hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,693 Branches 161 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
ffd3c6b016 JS: Minor grammar cleanup of type back-tracking 2021-02-18 11:31:30 +01:00
Anders Schack-Mulligen
74d35f4f37 Java: Add support for value-preserving steps. 2021-02-18 11:26:15 +01:00
Anders Schack-Mulligen
04eeeda2c9 Java: Add documentation for the final column. 2021-02-18 11:23:49 +01:00
Anders Schack-Mulligen
6f583baa90 Java: More documentation and support for field writes. 2021-02-18 11:18:31 +01:00
CodeQL CI
d94f20ff2f Merge pull request #5194 from RasmusWL/type-tracking-snippets 
Approved by tausbn
 2021-02-18 02:13:21 -08:00
haby0
8119fd2ad1 *)add JsonHijacking ql query 2021-02-18 18:11:10 +08:00
Mathias Vorreiter Pedersen
88263cb89e Merge pull request #5114 from geoffw0/codeqltestdoc 
Documentation: Make our policy for copied example code clear and visible.
 2021-02-18 10:43:17 +01:00
Erik Krogh Kristensen
6f384630f1 Apply suggestions from code review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2021-02-18 10:36:49 +01:00
Mathias Vorreiter Pedersen
3082d70345 Merge branch 'main' into fix-dataflow-regression-const-member-function 2021-02-18 09:34:51 +01:00
luchua-bc
e916ce8b9b Exclude test directories of typical build tools 2021-02-18 00:50:38 +00:00
Taus Brock-Nannestad
23e9785efd Python: Add missing QLDoc 2021-02-17 21:38:48 +01:00
Erik Krogh Kristensen
f4e6f49ae7 change join order for API::Impl::trackDefNode 2021-02-17 21:23:11 +01:00
Erik Krogh Kristensen
dcef6cb974 change join order for API::InvokeNode::getParameter 2021-02-17 21:23:11 +01:00
Erik Krogh Kristensen
c80365c48a change join order for API::Impl::useStep 2021-02-17 21:23:11 +01:00
Taus Brock-Nannestad
99f3a61f61 Python: Add TypeBackTracker 
This is a fairly straight port of the JS equivalent. Also adds
`Node::getALocalSourceNode` which seems like it might come in handy.
 2021-02-17 21:14:20 +01:00
CodeQL CI
8716cbd7ee Merge pull request #5140 from erik-krogh/mark 
Approved by asgerf
 2021-02-17 11:50:11 -08:00
Nick Rolfe
ac3da22158 Merge pull request #137 from github/scope_tostring 
Include file/class/method/module names in VariableScope::toString
 2021-02-17 19:24:36 +00:00
Nick Rolfe
b8bbbe92f3 Include file/class/method/module names in VariableScope::toString 2021-02-17 18:10:03 +00:00
Raul Garcia (MSFT)
cba9f421ad Changes to the Readme file 2021-02-17 10:05:22 -08:00
luchua-bc
5e36eedcb6 Add check for test packages 2021-02-17 18:04:55 +00:00
Erik Krogh Kristensen
4df85b44de Update javascript/change-notes/2021-02-10-markdown.md 
Co-authored-by: Asger F <asgerf@github.com>
 2021-02-17 18:30:31 +01:00
Nick Rolfe
aedf093e72 Merge pull request #135 from github/aibaars/heredoc 
AST: HereDoc
 2021-02-17 17:18:38 +00:00
Cornelius Riemenschneider
ebcecca9f1 Merge pull request #5157 from geoffw0/modelsbsl2 
C++: Improve Iterator models
 2021-02-17 18:04:07 +01:00
Jonathan Leitschuh
c43765917f Fix formatting of MavenPom.qll 2021-02-17 11:55:10 -05:00
CodeQL CI
a81592dbd1 Merge pull request #5111 from asgerf/js/angular-framework-note 
Approved by erik-krogh
 2021-02-17 08:48:00 -08:00
Taus
593a96ffbb Merge pull request #5182 from RasmusWL/update-supported-python-frameworks-docs 
Docs: Update list of support frameworks in Python
 2021-02-17 17:44:18 +01:00
CodeQL CI
3e1d2c3f81 Merge pull request #5198 from RasmusWL/revert-structure-change 
Approved by tausbn
 2021-02-17 08:36:04 -08:00
Rasmus Wriedt Larsen
4880350420 Python: Add a single missing QLDoc 2021-02-17 16:33:12 +01:00
Rasmus Wriedt Larsen
7afe3972d8 Revert "Merge pull request #5171 from RasmusWL/restructure-queries" 
This reverts commit 8caafb3710, reversing
changes made to ec79094957.
 2021-02-17 16:32:53 +01:00
Erik Krogh Kristensen
bc4ff813f3 Merge pull request #5193 from erik-krogh/aceLog 
JS: avoid cartesian product in isFilteredPropertyName
 2021-02-17 16:27:33 +01:00
Arthur Baars
cabe6df820 Add missing heredoc end token 2021-02-17 15:58:13 +01:00
Rasmus Wriedt Larsen
63a09fccdd Python: Use this = <...>.getACall() for DataFlow::CallCfgNode 
I think this reads a bit cleaner
 2021-02-17 14:43:48 +01:00
Mathias Vorreiter Pedersen
908f24d23f C++: Fix missing AST flow. 2021-02-17 14:33:58 +01:00
Francis Alexander
2baf2aa5c1 Apply suggestions from code review - improved sanitizer checks. 
Co-authored-by: Alvaro Muñoz <pwntester@github.com>
 2021-02-17 18:58:32 +05:30
Francis Alexander
40f4e71b86 Merge branch 'main' into cwe-346 2021-02-17 18:55:31 +05:30
Anders Schack-Mulligen
862c41632e Java: Add empty file to test. 2021-02-17 13:23:18 +01:00
Taus
ce1d8ded22 Merge pull request #5192 from RasmusWL/framework-for-routed-params 
Python: Expose framework identifier for route-setup and request handler
 2021-02-17 13:19:43 +01:00
Rasmus Wriedt Larsen
0cdb5c48cf Python: Remove type-tracking snippets for framework modeling 
We won't need these anymore, since we can now use API graphs
 2021-02-17 13:14:23 +01:00
Rasmus Wriedt Larsen
a4de88d39c Python: Update type-tracking snippet 
based on what I learned in https://github.com/github/codeql/pull/5184
 2021-02-17 13:13:25 +01:00
Erik Krogh Kristensen
a03507a544 avoid cartesian product in isFilteredPropertyName 2021-02-17 13:12:35 +01:00
Arthur Baars
e1047fad2c CFG: remove intermediate HeredocBody nodes 2021-02-17 13:10:18 +01:00
Arthur Baars
167574d82f AST: HereDoc 2021-02-17 13:10:18 +01:00
Arthur Baars
1e19904342 Merge pull request #134 from github/literals 
Add and expand AST classes for literals
 2021-02-17 13:09:02 +01:00
Mathias Vorreiter Pedersen
e0dca2be20 Merge pull request #5185 from MathiasVP/block-integral-types-in-cgixss-query 
C++: Add isBarrier to cpp/cgi-xss
 2021-02-17 12:44:45 +01:00
Rasmus Wriedt Larsen
eee49cde85 Merge pull request #5184 from tausbn/python-move-type-tracker-tests-to-source-nodes 
Python: Use `LocalSourceNode` in type tracker tests
 2021-02-17 12:13:47 +01:00
Taus
8caafb3710 Merge pull request #5171 from RasmusWL/restructure-queries 
Python: Restructure query file layout
 2021-02-17 12:09:32 +01:00
Geoffrey White
ec79094957 Merge pull request #5191 from MathiasVP/regression-test-const-member-function 
C++: Add test for missing flow due to const specifier
 2021-02-17 10:59:20 +00:00
Nick Rolfe
c019da83f3 Address feedback on StringInterpolationComponent::getStmt 2021-02-17 10:57:01 +00:00
Mathias Vorreiter Pedersen
25beadcb05 Update cpp/ql/test/query-tests/Security/CWE/CWE-079/semmle/CgiXss/search.c 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-02-17 11:54:24 +01:00
Geoffrey White
c07a60818c C++: Simplify IteratorAssignArithmeticOperator. 2021-02-17 10:49:28 +00:00