hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,909 Commits 1,741 Branches 166 Tags
842aafc888f90c9c91f749499bae788268d7dfc5
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jonas Jensen 842aafc888 C++: Fix new UnsafeDaclSecurityDescriptor FP 
This query uses data flow for nullness analysis, which is always going
to be a large overapproximation. The overapproximation became too big
for one of the test cases after the recent change to make data flow go
across assignment by reference.

To make this query more conservative, it will now only report that the
`pDacl` argument can be null if there isn't also evidence that it can be
non-null.
2019-04-02 11:31:12 +02:00
change-notes
Merge pull request #1130 from felicity-semmle/1.20/javascript-extractor
2019-03-19 17:09:05 +00:00
config
C++: FunctionIR -> IRFunction
2019-03-12 11:28:22 -07:00
cpp
C++: Fix new UnsafeDaclSecurityDescriptor FP
2019-04-02 11:31:12 +02:00
csharp
C#: Fix a few minor performance regressions
2019-03-18 14:36:41 +01:00
docs
docs: reword slightly
2019-03-13 07:54:44 +00:00
java
Merge pull request #1022 from yh-semmle/java/dead-code-override
2019-03-01 19:11:46 +00:00
javascript
TS: update test expectation
2019-03-21 11:06:04 +00:00
misc
Add simple mode for highlighting QL dbschemes
2019-02-19 09:56:39 +00:00
python
Merge pull request #1169 from markshannon/python-speedup-flow-step
2019-03-26 16:58:47 +01:00
.editorconfig
Normalize all text files to LF
2018-09-23 16:24:31 -07:00
.gitattributes
.gitattributes: DLLs are binary
2018-11-30 18:05:02 +00:00
.gitignore
Don't .gitignore .vs/VSWorkspaceSettings.json
2018-09-26 15:52:44 +02:00
.lgtm.yml
Update lgtm.yml file to exclude Python source in query and test folders.
2018-11-20 14:57:36 +00:00
CODE_OF_CONDUCT.md
Introduce code of conduct
2018-08-07 12:19:02 +01:00
CODEOWNERS
C++: Add C++ analysis team to CODEOWNERS
2018-10-24 11:58:37 +02:00
CONTRIBUTING.md
Update CONTRIBUTING.md and README.md to link the the QL Style Guide.
2018-08-20 11:06:22 +01:00
COPYRIGHT
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
LICENSE
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
README.md
Merge pull request #763 from sjvs/patch-1
2019-03-15 09:02:08 +00:00

README.md

Semmle QL

This open source repository contains the standard QL libraries and queries that power LGTM, and the other products that Semmle makes available to its customers worldwide.

How do I learn QL and run queries?

There is extensive documentation on getting started with writing QL. You can use the interactive query console on LGTM.com or the QL for Eclipse plugin to try out your queries on any open-source project that's currently being analyzed.

Contributing

We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our contributing guidelines and QL style guide.

License

The QL queries in this repository are licensed under Apache License 2.0 by Semmle.

Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 19 GiB
Languages
CodeQL 32.3%
Kotlin 27.4%
C# 17.1%
Java 7.7%
Python 4.6%
Other 10.7%