codeql

mirror of https://github.com/github/codeql.git synced 2026-03-02 22:03:42 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	5acfd92e0f	bump the extractor version	2020-08-24 12:42:19 +02:00
Erik Krogh Kristensen	d633410e3c	make the extractor not crash on invalid "package.json" files	2020-08-24 12:42:08 +02:00
Erik Krogh Kristensen	eb84f97e7f	Merge branch 'main' into ts4	2020-08-24 12:20:48 +02:00
CodeQL CI	765c40ef03	Merge pull request #4019 from erik-krogh/asyncCalls Approved by asgerf	2020-08-24 11:18:42 +01:00
Anders Schack-Mulligen	d82fee11b1	Java: Add data flow for record getters.	2020-08-24 11:51:04 +02:00
Jonas Jensen	cd8e9a1ece	C++: Demonstrate that constexpr implies const This test shows that a member function declared `constexpr` also gets a `const` specifier.	2020-08-24 11:39:41 +02:00
Taus	b8d6f76749	Merge pull request #4056 from yoff/SharedDataflow_ParameterTests Python: Shared dataflow, parameter routing tests	2020-08-24 11:36:30 +02:00
Ian Lynagh	fb62ce6d25	C++: Give fewer types to global variables Follows change in the extractor.	2020-08-24 00:49:33 +01:00
Mathias Vorreiter Pedersen	6f750dac88	Merge remote-tracking branch 'origin/main' into alternative-instruction-operand-flow	2020-08-23 18:46:07 +02:00
ubuntu	3e97ec85b2	Add CodeQL to detect LDAP Injection in JS	2020-08-23 15:24:29 +02:00
Robert Marsh	bc0d21879d	Merge branch 'main' into rdmarsh2/cpp/input-iterators-1 Resolve test conflict	2020-08-21 14:36:27 -07:00
Robert Marsh	141d240813	C++: autoformat	2020-08-21 14:22:44 -07:00
Robert Marsh	4c82753e8d	C++: remove constexpr in stl.h temporarily	2020-08-21 14:22:32 -07:00
Robert Marsh	94d4e05c25	C++: Fix iterator taint flow	2020-08-21 14:04:45 -07:00
Robert Marsh	656340f5c6	C++: more tests for string iterator flow	2020-08-21 13:48:36 -07:00
Erik Krogh Kristensen	db57f3661e	Merge branch 'main' into ts4	2020-08-21 15:08:30 +02:00
Erik Krogh Kristensen	65a1769d43	Merge branch 'main' into asyncCalls	2020-08-21 14:58:27 +02:00
Erik Krogh Kristensen	1b655f9046	use threadsafe cache stored in ExtractorState	2020-08-21 14:45:24 +02:00
Erik Krogh Kristensen	7aca84cd45	search directly for "package.json" instead of iterating through the files in a folder	2020-08-21 14:31:49 +02:00
Erik Krogh Kristensen	3f0f2c796c	pass `extension` instead of `locationManager` to `isAlways*Module`	2020-08-21 14:27:47 +02:00
Erik Krogh Kristensen	bbbb0a2c5e	specialize `module.createRequire` support to ES2015 modules	2020-08-21 14:14:05 +02:00
Calum Grant	a93a84fb2e	Merge pull request #4065 from hvitved/csharp/dataflow-type-restriction C#: Restrict `DataFlowType` to types belonging to `Node`s	2020-08-21 11:57:29 +01:00
yoff	d05954e5cc	Merge pull request #4109 from RasmusWL/python-basic-taint-tracking Python: Basic taint tracking with shared library	2020-08-21 12:20:22 +02:00
Rasmus Lerchedahl Petersen	e1343c7f1e	Python: Support set literals.	2020-08-21 11:15:04 +02:00
Rasmus Lerchedahl Petersen	ccff84d546	Python: Test flow into conprehension	2020-08-21 10:40:22 +02:00
Rasmus Lerchedahl Petersen	f9b1c5e4bd	Python: Fix bug pointed out by reviewer	2020-08-21 10:04:27 +02:00
Erik Krogh Kristensen	e00951edf0	update TypeScript to 4.0.2	2020-08-21 09:50:27 +02:00
yoff	bfd9c0860f	Apply suggestions from code review Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-08-21 09:43:29 +02:00
yoff	8e2b2540fa	Apply suggestions from code review Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-08-21 09:39:00 +02:00
Tom Hvitved	86b91cec8a	Merge pull request #4111 from tamasvajk/feature/nullability-extraction C#: Fix nullability warning in Semmle.Extraction	2020-08-21 09:22:05 +02:00
Tom Hvitved	ea77828a6a	Merge pull request #4116 from hvitved/csharp/print-ast-order-top-level C#: Order top-level elements by location in `PrintAst.qll`	2020-08-21 09:09:20 +02:00
Tom Hvitved	b8cde180b9	C#: Order top-level elements by location in `PrintAst.qll`	2020-08-21 06:17:37 +02:00
CodeQL CI	29183fa0a1	Merge pull request #4067 from erik-krogh/noBin Approved by esbena	2020-08-20 23:07:02 +01:00
CodeQL CI	508ade29f4	Merge pull request #4106 from erik-krogh/depTracked Approved by esbena	2020-08-20 21:23:24 +01:00
Tamas Vajk	9cdee63ed7	C#: Enable nullability checks on Semmle.Extraction.CIL	2020-08-20 16:46:42 +02:00
Tamas Vajk	b9e3b327d6	C#: Fix nullability warning in Semmle.Extraction	2020-08-20 16:33:02 +02:00
Erik Krogh Kristensen	cef681d009	bump extractor version (again)	2020-08-20 15:58:44 +02:00
Erik Krogh Kristensen	68f7942820	Merge branch 'main' into noBin	2020-08-20 15:58:15 +02:00
Jonas Jensen	d56a03389c	Merge pull request #4107 from geoffw0/vecmethods C++: Initial models for std::vector	2020-08-20 15:53:35 +02:00
Anders Schack-Mulligen	bcad18f490	Java: Use the instance argument type in call contexts.	2020-08-20 15:17:04 +02:00
Rasmus Lerchedahl Petersen	94e6fd9199	Python: Convenience methods asVar, asCfgNode, and asExpr	2020-08-20 15:16:23 +02:00
Erik Krogh Kristensen	fa8edeed6a	change StoredXss example to use TypeTracking	2020-08-20 15:05:38 +02:00
Erik Krogh Kristensen	906705f84c	add `SourceNode` example to the `TrackedNode` deprecation description	2020-08-20 15:01:40 +02:00
Rasmus Lerchedahl Petersen	5a734730de	Python: Control flow nodes are dataflow nodes iff they are expression nodes We could refine this later, but it seems to work for now...	2020-08-20 15:00:42 +02:00
Rasmus Wriedt Larsen	7fb8e0e277	Python: Add basic shared taint tracking test	2020-08-20 14:49:17 +02:00
Rasmus Wriedt Larsen	0baac8fd54	Python: Adjust shared taint tracking skeleton So it fits the setup from Java/Go, with AdditionalTaintStep class.	2020-08-20 14:49:09 +02:00
Geoffrey White	3d171f358a	Merge remote-tracking branch 'upstream/main' into vecmethods	2020-08-20 13:29:28 +01:00
Erik Krogh Kristensen	372e1a3d84	support the "type" field on `package.json` files while extracting	2020-08-20 14:26:15 +02:00
Tamás Vajk	2a8ff8785a	C#: Add AST printing (#4038 )	2020-08-20 14:24:43 +02:00
Geoffrey White	258b61c5f8	Update cpp/ql/src/semmle/code/cpp/models/implementations/StdContainer.qll Co-authored-by: Jonas Jensen <jbj@github.com>	2020-08-20 12:53:23 +01:00

... 373 374 375 376 377 ...

33872 Commits