hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-22 18:03:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,693 Branches 161 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
0102d68f38 Merge pull request #5658 from MathiasVP/fix-partial-def-diff-test 
C++: Fix performance in test
 2021-04-12 13:08:30 -07:00
Andrew Eisenberg
e0fcb15739 Actions: Add workflow for marking stale questions 
This PR adds a workflow for marking and closing issues as stale. Issues must be labeled as _question_. PRs are never marked as stale.
 2021-04-12 13:05:53 -07:00
Artem Smotrakov
b96b665262 Renaming in java/ql/src/experimental/Security/CWE/CWE-094 2021-04-12 21:40:49 +03:00
Mathias Vorreiter Pedersen
037e6369ce C++: Ensure all values are bound in both disjunctions. 2021-04-12 18:27:21 +02:00
luchua-bc
d7f26dfc18 Update stub classes and qldoc 2021-04-12 16:19:23 +00:00
Taus
fda750ef26 Merge pull request #5642 from tausbn/python-use-api-graphs-in-stdlib 
Python: Use API graphs in `Stdlib.qll`
 2021-04-12 18:05:38 +02:00
Chris Smowton
423ff32d04 Merge pull request #5384 from luchua-bc/java/insecure-spring-actuator-config 
Java: CWE-016 Query to detect insecure configuration of Spring Boot Actuator
 2021-04-12 17:04:47 +01:00
Taus
6d4ddc0329 Merge pull request #5614 from tausbn/python-allow-absolute-imports-from-source-directory 
Python: Allow absolute imports from source directory
 2021-04-12 18:02:00 +02:00
CodeQL CI
bc56d16c18 Merge pull request #5485 from RasmusWL/django-queryset-chains 
Approved by tausbn
 2021-04-12 08:49:31 -07:00
Tom Hvitved
dfc91b8331 C#: Simplify dotnet-install.ps1 invocation 
Using the pattern from https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-install-script.
 2021-04-12 17:33:33 +02:00
Chris Smowton
bb23866cec Add missing doc comments 2021-04-12 16:33:01 +01:00
Tom Hvitved
d35a501121 Merge pull request #5583 from lcartey/cs/restrict-jump-to-def 
C#: Exclude jump-to-def information for elements with too many locations
 2021-04-12 16:52:20 +02:00
ihsinme
a43698802f Update InsufficientControlFlowManagementWhenUsingBitOperations.ql 2021-04-12 17:36:50 +03:00
CodeQL CI
310a2c8bb3 Merge pull request #5655 from erik-krogh/cert 
Approved by esbena
 2021-04-12 07:31:04 -07:00
Chris Smowton
2656a52880 Merge pull request #5538 from luchua-bc/java/credentials-in-properties 
Java: CWE-555 Query to detect plaintext credentials in Java properties files
 2021-04-12 15:22:21 +01:00
Chris Smowton
abeefcaced Merge pull request #4947 from porcupineyhairs/DexLoading 
Java : add query to detect insecure loading of Dex File
 2021-04-12 15:22:12 +01:00
Asger Feldthaus
d2fad180f8 JS: Add test 2021-04-12 15:07:45 +01:00
Mathias Vorreiter Pedersen
5aeaab7c6d C++: As response to the review comments this commit adds a reference-to-pointer state to AddressFlow. A call to an unwrapper function now adds a pointer -> reference-to-pointer transition, and a ReferenceDereference adds a reference-to-pointer -> pointer transition. 2021-04-12 16:01:01 +02:00
ihsinme
58d5ad48d5 Update InsufficientControlFlowManagementAfterRefactoringTheCode.ql 2021-04-12 17:00:34 +03:00
ihsinme
d7c14775bf Update InsufficientControlFlowManagementAfterRefactoringTheCode.qhelp 2021-04-12 16:56:48 +03:00
Chris Smowton
11bf982728 Remove superfluous linebreaks in qhelp file 2021-04-12 14:36:42 +01:00
Asger Feldthaus
24de826133 JS: Add file diagnostics errors 2021-04-12 14:11:38 +01:00
Erik Krogh Kristensen
32737a17fb add change note 2021-04-12 15:09:13 +02:00
Erik Krogh Kristensen
172d6139e2 support all ClientRequests in js/disabling-certificate-validation 2021-04-12 15:06:10 +02:00
luchua-bc
c281e54d22 Remove unused files and update qldoc 2021-04-12 13:05:01 +00:00
Tom Hvitved
57016ddbde C++: Remove unique wrapper from DataFlow::Node::getEnclosingCallable() 2021-04-12 14:41:52 +02:00
Tom Hvitved
7d2a60e910 Merge pull request #5640 from hvitved/dataflow/path-step-perf 
Data flow: Prevent bad join-order in `pathStep`
 2021-04-12 14:40:46 +02:00
Tamas Vajk
b4d35b52c3 C#: Add Console.Read* to local flow sources 2021-04-12 14:19:17 +02:00
Tom Hvitved
5446532e1d C#: Update auto-builder tests 2021-04-12 14:01:55 +02:00
Anders Schack-Mulligen
acd4cf2878 Merge pull request #5636 from aschackmull/java/shared-flow-summaries 
Java: Adopt shared flow summaries
 2021-04-12 13:35:31 +02:00
CodeQL CI
e8d835b422 Merge pull request #5638 from erik-krogh/smartInliner 
Approved by esbena
 2021-04-12 04:17:25 -07:00
Tom Hvitved
c7686b1838 C#: First try pwsh and then powershell when calling dotnet-install.ps1 2021-04-12 13:01:14 +02:00
Tom Hvitved
cf5f838b13 Data flow: Remove recommendation to use unique in Node::getEnclosingCallable() 2021-04-12 12:04:23 +02:00
Anders Schack-Mulligen
e003b04061 Merge pull request #5637 from Marcono1234/marcono1234/toString-method 
Java: Add ToStringMethod
 2021-04-12 11:43:55 +02:00
Max Schaefer
cd57e61f65 Rename MkHasUnderlyingType to MkTypeUse. 2021-04-12 11:30:15 +02:00
Erik Krogh Kristensen
91d28fb8b0 cleanup in API-graphs 2021-04-12 11:30:15 +02:00
CodeQL CI
63f087a8e9 Merge pull request #5653 from erik-krogh/givenCommand 
Approved by asgerf
 2021-04-12 02:01:32 -07:00
Rasmus Wriedt Larsen
364d48948f Merge pull request #3810 from dilanbhalla/syntaxpython 
Python: Function/Class Naming Convention (Syntax)
 2021-04-12 10:42:17 +02:00
Rasmus Lerchedahl Petersen
3ff8e010b2 Python: Refactor based on review 
- more natural handling of default arguments
- do not assume default construction gives a family
- simplifies `UnspecificSSLContextCreation`
 2021-04-12 10:00:07 +02:00
Rasmus Lerchedahl Petersen
9f91dde76f Python: Update test expectation after comment 2021-04-12 09:58:06 +02:00
Erik Krogh Kristensen
17c4bbbc4e allow parameters that end with "Command" in js/shell-command-constructed-from-input 2021-04-12 09:57:40 +02:00
haby0
1b948ac2e2 Combine two Configurations into one 2021-04-12 15:44:39 +08:00
Rasmus Lerchedahl Petersen
036fddfdb5 Python: Namable -> Nameable 2021-04-12 08:18:24 +02:00
yoff
02d6de81a7 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-04-12 08:16:36 +02:00
ihsinme
feb3a8deb1 Update InsufficientControlFlowManagementAfterRefactoringTheCode.expected 2021-04-12 08:23:41 +03:00
ihsinme
6924c6c51c Update test.c 2021-04-12 08:23:06 +03:00
ihsinme
3da88f2103 Update InsufficientControlFlowManagementAfterRefactoringTheCode.c 2021-04-12 08:15:36 +03:00
ihsinme
17d1c77a14 Update InsufficientControlFlowManagementAfterRefactoringTheCode.ql 2021-04-12 08:14:17 +03:00
yo-h
4f2060f96b Merge commit '2d618d6b928d8b76ac8033b3b63d9bde71caa325' into yo-h/java16 2021-04-11 23:55:33 -04:00
Taus
10be2735ec Python: Get rid of _attr predicates 
Also changes all `CfgNode`s representing calls to `CallCfgNode`s.
 2021-04-10 12:12:18 +00:00