github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
14 450 коммитов 1 541 ветка 130 Теги 483 MiB
Граф коммитов

14450 Коммитов

Автор SHA1 Сообщение Дата
semmle-qlci fe0c5a9ea6
Merge pull request #3892 from asger-semmle/js/redirect-starts-with-sanitizer 
Approved by esbena
 2020-07-06 17:04:30 +01:00
Rasmus Wriedt Larsen d00e7396c4 Python: Consistently use camelCase in annotated call-graph tests 2020-07-06 17:59:16 +02:00
Rasmus Wriedt Larsen 65c4e6c02a Python: Disable class instantiation annotation for now 
Adjusting test setup properly requires some deep thinking, and I don't think I'm
ready to do that right now. Added a TODO instead.
 2020-07-06 17:48:15 +02:00
Rasmus Wriedt Larsen cd8ea78420 Python: Autoformat 2020-07-06 17:34:19 +02:00
Rasmus Wriedt Larsen 9e252d5465 Python: Explain random example 2020-07-06 17:30:49 +02:00
Rasmus Wriedt Larsen 849159b279 Python: Unlimited import depth 2020-07-06 17:30:26 +02:00
Rasmus Wriedt Larsen acfc62cad6
Python: Fix grammar 
Co-authored-by: Taus <tausbn@gmail.com>
 2020-07-06 17:21:29 +02:00
Anders Schack-Mulligen f98460cfd0 Java: Use SpringHttpEntity class. 2020-07-06 16:54:20 +02:00
Anders Schack-Mulligen ae21de90b6 Java: Misc grammar and formatting. 2020-07-06 16:19:42 +02:00
Anders Schack-Mulligen b06d1c715a Java: More qldoc and some formatting. 2020-07-06 16:04:14 +02:00
Marcono1234 6ff8508d01
Java: Clarify documentation for Location predicate results 2020-07-06 15:46:11 +02:00
semmle-qlci 6d80445f24
Merge pull request #3851 from erik-krogh/queryStuff 
Approved by esbena
 2020-07-06 14:40:41 +01:00
Anders Schack-Mulligen 5e9e7feddc Java: Add some qldoc and minor formatting. 2020-07-06 15:39:20 +02:00
Anders Schack-Mulligen e6658c5110 Java: Cleanup TaintTrackingUtil.qll 2020-07-06 15:35:16 +02:00
Erik Krogh Kristensen 9a944625d1
autoformat 2020-07-06 15:17:15 +02:00
Anders Schack-Mulligen 5d8f9a79f1 Java: Misc grammar fixes. 2020-07-06 14:50:33 +02:00
Anders Schack-Mulligen a80e663ab5 Java: Minor typo fix and autoformat 2020-07-06 14:43:01 +02:00
Anders Schack-Mulligen 2ce0921935 Java: Clean up SpringHttp.qll 2020-07-06 14:35:53 +02:00
Anders Schack-Mulligen 2ae15f9ace Java: Remove list, map, and StringReplaceMethod flow steps. 2020-07-06 14:19:13 +02:00
Anders Schack-Mulligen a41c2d8abf Java: Make a few predicates private and autoformat SpringController. 2020-07-06 14:18:16 +02:00
semmle-qlci 13c3513d76
Merge pull request #3905 from erik-krogh/unsafeShellTypo 
Approved by esbena
 2020-07-06 11:41:56 +01:00
Arthur Baars f917b9e3cb
Merge pull request #3608 from aschackmull/java/backport-switchexpr-cfg-fix 
Java: Backport missing CFG edge fix for switch expressions
 2020-07-06 11:43:16 +02:00
Arthur Baars d2734b2903
Merge pull request #3684 from aschackmull/java/javadoctag-qldoc 
Java: Improve qldoc for JavadocTag.
 2020-07-06 11:42:04 +02:00
Arthur Baars 98d24101b1
Merge pull request #3687 from aschackmull/java/getanenclosingstmt 
Java: Add Expr.getAnEnclosingStmt.
 2020-07-06 11:41:21 +02:00
semmle-qlci 73d606d2c3
Merge pull request #3844 from github/esbena-patch-3 
Approved by erik-krogh
 2020-07-06 09:47:59 +01:00
Erik Krogh Kristensen 8585312271 fix typo in js/shell-command-constructed-from-input 2020-07-06 10:33:49 +02:00
Marcono1234 2d9b52f750 Update query console links in source-locations.rst, replace deprecated predicates 
Removes 'eclipse-cdt/cdt' and 'gradle/gradle' from the queried projects
because they cannot be queried currently, and instead queries all demo
projects which are currently available.
 2020-07-05 22:32:53 +02:00
Marcono1234 7b4960c9a7 Update query console links in javadoc.rst 
Removes 'gradle/gradle' from the queried projects because it cannot be
queried currently, and instead queries all demo projects which are currently
available.
 2020-07-05 22:06:39 +02:00
Marcono1234 b835d7879c Update query console links in introduce-libraries-java.rst 
Removes 'eclipse-cdt/cdt' and 'gradle/gradle' from the queried projects
because they cannot be queried currently, and instead queries all demo
projects which are currently available.
 2020-07-05 22:06:26 +02:00
Marcono1234 2b3b64cdbc Update query console links in expressions-statements.rst 
Removes 'eclipse-cdt/cdt' and 'gradle/gradle' from the queried projects
because they cannot be queried currently, and instead queries all demo
projects which are currently available.
 2020-07-05 20:04:36 +02:00
Marcono1234 c10a598670 Update query console links in call-graph.rst 
Removes 'eclipse-cdt/cdt' and 'gradle/gradle' from the queried projects
because they cannot be queried currently, and instead queries all demo
projects which are currently available.
 2020-07-05 19:54:27 +02:00
Marcono1234 ab2456630c Update query console links in annotations.rst 
Removes 'eclipse-cdt/cdt' and 'gradle/gradle' from the queried projects
because they cannot be queried currently, and instead queries all demo
projects which are currently available.
 2020-07-05 19:43:48 +02:00
Marcono1234 13ffd7307c Update query console links in types-class-hierarchy.rst 
Removes 'gradle/gradle' from the queried projects because it cannot be
queried currently, and instead queries all demo projects which are currently
available.
 2020-07-05 19:20:42 +02:00
Marcono1234 f8e474f89a Add missing java.nio.file.Files methods to FileReadWrite.qll 2020-07-05 18:39:26 +02:00
Arthur Baars 19a481f809 Java: Arrays: add tests 2020-07-03 17:15:17 +02:00
Arthur Baars 0b89efbee4 Java: model Arrays::addList 2020-07-03 17:15:17 +02:00
Arthur Baars a07af79fff Java: model java.util.Arrays 2020-07-03 17:15:17 +02:00
Arthur Baars 1485f7c876 Java: model some new Set,List,Map methods 
Models the taint propagation for the copyOf(..),
of(..), ofEntries(..) and entry(..) methods
 2020-07-03 17:14:53 +02:00
Max Schaefer 163257a6c5
Merge pull request #3891 from aibaars/exclude-experimental 
CodeQL: exclude `experimental`  queries from LGTM suites
 2020-07-03 16:14:29 +01:00
Arthur Baars c629f6b13a
Merge pull request #3869 from aibaars/util-collections 
Java: model java.util.Collections
 2020-07-03 17:09:14 +02:00
yoff 687bb4dfc8
Merge pull request #3890 from github/tausbn-add-paths-ignore-to-code-scanning-config 
Code Scanning: Don't scan the Python directory.
 2020-07-03 16:03:41 +02:00
Taus 01c4852360
Merge pull request #3701 from yoff/SharedDataflow 
Python: Start using the shared data flow libraries
 2020-07-03 16:03:20 +02:00
Asger Feldthaus b5104ae42d JS: Add StartsWith sanitizer 2020-07-03 14:46:07 +01:00
Asger Feldthaus 4c06eb8bfe JS: Add test showing FPs 2020-07-03 14:45:42 +01:00
Rasmus Lerchedahl Petersen fe9520b50b Python: correct doc for toString 2020-07-03 15:04:54 +02:00
Arthur Baars 5fff41f35b Don't track taint on Map keys 2020-07-03 14:47:25 +02:00
Rasmus Lerchedahl Petersen 33cf96ccb8 Python: Address review comments 2020-07-03 14:11:58 +02:00
Anders Schack-Mulligen 6de612a566 Java: Split SpringWebRequestGetMethod into its own class. 2020-07-03 14:06:54 +02:00
Arthur Baars 2b248fb24f CodeQL: exclude queries from CodeScanning suites 2020-07-03 14:03:00 +02:00
Arthur Baars bb01dbd2ae CodeQL: exclude queries from LGTM suites 2020-07-03 14:01:20 +02:00