github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
71 645 коммитов 1 534 Ветки 130 Теги 471 MiB
Граф коммитов

246 Коммитов

Автор SHA1 Сообщение Дата
Josh Soref e4321f07a0 spelling: mimic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-20 08:18:23 -04:00
Felicity Chapman 523f1068b8 Editorial suggestions 
We don't hyphenate "QL-library" and there were a few typos. Feel free to further revise this if I've changed the meaning too much.

As discussed separately, I was unable to raise this as a PR in GitHub.com and had to resort to a direct commit.

(cherry picked from commit e29468135d)
 2020-04-22 18:15:43 +01:00
Taus ac8cca37e8 Apply suggestions from code review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
(cherry picked from commit 44b570f7b6)
 2020-04-22 18:15:43 +01:00
Taus Brock-Nannestad 63234aae40 Python: Finalise change notes for 1.24. 
(cherry picked from commit e97d88c158)
 2020-04-22 18:15:42 +01:00
Felicity Chapman dc83ac61b5
Fix error in 3287 
@jbj - apologies for the over-eager merge of #3287. This should fix the error you highlighted.
 2020-04-20 15:12:43 +01:00
Felicity Chapman 962f13ee13
Merge pull request #3287 from felicitymay/1.24/SD-61-Cpp-finalize-notes 
1.24 release: finalize change notes for C/C++
 2020-04-20 09:07:58 +01:00
Felicity Chapman 3bfcd618c0
Merge pull request #3286 from felicitymay/1.24/SD-61-JS-finalize-notes 
1.24 release: finalize change notes for JavaScript
 2020-04-20 09:07:47 +01:00
yo-h 26f624d2d4
Merge pull request #3285 from felicitymay/1.24/SD-61-Java-finalize-notes 
1.24 release: finalize change notes for Java
 2020-04-17 17:04:38 -04:00
Felicity Chapman 05d0d844bd Editorial changes 2020-04-17 14:44:14 +01:00
Calum Grant dbff9b6fc7
Merge pull request #3284 from felicitymay/1.24/SD-61-CS-finalize-notes 
1.24 release: finalize change notes for C#
 2020-04-17 14:13:39 +01:00
Felicity Chapman d5145d9f0a Sort table alphabetically 2020-04-17 14:05:21 +01:00
Felicity Chapman c1323886b6
Update change-notes/1.24/analysis-javascript.md 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-17 13:30:49 +01:00
Felicity Chapman 01a31c1065 Minor editorial changes 2020-04-17 12:50:20 +01:00
Felicity Chapman ee12e6a00b Sort alphabetically 2020-04-17 12:35:33 +01:00
Felicity Chapman 67e8a5c8d8 Minor editorial changes 2020-04-17 12:11:33 +01:00
Felicity Chapman 81b3b4884c Add LGTM info for new queries and comment detail 
Plus minor editorial changes
 2020-04-17 12:09:27 +01:00
Felicity Chapman 08d1a2c5ea Reorder table and remove empty sections 2020-04-17 11:30:18 +01:00
Jonas Jensen 7dab89ef56 C++: More details about lib implementation changes 
This commit mostly restores the previous note about library changes but
avoids mentioning queries in the library section.
 2020-04-17 10:32:28 +02:00
Jonas Jensen 9191190248 C++: Spaceship operator change note 2020-04-17 10:18:17 +02:00
Jonas Jensen 7e67dcca6f C++: Tidy up 1.24 change notes 
- Merged the two notes for `cpp/uncontrolled-allocation-size` into one.
- Added note about renaming of a query id.
- Moved the use of IR in queries from the library section to the queries
  section, rephrasing the note in terms of query results/performance
  rather than library implementation.
- Grouped, without text changes, the three notes about the `Allocation`
  library
- Grouped all the notes about standard-library models, abbreviating them
  to eliminate the common text.
- Removed the note about `strlen` (#2647) since that should no longer
  affect the results of queries or IR data flow after we started using
  unsound IR for data flow.
 2020-04-15 16:08:57 +02:00
Geoffrey White 92187d9e71 C++: Change note. 2020-04-14 14:00:46 +01:00
Jonas Jensen 42e9d1416b
Merge pull request #3206 from geoffw0/newfreefix 
C++: Fix `cpp/new-free-mismatch` false positives
 2020-04-08 08:39:43 +02:00
Geoffrey White 66a0b7884e Merge branch 'master' into alloc-size 2020-04-07 17:12:35 +01:00
semmle-qlci e5d3286ee9
Merge pull request #3183 from asger-semmle/js/bad-url-scheme-check 
Approved by esbena
 2020-04-06 14:53:15 +01:00
Geoffrey White 050e239507 C++: Change note. 2020-04-06 14:39:07 +01:00
Calum Grant 6cce0de9b2
Merge pull request #3124 from hvitved/csharp/dataflow/sources-and-sinks 
C#: Introduce `RemoteFlowSink` class
 2020-04-06 12:36:14 +01:00
Asger Feldthaus 2c6beadf68 JS: Recognize more forms of scheme checks 2020-04-06 12:30:03 +01:00
Jonas Jensen 16c7a35b1c
Merge pull request #3195 from geoffw0/taintstring 
C++: Model taint flow through std::string constructor and c_str()
 2020-04-03 12:05:07 +02:00
Tom Hvitved 08fbd1d2ad C#: Update change notes 2020-04-03 10:25:46 +02:00
Geoffrey White ab716ebe75 C++: Change note. 2020-04-02 19:49:42 +01:00
Geoffrey White 6b5f4d9e12 Merge branch 'master' into av114 2020-04-01 18:23:21 +01:00
semmle-qlci 1975a83cdd
Merge pull request #3116 from max-schaefer/js/postgres-type-tracking 
Approved by asgerf
 2020-03-27 09:23:52 +00:00
semmle-qlci e7fd97e72b
Merge pull request #3119 from erik-krogh/SockJS 
Approved by esbena
 2020-03-25 21:36:29 +00:00
Tom Hvitved 95b6f6aee0 C#: Add change note 2020-03-25 20:05:39 +01:00
Erik Krogh Kristensen f7faaa634f change-note 2020-03-25 11:37:39 +01:00
semmle-qlci ac7c74dcee
Merge pull request #3111 from RasmusWL/python-fabric-command-injection 
Approved by BekaValentine
 2020-03-25 10:07:33 +00:00
Max Schaefer efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
Rasmus Wriedt Larsen 49fa7c8589 Python: update 1.24 changelog 2020-03-24 10:15:36 +01:00
semmle-qlci 4c9a6b73ee
Merge pull request #3107 from erik-krogh/FArgs 
Approved by esbena
 2020-03-24 08:32:56 +00:00
Erik Krogh Kristensen 833183c706 change note 2020-03-23 14:13:30 +01:00
Asger F 6c2842bd49
Merge pull request #2919 from asger-semmle/js/property-barriers 
JS: Make sanitizers no longer block taint inside an object
 2020-03-23 11:43:18 +00:00
Luke Cartey 9eee16b2d6
Merge pull request #3091 from hvitved/csharp/xpath-injection-more-sinks 
C#: Teach XPath injection query about `XPathNavigator`
 2020-03-23 09:39:26 +00:00
semmle-qlci 2c7af72f14
Merge pull request #2858 from RasmusWL/python-support-django2 
Approved by tausbn
 2020-03-23 09:35:46 +00:00
Tom Hvitved fc74a482a4 C#: More XPath injection sinks 2020-03-19 14:13:35 +01:00
Tom Hvitved 0d45700088 C#: Add change note 2020-03-19 13:41:22 +01:00
Asger Feldthaus de7fbce27b JS: Adjust whitespace in change notes 2020-03-18 11:55:13 +00:00
Asger Feldthaus 08ad4f785a JS: Tweak other parts of change note for consistency 2020-03-18 11:55:12 +00:00
Asger Feldthaus ad2b150d05 JS: Add change note 2020-03-18 11:55:12 +00:00
Jonas Jensen f1ad0dafdc
Merge pull request #2849 from geoffw0/model-gets 
C++: Model for gets
 2020-03-18 11:06:23 +01:00
semmle-qlci ea46873bfe
Merge pull request #3065 from erik-krogh/PathSinks 
Approved by esbena
 2020-03-17 13:00:00 +00:00