hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 19:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,689 Branches 160 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
302373d154 Merge pull request #6858 from hvitved/python/type-tracker-changes 
Python: Type tracker changes
 2021-11-02 11:47:01 +01:00
CodeQL CI
d5e2026a26 Merge pull request #6934 from erik-krogh/more-instanceof 
Approved by MathiasVP, esbena, yoff
 2021-11-02 03:46:23 -07:00
CodeQL CI
5d62aa5b29 Merge pull request #6994 from erik-krogh/redundant-cast 
Approved by RasmusWL, aschackmull, esbena, geoffw0, hvitved, nickrolfe
 2021-11-02 03:45:48 -07:00
Tom Hvitved
fe80c4a17b Ruby: Sync files 2021-11-02 11:16:46 +01:00
Tom Hvitved
1e64893742 Update python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll 
Co-authored-by: Taus <tausbn@github.com>
 2021-11-02 11:16:32 +01:00
Tom Hvitved
660398aa78 Python: Introduce TypeBackTracker::getACompatibleTypeTracker() 2021-11-02 11:16:32 +01:00
Tom Hvitved
73fd66cfed Python: Cache TypeBackTracker::prepend 2021-11-02 11:16:32 +01:00
Erik Krogh Kristensen
41e7dea943 add cwe-319 "Cleartext Transmission of Sensitive Information" to js/clear-text-cookie 2021-11-02 11:11:38 +01:00
Rasmus Wriedt Larsen
83389be8e2 Python: Add some missing QLDocs 2021-11-02 11:02:51 +01:00
Rasmus Wriedt Larsen
5c2734c643 Python: Fix experimental Django.qll 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
fd12b144bc Python: Add change-note 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
a7e4e5ef83 Python: Add rest_framework Response modeling 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
13815fe728 Python: Model known APIView subclasses 
Added internal helper `.qll` file as well
 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
62d30630aa Python: Add rest_framework Request taint modeling 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
5d77e62f3a Python: Add basic rest_framework Request modeling 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
57e13c6066 Python: rest_framework.decorators.api_view handling 
Had to expose even more things, and had to make the `DjangoRouteHandler`
modeling more flexible so I could extend the char-pred in a different
file.
 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
222db37c0d Python: Add initial rest_framework modeling 
I had to make the Django and PrivateDjango modeling non-private :O
 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
a64e939d71 Python: Add note about .method 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
75e2555a8a Python: Add rest_framework taint tests 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
095f896f95 Python: Add examples of class/function based views 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
9bbf08ddcf Python: Add simple Django REST framework code 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
9d843153d4 Python: Set up test for Django REST framework 
this is just pure Django project for now, (and very much a copy of the
one in `django-v2-v3`), to make it easier to see the changes needed to
set up Django REST framework.
 2021-11-02 10:55:44 +01:00
Rasmus Wriedt Larsen
f1307b772a Python: Add RequestHandler meta query 2021-11-02 10:55:44 +01:00
Tony Torralba
ebd6529469 WIP: add tests 2021-11-02 10:37:41 +01:00
Rasmus Wriedt Larsen
b7b9120724 Python: Better handling of Pydantic models 2021-11-02 10:29:17 +01:00
Rasmus Wriedt Larsen
c207580ed9 Python: Add extra FastAPI taint tests 2021-11-02 10:20:09 +01:00
Mathias Vorreiter Pedersen
e2cb53c65f Merge pull request #7014 from jbj/isFromSystemMacroDefinition 
C++: Add `isFromSystemMacroDefinition` predicate
 2021-11-02 09:14:59 +00:00
Rasmus Wriedt Larsen
17da28118a Python: Small refactor to use extends .. instanceof 2021-11-02 10:06:11 +01:00
Anders Schack-Mulligen
42a046edc6 Merge pull request #7004 from Marcono1234/marcono1234/deprecate-StringLiteral-getRepresentedString 
Java: Deprecate `StringLiteral.getRepresentedString()`
 2021-11-02 09:57:52 +01:00
Tamás Vajk
18b08060ae Merge pull request #5110 from porcupineyhairs/ssrfCsharp 
C# : Add query to detect SSRF
 2021-11-02 09:50:28 +01:00
ihsinme
9b8b916199 Update IncorrectChangingWorkingDirectory.ql 2021-11-02 11:33:29 +03:00
Tony Torralba
5d7b09ac67 Merge pull request #7020 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-11-02 08:33:36 +01:00
github-actions[bot]
093be44258 Add changed framework coverage reports 2021-11-02 00:09:00 +00:00
Geoffrey White
dec7f93097 C++: Eliminate mutual recursion. 2021-11-01 17:32:38 +00:00
Geoffrey White
d6a714cf69 C++: Improve comments. 2021-11-01 17:32:37 +00:00
Marcono1234
668928045e Merge branch 'main' into marcono1234/deprecate-StringLiteral-getRepresentedString 2021-11-01 16:32:57 +01:00
Anders Schack-Mulligen
e88bbfdd67 Merge pull request #7008 from JLLeitschuh/feat/JLL/java_optional_lambda_support 
Java: Model java.util.Optional lambda methods
 2021-11-01 13:49:21 +01:00
Anders Schack-Mulligen
64acd0288e Merge pull request #6614 from Marcono1234/marcono1234/char-literal-codepoint 
Java: Add `CharacterLiteral.getCodePointValue()`
 2021-11-01 13:06:00 +01:00
Nick Rolfe
da5d10fd6b Merge pull request #7012 from MalikIdreesHasanKhan/main 
Fixed a typo. ( Minor PR)
 2021-11-01 11:30:13 +00:00
Chris Smowton
b59f6665a2 Fix punctuation 2021-11-01 11:02:58 +00:00
Chris Smowton
9ff426cf23 Sort Optional models 2021-11-01 10:59:03 +00:00
CodeQL CI
dde493259a Merge pull request #7003 from asgerf/js/mixed-this-fp 
Approved by erik-krogh
 2021-11-01 09:13:21 +00:00
Erik Krogh Kristensen
db40ccae81 add explicit this to all member calls 2021-11-01 09:51:15 +01:00
Anders Schack-Mulligen
301a907596 Update java/ql/lib/semmle/code/java/Expr.qll 2021-11-01 09:36:09 +01:00
Jonas Jensen
93dfee866a C++: Add isFromSystemMacroDefinition predicate 2021-11-01 09:17:49 +01:00
MalikIdreesHasa
e44e982065 Fixed a typo. 2021-10-31 15:11:39 +00:00
ihsinme
3161d112d1 Update IncorrectChangingWorkingDirectory.ql 2021-10-30 13:47:22 +03:00
Mathias Vorreiter Pedersen
d34e731f1d C++: Add a small QLDoc novel above the IPA type for 'TIRDataFlowNode'. 2021-10-30 11:29:07 +01:00
Mathias Vorreiter Pedersen
d624259eab C++: Add QLDoc to 'flowOutOfAddressStep'. 2021-10-30 10:46:39 +01:00
Mathias Vorreiter Pedersen
a75f195df3 C++: Several readability fixes: 
1. Added lots of QLDoc explanation about the role of StoreNodeOperand.
  2. Renamed '{StoreNode,ReadNode}.getAPredecessor' to 'getInner' and
     '{StoreNode,ReadNode}.getASuccessor' to 'getOuter'.
  3. Be more explicit about which type of 'StoreNode' is used in various
     places.
 2021-10-30 10:24:06 +01:00