hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 19:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,689 Branches 160 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
f334201fce Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-10-30 10:04:17 +01:00
Mathias Vorreiter Pedersen
cb4f10c609 C++: Move the union field check to the IPA branch of 'TFieldContent'. 2021-10-30 10:04:17 +01:00
Jonathan Leitschuh
c2a2a3a676 Java: Model java.util.Optional lambda methods 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-29 13:23:47 -04:00
Arthur Baars
9604cd5595 Revert "Don't use local actions" 
This reverts commit b128c7ca00.
 2021-10-29 18:22:45 +02:00
Arthur Baars
a0903c377d Use pull_request + workflow_run instead of pull_request_target 2021-10-29 18:18:06 +02:00
Tony Torralba
3ea1af3819 Refactor into separate libraries 2021-10-29 17:36:02 +02:00
Marcono1234
b284e727a9 Java: Add change note for StringLiteral.getRepresentedString() deprecation 2021-10-29 15:21:55 +02:00
Mathias Vorreiter Pedersen
8a569da370 C++: Fix comments. 2021-10-29 14:05:34 +01:00
Marcono1234
fe5115169f Java: Describe CharacterLiteral.getValue() behavior for surrogates 2021-10-29 14:56:07 +02:00
Marcono1234
e1516b4e9d Java: Describe StringLiteral.getValue() behavior for unpaired surrogates 2021-10-29 14:53:13 +02:00
Marcono1234
bfb9577d15 Java: Deprecate StringLiteral.getRepresentedString() 2021-10-29 14:50:15 +02:00
Erik Krogh Kristensen
f676fc00d3 revert a change in an identical file 2021-10-29 14:42:38 +02:00
Erik Krogh Kristensen
0897b004eb revert removal of redundant inline casts in some python files 2021-10-29 14:40:27 +02:00
Erik Krogh Kristensen
d36c66cfca remove redundant inline casts in arguments where the type is inferred by the call target 2021-10-29 14:37:56 +02:00
Marcono1234
4f59886a65 Java: Simplify CompileTimeConstantExpr.getIntValue() 
The changed code previously also only covered IntegerLiteral:
- Restricted to Literal
- Integral type
- != "long"
- != "char"

So the only class left which matches all of these is IntegerLiteral.
 2021-10-29 14:30:51 +02:00
Marcono1234
9730021641 Java: Add CharacterLiteral.getCodePointValue() 2021-10-29 14:30:50 +02:00
Anders Schack-Mulligen
35b6cbe549 Java: Fix compilation error. 2021-10-29 14:26:36 +02:00
Anders Schack-Mulligen
e51a10a816 Java: Fix tests. 2021-10-29 14:25:43 +02:00
Asger Feldthaus
d52b2bd863 JS: Fix FP in ˚MixedStaticInstanceThisAccess 2021-10-29 14:16:54 +02:00
Asger Feldthaus
afa6424d67 JS: Add test with FP 2021-10-29 14:16:54 +02:00
yoff
1c78c792ff Merge pull request #6991 from RasmusWL/flask-blueprints 
Python: Support `flask.blueprints.Blueprint`
 2021-10-29 14:06:43 +02:00
Rasmus Wriedt Larsen
7e7c363e43 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-29 13:59:36 +02:00
Rasmus Wriedt Larsen
85f00fda19 Merge pull request #6776 from yoff/python/model-asyncpg 
Python: Model `asyncpg`
 2021-10-29 13:54:44 +02:00
Anders Schack-Mulligen
abf508eeeb Java: Add FieldValueNode to break up cartesian step relation. 2021-10-29 13:45:56 +02:00
Nick Rolfe
fed0a06353 Ruby: add change note for rb/regexp-injection 2021-10-29 11:28:34 +01:00
Anders Schack-Mulligen
3a1836c9f6 Merge pull request #7000 from aschackmull/dataflow/interface-refactor 
Dataflow: Refactor public references to DataFlowCallable
 2021-10-29 12:21:13 +02:00
Max Schaefer
bc91f664ac JavaScript: Teach API graphs to handle some forms of property copying. 
In particular, copied promises are now handled better.
 2021-10-29 11:19:54 +01:00
Edoardo Pirovano
513e0bbea9 Merge pull request #6965 from edoardopirovano/fix-lgtm-version 
Fix LGTM version number in language reference
 2021-10-29 10:50:53 +01:00
Anders Schack-Mulligen
bfacd23573 Dataflow: Adjust documentation. 2021-10-29 11:20:19 +02:00
Anders Schack-Mulligen
5951ae79b9 Dataflow: Add language specific predicates. 2021-10-29 11:11:35 +02:00
Anders Schack-Mulligen
00df6798b1 Dataflow: Sync 2021-10-29 11:00:23 +02:00
Anders Schack-Mulligen
2b4e3a7d9b Dataflow: Refactor the getEnclosingCallable and ParameterNode interface. 2021-10-29 10:59:36 +02:00
Erik Krogh Kristensen
6fffdf6101 Merge pull request #6855 from erik-krogh/secCookie 
JS: Move cookie queries out of experimental.
 2021-10-29 10:23:48 +02:00
Tony Torralba
7f15177498 Move from experimental 2021-10-29 10:19:05 +02:00
Mathias Vorreiter Pedersen
e94b2b6113 Merge pull request #6915 from geoffw0/nullterm2 
C++: Fix the two null termination queries and re-enable them.
 2021-10-29 08:20:08 +01:00
ihsinme
635a668670 Update IncorrectChangingWorkingDirectory.ql 2021-10-29 10:08:41 +03:00
ihsinme
c8a4a8b965 Update InsecureTemporaryFile.ql 2021-10-29 09:44:43 +03:00
Ethan P
5f73fb21b8 Add new article to ref page 2021-10-28 10:55:44 -07:00
jorgectf
066b40098c Add lxml.etree.XMLParser missing resolve_entities dangerous case 2021-10-28 19:34:15 +02:00
Rasmus Lerchedahl Petersen
0f2f68bcbb Python: rename file 2021-10-28 19:14:02 +02:00
yoff
8f9741ae72 Update python/ql/lib/semmle/python/internal/Awaited.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-10-28 19:13:08 +02:00
Mathias Vorreiter Pedersen
490156d7db C++: Remove the 'isIndirection' predicate on 'SourceVariable' and move the rootdef of 'getIRVariable' into the two subclasses. 2021-10-28 17:26:28 +01:00
Erik Krogh Kristensen
cfc5629435 apply all doc fixes 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-10-28 18:19:37 +02:00
Mathias Vorreiter Pedersen
05900cda87 C++: Rename 'Ssa' to 'SsaInternals' and move definitions from 'SSaImplSpecific' to 'SsaInternals'. Now we can avoid cyclic imports. 2021-10-28 17:10:48 +01:00
Erik Krogh Kristensen
15c90adec5 remove redundant cast where the type is enforced by an equality comparison 2021-10-28 18:08:20 +02:00
hubwriter
2096c0aab1 Merge pull request #6856 from github/hubwriter/typo-fix 
Docs: Fix one-word typo
 2021-10-28 17:05:17 +01:00
jorgectf
47b14f1adc Polish Concepts.qll qldocs 2021-10-28 17:55:34 +02:00
jorgectf
b3ec82cd36 Merge branch 'jorgectf/python/jwt-queries' of https://github.com/jorgectf/codeql into jorgectf/python/jwt-queries 2021-10-28 17:40:33 +02:00
jorgectf
a6c285ad32 Apply getItem(_) and extend verifiesSignature readability 2021-10-28 17:40:27 +02:00
Jorge
f4d63cc5e7 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-10-28 17:34:11 +02:00