7b9251b0d	Merge pull request #5262 from max-schaefer/event-handler-receiver-is-dom-element Approved by asgerf	2021-03-05 02:04:59 -08:00
Anders Schack-Mulligen	00983c8967	Merge pull request #4965 from artem-smotrakov/jexl-injection Java: Query for detecting JEXL injections	2021-03-05 10:52:36 +01:00
Anders Schack-Mulligen	20ccb52912	Merge pull request #4299 from torque59/play-framework Initial support for Java - Play Framework > 2.6.x	2021-03-05 10:51:53 +01:00
Anders Schack-Mulligen	8d292070a4	Merge pull request #5272 from Marcono1234/marcono1234/simplify-own-member-access-checks Java: Simplify own member access checks	2021-03-05 10:22:17 +01:00
Anders Schack-Mulligen	3565ba51b3	Merge pull request #5209 from smowton/smowton/feature/commons-misc-text Java: add models for miscellaneous text-processing utilities from Commons Lang	2021-03-05 10:21:58 +01:00
yoff	d17246ce2b	Merge pull request #5255 from RasmusWL/port-flask-debug Python: port py/flask-debug query	2021-03-05 09:39:14 +01:00
Rasmus Lerchedahl Petersen	7d556b354d	Python: Update test annotation and expectation	2021-03-05 09:16:35 +01:00
Mathias Vorreiter Pedersen	c86fc223b9	C++: Fix comment and prevent false positives on chiOnlyPartiallyUpdatesLocation when Alias::getEndBitOffset doesn't have known value.	2021-03-05 08:53:24 +01:00
Mathias Vorreiter Pedersen	bd842403c8	C++: Add testcase	2021-03-05 08:06:22 +01:00
haby0	ecdadd1826	move the query to experimental folder	2021-03-05 14:38:04 +08:00
luchua-bc	a93aabab40	Add the toString() method	2021-03-05 03:05:49 +00:00
luchua-bc	919c6b4b0a	Optimize flow steps	2021-03-05 02:50:54 +00:00
Francis Alexander	abdebc29f9	Move to experimental and review feedback	2021-03-05 07:26:29 +05:30
Francis Alexander	a35f6d030c	Test fixes and change notes	2021-03-05 06:50:57 +05:30
Marcono1234	879dbba8f0	Add name to check-change-note.yml workflow	2021-03-05 00:34:42 +01:00
Marcono1234	e9e9634306	Java: Improve constant-loop-condition	2021-03-04 23:33:29 +01:00
Taus	d2ed216670	Merge pull request #5280 from RasmusWL/highlight-tornado-uri Python: Highlight how request.uri works in Tornado	2021-03-04 23:31:02 +01:00
Taus	0b446258f5	Merge pull request #5279 from RasmusWL/ensure-old-queries-not-used Python: Ensure old dataflow queries are not used	2021-03-04 23:29:35 +01:00
Marcono1234	c8315577fe	Java: Simplify own member access checks	2021-03-04 22:45:52 +01:00
Marcono1234	5a8ffa5a85	Use `.inc.qhelp` extension for included help files	2021-03-04 22:04:48 +01:00
Nick Rolfe	1818b68ea2	Merge pull request #148 from github/calumgrant/readme-qltest Update README.md	2021-03-04 19:36:42 +00:00
Artem Smotrakov	7d52b53c24	Merge branch 'jexl-injection' of github.com:artem-smotrakov/ql into jexl-injection	2021-03-04 20:29:10 +01:00
Artem Smotrakov	0695b2a1fb	Removed TaintedSpringRequestBody	2021-03-04 20:27:39 +01:00
Calum Grant	67416a6440	Update README.md Co-authored-by: Nick Rolfe <nickrolfe@github.com>	2021-03-04 17:19:34 +00:00
Anders Schack-Mulligen	d685aff5e2	Merge pull request #5328 from owen-mc/correct-signature-in-comment Java: Correct signature and package in comment	2021-03-04 17:03:35 +01:00
Calum Grant	0be5c529ee	Update README.md	2021-03-04 16:03:23 +00:00
Calum Grant	20a62d169a	Ruby: Update query description	2021-03-04 15:48:09 +00:00
Calum Grant	ca497479c2	Ruby: Finish the test for UseDetect	2021-03-04 15:44:05 +00:00
Calum Grant	522bcff79d	Ruby: Initial test case	2021-03-04 15:38:09 +00:00
Mathias Vorreiter Pedersen	b399246d7f	C++/C#: Sync identical files.	2021-03-04 16:34:35 +01:00
Mathias Vorreiter Pedersen	23876cb581	C++: Only allow taint to a FieldAddressInstruction if it's a union type.	2021-03-04 16:29:44 +01:00
Mathias Vorreiter Pedersen	31690dee58	Fix comment.	2021-03-04 16:11:47 +01:00
Owen Mansel-Chan	96eaf2119f	Correct signature and package in comment cf https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html#addCookie(javax.servlet.http.Cookie)	2021-03-04 15:10:02 +00:00
Mathias Vorreiter Pedersen	6c14288fa7	C++: Use new predicate and accept test changes.	2021-03-04 16:05:38 +01:00
CodeQL CI	ad4b9372bd	Merge pull request #5302 from RasmusWL/expectation-tests-allow-str-prefix Approved by MathiasVP, tausbn	2021-03-04 06:48:57 -08:00
Mathias Vorreiter Pedersen	8a4cc3b5c2	C++: Sync identical files.	2021-03-04 15:38:36 +01:00
Mathias Vorreiter Pedersen	200d94777a	C++: Add isPartialUpdate member predicate to ChiInstructions.	2021-03-04 15:37:47 +01:00
Calum Grant	5854b831f3	Ruby: rb/use-detect query	2021-03-04 13:43:59 +00:00
ihsinme	cadb1d6554	Add files via upload	2021-03-04 16:21:34 +03:00
ihsinme	633fc92efc	Add files via upload	2021-03-04 16:20:22 +03:00
ihsinme	10cc574289	Add files via upload	2021-03-04 16:15:26 +03:00
ihsinme	01c13c4703	Add files via upload	2021-03-04 16:14:11 +03:00
CodeQL CI	15049ca853	Merge pull request #5183 from erik-krogh/next Approved by asgerf	2021-03-04 04:57:43 -08:00
Anders Schack-Mulligen	f9365dc9ac	Merge pull request #5324 from aschackmull/java/merge-5226 Java: merge #5226	2021-03-04 13:47:59 +01:00
haby0	c5577cb09a	Fix the problem	2021-03-04 19:54:49 +08:00
Tamas Vajk	3e0245a7fc	Fix test case for RuntimeChecksBypass	2021-03-04 12:47:21 +01:00
Chris Smowton	da0a7f343a	Move existing value-preserving methods to use ValuePreservingCallable	2021-03-04 11:45:45 +00:00
Chris Smowton	40b0f68d2a	Add backward dataflow edges through modelled function invocations. Also add convenience abstract classes for easily modelling new functions as fluent or value-preserving.	2021-03-04 11:45:19 +00:00
Chris Smowton	71cd329ded	Directly import Lang from ExternalFlow's Frameworks module	2021-03-04 11:12:21 +00:00
Chris Smowton	563404120f	Move calls to getSourceDeclaration	2021-03-04 11:11:56 +00:00

... 249 250 251 252 253 ...

33872 Commits