semmle-qlci
fd2e8486e4
Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge
...
Approved by esben-semmle
2019-09-05 12:50:58 +01:00
Esben Sparre Andreasen
a9665f53b8
JS: whitelist quote stripping for js/incomplete-sanitization
2019-09-05 09:47:49 +01:00
Jonas Jensen
114c2fe0d4
Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref
2019-09-05 09:33:45 +02:00
Robert Marsh
a3290503ec
Merge pull request #1806 from jbj/localExprFlow
...
C++: Add localExprFlow and localExprTaint
2019-09-04 10:38:46 -07:00
Asger F
93a3f571ec
JS: Add change note
2019-09-04 16:14:51 +01:00
Jonas Jensen
cdcc716675
Merge pull request #1867 from geoffw0/erafix9
...
CPP: Add date to JapaneseEraDate.ql
2019-09-04 13:16:04 +02:00
Jonas Jensen
3ba650911c
Merge pull request #1847 from geoffw0/erafix8
...
CPP: Deal with two very similar Japanese era queries
2019-09-04 09:57:10 +02:00
Geoffrey White
84112d3630
CPP: Change note.
2019-09-03 18:30:24 +01:00
semmle-qlci
6778f28424
Merge pull request #1854 from asger-semmle/prototype-pollution-precision
...
Approved by esben-semmle, xiemaisi
2019-09-03 10:50:24 +01:00
Jonas Jensen
d7681bf122
C++: Don't use definitionByReference for data flow
...
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.
See also the change note entry.
2019-09-03 11:49:01 +02:00
Tom Hvitved
4b32ee77e6
C#: Add change note
2019-09-03 09:35:58 +02:00
Asger F
c71a66a045
JS: Add change note
2019-09-02 11:05:07 +01:00
Max Schaefer
91e46cd6fd
JavaScript: Fix parsing of asynchronous generator methods.
2019-09-02 09:56:42 +01:00
semmle-qlci
6d55d1f7c0
Merge pull request #1707 from asger-semmle/canonical-name-call-graph
...
Approved by xiemaisi
2019-09-02 09:45:24 +01:00
Max Schaefer
742c9708a9
Merge pull request #1828 from asger-semmle/jsdoc-relation
...
JS: Make getDocumentation handle chain assignments
2019-09-02 08:43:40 +01:00
Jonas Jensen
63311739a5
C++: Add localExprFlow and localExprTaint
...
This is for ODASA-8053.
2019-09-02 09:29:10 +02:00
yh-semmle
f54545522e
Merge pull request #1759 from aschackmull/java/flow-exploration
...
Java/C++/C#: Add support for dataflow exploration by partial paths.
2019-08-30 17:00:17 -04:00
Asger F
45941869ad
JS: Change note
2019-08-30 18:25:39 +01:00
Asger F
9533ca0926
JS: Change note
2019-08-30 18:19:49 +01:00
Asger F
3186942906
JS: Add change note
2019-08-30 16:05:13 +01:00
semmle-qlci
a97aefe0c3
Merge pull request #1835 from xiemaisi/js/dom-fixes
...
Approved by asger-semmle
2019-08-30 14:45:06 +01:00
Taus
a2841b4245
Merge pull request #1763 from markshannon/python-cwe-312
...
Python: Two new queries for CWE-312.
2019-08-30 15:28:56 +02:00
Anders Schack-Mulligen
455bb6cd15
Java/C++/C#: Add change notes.
2019-08-30 14:35:21 +02:00
Anders Schack-Mulligen
6749f7a1b7
Merge pull request #1843 from lukecartey/java/add-missing-sql-apis
...
Java: Add missing SQL query APIs.
2019-08-30 14:27:40 +02:00
Luke Cartey
e118f9a5f9
Add change note.
2019-08-30 10:48:37 +01:00
Mark Shannon
811815aa4e
Merge branch 'master' into python-cwe-312
2019-08-30 10:39:04 +01:00
Tom Hvitved
ae5fb7f330
C#: Introduce `BarrierGuard`s
2019-08-30 09:37:16 +02:00
Geoffrey White
b254e1f48e
CPP: Change note.
2019-08-29 18:24:29 +01:00
Calum Grant
424ab3ed6a
C#: Analysis change notes.
2019-08-29 18:12:58 +01:00
Mark Shannon
4f172bd075
Python: Add change note for CWE-312 queries.
2019-08-29 16:05:11 +01:00
Jonas Jensen
c8a9ec465e
C++: New change-notes file for 1.23
2019-08-28 13:36:57 +02:00
Max Schaefer
78ce290de3
JavaScript: Fix `DomMethodCallExpr.interpretsArgumentsAsHTML`.
2019-08-28 11:22:03 +01:00