12906 Коммитов

Все ветки

Поиск

Автор	SHA1	Сообщение	Дата
Erik Krogh Kristensen	d18808698a	adjust qhelp to focus on the execFile API	2020-05-18 12:22:46 +02:00
Erik Krogh Kristensen	9c294513c7	Apply suggestions from code review ... Co-authored-by: Asger F <asgerf@github.com>	2020-05-18 12:18:20 +02:00
semmle-qlci	14664be467	Merge pull request #3468 from p0/imp/nodejs-vm-sinks ... Approved by esbena	2020-05-18 11:10:13 +01:00
Erik Krogh Kristensen	c6276ddd1c	update expected output after restricting precise array tracking to Promise.all	2020-05-18 11:49:07 +02:00
James Fletcher	bd6d2d899d	Merge pull request #3495 from jf205/java-article-fix ... CodeQL docs: remove stray GH variable	2020-05-18 10:23:22 +01:00
james	06f465bae7	docs: remove gh variable	2020-05-18 10:12:40 +01:00
Jonas Jensen	cc00f0f584	C++: Move identical declarations to shared.h file ... This cleans up the test results, which were confusing because functions like `sink` had multiple locations. There are some additional results now involving casts to `const char *` because previously it varied whether `sink` used `const`, and now it always does.	2020-05-18 10:42:52 +02:00
Asger Feldthaus	a18e0b37cf	JS: simplify sequelize model	2020-05-18 09:34:17 +01:00
Asger F	f52c827966	Apply suggestions from code review ... Base type of EscapingSanitizer Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-05-18 09:31:09 +01:00
Asger F	ffb22c061a	Apply suggestions from code review ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-05-18 09:28:22 +01:00
Erik Krogh Kristensen	bd3c4d4077	Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3478	2020-05-18 07:51:19 +00:00
semmle-qlci	6041d52936	Merge pull request #3424 from asger-semmle/js/express-param-handler ... Approved by esbena	2020-05-18 08:48:24 +01:00
semmle-qlci	135eae9895	Merge pull request #3483 from esbena/js/fix-qhelp-FNs ... Approved by asgerf	2020-05-18 08:47:05 +01:00
semmle-qlci	0230b79efc	Merge pull request #3391 from erik-krogh/SplitFPs ... Approved by esbena	2020-05-18 08:46:26 +01:00
Erik Krogh Kristensen	8717f7bd0d	restrict precise array elements to Promise.all()	2020-05-17 15:58:59 +02:00
Erik Krogh Kristensen	2d6e3a5784	support outdir in tsconfig.json	2020-05-17 10:32:27 +02:00
Erik Krogh Kristensen	dfdecf1450	add change note	2020-05-17 10:32:27 +02:00
Erik Krogh Kristensen	c8cf958c8a	add test cases for js/shell-command-constructed-from-input	2020-05-17 10:32:27 +02:00
Erik Krogh Kristensen	59001bbdf4	add qhelp for js/shell-command-constructed-from-input	2020-05-17 10:32:27 +02:00
Erik Krogh Kristensen	5e647da0de	add js/shell-command-constructed-from-input query	2020-05-17 10:32:15 +02:00
Erik Krogh Kristensen	a1a6826278	support non-SourceNode in IndirectCommandArgument#argumentList	2020-05-16 23:15:37 +02:00
Erik Krogh Kristensen	a6cd91bb49	add support for mz/fs and mz/child_process	2020-05-16 23:15:33 +02:00
Erik Krogh Kristensen	bb8905b46e	add "valid" to the AdHocWhitelistCheckSanitizer	2020-05-16 22:43:36 +02:00
semmle-qlci	8d41ce1630	Merge pull request #3480 from erik-krogh/moreSlip ... Approved by esbena	2020-05-16 21:17:27 +01:00
Mathias Vorreiter Pedersen	a42d80aa14	Merge pull request #3481 from dbartol/github/codeql-c-analysis-team/69 ... C++/C#: Allow memory operands to lack a definition	2020-05-16 11:53:00 +02:00
Asger Feldthaus	897a3e39c9	JS: Autoformat	2020-05-16 09:37:16 +01:00
Asger Feldthaus	0171c9e10c	JS: Autoformat	2020-05-16 09:25:18 +01:00
Asger Feldthaus	d279845a43	JS: Minor fixes	2020-05-16 09:24:53 +01:00
yo-h	4f00e40257	Merge pull request #3474 from aschackmull/java/string-formatted ... Java: Add taint steps for String.formatted.	2020-05-15 22:04:36 -04:00
yo-h	69ab158910	Merge pull request #3473 from aschackmull/java/switchexpr ... Java: Extend library support for switch expressions.	2020-05-15 20:46:37 -04:00
Dave Bartolomeo	96c87b309b	C++/C#: Use `unique` to get a better join order ... The previous changes made the optimizer choose a bad join order for the RHS of the antijoin in `addressOperandAllocationAndOffset`. Once again, `unique` to the rescue.	2020-05-15 17:36:43 -04:00
Erik Krogh Kristensen	e2cd7e6230	more precise taint-tracking for Promise.all	2020-05-15 22:02:41 +02:00
Hector Cuesta	16e39414bc	Reword of help file	2020-05-15 18:14:52 +01:00
Asger Feldthaus	435f9ea09f	JS: Change note	2020-05-15 17:27:30 +01:00
Asger Feldthaus	5249e84359	JS: Type track spanner model	2020-05-15 17:27:30 +01:00
Asger Feldthaus	d225715828	JS: Type track mssql model	2020-05-15 17:27:30 +01:00
Asger Feldthaus	6dcee5a0ef	JS: Type track sqlite model	2020-05-15 17:27:30 +01:00
Asger Feldthaus	84cd02cf01	JS: Type track pg model	2020-05-15 17:27:27 +01:00
Asger Feldthaus	f7771f17d1	JS: Type track mysql model	2020-05-15 17:27:27 +01:00
Asger Feldthaus	3e9849b7c4	JS: Type track sequelize model	2020-05-15 17:27:24 +01:00
Hector Cuesta	ef53e443b7	Fix typo in comment	2020-05-15 17:17:42 +01:00
luchua-bc	4117cd73a7	Add JBoss logging	2020-05-15 16:14:41 +00:00
Geoffrey White	edd09f09cd	C++: Add test cases where several specific values are permitted.	2020-05-15 17:01:23 +01:00
Hector Cuesta	a022086498	Add experimental query for Tainted WebClient	2020-05-15 16:30:10 +01:00
Calum Grant	da6c37d7dc	C#: Update test output.	2020-05-15 15:40:49 +01:00
Jonas Jensen	b08de6c051	Merge pull request #3482 from MathiasVP/getlim-taint-source ... C++: Add GetDelim as taint step	2020-05-15 15:54:29 +02:00
Calum Grant	5787871734	Merge pull request #3351 from hvitved/csharp/unification-nested-types ... C#: Teach unification library about nested types	2020-05-15 14:11:00 +01:00
Calum Grant	cc844648ff	Merge pull request #3365 from hvitved/csharp/format-queries-path-problem ... C#: Convert `string.format()` queries to path queries	2020-05-15 14:08:54 +01:00
Rasmus Wriedt Larsen	061f318576	Merge pull request #3460 from yoff/boolDefault ... Python: __bool__ does not raise TypeError by default	2020-05-15 15:07:45 +02:00
Dave Bartolomeo	89ec60c948	C++/C#: Add missing QLDoc	2020-05-15 09:01:16 -04:00