hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,718 Commits 1,673 Branches 157 Tags
f72ff3722677ea26855972acc0e1d1a4691c593b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jonas Jensen f72ff37226 C++: Combine crypto blacklist regexes into one 
Instead of `algorithmBlacklistRegex` having 2 * 5 results, it now has
only one result, which is a single regex that represents the union of
the previous 2 * 5 regexes. This means that `BrokenCryptoAlgorithm.ql`
has much less regex matching to do.

On https://github.com/ericniebler/range-v3, this change reduces the run
time of the two slowest predicates from

    BrokenCryptoAlgorithm::InsecureMacroSpec#class#f .... 2m21s
    BrokenCryptoAlgorithm::InsecureFunctionCall#class#f . 54.5s

to

    BrokenCryptoAlgorithm::InsecureMacroSpec#class#f .... 35.1s
    BrokenCryptoAlgorithm::InsecureFunctionCall#class#f . 12.8s
2019-03-18 11:51:50 +01:00
change-notes
JavaScript: Make configuration of parallel extraction consistent with parallel evaluation.
2019-03-05 10:06:32 +00:00
config
C++: Better tracking of SSA memory accesses
2019-02-13 10:44:39 -08:00
cpp
C++: Combine crypto blacklist regexes into one
2019-03-18 11:51:50 +01:00
csharp
Merge pull request #1014 from hvitved/csharp/same-children-modulo-type-params
2019-03-05 16:43:33 +00:00
docs
Merge pull request #581 from jf205/metadata-guide
2018-12-12 12:55:20 +00:00
java
Merge pull request #1022 from yh-semmle/java/dead-code-override
2019-03-01 19:11:46 +00:00
javascript
JavaScript: Remove a @link in Javadoc.
2019-03-05 17:02:44 +00:00
misc
Add simple mode for highlighting QL dbschemes
2019-02-19 09:56:39 +00:00
python
Merge pull request #1032 from xiemaisi/master-for-merge
2019-03-04 21:23:51 +00:00
.editorconfig
Normalize all text files to LF
2018-09-23 16:24:31 -07:00
.gitattributes
.gitattributes: DLLs are binary
2018-11-30 18:05:02 +00:00
.gitignore
Don't .gitignore .vs/VSWorkspaceSettings.json
2018-09-26 15:52:44 +02:00
.lgtm.yml
Update lgtm.yml file to exclude Python source in query and test folders.
2018-11-20 14:57:36 +00:00
CODE_OF_CONDUCT.md
Introduce code of conduct
2018-08-07 12:19:02 +01:00
CODEOWNERS
C++: Add C++ analysis team to CODEOWNERS
2018-10-24 11:58:37 +02:00
CONTRIBUTING.md
Update CONTRIBUTING.md and README.md to link the the QL Style Guide.
2018-08-20 11:06:22 +01:00
COPYRIGHT
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
LICENSE
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
README.md
update link in readme file
2019-02-20 16:59:40 +00:00

README.md

Semmle QL

This open source repository contains the standard QL libraries and queries that power LGTM, and the other products that Semmle makes available to its customers worldwide.

How do I learn QL and run queries?

There is extensive documentation on getting started with writing QL. You can use the interactive query console on LGTM.com or the QL for Eclipse plugin to try out your queries on any open-source project that's currently being analyzed.

Contributing

We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our contributing guidelines and QL style guide.

License

The LGTM queries are licensed under Apache License 2.0 by Semmle.

Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 15 GiB
Languages
CodeQL 31.7%
Kotlin 27.1%
C# 16.4%
Java 7.5%
Python 4.5%
Other 12.6%