hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-16 12:36:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,884 Commits 1,713 Branches 162 Tags
codeql-cli/v2.8.5
Commit Graph

33884 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
3fe249f25c Address review comments. 2021-02-25 10:48:23 +00:00
Erik Krogh Kristensen
de6b604930 cache RemoteFlowSource 2021-02-25 11:41:08 +01:00
Erik Krogh Kristensen
86bc7d3e1a avoid a ValueNode x TypeTracker join in Hapi::RouteSetup::getARouteHandler 2021-02-25 11:41:08 +01:00
Erik Krogh Kristensen
d35ea7fb15 always get a good join-order in getAnAliasedSourceNode 2021-02-25 11:41:08 +01:00
Rasmus Wriedt Larsen
472ff97561 Docs: Add crypto to supported Python frameworks 2021-02-25 11:31:03 +01:00
Rasmus Wriedt Larsen
4610b1b392 Pyhton: Use type back-tracking for keysize on key-generation 
Internal evaluation showed that this didn't perform better than normal (forward)
type-tracking, but it feels more like the right approach.
 2021-02-25 11:31:00 +01:00
Rasmus Wriedt Larsen
c195c64982 Python: Use type-tracking for integer literal tracking 
Like we've done for pretty much everything else. An experiment to see what this
means for query performance.
 2021-02-25 11:30:56 +01:00
Rasmus Wriedt Larsen
27987717dc Merge branch 'main' into crypto 2021-02-25 11:30:32 +01:00
Asger Feldthaus
55a1ab5714 JS: Autoformat 2021-02-25 10:20:13 +00:00
Tamas Vajk
a5543c689e C#: Fix potentially concurrent file moves 2021-02-25 10:35:49 +01:00
Arthur Baars
87b2c142bc Update qldoc 2021-02-25 10:23:29 +01:00
Arthur Baars
4ba0f3088a Use strictcount 2021-02-25 10:21:07 +01:00
Arthur Baars
0f940349ba AST: rename getExpr predicates to more meaningful names 2021-02-25 10:11:29 +01:00
Max Schaefer
2e252ba3e4 JavaScript: Learn that receivers of DOM event handlers are themselves DOM nodes. 2021-02-25 09:06:58 +00:00
Max Schaefer
ae2a5da63f JavaScript: Add new tests for recognising receiver of event handler as DOM element. 2021-02-25 09:04:46 +00:00
haby0
0521ef87da Merge remote-tracking branch 'upstream/main' into JsonHijacking 2021-02-25 16:31:14 +08:00
Jonas Jensen
2b54c33904 Merge pull request #5257 from MathiasVP/doh-its-2021-mathias 
C++: Turns out we're in 2021 and not 2020.
 2021-02-25 09:30:08 +01:00
Rasmus Lerchedahl Petersen
aba22689fa Python: Add change note 2021-02-25 09:25:17 +01:00
Rasmus Lerchedahl Petersen
86cec40286 Python: update test 2021-02-25 09:22:57 +01:00
Anders Schack-Mulligen
f0d3841369 Merge pull request #5105 from JLLeitschuh/feat/JLL/depricated_bintray_usage 
CWE-1104: Maven POM dependence upon Bintray/JCenter
 2021-02-25 09:08:31 +01:00
Rasmus Lerchedahl Petersen
780a6a96f8 Python: Add concept tests 2021-02-25 08:54:42 +01:00
Rasmus Lerchedahl Petersen
41743b6afa Python: restrict to caught exceptions 
also modernise code
 2021-02-25 07:53:35 +01:00
Rasmus Lerchedahl Petersen
24b51e8851 Merge branch 'main' of github.com:github/codeql into python-port-stacktrace-exosure 2021-02-25 07:24:41 +01:00
Rasmus Lerchedahl Petersen
76f080978a Python: Add missing QLDoc 2021-02-24 23:35:44 +01:00
Rasmus Lerchedahl Petersen
192988077e Python: Move <ul> outside of <p> 2021-02-24 23:28:13 +01:00
Artem Smotrakov
e02b51f42b Improved SpringHttpInvokerUnsafeDeserialization.qhelp 2021-02-24 22:35:20 +01:00
Artem Smotrakov
aac0c27dcd Added tests for SpringHttpInvokerUnsafeDeserialization.ql 2021-02-24 22:35:20 +01:00
Artem Smotrakov
95284ad71d Added SpringHttpInvokerUnsafeDeserialization.qhelp and example 2021-02-24 22:35:20 +01:00
Artem Smotrakov
476309af6d Added SpringHttpInvokerUnsafeDeserialization.ql 2021-02-24 22:35:20 +01:00
Artem Smotrakov
34b6ed0a05 Removed commented code from JexlUberspect 2021-02-24 22:31:03 +01:00
Rasmus Lerchedahl Petersen
bf3e5fceea Python: Rearrange directories 2021-02-24 22:07:27 +01:00
Rasmus Lerchedahl Petersen
10657160bc Python: Improve qlhelp according to review 2021-02-24 22:02:16 +01:00
yoff
89d0724fb4 Update python/change-notes/2021-02-23-port-insecure-default-protocol.md 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-02-24 19:57:49 +01:00
Bas van Schaik
4ede277c7c Update CODEOWNERS 2021-02-24 18:30:22 +00:00
Arthur Baars
1a73cf6cc4 AST: add ArgumentList 2021-02-24 19:07:16 +01:00
Arthur Baars
336b310668 AST: improve AST for special parameters 2021-02-24 19:07:16 +01:00
Arthur Baars
8913810bf0 AST: change return type of Assignment LHS to Pattern 2021-02-24 19:07:16 +01:00
Arthur Baars
190978cc56 AST: add consistency query 2021-02-24 19:07:16 +01:00
Arthur Baars
cb21e8edda CFG: hide nodes that are not proper AstNodes 2021-02-24 19:07:16 +01:00
Arthur Baars
14474d660b AST: change types to Stmt 2021-02-24 19:07:16 +01:00
Arthur Baars
3288070279 Merge pull request #131 from github/aibaars/pattern 
AST: split method call into normal and setter calls
 2021-02-24 19:03:55 +01:00
luchua-bc
e34a203731 Refactor the check of a main method in a test program to improve maintainability 2021-02-24 17:15:08 +00:00
Erik Krogh Kristensen
ea17de6225 prevent join between getAValue() and DefiniteAbstractValue in AMD.qll 2021-02-24 18:12:55 +01:00
Erik Krogh Kristensen
be26a48a16 use pragma[only_bind_into] to prevent bad join in Ssa::hasLocationInfo 2021-02-24 18:05:57 +01:00
Erik Krogh Kristensen
ccd706ea10 and pragmas to prevent bad join in RemoteFlowSource 2021-02-24 18:05:10 +01:00
Erik Krogh Kristensen
674b9ad4fe use getALocalSource instead of smallstep in JQuery::legacyObjectSource 2021-02-24 18:04:50 +01:00
Mathias Vorreiter Pedersen
70a953b633 C++: Add change-note. 2021-02-24 18:02:16 +01:00
Mathias Vorreiter Pedersen
ef8b734863 C++: Move tests out of experimental and merge with old existing tests from the other memset PRs. 2021-02-24 18:02:16 +01:00
Mathias Vorreiter Pedersen
c44fbaaf3c C++: Promote memset query out of experimental. 2021-02-24 18:01:41 +01:00
Erik Krogh Kristensen
69348b1914 remove redundant hasLocationInfo 2021-02-24 18:01:35 +01:00