Skip to content

README language pedantry #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
semmle-qlci merged 2 commits into from
Aug 3, 2018
Merged

README language pedantry #2

semmle-qlci merged 2 commits into from
Aug 3, 2018

Conversation

@nickrolfe
Copy link
Contributor

@nickrolfe nickrolfe commented Aug 3, 2018

No description provided.

pavgust
pavgust approved these changes Aug 3, 2018
View reviewed changes
Copy link
Contributor

@pavgust pavgust left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
@semmle-qlci semmle-qlci merged commit 282545e into github:master Aug 3, 2018
@nickrolfe nickrolfe deleted the readme-pedantry branch August 3, 2018 15:02
@dave-bartolomeo dave-bartolomeo mentioned this pull request Apr 11, 2019
Merged
jbj pushed a commit that referenced this pull request Apr 11, 2019
@dave-bartolomeo
C++: Fix false positive in PointlessComparison
878cdf7 
We avoid putting a variable into SSA if its address is ever taken in a way that could allow mutation of the variable via indirection. We currently just look to see if the address is either "pointer to non-const" or "reference to non-const". However, if the address was cast to an integral type (e.g. `uintptr_t n = (uintptr_t)&x;`), we were treating it as unescaped. This change makes the conservative assumption that casting a pointer to an integer may result in the pointed-to value being modified later.

This fixes a customer-reported false positive (#2 from https://discuss.lgtm.com/t/2-false-positives-in-c-for-comparison-is-always-same/1943)
geoffw0 pushed a commit that referenced this pull request May 29, 2019
@kevinbackhouse
Merge pull request #2 from geoffw0/assignadd2
b7ac03d 
CPP: Minor corrections to: Better overflow detection for AssignAdd/AssignSub
semmle-qlci pushed a commit that referenced this pull request May 30, 2019
@asger-semmle
Merge pull request #2 from xiemaisi/tainted-path-squashed
be51736 
JavaScript: Update expected test output.
jbj pushed a commit that referenced this pull request Jan 29, 2020
@marcrepo
Merge pull request #2 from marcrepo/patch-2
dbe51e0 
Documentation update for Issue #2623
aschackmull pushed a commit that referenced this pull request Jun 19, 2020
@hvitved
Merge pull request #2 from aschackmull/dataflow/content-type-tracking
ad56f17 
Dataflow: Record content types
aschackmull pushed a commit that referenced this pull request Jul 8, 2020
@lcartey
Merge pull request #2 from aschackmull/java/spring-3653-2
443c13d 
Java: Fix qltests for #3653
yoff pushed a commit that referenced this pull request Oct 20, 2020
@tausbn
Merge pull request #2 from RasmusWL/python-tricky-import-ssa-filter-d…
802a725 
…efinition

Python: Add test for tricky module member for type-tracking
aschackmull pushed a commit that referenced this pull request Nov 26, 2020
Merge pull request #2 from aschackmull/java/ssrf-review
9c30b82 
Java: Review fixes.
max-schaefer pushed a commit to max-schaefer/codeql that referenced this pull request Mar 23, 2021
@erik-krogh
Merge pull request github#2 from max-schaefer/reintroduce-type-defs
c6ac6d4 
Reintroduce type definitions to API graphs
owen-mc referenced this pull request in owen-mc/codeql Jun 25, 2021
@owen-mc
Manually improve tests #2
044ecc5
aibaars added a commit that referenced this pull request Oct 14, 2021
@aibaars
Merge pull request #2 from github/aibaars/extractor-rust
467e32a 
Rewrite extractor in rust
smowton referenced this pull request in smowton/codeql Oct 28, 2021
@igfoo
Merge pull request #2 from github/igfoo/lazyKt
8952295 
Kotlin: Don't make a *Kt class unless we need one
hvitved added a commit that referenced this pull request Nov 18, 2021
@hvitved
Shared CFG: Rename TNode to TCfgNode
a4538de 
This is in order to avoid name clash with the often so-named IPA type for data-
flow nodes. The name clash is not problematic because they are both in scope,
but because (cached) IPA types with overlapping names are known to sometimes
result in re-evaluation of cached stages, when one of the IPA types gets an
internal `#2` suffix in one query run, and the other IPA type gets the suffix
in another run.
hohn referenced this pull request in hohn/codeql Dec 13, 2021
@adityasharad
Merge pull request #2 from github/adityasharad/struts-download-link
f2a5edc 
Java: Add link to prebuilt Struts databases
geoffw0 pushed a commit that referenced this pull request Mar 7, 2022
@ihsinme
Merge pull request #2 from geoffw0/fix_tests
5c80139 
Fix tests.
@RasmusWL RasmusWL mentioned this pull request Mar 31, 2022
Merged
cklin pushed a commit that referenced this pull request May 23, 2022
@owen-mc
Address review comments #2
d2ca1fb
@tconnolly11 tconnolly11 mentioned this pull request May 8, 2021
Closed
tiferet added a commit that referenced this pull request Aug 3, 2022
@tiferet
ATM model for a DCA experiment
63b5aec 
Feature selection: Use a shipping model with the new features excluding fileImports and calleeImports. Model #2.

github/ml-ql-adaptive-threat-modeling#1968 (comment)
tiferet added a commit that referenced this pull request Sep 7, 2022
@tiferet
ATM model for a DCA experiment
bc652f7 
New features: Shipping model. 9 new features, remove the old ones that have been replaced by new ones. The codeql PR has been rebased on top of main. #2

https://ml.azure.com/experiments/id/85e6e910-7301-4441-9079-01a1e42fd45b/runs/classification_1662479760_3a49ddf5?wsid=/subscriptions/91095667-e119-4555-acea-1826488492f0/resourceGroups/atm-codeml/providers/Microsoft.MachineLearningServices/workspaces/ATM-workspace&tid=398a6654-997b-47e9-b12b-9515b896b4de
tiferet added a commit that referenced this pull request Sep 19, 2022
@tiferet
ATM model for a DCA experiment
91b5765 
New features: Shipping model. 9 new features, remove the old ones that have been replaced by new ones. The codeql PR has been rebased on top of main. #2 (with a fixed package version)

https://ml.azure.com/experiments/id/85e6e910-7301-4441-9079-01a1e42fd45b/runs/classification_1662479760_3a49ddf5?wsid=/subscriptions/91095667-e119-4555-acea-1826488492f0/resourceGroups/atm-codeml/providers/Microsoft.MachineLearningServices/workspaces/ATM-workspace&tid=398a6654-997b-47e9-b12b-9515b896b4de
hvitved added a commit that referenced this pull request Oct 10, 2022
@hvitved
Ruby: Avoid computing full fastTC for AstNode::getParent
d39b0fd 
DIL before
```
                                                   /* AST::AstNode */ AST#87953007::Cached::TAstNode result) =
  fastTC(AST#a6718388::AstNode::getAChild#0#dispred#ff/2)
.

Synthesis#d9ff06b1::isInDesugaredContext#1#f(/* AST::AstNode */ unique AST#87953007::Cached::TAstNode n)
:-
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, n)
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, call_result#2)
    ),
    #AST#a6718388::AstNode::getAChild#0#dispredPlus#ff(call_result#2, n)
  )
.
```

DIL after
```
incremental
Synthesis#d9ff06b1::isInDesugaredContext#1#f(/* AST::AstNode */ unique AST#87953007::Cached::TAstNode n)
:-
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, n)
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode any#expr##2 |
    rec Synthesis#d9ff06b1::isInDesugaredContext#1#f(any#expr##2),
    exists(cached dontcare string _ |
      AST#a6718388::AstNode::getAChild#1#dispred(any#expr##2, _, n)
    )
  )
| [base_case]
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, n)
  )
| [delta_order]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode any#expr##2 |
    delta previous rec Synthesis#d9ff06b1::isInDesugaredContext#1#f(any#expr##2),
    project#AST#a6718388::AstNode::getAChild#1#dispred(any#expr##2, n)
  ),
  not(previous rec Synthesis#d9ff06b1::isInDesugaredContext#1#f(n))
.
``
owen-mc added a commit that referenced this pull request Jul 12, 2023
@owen-mc
Merge pull request #13672 from owen-mc/go/make-parameter-nodes-for-un��
5f76caf 
…used-parameters-2

Go: make `ParameterNode`s for unused parameters #2 (make a disjoint class for unused ones)
owen-mc referenced this pull request in owen-mc/codeql Aug 11, 2023
@owen-mc
WIP refactor #2
38c9c18
owen-mc referenced this pull request in owen-mc/codeql Aug 11, 2023
@owen-mc
Refactor #2
3d0229a
@ebickle ebickle mentioned this pull request Sep 15, 2023
Open
@Jihinokokoro28177 Jihinokokoro28177 mentioned this pull request Feb 21, 2024
Open
jketema pushed a commit that referenced this pull request Sep 5, 2024
@am0o0
Merge pull request #2 from jketema/amammad-cpp-bombs
05bdce1 
C++: Fix zstd and clean up test
@oicu0619 oicu0619 mentioned this pull request Sep 6, 2024
Open
dbartol pushed a commit that referenced this pull request Dec 18, 2024
Merge pull request #2 from GitHubSecurityLab/refactor_cfgscope
e9c1114 
Refactor CfgScopes and Ast predicate names
dbartol pushed a commit that referenced this pull request Dec 18, 2024
Merge pull request #2 from github/separate_sources
186f9d0 
Split sources by taint type
asgerf added a commit that referenced this pull request Feb 4, 2025
@asgerf
Merge pull request #2 from hvitved/js/source-on-same-line
7bf69d9 
Test: Remove location parsing
owen-mc added a commit that referenced this pull request Mar 25, 2025
@owen-mc
Merge pull request #19088 from owen-mc/review/egregius313/18913
6d61820 
Go: Add database source models for the github.com/couchbase/gocb package (#2)
owen-mc added a commit that referenced this pull request Mar 27, 2025
@owen-mc
Merge pull request #19090 from owen-mc/review/egregius313/18902
dc242da 
Go: Add `database` source models for the `squirrel` package (#2)
Napalys added a commit that referenced this pull request Apr 29, 2025
@Napalys
Merge pull request #2 from asgerf/js/fastify-addhook
63402ea 
JS: Add isMiddlewareSetup() hook to Routing model
nicolaswill added a commit that referenced this pull request May 12, 2025
@nicolaswill
Merge pull request #2 from nicolaswill/knewbury01/JCA-sample
83617e0 
Implement first stage cryptography modelling and queries
owen-mc added a commit that referenced this pull request May 22, 2025
@owen-mc
Merge pull request #19556 from owen-mc/java/pr/19512
663c83d 
Java: Fix SpringRequestMappingMethod URL Extraction #2
owen-mc added a commit that referenced this pull request Jun 4, 2025
@owen-mc
Merge pull request #19561 from owen-mc/go/mad/bigquery-sql-injection-…
e7e4286 
…sink

Go: Add BigQuery as a sink for SQLi queries #2
owen-mc added a commit that referenced this pull request Jun 12, 2025
@owen-mc
Merge pull request #19738 from owen-mc/pr/felickz/19530
538a5af 
Set CWE-134 from 9.3 to 7.3 CVSS score for memory safe languages (#2)
@geoffw0 geoffw0 mentioned this pull request Sep 9, 2025
Merged
nicolaswill pushed a commit that referenced this pull request Oct 2, 2025
@bdrodes
Merge pull request #2 from bdrodes/signature_model_refactor_experimental
73b3398 
Signature model refactor experimental
@allsmog allsmog mentioned this pull request Nov 6, 2025
Closed
RasmusWL pushed a commit that referenced this pull request Nov 7, 2025
@felickz
Merge pull request #2 from felickz/copilot/fix-1760475-601388369-59cd…
20e23f8 
…8e3d-0895-49ec-9025-a9864c8e5367

Fix generate-code-scanning-query-list.py to handle empty code-quality-extended suites
owen-mc added a commit that referenced this pull request Nov 28, 2025
@owen-mc
Improve formatting of tags #2
220fd08
owen-mc added a commit that referenced this pull request Nov 28, 2025
@owen-mc
Use set literals #2
992bd68
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

3 participants

@nickrolfe @pavgust @semmle-qlci