hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 00:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,693 Branches 160 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
ef68bd6bf4 C++: Add a test of direct calls to operator new / operator dedelete. 2020-03-31 11:01:29 +01:00
Geoffrey White
aa49b35d2c C++: Add an explicit test of DeallocationFunction and DeallocationExpr as well. 2020-03-31 10:37:20 +01:00
Erik Krogh Kristensen
546431c83d dataflow and typetracking steps for Maps and Sets 2020-03-31 11:21:34 +02:00
Erik Krogh Kristensen
25aea900b6 add more dataflow steps for Arrays 2020-03-31 11:21:25 +02:00
Erik Krogh Kristensen
a02213e745 change LoadStoreStep such that it can store in different property 2020-03-31 11:20:57 +02:00
semmle-qlci
0feb7f87e4 Merge pull request #2761 from erik-krogh/UrlSearch 
Approved by asgerf
 2020-03-31 09:46:48 +01:00
semmle-qlci
5c920eb625 Merge pull request #3120 from asger-semmle/js/prefer-typescript-file 
Approved by esbena
 2020-03-31 09:32:14 +01:00
semmle-qlci
73dd4c8686 Merge pull request #3133 from asger-semmle/js/dictionary-taint-step-regression 
Approved by esbena
 2020-03-31 09:28:55 +01:00
Erik Krogh Kristensen
40fd1825e9 autoformat 2020-03-31 09:08:32 +02:00
Jonas Jensen
93f7c950ea Merge pull request #3152 from dbartol/dbartol/sync-files 
Move `sync-identical-files.py` into public repo as `sync-files.py`
 2020-03-31 08:31:00 +02:00
Taus
e31143c9f8 Merge pull request #2889 from RasmusWL/python-add-custom-sanitizer-example 
Python: Add example for how to write your own sanitizer
 2020-03-30 22:59:56 +02:00
Robert Marsh
4bbf4628d4 Merge pull request #3162 from jbj/argHasPostUpdate-cpp 
C++: Remove noise from argHasPostUpdate check
 2020-03-30 13:20:09 -07:00
Geoffrey White
0cb7d4c82d C++: Add an explicit test of AllocationFunction and AllocationExpr. 2020-03-30 20:28:21 +01:00
semmle-qlci
3027e5d316 Merge pull request #3161 from Semmle/max-schaefer-patch-1 
Approved by felicitymay
 2020-03-30 19:44:06 +01:00
Erik Krogh Kristensen
7938bc4ed0 improve alert message for js/useless-assignment-to-local 2020-03-30 20:19:50 +02:00
Geoffrey White
b634b59b9c C++: Merge the two allocators tests. 2020-03-30 18:52:12 +01:00
Peter Stöckli
40c3b5468f Fix QHelp/XML syntax 2020-03-30 18:55:14 +02:00
Rasmus Wriedt Larsen
6127d8b8f4 Python: Fixup comment alignment 2020-03-30 18:32:31 +02:00
Rasmus Wriedt Larsen
fad03e77cc Python: Move helper predicate outside of class 
otherwise the helper predicate can (and sometimes will) be evaluated once _per_
instance of that class.
 2020-03-30 18:31:16 +02:00
Rasmus Wriedt Larsen
663dc24753 Python: Apply suggestion from Taus 
rewrote the qldoc to explain it as well.
 2020-03-30 18:29:08 +02:00
Jonas Jensen
531ef64c5d C++: Fix other copies of the argHasPostUpdate test 2020-03-30 17:45:53 +02:00
Rasmus Wriedt Larsen
0b4bfed726 Merge pull request #3156 from tausbn/python-autoformat-all-ql-files 
Python: Autoformat all `.ql` files.
 2020-03-30 16:24:18 +02:00
Rasmus Wriedt Larsen
573494d313 Merge pull request #3096 from tausbn/python-autoformat-almost-everything 
Python: Autoformat (almost) all `.qll` files.
 2020-03-30 16:19:23 +02:00
Jonas Jensen
dd322be238 C++: Remove noise from argHasPostUpdate check 
This consistency check seems to have value for AST data flow, but I've
disabled it on the IR for now.

This commit also includes two unrelated changes that seem to fix a
semantic merge conflict.
 2020-03-30 15:51:11 +02:00
Max Schaefer
365751412c Docs: Bump supported Go version. 
cf https://github.com/github/codeql-go/pull/39
 2020-03-30 14:24:22 +01:00
Geoffrey White
6d6ad4a0ae Merge branch 'master' into sideeffect 2020-03-30 14:16:23 +01:00
Taus Brock-Nannestad
b990fac97b Python: Fix test failures. 
How could the tests fail because of autoformatting, you may ask?

The answer is deprecation warnings. These specify the location of the deprecated
entity, and due to autoformatting these moved around.
 2020-03-30 13:55:38 +02:00
Taus Brock-Nannestad
2229e34466 Python: Fix outdated link in ImportFailure.qhelp. 2020-03-30 13:14:37 +02:00
semmle-qlci
fce04f0bd0 Merge pull request #3127 from erik-krogh/PromiseTrack 
Approved by asgerf
 2020-03-30 11:56:33 +01:00
Tom Hvitved
9fa9c10361 Merge pull request #2921 from aschackmull/dataflow/consistency-checks 
Java: Add data-flow consistency checks.
 2020-03-30 12:47:41 +02:00
Taus Brock-Nannestad
ab4cef53c2 Python: Autoformat one final straggler. 2020-03-30 12:36:43 +02:00
Taus Brock-Nannestad
727cde31c9 Python: Autoformat a few final stragglers. 2020-03-30 12:30:14 +02:00
Taus Brock-Nannestad
6eb9c6f84d Merge branch 'master' into python-autoformat-almost-everything 2020-03-30 12:24:01 +02:00
Asger Feldthaus
a317b87b81 JS: Fix perf issue in DictionaryTaintStep 2020-03-30 11:23:47 +01:00
James Fletcher
675144cd3d Merge pull request #3146 from jf205/tidy-up-docs-prep 
CodeQL docs: tidy up 'docs-preparation' branch following pre-migration work
 2020-03-30 11:10:28 +01:00
Anders Schack-Mulligen
caf0d1528f Merge pull request #3155 from max-schaefer/add-module-comment 
Data flow: Add module doc comment for `TaintTrackingImpl.qll`
 2020-03-30 12:07:08 +02:00
Taus Brock-Nannestad
87a9f51c78 Python: Autoformat all .ql files. 2020-03-30 11:59:10 +02:00
James Fletcher
0f0dc3c2ae Update docs/language/learn-ql/python/ql-for-python.rst 
Co-Authored-By: Alistair <54933897+hubwriter@users.noreply.github.com>
 2020-03-30 10:48:23 +01:00
Max Schaefer
e5e94e3357 Data flow: Add module doc comment for TaintTrackingImpl.qll 
Modelled after the correponding comment for `DataFlowImpl.qll`.
 2020-03-30 10:35:47 +01:00
Taus
b4fbfa029e Merge pull request #3132 from RasmusWL/python-fix-iterable-unpacking-taint-CP 
Python: Fix iterable-unpacking taint CP
 2020-03-30 11:22:03 +02:00
Erik Krogh Kristensen
f55005a0ec more precise warning message for implicit string/number conversions 2020-03-30 11:17:56 +02:00
Anders Schack-Mulligen
b2769b42ed Merge pull request #3117 from adityasharad/java/jackson-taint-steps 
Java: Add taint steps through Jackson serialization methods.
 2020-03-30 10:34:56 +02:00
Anders Schack-Mulligen
57c9277601 Merge pull request #3142 from MathiasVP/no-magic-in-parameterThroughFlowCand 
Data flow: No magic in returnFlowCallableCand
 2020-03-30 10:15:48 +02:00
Dave Bartolomeo
6b24e3c8be C++: Fix formatting 2020-03-29 08:18:05 -04:00
Dave Bartolomeo
3eef2747d5 Fix LGTM alerts 2020-03-29 03:12:27 -04:00
Dave Bartolomeo
0952064eb3 Move sync-identical-files.py into public repo as sync-files.py 
We currently use a script to keep certain duplicate QL files in sync across the repo. For historical reasons, this script has lived in the private repo alongside the rest of CodeQL, even though it's only used for files in the public `ql` repo. This PR moves the script into the public `ql` repo. It is still invoked by Jenkins scripts that live in the private repo during CI, but it can also be invoked directly without having a checkout of the private repo. This is useful for anyone who is modifying the dataflow or IR libraries with only a QL checkout.
 2020-03-29 02:59:14 -04:00
luchua-bc
000d894d99 Include Gradle Logging 2020-03-28 14:00:28 -04:00
Mathias Vorreiter Pedersen
7fce4ce9d1 Include join order fix from #3142 2020-03-28 12:34:05 +01:00
Dave Bartolomeo
434e11c0c5 C++: Fix test output 2020-03-27 19:47:08 -04:00
Dave Bartolomeo
39dd9b7099 C++/C#: Fix formatting 2020-03-27 19:46:53 -04:00