hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-15 06:23:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,690 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
AndreiDiaconu1
331707f3a3 Framework for the translation of compiler elements 
Added a framework for the translation of compiler generated elements, so that the process of adding a new desugaring process is almost mechanical.
The files in `internal` serve as the superclasses for all the compiler generated elements.
The file `Common.qll` captures common patterns for the compiler generated code to improve code sharing (by pattern I mean an element that appears in multiple desugarings). For example the `try...finally` pattern appears in the desugaring process of both the `lock` and the `foreach` stmts, so a class the provides a blueprint for this pattern is exposed. Several other patterns are present.
The expected output has also been updated (after a rebase) and it should be ignored.
 2019-09-06 18:08:03 +01:00
AndreiDiaconu1
80b7512fe2 Initial restructure 
The `raw/internal` folder has been restructured to better enhance code sharing between compiler generated elements and AST generated elements.
The translated calls classes have been refactored to better fit the C# library.
A new folder has been added, `common` that provides blueprints for the classes that deal with translations of calls, declarations, exprs and conditions.
Several `TranslatedX.qll` files have been modified so that they use those blueprint classes.
 2019-09-06 18:08:03 +01:00
Ian Lynagh
4190a53574 C++: Update test output 2019-09-06 17:31:08 +01:00
Ian Lynagh
a32214d41e C++: Resolve all classes 
We used to only resolve top-level classes.
 2019-09-06 17:31:08 +01:00
Felicity Chapman
4952ad5cff Merge pull request #1896 from shati-semmle/vale-typo 
Vale linter: fix typo
 2019-09-06 16:56:22 +01:00
shati-semmle
4d98b4c3a1 Vale linter: fix typo 2019-09-06 16:47:20 +01:00
Calum Grant
3734552081 C#: Add change note for datetime queries. 2019-09-06 16:45:02 +01:00
Calum Grant
f9b99ae245 C#: Adjust date query severity and add precisions. Tidy up tags. 2019-09-06 16:44:29 +01:00
Nick Rolfe
09036a3bdf Merge pull request #1760 from ian-semmle/mangling 
C++: Use mangled names to resolve classes
 2019-09-06 16:38:47 +01:00
Asger F
dfd18a51ee JS: Change note 2019-09-06 16:03:16 +01:00
shati-semmle
486707c90e Merge pull request #1891 from jf205/slide-fixes 
docs: improve slide layout for printing
 2019-09-06 15:52:32 +01:00
Asger F
7007698de4 JS: Fix the FP 2019-09-06 15:39:40 +01:00
Asger F
ebd7875cae JS: Add regression test 2019-09-06 15:38:55 +01:00
yh-semmle
79a0a56adf Merge pull request #1890 from aschackmull/java/best-bound-rangeanalysis 
Java: Restrict the output of Range Analysis to the best bounds.
 2019-09-06 10:35:11 -04:00
Erik Krogh Kristensen
ccdc821c5d add xlink:href as xss target when using setAttribute 2019-09-06 14:43:47 +01:00
Asger F
f7654d6f1c JS: Add test 2019-09-06 14:42:07 +01:00
james
f78ce146f1 docs: improve slide layout for printing 2019-09-06 14:42:06 +01:00
Anders Schack-Mulligen
6b85fe087a Java: Restrict the output of Range Analysis to the best bounds. 2019-09-06 15:39:46 +02:00
AlexTereshenkov
523d055194 Add a new issue template for false positive in LGTM.com 
Add a new issue template for false positive in LGTM.com
 2019-09-06 14:39:06 +01:00
Calum Grant
d2336dc8cf Merge pull request #1882 from aschackmull/lang/autoformat 
Java/C#/JavaScript: Autoformat
 2019-09-06 14:37:40 +01:00
Asger F
fa95871f46 JS: Add event handler sink to code injection 2019-09-06 14:33:00 +01:00
Jonas Jensen
e4c9dd79ca C++: Hide that IR DataFlow::Node is Instruction 
We haven't come to a conclusion on whether these two types will remain
identical forever. To make sure we're able to change it in the future,
this change makes it impossible to cast between the two types. Callers
must use the `asInstruction` member predicate to convert.
 2019-09-06 15:31:41 +02:00
shati-semmle
434c20f294 Merge pull request #1887 from jf205/slide-fixes 
docs: a couple of slide fixes
 2019-09-06 14:28:14 +01:00
james
ecc2449c1c docs: updated slide background 2019-09-06 14:00:57 +01:00
james
f93359a472 docs: slides fix for edge and ff 2019-09-06 14:00:19 +01:00
Taus Brock-Nannestad
8882f1410a Add test cases for nested subscripts. 2019-09-06 12:01:18 +02:00
Anders Schack-Mulligen
ae351be968 C++: Sync files. 2019-09-06 09:05:29 +02:00
Anders Schack-Mulligen
ca45fb5a60 JavaScript: Autoformat. 2019-09-06 09:04:51 +02:00
Anders Schack-Mulligen
343230402a C#: Autoformat. 2019-09-06 09:04:16 +02:00
Anders Schack-Mulligen
aa07020d9d Java: Autoformat. 2019-09-06 09:03:45 +02:00
Robert Marsh
94c625f03f Merge pull request #1777 from jbj/ast-field-flow-defbyref 
C++: Don't use definitionByReference for data flow
 2019-09-05 10:23:28 -07:00
semmle-qlci
33329f95c2 Merge pull request #1874 from asger-semmle/express-types 
Approved by esben-semmle, xiemaisi
 2019-09-05 16:42:28 +01:00
semmle-qlci
48b6b67994 Merge pull request #1880 from ian-semmle/clang 
Approved by jbj
 2019-09-05 16:13:53 +01:00
shati-semmle
6b0bbd5a9e Merge pull request #1878 from jf205/training-homepage/sd-3764 
docs: rework ql training homepage (sd-3764)
 2019-09-05 16:05:14 +01:00
Ian Lynagh
1d56407c72 C++: Pull some of library-tests/dataflow/dataflow-tests into clang.cpp 
g++ doesn't support this code:

    sorry, unimplemented: non-trivial designated initializers not supported
       twoIntFields sSwapped = { .m2 = source(), .m1 = 0 };

so we need to build it in clang mode.
 2019-09-05 15:12:17 +01:00
james
131e88dfbe Merge remote-tracking branch 'origin/training-homepage/sd-3764' into training-homepage/sd-3764 2019-09-05 14:53:04 +01:00
james
09a0b562e5 docs: fix typo 2019-09-05 14:50:14 +01:00
jf205
ce2326cc6e Update docs/language/README.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
 2019-09-05 14:29:23 +01:00
jf205
1f67d71f5f Update docs/language/learn-ql/ql-training.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
 2019-09-05 14:29:11 +01:00
jf205
4ec828a719 Update docs/language/learn-ql/ql-training.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
 2019-09-05 14:24:36 +01:00
semmle-qlci
fd2e8486e4 Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge 
Approved by esben-semmle
 2019-09-05 12:50:58 +01:00
semmle-qlci
e6bfe2bd5d Merge pull request #1873 from asger-semmle/type-inf-consistency 
Approved by xiemaisi
 2019-09-05 12:46:59 +01:00
james
1a7c79bd7c docs: update layout.html 2019-09-05 12:33:55 +01:00
james
99614d98e1 docs: specify sphinx 1.7.9 in readme 2019-09-05 12:33:55 +01:00
james
16aaa95566 docs: fix a couple of links 2019-09-05 12:33:54 +01:00
james
6f9d4c8562 docs: remove VA section from writing-queries.rst 2019-09-05 12:33:49 +01:00
james
49955c56be docs: rework ql-training.rst 2019-09-05 12:33:42 +01:00
james
593818b71a docs: reorganize and add some ref bookmarks to learn-ql index 2019-09-05 12:33:33 +01:00
Taus Brock-Nannestad
2d45c23d19 Comment out diverging example for now. 
Otherwise it'll keep timing out until the fix has been pushed to LGTM.com
 2019-09-05 13:18:01 +02:00
Asger F
61c4d30dd6 JS: Use express module instead 2019-09-05 12:09:24 +01:00