hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,690 Branches 160 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
e2db11b31f Performance improvements in XSS.qll 
Various performance improvements to make sure that we never join methods
and calls (or variables and accesses) on only name (or file), but always
perform a multi-join on both values.
 2021-10-13 11:53:49 +02:00
Mathias Vorreiter Pedersen
c3f9d584a4 QL: Add query that finds 'if p() then q() else none()'. 2021-10-13 09:48:57 +00:00
Mathias Vorreiter Pedersen
6c7d848727 QL: QL: Add query that finds 'if p() then q() else none()'. 2021-10-13 09:48:57 +00:00
Anders Schack-Mulligen
7bd0bf9908 Add missing extends Formula 2021-10-13 09:47:10 +00:00
Anders Schack-Mulligen
01ef4d7060 QL: Add missing extends Formula 2021-10-13 09:47:10 +00:00
Mathias Vorreiter Pedersen
81e88f8d34 QL: Actually use the SuffixPredicateCall class as well. Now the query finds 20 results. 2021-10-13 09:31:45 +00:00
Mathias Vorreiter Pedersen
e927c43222 QL: QL: Actually use the SuffixPredicateCall class as well. Now the query finds 20 results. 2021-10-13 09:31:45 +00:00
Mathias Vorreiter Pedersen
812597505d QL: Respond to PR reviews. 2021-10-13 09:28:02 +00:00
Mathias Vorreiter Pedersen
b4d710d58f QL: QL: Respond to PR reviews. 2021-10-13 09:28:02 +00:00
Geoffrey White
d99d02994a Update README.md 
I needed the rust-analyzer extension to get anywhere in VSCode.
 2021-10-13 10:09:08 +01:00
Geoffrey White
46789aecaa QL: Update README.md 
I needed the rust-analyzer extension to get anywhere in VSCode.
 2021-10-13 10:09:08 +01:00
Mathias Vorreiter Pedersen
6c55a67f9a QL: Add query to find uses of .prefix or .suffix when comparing against literals. 2021-10-13 09:06:58 +00:00
Mathias Vorreiter Pedersen
f86a827bb6 QL: QL: Add query to find uses of .prefix or .suffix when comparing against literals. 2021-10-13 09:06:58 +00:00
Anders Schack-Mulligen
79485ec5da New query: Singleton set literal. 2021-10-13 09:01:54 +00:00
Anders Schack-Mulligen
f71acdf9fe QL: New query: Singleton set literal. 2021-10-13 09:01:54 +00:00
Erik Krogh Kristensen
ed767b4a54 Merge pull request #51 from github/aschackmull/ignore-work 
Add work folder to gitignore.
 2021-10-13 10:52:49 +02:00
Erik Krogh Kristensen
eb527a5494 QL: Merge pull request #51 from github/aschackmull/ignore-work 
Add work folder to gitignore.
 2021-10-13 10:52:49 +02:00
Anders Schack-Mulligen
f71881ef78 Add work folder to gitignore. 2021-10-13 08:28:27 +00:00
Anders Schack-Mulligen
a8b1ef83f1 QL: Add work folder to gitignore. 2021-10-13 08:28:27 +00:00
Calum Grant
59e4a6ff7b Move file to correct location 2021-10-13 09:23:04 +01:00
Geoffrey White
76144a7f7d Make the create-extractor-pack.ps1 script more reliable. 2021-10-13 09:17:59 +01:00
Geoffrey White
54b7fa3944 QL: Make the create-extractor-pack.ps1 script more reliable. 2021-10-13 09:17:59 +01:00
Taus
ef538570c8 Merge pull request #37 from github/toUnicodeBuildin 
add `toUnicode` as a build-in
 2021-10-13 10:13:05 +02:00
Taus
352c50c2e5 QL: Merge pull request #37 from github/toUnicodeBuildin 
add `toUnicode` as a build-in
 2021-10-13 10:13:05 +02:00
Calum Grant
f575139180 Add Ruby to toctree 2021-10-13 09:10:46 +01:00
Erik Krogh Kristensen
bb3e6399a4 Merge pull request #41 from github/tausbn/support-instanceof 
Support `instanceof`
 2021-10-13 09:14:02 +02:00
Erik Krogh Kristensen
fbb58f1954 QL: Merge pull request #41 from github/tausbn/support-instanceof 
Support `instanceof`
 2021-10-13 09:14:02 +02:00
Anders Schack-Mulligen
d4fd8780e9 Merge pull request #6863 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-13 08:58:18 +02:00
Anders Schack-Mulligen
306388a6bc Update java/ql/src/Likely Bugs/Comparison/StringComparison.ql 2021-10-13 08:57:31 +02:00
github-actions[bot]
2f27a0c9f9 Add changed framework coverage reports 2021-10-13 00:09:35 +00:00
Andrew Eisenberg
8285878504 Merge pull request #6861 from github/aeisenberg/qlpack-defaultSuite 
QlPacks: Add the defaultSuite to query packs that are missing it
 2021-10-12 14:27:09 -07:00
Andrew Eisenberg
7a0437f159 Merge pull request #343 from github/aeisenberg/defaultSuite 
Add defaultSuite
 2021-10-12 14:26:35 -07:00
Andrew Eisenberg
d9ab13b43d Update ql/src/qlpack.yml 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2021-10-12 13:01:03 -07:00
Andrew Eisenberg
2fca1f57c6 Add defaultSuite 
Also, change the dependencies to be in alignment with other standard qlpacks.
 2021-10-12 21:57:53 +02:00
Arthur Baars
4e79d9fad6 Merge pull request #334 from github/RasmusWL/normalize-qlpack 
Packaging: Normalize src/qlpack.yml
 2021-10-12 21:56:31 +02:00
Alex Ford
ad5c1f9b32 ql format 2021-10-12 20:43:20 +01:00
Alex Ford
d7b5e4c779 update predicate visibility 2021-10-12 20:43:20 +01:00
Alex Ford
9083cda8df improve XSS::Shared::isFlowFromHelperMethod performance 2021-10-12 20:43:20 +01:00
Alex Ford
9afc1f9275 split out isAdditionalXSSFlowStep components 2021-10-12 20:43:20 +01:00
Taus
8c6d139d67 Fix up getASuperType 
I'm not sure if it's correct to include also the `instanceof`s, but we
can always fix this later.
 2021-10-12 19:28:13 +00:00
Taus
db6551c22d QL: Fix up getASuperType 
I'm not sure if it's correct to include also the `instanceof`s, but we
can always fix this later.
 2021-10-12 19:28:13 +00:00
Andrew Eisenberg
bbb2637bcc QlPacks: Add the defaultSuite to query packs that are missing it 
Also, change some examples pack names from `codeql-lang-examples` to
`codeql/lang-examples`. This doesn't affect behaviour since internally,
the legacy name is converted to the modern name.
 2021-10-12 11:54:50 -07:00
Arthur Baars
bf139a09f9 Merge pull request #341 from github/rc/3.3 
Rc/3.3 mergeback
 2021-10-12 20:48:21 +02:00
Arthur Baars
8531174d30 Merge pull request #333 from github/hvitved/api-graphs-non-linear-rec 
API graphs: Avoid non-linear recursion
 2021-10-12 20:24:07 +02:00
Arthur Baars
80ebfed226 Merge pull request #336 from github/improve-getTemplateFile 
Improve `RenderCall#getTemplateFile` performance and accuracy
 2021-10-12 20:21:12 +02:00
Arthur Baars
06e91c1182 Merge pull request #322 from github/request-without-validation 
rb/request-without-cert-validation
 2021-10-12 20:19:11 +02:00
Arthur Baars
a78ee535a0 Merge pull request #340 from github/mergeback 
Merge rc/3.3 into main
 2021-10-12 20:16:59 +02:00
Taus
d436be7e96 Support instanceof 
Stills needs to be hooked up correctly to the AST.
 2021-10-12 17:40:29 +00:00
Taus
4694ab4773 QL: Support instanceof 
Stills needs to be hooked up correctly to the AST.
 2021-10-12 17:40:29 +00:00
Rasmus Lerchedahl Petersen
83490e9a03 Python: update change note 2021-10-12 19:27:27 +02:00