Skip to content
Permalink
main

Commits on Mar 23, 2022

  1. Merge pull request #8517 from hmac/hmac/lambda-captured-var 

    Ruby: fix bug with captured variable reads in lambdas
    @hmac
    hmac committed Mar 23, 2022
    3b4206c

  2. Merge pull request #8461 from Paul1nh0/dev_cve_2016_6480 

    Add query for double-fetch vulnerability
    @MathiasVP
    MathiasVP committed Mar 23, 2022
    61c9442

  3. Merge pull request #8523 from asgerf/js/api-graph-receiver-label 

    Approved by erik-krogh
    @codeql-ci
    codeql-ci committed Mar 23, 2022
    ac29d5f

  4. Merge pull request #8479 from geoffw0/widecharperf 

    C++: Fix expensive getWideCharType().
    @MathiasVP
    MathiasVP committed Mar 23, 2022
    8b8f0ca

  5. Merge pull request #8536 from github/codeql-ci/js-atm-new-release 

    JS: Bump version numbers of ML-powered packs after 0.2.0 release
    @annarailton
    annarailton committed Mar 23, 2022
    41418e7

  6. C++: Autoformat.

    @geoffw0
    geoffw0 committed Mar 23, 2022
    9ae1ec6

  7. Merge pull request #8451 from michaelnebel/csharp/modelgenerator-impr… 

    …ovements

C#: Model generator improvements and more tests
    @michaelnebel
    michaelnebel committed Mar 23, 2022
    6804e20

  8. JS: Bump patch version of ML-powered library and query packs post-rel… 

    …ease
    @github-actions
    github-actions[bot] committed Mar 23, 2022
    1e620c9

  9. JS: Bump minor version of ML-powered library and query packs

    @github-actions
    github-actions[bot] committed Mar 23, 2022
    dc0c837

  10. JS: Bump patch version of ML-powered model pack post-release

    @github-actions
    github-actions[bot] committed Mar 23, 2022
    2b42d84

  11. JS: Bump ML model pack dependency of ML-powered model building and qu… 

    …ery packs
    @github-actions
    github-actions[bot] committed Mar 23, 2022
    6fbc0e6

  12. JS: Bump minor version of ML-powered model pack

    @github-actions
    github-actions[bot] committed Mar 23, 2022
    8d13662

  13. Merge pull request #8289 from tausbn/python-remove-with-test-syntax-e… 

    …rror

Python: Fix syntax error in `with` test output
    @yoff
    yoff committed Mar 23, 2022
    647d374

  14. Merge pull request #8525 from MathiasVP/more-precise-is-before 

    C++: Consider columns in `Location.isBefore`
    @MathiasVP
    MathiasVP committed Mar 23, 2022
    a81024a

  15. Merge pull request #8491 from jketema/command-line-injection-with-flo… 

    …w-state

C++: Use flow states in `cpp/command-line-injection`
    @MathiasVP
    MathiasVP committed Mar 23, 2022
    0eab54d

  16. C#: Remove special handling of bulk types.

    @michaelnebel
    michaelnebel committed Mar 23, 2022
    b204f78

  17. JS: Change note

    @asgerf
    asgerf committed Mar 23, 2022
    f228570

  18. JS: Update test output from knex

    @asgerf
    asgerf committed Mar 23, 2022
    59d5c54

  19. JS: Change getAParameter to not return the receiver

    @asgerf
    asgerf committed Mar 23, 2022
    73071bd

  20. JS: Add dedicated API graph label for receiver, instead of parameter -1

    @asgerf
    asgerf committed Mar 23, 2022
    6bef5a7

  21. Update cpp/ql/src/change-notes/2022-03-21-command-line-injection-with… 

    …-flow-states.md
    @MathiasVP
    MathiasVP committed Mar 23, 2022
    a84ee50

  22. Merge pull request #8476 from RasmusWL/shared-concepts-scaffolding 

    Python/JS/Ruby: Shared concepts scaffolding
    @RasmusWL
    RasmusWL committed Mar 23, 2022
    bbf60b8

  23. modify arguments check logic 

    As far as I can tell, root cause of double-fetech issue is read from the same user mode memory twice, so it makes sense that only check whether user mode pointer is same or not
    @Paul1nh0
    Paul1nh0 committed Mar 23, 2022
    5a1dc61

  24. automated using CodeQL for VSCode extension

    @Paul1nh0
    Paul1nh0 committed Mar 23, 2022
    6a6cd61

Commits on Mar 22, 2022

  1. Merge pull request #8526 from MathiasVP/internal-diagmetric-queries-ql 

    C++: Add internal `ExtractionError` query
    @MathiasVP
    MathiasVP committed Mar 22, 2022
    01929d4

  2. Merge pull request #8528 from github/smowton/admin/fix-go-doc-links 

    Fix broken links
    @owen-mc
    owen-mc committed Mar 22, 2022
    efc0d95

  3. Python: Fix syntax error in with test output 

    Depends on an internal PR. The two lines in question were caused by
the insertion of an extra node due to the failure to parse a trailing
comma corrcetly.
    @tausbn
    tausbn committed Mar 22, 2022
    f912016

  4. delete some unused code

    @Paul1nh0
    Paul1nh0 committed Mar 22, 2022
    f2728f5

  5. Merge pull request #8486 from aibaars/incomplete-hostname-python 

    Python: switch to shared implementation of IncompleteHostnameRegExp.ql
    @yoff
    yoff committed Mar 22, 2022
    47e062c

  6. Merge pull request #8509 from erik-krogh/fpXss 

    JS: filter away reads of .src that end in a URL sink for js/xss-through-dom
    @erik-krogh
    erik-krogh committed Mar 22, 2022
    8ae04e0

  7. C++: Fix 'implicit this' warning.

    @MathiasVP
    MathiasVP committed Mar 22, 2022
    c35b385

  8. Using globalValueNumber to match same arguments

    @Paul1nh0
    Paul1nh0 committed Mar 22, 2022
    afe4a84

  9. Fix broken links

    @smowton
    smowton committed Mar 22, 2022
    35af797

  10. C++: Add a new 'Location.isBefore' predicate that also considers colu… 

    …mns.
    @MathiasVP
    MathiasVP committed Mar 22, 2022
    93346a5

  11. C++: Add example of 'goto' on the same line as the destination label.

    @MathiasVP
    MathiasVP committed Mar 22, 2022
    c6c3206
Older