codeql

mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00

Author	SHA1	Message	Date
Tamas Vajk	c684b74b3d	C#: Add async dataflow tests	2021-03-16 14:46:16 +01:00
Rasmus Wriedt Larsen	50978364a6	Merge pull request #5246 from yoff/python-port-insecure-default-protocol Python: Port insecure default protocol	2021-03-16 14:30:19 +01:00
Asger Feldthaus	3922c73be7	JS: Add change note	2021-03-16 13:28:12 +00:00
Asger Feldthaus	a76be91481	JS: Remove deprected use of queryAccess	2021-03-16 13:28:12 +00:00
Asger Feldthaus	ff1326cc7b	JS: Cache getReExportedModule	2021-03-16 13:28:12 +00:00
Asger Feldthaus	710cca5395	JS: Update expectations with new sources	2021-03-16 13:28:12 +00:00
Asger Feldthaus	a9383da2c3	JS: Autoformat	2021-03-16 13:28:12 +00:00
Asger Feldthaus	bc4c178648	JS: Cache together	2021-03-16 13:28:12 +00:00
Asger Feldthaus	7b7e87f177	JS: Fix bad join order in closure	2021-03-16 13:28:11 +00:00
Asger Feldthaus	aa1c8c041e	JS: Exclude client-side sources from RegExpInjection	2021-03-16 13:28:11 +00:00
Asger Feldthaus	2e57a7d3e9	JS: Add ClientSideRemoteFlowSource	2021-03-16 13:28:09 +00:00
Anders Schack-Mulligen	aa360c0378	Merge pull request #5413 from smowton/smowton/feature/infer-fluent-method-taint-flow Add taint-preserving edges where a call also has a value-preserving edge	2021-03-16 14:10:11 +01:00
Anders Schack-Mulligen	53c360479a	Merge pull request #5329 from tamasvajk/feature/csv-taint-step Java: migrate taint steps to CSV	2021-03-16 14:09:21 +01:00
Anders Schack-Mulligen	46bae88181	Merge pull request #5375 from aschackmull/dataflow/unbind Dataflow: Switch from unbind to pragma[only_bind_into].	2021-03-16 14:03:54 +01:00
Tom Hvitved	88b7ad001f	C#: Take phi nodes into account in `Steps::getARead()`	2021-03-16 13:55:30 +01:00
CodeQL CI	ae62fbc2c7	Merge pull request #5382 from erik-krogh/moreCache Approved by asgerf	2021-03-16 05:53:03 -07:00
Tom Hvitved	cb8e2d451d	C#: Add test for `DeadStoreOfLocal.ql`	2021-03-16 13:52:41 +01:00
Tom Hvitved	b11e15154f	Data flow: Sync files and add stubs	2021-03-16 13:49:32 +01:00
Tom Hvitved	a373a523f6	Data flow: Move C# lambda flow logic into shared library	2021-03-16 13:49:32 +01:00
CodeQL CI	b37da7cc22	Merge pull request #5386 from erik-krogh/cachePrepend Approved by asgerf	2021-03-16 05:49:24 -07:00
CodeQL CI	40acb95105	Merge pull request #5397 from erik-krogh/globalSanitizer Approved by asgerf	2021-03-16 05:37:32 -07:00
Erik Krogh Kristensen	3640bbd466	add test for IncompleteHtmlAttributeSanitization	2021-03-16 13:25:27 +01:00
Erik Krogh Kristensen	1bf259beef	support another String.prototype.replace pattern	2021-03-16 13:25:13 +01:00
Cornelius Riemenschneider	755fec466f	Apply suggestions from code review Co-authored-by: Jonas Jensen <jbj@github.com>	2021-03-16 13:21:57 +01:00
Tom Hvitved	e1e4016a5c	C#: Fix missing delegate flow	2021-03-16 13:16:23 +01:00
Tom Hvitved	29c6d22163	C#: Add test exposing missing delegate flow	2021-03-16 13:16:23 +01:00
Tom Hvitved	25adcfc39d	C#: Fix missing phi flow	2021-03-16 13:16:23 +01:00
Tom Hvitved	e092b31791	C#: Add test exposing missing phi flow	2021-03-16 13:16:23 +01:00
Tom Hvitved	7eaf02a0bf	Make external `AstNode` an IPA type	2021-03-16 12:50:20 +01:00
Tamas Vajk	d02fba8c37	Java: adjust wrapped constructor calls	2021-03-16 12:42:41 +01:00
Rasmus Lerchedahl Petersen	cf791e8164	Python: Describe `Concepts` and `Attributes`	2021-03-16 12:31:47 +01:00
Tamas Vajk	e3534d1635	Java: cover wrapped constructor taint flow	2021-03-16 12:10:28 +01:00
Tamas Vajk	af0dff8c6f	Java: migrate constructor flow taint steps to CSV	2021-03-16 12:10:28 +01:00
Tamas Vajk	f9a207dd9f	Java: migrate 'arg to arg' taint steps to CSV	2021-03-16 12:10:28 +01:00
Tamas Vajk	7e1534a6cd	Java: migrate 'arg to return' taint steps to CSV	2021-03-16 12:10:28 +01:00
Tamas Vajk	5cdbde2686	Java: migrate 'qualifier to return' taint steps to CSV	2021-03-16 12:10:28 +01:00
Tamas Vajk	40126563ef	Java: migrate 'qualifier to arg' taint steps to CSV	2021-03-16 12:10:28 +01:00
CodeQL CI	c08230ce1e	Merge pull request #5378 from asgerf/js/meta-problem-queries Approved by esbena	2021-03-16 03:58:12 -07:00
Cornelius Riemenschneider	2e8e04f73e	C++: Move FailedExtractions.ql to FailedCompilations.ql.	2021-03-16 10:48:04 +00:00
Tamás Vajk	24140195d6	Merge pull request #5242 from tamasvajk/feature/tuple-df C#: Add tuple dataflow	2021-03-16 11:45:11 +01:00
Tamás Vajk	8d6b8359eb	Merge pull request #5316 from tamasvajk/feature/roslyn3.9 C#: Upgrade Roslyn dependencies to 3.9	2021-03-16 11:44:42 +01:00
Anders Schack-Mulligen	2d8d967060	Dataflow: Address review comment.	2021-03-16 11:07:33 +01:00
Cornelius Riemenschneider	fa3ac30894	C++: Update query to latest spec.	2021-03-16 09:56:38 +00:00
Chris Smowton	6d108c0fa7	Improve docstring for `composedValueAndTaintModelStep` Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-03-16 09:00:35 +00:00
Chris Smowton	915a19fb9d	Improve naming; eliminate some harmless extra results Adding `src != valueSource` should have no effect as the introduced edge would already exist, but could reduce workload downstream.	2021-03-16 08:57:14 +00:00
Chris Smowton	516122aa74	Add taint-preserving edges where a call also has a value-preserving edge For example, for a fluent method that returns `this`, we take a tainting edge from argX to either `this` or the return value to also taint the other.	2021-03-16 08:45:24 +00:00
CodeQL CI	86b933a0e0	Merge pull request #5354 from yoff/doc-fix-typo-csharp-dataflow Approved by hvitved	2021-03-15 23:52:38 -07:00
Jaroslav Lobačevski	8445ec6c17	Update javascript/ql/src/experimental/semmle/javascript/Actions.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2021-03-15 19:15:10 +02:00
yoff	14dd708abc	Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>	2021-03-15 17:56:50 +01:00
Jaroslav Lobačevski	87ea442a78	qhelp	2021-03-15 18:47:45 +02:00

... 296 297 298 299 300 ...

36554 Commits