codeql

mirror of https://github.com/github/codeql.git synced 2026-02-03 08:41:05 +01:00

Author	SHA1	Message	Date
Michael Nebel	5c13391580	C#: Add test cases for operators.	2022-03-30 15:09:44 +02:00
Michael Nebel	04960fc0c6	C#: Filter out explicit and implicit conversion operators, when creating summaries.	2022-03-30 15:09:26 +02:00
Michael Nebel	8b08ddf7ad	C#: Use callables qualified name instead of name, when printing summary like information.	2022-03-30 15:05:57 +02:00
Michael Nebel	4163078ecc	C#: The qualified name of the operator should use the function name instead of the displayed name.	2022-03-30 15:05:03 +02:00
Tom Hvitved	3c50987b9b	Merge pull request #8590 from hvitved/ruby/rc-perf-picks Ruby: Cherry pick performance fixes onto `rc/3.5`	2022-03-30 14:48:33 +02:00
Sebastian Bauersfeld	a3c3a7fe0d	Python: Identify alternative body argument in invocations of Response constructor.	2022-03-30 19:34:54 +07:00
Dave Bartolomeo	70c44734e6	Merge pull request #8445 from dbartol/dbartol/ir-range/semantic-scratch Sign, Modulus, and Range analysis for C++ using sharable semantic layer	2022-03-30 07:08:09 -04:00
Dave Bartolomeo	e2396a5e03	Remove PrintIR tests for range analysis These were only used for debugging, and don't actually make good tests.	2022-03-30 06:45:28 -04:00
Dave Bartolomeo	19789fa738	Merge remote-tracking branch 'upstream/main' into semantic-scratch	2022-03-30 06:39:14 -04:00
Nick Rolfe	a274af2b16	Merge pull request #7985 from github/nickrolfe/constant_regexp Ruby: separate constant propagation of regexps from strings	2022-03-30 11:37:33 +01:00
4B5F5F4B	9ab773422a	refactor some code, and add access_ok cases	2022-03-30 12:25:32 +08:00
Harry Maclean	167bda2d4e	Ruby: Add QLDoc for InsecureDependencyQuery.qll	2022-03-30 13:50:12 +13:00
Harry Maclean	d13bbbaf35	Ruby: Add change note for rb/insecure-dependency	2022-03-30 13:39:35 +13:00
Harry Maclean	37cedda63a	Ruby: Add InsecureDependencyResolution query This query looks for places in a Gemfile where URLs with insecure protocols (HTTP or FTP) are specified.	2022-03-30 13:39:15 +13:00
Erik Krogh Kristensen	48ef3b106f	fix mistake in inlining	2022-03-29 23:39:22 +02:00
Erik Krogh Kristensen	090c5c39f6	add explicit this	2022-03-29 22:44:03 +02:00
Erik Krogh Kristensen	cebba05b8b	rename getAClassReferenceStep to getAClassReferenceRec	2022-03-29 22:44:03 +02:00
Erik Krogh Kristensen	be6c122b27	improve the join order of getAClassReference	2022-03-29 22:44:02 +02:00
Erik Krogh Kristensen	979fa2386a	autoformat	2022-03-29 22:38:23 +02:00
Robert Marsh	8d21c8b7c5	Merge pull request #8423 from 4B5F5F4B/main [CPP][Linux Kernel]Add ql to detect CVE-2017-5123	2022-03-29 15:10:15 -04:00
luchua-bc	fa2a6a7da3	Remove unnecessary taint step and update qldoc	2022-03-29 17:52:49 +00:00
Jeroen Ketema	e5ac492b62	Merge pull request #8593 from jketema/pointless-options C++: Remove debugging options from library tests	2022-03-29 17:55:47 +02:00
Jeroen Ketema	d1857a9e37	C++: Remove debugging options from library tests	2022-03-29 17:24:18 +02:00
Geoffrey White	e04298d532	C++: Delete experimental PrivateData.qll.	2022-03-29 15:26:46 +01:00
Asger Feldthaus	8bb58a3222	Merge branch 'js/decorated-method-or-class' of github.com:asgerf/codeql into js/decorated-method-or-class	2022-03-29 16:13:54 +02:00
Asger Feldthaus	75a84378ac	JS: Do not generate def-nodes for decorated parameters	2022-03-29 16:13:45 +02:00
Asger Feldthaus	ca145f21b0	JS: Add test showing why parameter-sinks wont actually work well in JS	2022-03-29 16:06:53 +02:00
Geoffrey White	cf5c6baadd	C++: More test cases for salary.	2022-03-29 15:05:27 +01:00
Asger Feldthaus	3bcfca421f	JS: Add test case for decorated parameter sinks	2022-03-29 15:55:43 +02:00
Geoffrey White	0e3e145e53	C++: Add CWE-359 tag to cpp/cleartext-transmission.	2022-03-29 14:44:06 +01:00
Asger F	6e630cccc2	Apply suggestions from code review Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-03-29 15:41:20 +02:00
Michael Nebel	db7abb429f	C#: Remove unneeded exists.	2022-03-29 14:59:32 +02:00
Michael Nebel	6be41b0c29	C#/Java: Address review comments.	2022-03-29 14:52:57 +02:00
Michael Nebel	b0a24a7a44	C#: Change the implementation on getAnInput and getAnOutput based on hvitveds recommendations.	2022-03-29 14:52:57 +02:00
Michael Nebel	c2196a04aa	C#: Update the description of the telemetry queries.	2022-03-29 14:52:57 +02:00
Michael Nebel	bfb206c810	C#: Let ExternalApi extend DataFlowCallable instead of Callable.	2022-03-29 14:52:57 +02:00
Michael Nebel	e1d4c1b68c	C#/Java: Reorder code in terms of dependency, rename ExternalAPI to ExternalApi and add some missing predicate qualifiers.	2022-03-29 14:52:52 +02:00
Michael Nebel	4f00666591	C#: Add query and test case for supported external taint.	2022-03-29 14:49:37 +02:00
Michael Nebel	03c1bf6d87	C#: Mark Xunit as uninteresting.	2022-03-29 14:49:37 +02:00
Michael Nebel	18b1b51d07	C#: Add test for known sources telemetry query.	2022-03-29 14:49:37 +02:00
Michael Nebel	1f1059bfc6	C#: Add telemetry query for supported sources.	2022-03-29 14:49:37 +02:00
Michael Nebel	a7ece69f2b	C#: Add test for supported sinks query.	2022-03-29 14:49:37 +02:00
Michael Nebel	d81e73f9c6	C#: Add telemetry query for supported sinks.	2022-03-29 14:49:37 +02:00
Michael Nebel	e4f6321851	C#: Add test for unsupported uses of library code.	2022-03-29 14:49:37 +02:00
Michael Nebel	e014cae7df	C#: Add test and output for all library usages.	2022-03-29 14:49:37 +02:00
Michael Nebel	7cef859253	C#: Add sample code file that calls both supported and unsupported library code with respect to flow summaries.	2022-03-29 14:49:37 +02:00
Michael Nebel	918a6c7425	C#: Telemetry query for measuring (unsupport dataflow) library usage.	2022-03-29 14:49:37 +02:00
Michael Nebel	c023808657	C#: Telemetry query for measuring all library usage.	2022-03-29 14:49:37 +02:00
Michael Nebel	0650c6d395	C#: Add initial port of the java implementation of ExternalAPI.qll.	2022-03-29 14:49:37 +02:00
Michael Nebel	e9070b010b	C#: Add getCall predicate to ArgumentNode.	2022-03-29 14:49:37 +02:00

... 6 7 8 9 10 ...

34755 Commits