semmle-qlci
|
b9ecf1a304
|
Merge pull request #3447 from erik-krogh/LibCmdInjection
Approved by asgerf, mchammer01
|
2020-05-22 17:10:57 +01:00 |
|
Anders Schack-Mulligen
|
6228e7670b
|
Java: Fix bug in tutorial.
|
2020-05-22 14:44:24 +02:00 |
|
Esben Sparre Andreasen
|
e172d55ecb
|
Update javascript/ql/test/query-tests/Security/CWE-020/IncompleteUrlSchemeCheck.js
Co-authored-by: Asger F <asgerf@github.com>
|
2020-05-22 13:33:34 +02:00 |
|
Asger Feldthaus
|
823ed3bbdf
|
JS: Wrap node --version call in retry loop
|
2020-05-22 10:40:16 +01:00 |
|
Asger Feldthaus
|
6f0356b229
|
Revert "JS: Remove timeout for node --version check"
This reverts commit ec7c9489dc.
|
2020-05-22 10:40:07 +01:00 |
|
James Fletcher
|
9259dca40d
|
Merge pull request #3540 from github/jf205-patch-2
Link README.md to CodeQL for Go repo
|
2020-05-22 10:29:55 +01:00 |
|
Shati Patel
|
cf13992552
|
Merge pull request #3544 from shati-patel/code-typo
CodeQL docs: Fix error in code snippet [cherry-pick]
|
2020-05-22 08:42:41 +01:00 |
|
syang-ng
|
ca8c3dabda
|
fix an error in the code snippet of the documentation about global-data-flow-java
|
2020-05-22 08:00:52 +01:00 |
|
Shati Patel
|
8c1e4d49ca
|
Merge pull request #3537 from syang-ng/master
fix an error in the code snippet of the documentation about global-data-flow-java
|
2020-05-21 19:43:51 +01:00 |
|
James Fletcher
|
49d4c76f2f
|
Update README.md
|
2020-05-21 16:37:44 +01:00 |
|
Asger Feldthaus
|
75be3b7ecb
|
JS: Add test case for missed captured flow
|
2020-05-21 16:14:13 +01:00 |
|
Shati Patel
|
c021dcd1e8
|
Ql language: Clarify use of query modules
|
2020-05-21 15:30:40 +01:00 |
|
syang-ng
|
184209d1eb
|
fix an error in the code snippet of the documentation about global-data-flow-java
|
2020-05-21 22:00:15 +08:00 |
|
Geoffrey White
|
0f4723aee4
|
Merge pull request #3520 from dbartol/github/codeql-c-analysis-team/79
C++: Mark deprecated overrides as deprecated
|
2020-05-21 14:55:39 +01:00 |
|
Erik Krogh Kristensen
|
b79b25ef87
|
correct cwe-78 to cwe-078
|
2020-05-21 12:38:44 +00:00 |
|
Erik Krogh Kristensen
|
b297837969
|
Apply suggestions from doc review
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2020-05-21 14:32:02 +02:00 |
|
Esben Sparre Andreasen
|
b31f83a5af
|
JS: fixup expected output
|
2020-05-21 13:47:16 +02:00 |
|
Esben Sparre Andreasen
|
e588e59f9b
|
JS: fixup
|
2020-05-21 13:42:28 +02:00 |
|
Esben Sparre Andreasen
|
c400b45cd6
|
JS: make the Fastify model support isUserControlledObject
|
2020-05-21 13:42:28 +02:00 |
|
Esben Sparre Andreasen
|
894033df8a
|
JS: de-boilerplate the fastify model: address expr/dataflow comments
|
2020-05-21 13:42:28 +02:00 |
|
Esben Sparre Andreasen
|
74fc33e2a8
|
JS: make the qldoc check happy
|
2020-05-21 13:42:27 +02:00 |
|
Esben Sparre Andreasen
|
a76c70d2d7
|
JS: model fastify
|
2020-05-21 13:42:27 +02:00 |
|
James Fletcher
|
e0e9535f08
|
Merge pull request #3530 from jf205/sd-109
CodeQL docs: refine two article titles
|
2020-05-21 08:55:10 +01:00 |
|
Mathias Vorreiter Pedersen
|
617ef32464
|
C++: Remove [FALSE POSITIVE] annotations
|
2020-05-21 02:22:57 +02:00 |
|
Dave Bartolomeo
|
5641b2c140
|
C++: Remove deprecated predicate from File
|
2020-05-20 14:14:49 -04:00 |
|
Dave Bartolomeo
|
ff1e70efce
|
C++: Undo changes to shared XML.qll
|
2020-05-20 14:14:31 -04:00 |
|
Mathias Vorreiter Pedersen
|
3c167125e5
|
C++: Accept test output
|
2020-05-20 18:18:34 +02:00 |
|
Mathias Vorreiter Pedersen
|
218a3cf93d
|
C++: Remove field conflation
|
2020-05-20 18:18:26 +02:00 |
|
Asger Feldthaus
|
ec7c9489dc
|
JS: Remove timeout for node --version check
|
2020-05-20 17:12:24 +01:00 |
|
semmle-qlci
|
8df7b7c42a
|
Merge pull request #3525 from erik-krogh/ZipTaint
Approved by asgerf
|
2020-05-20 16:45:02 +01:00 |
|
james
|
edc5d36274
|
docs: refine some article titles
|
2020-05-20 16:16:14 +01:00 |
|
Bt2018
|
74ab6981eb
|
Fix HTML tag issue
|
2020-05-20 10:23:40 -04:00 |
|
semmle-qlci
|
079021a3e9
|
Merge pull request #3453 from RasmusWL/python-flask-routed-params
Approved by tausbn
|
2020-05-20 14:47:53 +01:00 |
|
Erik Krogh Kristensen
|
a23cde1354
|
autoformat
|
2020-05-20 15:36:46 +02:00 |
|
Tom Hvitved
|
011a95dcfa
|
C#: Fix extracted type for nested object initializers
|
2020-05-20 14:20:41 +02:00 |
|
Tom Hvitved
|
70d47b76b1
|
C#: Add test for the type of an object initializer
|
2020-05-20 14:18:16 +02:00 |
|
Geoffrey White
|
9babd5dc10
|
C++: Another positive effect of the change.
|
2020-05-20 12:49:01 +01:00 |
|
Erik Krogh Kristensen
|
5a3eec87c0
|
rename isTaintedPathStep to isPosixPathStep
|
2020-05-20 13:44:14 +02:00 |
|
Erik Krogh Kristensen
|
97c199e10d
|
update docstring
Co-authored-by: Asger F <asgerf@github.com>
|
2020-05-20 13:40:12 +02:00 |
|
Geoffrey White
|
f2436ff713
|
C++: Autoformat.
|
2020-05-20 12:39:54 +01:00 |
|
Rasmus Wriedt Larsen
|
712d4bd150
|
Python: Fix typo in docs
Co-authored-by: Taus <tausbn@gmail.com>
|
2020-05-20 13:06:24 +02:00 |
|
semmle-qlci
|
c15d22d9f8
|
Merge pull request #3516 from asger-semmle/js/typescript-3.9.2
Approved by erik-krogh
|
2020-05-20 11:31:57 +01:00 |
|
semmle-qlci
|
2bbc1c2af0
|
Merge pull request #3478 from erik-krogh/PromiseAll
Approved by asgerf, esbena
|
2020-05-20 11:03:05 +01:00 |
|
Tom Hvitved
|
7a54a90e61
|
C#: Fix CFG for C# 6 initializers
|
2020-05-20 12:01:22 +02:00 |
|
semmle-qlci
|
29b8a0db92
|
Merge pull request #3508 from asger-semmle/js/shared-data-flow-node
Approved by esbena
|
2020-05-20 10:58:09 +01:00 |
|
Anders Schack-Mulligen
|
8cbc01d49b
|
Java: Add a few qltest cases for nullness and range analysis FPs.
|
2020-05-20 10:44:15 +02:00 |
|
Erik Krogh Kristensen
|
33e0f25f3c
|
use NodeJSLib::Path instead of DataFlow::moduleMember
|
2020-05-20 10:30:23 +02:00 |
|
Erik Krogh Kristensen
|
7c51dff0f7
|
share implementation between TaintedPath and ZipSlip
|
2020-05-20 10:10:04 +02:00 |
|
Tom Hvitved
|
36e29e0f75
|
C#: Add CFG tests for C# 6 initializers
|
2020-05-20 09:33:51 +02:00 |
|
Tom Hvitved
|
e9839198f4
|
Merge pull request #3484 from calumgrant/cs/index-initializers
C#: Extract indexed initializers correctly
|
2020-05-20 09:22:47 +02:00 |
|