github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
11 471 коммит 1 544 Ветки 131 Тег 485 MiB
Граф коммитов

11471 Коммитов

Автор SHA1 Сообщение Дата
Shati Patel 0771c39294
Update docs/language/ql-handbook/about-the-ql-language.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-04-01 15:21:11 +01:00
Shati Patel 79068d5e68 Update link 2020-04-01 12:33:45 +01:00
Shati Patel 27408c2584 Delete QL spec articles and add README 2020-04-01 12:03:00 +01:00
Shati Patel c08f730bcd Delete "About QL" and references to it 2020-04-01 11:51:57 +01:00
Shati Patel 51f4575479 Include spec and "About QL" in reference sphinx project 2020-04-01 11:45:56 +01:00
Shati Patel ba1a0da2ab Merge branch 'master' into merge-master-docs 2020-03-31 13:09:18 +01:00
Alexander Eyers-Taylor ca9b892519
Merge pull request #3143 from ginsbach/the 
Uniqueness aggregate in handbook and reference
 2020-03-31 13:01:20 +01:00
Shati Patel 01ad297eb0
Merge pull request #3170 from shati-patel/21-ql-language 
CodeQL docs: Update intros in QL handbook and QL spec
 2020-03-31 12:39:37 +01:00
Shati Patel 5bf0a087d0
Update docs/language/ql-handbook/queries.rst 
Co-Authored-By: James Fletcher <42464962+jf205@users.noreply.github.com>
 2020-03-31 12:25:23 +01:00
Shati Patel a0158b3917 Update intros in QL handbook 2020-03-31 11:31:41 +01:00
Jonas Jensen 7b7ff1fb3a
Merge pull request #3089 from geoffw0/sideeffect 
CPP: Add side effect models for strcpy and strcat.
 2020-03-31 12:11:04 +02:00
semmle-qlci 0feb7f87e4
Merge pull request #2761 from erik-krogh/UrlSearch 
Approved by asgerf
 2020-03-31 09:46:48 +01:00
semmle-qlci 5c920eb625
Merge pull request #3120 from asger-semmle/js/prefer-typescript-file 
Approved by esbena
 2020-03-31 09:32:14 +01:00
semmle-qlci 73dd4c8686
Merge pull request #3133 from asger-semmle/js/dictionary-taint-step-regression 
Approved by esbena
 2020-03-31 09:28:55 +01:00
Jonas Jensen 93f7c950ea
Merge pull request #3152 from dbartol/dbartol/sync-files 
Move `sync-identical-files.py` into public repo as `sync-files.py`
 2020-03-31 08:31:00 +02:00
Taus e31143c9f8
Merge pull request #2889 from RasmusWL/python-add-custom-sanitizer-example 
Python: Add example for how to write your own sanitizer
 2020-03-30 22:59:56 +02:00
Robert Marsh 4bbf4628d4
Merge pull request #3162 from jbj/argHasPostUpdate-cpp 
C++: Remove noise from argHasPostUpdate check
 2020-03-30 13:20:09 -07:00
semmle-qlci 3027e5d316
Merge pull request #3161 from Semmle/max-schaefer-patch-1 
Approved by felicitymay
 2020-03-30 19:44:06 +01:00
Rasmus Wriedt Larsen 6127d8b8f4 Python: Fixup comment alignment 2020-03-30 18:32:31 +02:00
Rasmus Wriedt Larsen fad03e77cc Python: Move helper predicate outside of class 
otherwise the helper predicate can (and sometimes will) be evaluated once _per_
instance of that class.
 2020-03-30 18:31:16 +02:00
Rasmus Wriedt Larsen 663dc24753 Python: Apply suggestion from Taus 
rewrote the qldoc to explain it as well.
 2020-03-30 18:29:08 +02:00
Jonas Jensen 531ef64c5d C++: Fix other copies of the argHasPostUpdate test 2020-03-30 17:45:53 +02:00
Rasmus Wriedt Larsen 0b4bfed726
Merge pull request #3156 from tausbn/python-autoformat-all-ql-files 
Python: Autoformat all `.ql` files.
 2020-03-30 16:24:18 +02:00
Rasmus Wriedt Larsen 573494d313
Merge pull request #3096 from tausbn/python-autoformat-almost-everything 
Python: Autoformat (almost) all `.qll` files.
 2020-03-30 16:19:23 +02:00
Jonas Jensen dd322be238 C++: Remove noise from argHasPostUpdate check 
This consistency check seems to have value for AST data flow, but I've
disabled it on the IR for now.

This commit also includes two unrelated changes that seem to fix a
semantic merge conflict.
 2020-03-30 15:51:11 +02:00
Max Schaefer 365751412c
Docs: Bump supported Go version. 
cf https://github.com/github/codeql-go/pull/39
 2020-03-30 14:24:22 +01:00
Geoffrey White 6d6ad4a0ae Merge branch 'master' into sideeffect 2020-03-30 14:16:23 +01:00
Taus Brock-Nannestad b990fac97b Python: Fix test failures. 
How could the tests fail because of autoformatting, you may ask?

The answer is deprecation warnings. These specify the location of the deprecated
entity, and due to autoformatting these moved around.
 2020-03-30 13:55:38 +02:00
semmle-qlci fce04f0bd0
Merge pull request #3127 from erik-krogh/PromiseTrack 
Approved by asgerf
 2020-03-30 11:56:33 +01:00
Tom Hvitved 9fa9c10361
Merge pull request #2921 from aschackmull/dataflow/consistency-checks 
Java: Add data-flow consistency checks.
 2020-03-30 12:47:41 +02:00
Taus Brock-Nannestad ab4cef53c2 Python: Autoformat one final straggler. 2020-03-30 12:36:43 +02:00
Taus Brock-Nannestad 727cde31c9 Python: Autoformat a few final stragglers. 2020-03-30 12:30:14 +02:00
Taus Brock-Nannestad 6eb9c6f84d Merge branch 'master' into python-autoformat-almost-everything 2020-03-30 12:24:01 +02:00
Asger Feldthaus a317b87b81 JS: Fix perf issue in DictionaryTaintStep 2020-03-30 11:23:47 +01:00
James Fletcher 675144cd3d
Merge pull request #3146 from jf205/tidy-up-docs-prep 
CodeQL docs: tidy up 'docs-preparation' branch following pre-migration work
 2020-03-30 11:10:28 +01:00
Anders Schack-Mulligen caf0d1528f
Merge pull request #3155 from max-schaefer/add-module-comment 
Data flow: Add module doc comment for `TaintTrackingImpl.qll`
 2020-03-30 12:07:08 +02:00
Taus Brock-Nannestad 87a9f51c78 Python: Autoformat all `.ql` files. 2020-03-30 11:59:10 +02:00
James Fletcher 0f0dc3c2ae
Update docs/language/learn-ql/python/ql-for-python.rst 
Co-Authored-By: Alistair <54933897+hubwriter@users.noreply.github.com>
 2020-03-30 10:48:23 +01:00
Max Schaefer e5e94e3357 Data flow: Add module doc comment for `TaintTrackingImpl.qll` 
Modelled after the correponding comment for `DataFlowImpl.qll`.
 2020-03-30 10:35:47 +01:00
Taus b4fbfa029e
Merge pull request #3132 from RasmusWL/python-fix-iterable-unpacking-taint-CP 
Python: Fix iterable-unpacking taint CP
 2020-03-30 11:22:03 +02:00
Anders Schack-Mulligen b2769b42ed
Merge pull request #3117 from adityasharad/java/jackson-taint-steps 
Java: Add taint steps through Jackson serialization methods.
 2020-03-30 10:34:56 +02:00
Anders Schack-Mulligen 57c9277601
Merge pull request #3142 from MathiasVP/no-magic-in-parameterThroughFlowCand 
Data flow: No magic in returnFlowCallableCand
 2020-03-30 10:15:48 +02:00
Dave Bartolomeo 3eef2747d5 Fix LGTM alerts 2020-03-29 03:12:27 -04:00
Dave Bartolomeo 0952064eb3 Move `sync-identical-files.py` into public repo as `sync-files.py` 
We currently use a script to keep certain duplicate QL files in sync across the repo. For historical reasons, this script has lived in the private repo alongside the rest of CodeQL, even though it's only used for files in the public `ql` repo. This PR moves the script into the public `ql` repo. It is still invoked by Jenkins scripts that live in the private repo during CI, but it can also be invoked directly without having a checkout of the private repo. This is useful for anyone who is modifying the dataflow or IR libraries with only a QL checkout.
 2020-03-29 02:59:14 -04:00
Nick Rolfe 1baf5df342
Merge pull request #3147 from dbartol/dbartol/FloatLiterals 
C++: Fix test expectations for complex literals
 2020-03-27 18:15:06 +00:00
Shati Patel 28e5904079
Merge pull request #3149 from Semmle/jf205-patch-2 
Change 'Set Literals' to 'Set literals'
 2020-03-27 16:47:58 +00:00
James Fletcher 2c571d3655
Update language.rst 2020-03-27 16:40:48 +00:00
Rasmus Wriedt Larsen d55acc38df Python: Constrain execution paths for taint_at_depth 
Thanks Taus!
 2020-03-27 16:20:08 +01:00
Erik Krogh Kristensen 4864e77430 Merge branch 'master' of git.semmle.com:Semmle/ql into UrlSearch 2020-03-27 15:59:29 +01:00
Philip Ginsbach a91a5c3db9
"aggregation yields" => "query returns" 
Co-Authored-By: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-03-27 14:50:41 +00:00