github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
29 893 коммитов 1 544 Ветки 132 Теги 502 MiB
Граф коммитов

29893 Коммитов

Автор SHA1 Сообщение Дата
Tom Hvitved 8ccbcf1bf8 C#: Avoid NPE in `Parameter.Populate` 2021-12-10 10:42:29 +01:00
Tom Hvitved 563b771163 C#: Update expected test output 2021-12-10 10:42:29 +01:00
Tom Hvitved 0a0657ada1 C#: Adapt to new Roslyn representation of implicit `Main` methods 2021-12-10 10:42:29 +01:00
Tom Hvitved 1c230d0888 C#: Update nuget packages 2021-12-10 10:42:29 +01:00
Arthur Baars 13f7fd88f1
Merge pull request #7283 from aibaars/ruby-pattern-matching-cfg 
Ruby: pattern matching: CFG
 2021-12-10 10:24:38 +01:00
Anders Schack-Mulligen 634ed91904
Merge pull request #7346 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-12-10 10:12:23 +01:00
Tom Hvitved cf42427f54
Merge pull request #7321 from hvitved/csharp/cil/unique-type 
C#: Avoid CIL instructions with multiple types
 2021-12-10 09:58:06 +01:00
Tom Hvitved f7f3890b40
Merge pull request #7320 from hvitved/csharp/unknown-type 
C#: Populate `UnknownType`
 2021-12-10 09:57:55 +01:00
Tom Hvitved 45c0d4a3b2
Merge pull request #7343 from hvitved/cfg/consistency-test 
Shared CFG: Add another consistency test
 2021-12-10 09:49:05 +01:00
github-actions[bot] 7e5bfa5aa0 Add changed framework coverage reports 2021-12-10 00:09:34 +00:00
Chris Smowton 753d886b0d
Merge pull request #6319 from haby0/java/MyBatisSqlInjection 
[Java] CWE-089 MyBatis Mapper Sql Injection
 2021-12-09 19:57:18 +00:00
Taus 6d247bfdf9
Merge pull request #7330 from tausbn/python-fix-bad-adjacentuseuse-join 
Python: Fix bad join in SSA
 2021-12-09 20:55:45 +01:00
Erik Krogh Kristensen e7209d1ee1
Merge pull request #7216 from erik-krogh/ts45 
JS: Add support for TypeScript 4.5
 2021-12-09 20:33:52 +01:00
Chris Smowton 75f3ebf051
Fix OTHER XML tag 2021-12-09 17:55:03 +00:00
Chris Smowton 9f69c75c50
Fix XML tag 2021-12-09 17:44:49 +00:00
Chris Smowton 2cd70b96cd
Fix doctype 2021-12-09 17:44:08 +00:00
Michael Nebel df482a9603
Merge pull request #7314 from michaelnebel/csharp-stubs-dataflow-global 
C#: Update tests dataflow/global tests to use stubs.
 2021-12-09 16:31:39 +01:00
Chris Smowton 470256da85
Copyedit 2021-12-09 15:10:07 +00:00
Tony Torralba 8bba3eb2b6
Merge pull request #6823 from atorralba/atorralba/android-notification-models 
Android: Add models for `android.app.Notification` builders
 2021-12-09 16:01:44 +01:00
Chris Smowton d0a19fffee
Copyedit 2021-12-09 14:58:29 +00:00
Tom Hvitved 7e99426141 C#: Address review comments 2021-12-09 15:51:54 +01:00
Tom Hvitved 2bf5966fe3 C#: Address review comment 2021-12-09 15:44:43 +01:00
Arthur Baars fd4915a564 Ruby: CFG: add default implementation for getAnInnerCompatibleCompletion 2021-12-09 15:23:26 +01:00
Arthur Baars 9d288c90a5 Ruby: CFG: better return type for getAMatchingSuccessorType 2021-12-09 15:23:26 +01:00
Arthur Baars a7b3f1370f Ruby: CFG: add test case 2021-12-09 15:23:26 +01:00
Arthur Baars d0aa307bd3 Ruby: CFG: fix multiple successors failure for default parameters 2021-12-09 15:23:26 +01:00
Tom Hvitved b887165005 Ruby: Code review suggestions 2021-12-09 15:23:26 +01:00
Arthur Baars 3689481c18 Ruby: CFG: make Completion.isValidFor work for getSugared AST nodes 2021-12-09 15:23:26 +01:00
Arthur Baars 660e52f2bf Ruby: CFG: make VariableReferencePattern a PreOrder node 2021-12-09 15:23:26 +01:00
Arthur Baars e9e3ef3ea2 Ruby: 'self' is not really a local variable 2021-12-09 15:23:26 +01:00
Arthur Baars 799c945299 Ruby: fix CFG for AsPattern 2021-12-09 15:23:26 +01:00
Arthur Baars 95f8f85aa2 Ruby: fix allowed completions for desugared CasePatterns 2021-12-09 15:23:26 +01:00
Arthur Baars aacba0b522 Ruby: CFG: add test cases for pattern matching 2021-12-09 15:23:26 +01:00
Arthur Baars 513fe09dbb Treat class names in array/find/hash patterns as sub-patterns 2021-12-09 15:23:26 +01:00
Arthur Baars d17c055139 CFG 2021-12-09 15:23:25 +01:00
Arthur Baars 44a615839d Add test case with rest variable and no prefix elements 2021-12-09 15:23:25 +01:00
Arthur Baars f08eb8e616 Revert "Temporarily allow CFG inconsistencies" 
This reverts commit dca1e34cd8.
 2021-12-09 15:23:25 +01:00
Michael Nebel 69f42b9c74 C#: Update remaining tests. 2021-12-09 15:21:08 +01:00
Tony Torralba 38250b0821 Remove unnecessary implicit read step 2021-12-09 15:18:38 +01:00
Tom Hvitved cbc96dba8a Shared CFG: Add another consistency test 
Finds nodes with multiple normal successors, where one is the special simple
successor. For example, this would flag a node that has both a "simple" and
a "true" successor.
 2021-12-09 15:08:19 +01:00
Tony Torralba 522a4bb9fa Propagate extras through build methods 2021-12-09 14:56:52 +01:00
yoff 8e11c2c476
Merge pull request #7259 from RasmusWL/even-more-path-injection-sinks 
Python: Add more path-injection sinks from `os` and `tempfile` modules
 2021-12-09 14:46:41 +01:00
Michael Nebel 992801b7cb C#: Update GetAnOutNode test. 2021-12-09 13:55:04 +01:00
Tom Hvitved 9ffa236c51
Merge pull request #7288 from hvitved/cfg/enclosing-scope 
Shared CFG: Include CFG scope in `TElementNode`
 2021-12-09 13:39:48 +01:00
Tony Torralba c0c40cc05b Remove synthetic fields 2021-12-09 13:34:41 +01:00
Tony Torralba 3a3c7fc59e Fix stub 2021-12-09 13:34:41 +01:00
Tony Torralba f209ff4f76 Use synthetic fields to improve taint precision 2021-12-09 13:34:39 +01:00
Tony Torralba b7f7c5ba20 Change format of fluent models to make review easier 2021-12-09 13:33:19 +01:00
Tony Torralba f63ffb0630 Add models for Notification builders 2021-12-09 13:33:17 +01:00
Tom Hvitved 069cf9d17f C#: Exclude stubs in `GetAnOutNode.ql` test 2021-12-09 13:33:14 +01:00