github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
2 014 коммитов 1 544 Ветки 132 Теги 502 MiB
Граф коммитов

2014 Коммитов

Автор SHA1 Сообщение Дата
Jonas Jensen 5c4292932f C++: Move LGTM suites to submodule 
This follows what's been done for JavaScript. The `cpp-alerts-lgtm`
suite is now empty and will be auto-generated when building a dist.

This commit has no effect in itself, but these files need to be in place
when the corresponding changes are made in Semmle/code.
 2018-08-09 10:35:05 +02:00
Max Schaefer badb167962
Merge pull request #35 from esben-semmle/js/classify-application-insight 
JS: classify the ApplicationInsights library instance
 2018-08-09 08:12:12 +01:00
Julian Tibble bb9ce0e1fd C#: fix inconsistent type/constructor name 
The code sample for the self-assignment query help had a different name
for the class and it's (intended) constructor, so was invalid.
 2018-08-08 22:42:06 +01:00
Robert Marsh bf39674761 C++: remove accidental blank line 2018-08-08 14:17:35 -07:00
Robert Marsh f280de7ae3 C++: add security tags to more queries 2018-08-08 13:55:36 -07:00
Max Schaefer 0de9eed71c
Merge pull request #32 from asger-semmle/export-import-flow 
TypeScript: bugfixes for import-assign statement
 2018-08-08 16:35:43 +01:00
Esben Sparre Andreasen 2589cf70c9 JS: classify the ApplicationInsights library instance 2018-08-08 15:39:22 +02:00
Max Schaefer 355302eac4
Merge pull request #29 from esben-semmle/js/fixup-angularjs-filter-argument-index 
JS: fix an off-by-one error in the AngularJS expression AST
 2018-08-08 14:03:55 +01:00
Max Schaefer 854dc0cbeb
Merge pull request #28 from esben-semmle/js/whitelist-empty-functions 
JS: permit some calls with spurious arguments to empty functions
 2018-08-08 14:03:18 +01:00
Asger F 94bac1253d TypeScript: bugfixes for import-assign statement 2018-08-08 12:02:28 +01:00
Esben Sparre Andreasen 8ee943f264 JS: restrict alert location to a single line 2018-08-08 10:50:42 +02:00
Esben Sparre Andreasen e1947f04df JS: change alert location for js/incomplete-object-initialization 2018-08-08 10:43:52 +02:00
Jonas Jensen dab45c527e C++: cpp/incomplete-parity-check: medium precision 
As reported in CPP-236, this query has false positives on signed
integers that cannot be negative. It could possibly be improved with a
local range analysis, but the query would most likely still have so many
false positives that we would have to lower its precision.

Under our current policy, this change will make the query hidden by
default on LGTM.
 2018-08-08 10:14:45 +02:00
Esben Sparre Andreasen 4e98ce21b4 JS: permit some calls with spurious arguments to empty functions 2018-08-08 10:13:02 +02:00
Max Schaefer 1a5585c83c
Merge pull request #21 from esben-semmle/js/urilibraries-members 
JS: refactor UriLibraries.qll models to use `DataFlow::moduleMember`
 2018-08-08 09:08:04 +01:00
Esben Sparre Andreasen 343b922c29 JS: fix an off-by-one error in the AngularJS expression AST 2018-08-08 09:58:57 +02:00
semmle-qlci 6fc36f6621
Merge pull request #6 from hvitved/csharp/query/constant-condition 
Approved by calumgrant
 2018-08-08 06:45:07 +01:00
Jonas Jensen 7e2338260c
Merge pull request #27 from rdmarsh2/rdmarsh/cpp/change-notes 
C++/Doc: remove change notes from a migrated PR
 2018-08-07 20:04:11 +02:00
Jonas Jensen a201fe688f
Merge pull request #22 from rdmarsh2/rdmarsh/cpp/use-in-own-initializer-macro 
C++: handle more macros in UseInOwnInitializer
 2018-08-07 20:03:01 +02:00
Robert Marsh bad9c9acb6 C++/Doc: remove change notes from a migrated PR 2018-08-07 10:36:20 -07:00
semmle-qlci 4d97570a1a
Merge pull request #17 from xiemaisi/js/rename-unused-var 
Approved by esben-semmle
 2018-08-07 15:01:37 +01:00
semmle-qlci 87f9ecb442
Merge pull request #25 from nickrolfe/options 
Approved by jonas-semmle
 2018-08-07 13:06:18 +01:00
Pavel Avgustinov a0df3628db
Merge pull request #26 from sjvs/code-of-conduct 
Introduce code of conduct
 2018-08-07 12:23:12 +01:00
Bas van Schaik 9c4b9ef4f0
Introduce code of conduct 2018-08-07 12:19:02 +01:00
Esben Sparre Andreasen 3b00b9b8da JS: refactor UriLibraries.qll models to use `DataFlow::moduleMember` 2018-08-07 12:58:09 +02:00
Nick Rolfe 3444fb7b88 C++: remove all uses of deprecated 'extractor_flags' 2018-08-07 09:48:27 +01:00
semmle-qlci 6533ddfeaf
Merge pull request #20 from esben-semmle/js/more-auth-calls-and-rate-limiters 
Approved by xiemaisi
 2018-08-07 09:42:07 +01:00
Esben Sparre Andreasen c06edd3745
Merge pull request #15 from xiemaisi/js/call-graph-data-flow 
JavaScript: Lift call graph library to data flow graph.
 2018-08-07 07:56:08 +02:00
Tom Hvitved 3ccd582d17
Merge pull request #9 from calumgrant/cs/undeprecated-metric-queries 
C#: Add @ids for metric queries
 2018-08-06 22:55:39 +02:00
Tom Hvitved 579d64cdd6 C#: Add change note 2018-08-06 13:46:00 -07:00
Tom Hvitved 323709b5ad C#: Generalize `cs/constant-condition` 2018-08-06 13:45:23 -07:00
Tom Hvitved f7a515c8e9 C#: Prune CFG for obviously impossible nullness/matching edges 2018-08-06 13:45:23 -07:00
Tom Hvitved 9a1e148e85 C#: Various minor CFG bug fixes 2018-08-06 13:45:23 -07:00
Tom Hvitved b161ff195b C#: Additional CFG tests 2018-08-06 13:45:23 -07:00
Robert Marsh 6546b37d5d C++: handle more macros in UseInOwnInitializer 2018-08-06 11:40:35 -07:00
Dave Bartolomeo 797fc0784b
Merge pull request #13 from rdmarsh2/rdmarsh/cpp/change-notes 
C++/Doc: add change notes to github.com ql repo
 2018-08-06 11:37:22 -07:00
Robert Marsh 16a1c07d73
Merge pull request #19 from jonas-semmle/test-eclipse-project 
C++: Create Eclipse project for cpp/ql/test/
 2018-08-06 10:46:12 -07:00
Robert Marsh f80fbe8ba0 C++/Doc: fix whitespace error in change notes 2018-08-06 10:16:37 -07:00
Esben Sparre Andreasen fa90c53b43 JS: update change notes for improved js/missing-rate-limiting 2018-08-06 15:15:44 +02:00
Esben Sparre Andreasen b6951d8249 JS: add tests for improved js/missing-rate-limiting 2018-08-06 15:15:44 +02:00
Esben Sparre Andreasen f7ab29aa2b JS: support "express-rate-limit" non-constructor calls 2018-08-06 15:15:44 +02:00
Esben Sparre Andreasen c6cfca3131 JS: add "verify" as an `Authorization` call word 2018-08-06 15:15:44 +02:00
Jonas Jensen 73a40f6ffc C++: Create cpp/ql/test/{.project,.qlpath} 
These are adapted from `javascript/ql/test`.
 2018-08-06 14:07:22 +02:00
Esben Sparre Andreasen 237f1af67f
Merge pull request #16 from xiemaisi/js/move-deprecated-query 
JavaScrip: Move deprecated `HTMLComments` query to `compatibility` suite.
 2018-08-06 10:43:12 +02:00
Max Schaefer 06f43748b8 JavaScript: Generalize description of `js/unused-local-variable`. 
The query also flags unused imports, functions and classes (which, of course, are just unused variables at the end of the day). This is now made more explicit in the description.
 2018-08-06 09:34:38 +01:00
Max Schaefer 33741045f6 JavaScrip: Move deprecated `HTMLComments` query to `compatibility` suite. 2018-08-06 09:17:11 +01:00
Max Schaefer 9ba3d80bad JavaScript: Lift call graph library to data flow graph. 2018-08-06 08:34:06 +01:00
Max Schaefer d91218e248
Merge pull request #10 from asger-semmle/json-parsers 
JavaScript: Add model of JSON parsers
 2018-08-06 08:32:26 +01:00
Robert Marsh fd7168a365 C++/Doc: add change notes to github.com ql repo 2018-08-03 10:24:35 -07:00
calumgrant e8df86ebf8
Merge pull request #4 from hvitved/csharp/whitespaces 
C#: Fix whitespaces
 2018-08-03 16:06:47 +01:00