Tamas Vajk
|
c2e8d3fb3b
|
C#: Minor fix in TypeMention
|
2020-10-28 11:28:06 +01:00 |
|
Asger Feldthaus
|
a9adb2912a
|
JS: Improve lodash model
|
2020-10-28 10:09:41 +00:00 |
|
Asger Feldthaus
|
9fc5c0bdb8
|
JS: Update ComposedFunctions
|
2020-10-28 10:09:40 +00:00 |
|
Tom Hvitved
|
92461d41e0
|
C#: Add change note
|
2020-10-28 11:02:12 +01:00 |
|
Tom Hvitved
|
28607927ee
|
C#: Update CIL tests
|
2020-10-28 10:57:01 +01:00 |
|
Cornelius Riemenschneider
|
f1f64fb7df
|
C++: Make BuiltInVarArgs* classes subclasses of VarArgsExpr.
|
2020-10-28 10:48:00 +01:00 |
|
Tamás Vajk
|
7c3964a388
|
Merge pull request #4543 from tamasvajk/feature/configureawait
C#: Add flow summary for 'Task.ConfigureAwait()'
|
2020-10-28 10:42:44 +01:00 |
|
Rasmus Lerchedahl Petersen
|
9fd1bf60fa
|
Merge branch 'main' of github.com:github/codeql into python-port-path-injection
|
2020-10-28 10:24:23 +01:00 |
|
Geoffrey White
|
09372f5c81
|
C++: Remove misleading comment.
|
2020-10-28 09:04:10 +00:00 |
|
Erik Krogh Kristensen
|
2e514c4d7b
|
add model for Node Redis
|
2020-10-28 09:52:54 +01:00 |
|
Anders Schack-Mulligen
|
34ae6e0576
|
Apply suggestions from code review
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-28 09:15:08 +01:00 |
|
Tom Hvitved
|
02ca8fe3b7
|
Merge pull request #4556 from hvitved/csharp/dataflow/tuple-perf
C#: Fix bad join-order in `System.Tuple` flow-summaries
|
2020-10-28 08:50:37 +01:00 |
|
Tamas Vajk
|
7a1e1996e4
|
C#: Remove unneded class from CompilerServices.qll
|
2020-10-28 08:42:20 +01:00 |
|
luchua-bc
|
99c79f4aa3
|
Enhance the dataflow sink and update test cases
|
2020-10-28 03:07:01 +00:00 |
|
Dave Bartolomeo
|
27ad7bc297
|
Merge pull request #4560 from MathiasVP/instruction-tag-for-this-addr-and-load
C++: Make sure getInstructionTagId has a result for `this` related IPA branches
|
2020-10-27 21:01:09 -04:00 |
|
luchua-bc
|
3cc3fe9d37
|
Switch to TaintPreservingCallable and add test cases
|
2020-10-28 00:33:07 +00:00 |
|
Arthur Baars
|
fe1d8ec15f
|
Extractor: fix child index values
|
2020-10-27 22:32:53 +01:00 |
|
Mathias Vorreiter Pedersen
|
ad9e7b7343
|
C++: Give getInstructionTagId a result when tag is ThisAddressTag or ThisLoadTag
|
2020-10-27 22:16:01 +01:00 |
|
Alvaro Muñoz
|
77b551b693
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:12:17 +01:00 |
|
Alvaro Muñoz
|
b9c75ea462
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:12:00 +01:00 |
|
Alvaro Muñoz
|
ac116da0dc
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:48 +01:00 |
|
Alvaro Muñoz
|
d5b470ea0c
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:27 +01:00 |
|
Alvaro Muñoz
|
9785013c29
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:15 +01:00 |
|
Alvaro Muñoz
|
d221930c81
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:10:56 +01:00 |
|
Alvaro Muñoz
|
a9ea63b976
|
Update java/change-notes/2020-10-27-insecure-bean-validation.md
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:10:46 +01:00 |
|
Tom Hvitved
|
de4ed59f62
|
C#: Simplify toString() for CIL entities
|
2020-10-27 20:58:40 +01:00 |
|
Arthur Baars
|
0c15783f2b
|
Merge pull request #12 from github/crates-language
Use tree-sitter-ruby crate instead of vendoring it
|
2020-10-27 20:53:48 +01:00 |
|
Nick Rolfe
|
a41c3e36f9
|
Give node_types a static lifetime.
|
2020-10-27 19:11:05 +00:00 |
|
Nick Rolfe
|
5484ff3dcf
|
Use tree_sitter_ruby crate in generator
|
2020-10-27 18:13:40 +00:00 |
|
Douglas Creager
|
2663de86fb
|
Don't clone submodules in Actions workflow
Since we don't have any submodules anymore!
|
2020-10-27 14:02:15 -04:00 |
|
Nick Rolfe
|
ce8de3feba
|
Update generator binary name in Actions workflow
|
2020-10-27 17:56:37 +00:00 |
|
Douglas Creager
|
5f985be2d9
|
Use tree-sitter-ruby crate instead of vendoring it
|
2020-10-27 13:54:56 -04:00 |
|
Nick Rolfe
|
e05bcf9fb7
|
Generate QL classes
|
2020-10-27 17:46:11 +00:00 |
|
Arthur Baars
|
3e1c378aba
|
Merge pull request #8 from github/aibaars/actions
Improve extractor build and add GitHub Actions configuration
|
2020-10-27 18:21:20 +01:00 |
|
Arthur Baars
|
4b46a75c24
|
Merge pull request #10 from github/github/aibaars/escape-uppercase
DB scheme: convert uppercase to lowercase + underscore
|
2020-10-27 18:21:00 +01:00 |
|
Arthur Baars
|
bb2e7d841f
|
DB scheme: convert uppercase to lowercase + underscore
|
2020-10-27 18:15:48 +01:00 |
|
Arthur Baars
|
53b97ff0fa
|
Use release builds for the CodeQL package
|
2020-10-27 17:48:11 +01:00 |
|
Arthur Baars
|
bdff1fe9f4
|
Merge pull request #9 from github/aibaars/escape-column-names
DB scheme generator: escape column names
|
2020-10-27 17:44:39 +01:00 |
|
Robert Marsh
|
7d7b0eaa7b
|
C++: accept test changes
The conflation-related changes result from aliased accesses for which a
precise Phi node is generated.
|
2020-10-27 09:33:28 -07:00 |
|
Arthur Baars
|
e3a1d426b8
|
DB scheme generator: escape column names
|
2020-10-27 17:31:10 +01:00 |
|
Arthur Baars
|
9e6ccf558e
|
Preserve permissions of Linux and OSX binaries
The {upload,download}-artifact actions do not preserve
file permissions, so we need to patch things up.
|
2020-10-27 17:17:44 +01:00 |
|
Alvaro Muñoz
|
1fdf0556d2
|
more fixes to make qlhelp linter happy
|
2020-10-27 17:05:00 +01:00 |
|
Arthur Baars
|
048f19edc1
|
Build a CodeQL extractor pack
|
2020-10-27 17:02:08 +01:00 |
|
Arthur Baars
|
73a090501a
|
Add GitHub actions configuration
|
2020-10-27 16:34:17 +01:00 |
|
Arthur Baars
|
7555141246
|
Extractor: include contents node-types.json as constant
|
2020-10-27 16:34:17 +01:00 |
|
Arthur Baars
|
74dd4dcc2c
|
Build parser.c and scanner.cc separately
|
2020-10-27 16:34:17 +01:00 |
|
Alvaro Muñoz
|
aa981caea5
|
more fixes to make qlhelp linter happy
|
2020-10-27 16:32:13 +01:00 |
|
Alvaro Muñoz
|
8974f252ac
|
fix format and qlhelp errors blocking the merge
|
2020-10-27 16:19:39 +01:00 |
|
Alvaro Muñoz
|
11e57bd2f8
|
add change note for new Insecure Bean Validation query
|
2020-10-27 16:11:51 +01:00 |
|
Alvaro Muñoz
|
3378dd526e
|
remove compiled classes from stubs
|
2020-10-27 15:56:26 +01:00 |
|