hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

66 Commits

Author SHA1 Message Date
Chris Smowton
f5780ae369 Amend docstring 2025-09-12 14:32:10 +01:00
Chris Smowton
4fb133a43d Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access 2025-09-12 14:32:07 +01:00
Napalys Klicius
bb9a2289a3 Changed js/conditional-comment to reliability and correctness 2025-06-19 18:25:31 +02:00
Napalys Klicius
0c31838aa5 JS: mass add missing quality related tags to relevant queries 2025-06-16 14:05:57 +02:00
Napalys Klicius
d7ad625de3 JS: restrict type tracking to strings of interest. 2025-06-12 14:28:00 +02:00
Napalys Klicius
da5cd251be Update javascript/ql/src/LanguageFeatures/TemplateSyntaxInStringLiteral.ql 
Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-12 14:25:00 +02:00
Napalys Klicius
923aff2439 JS: Fixed false positive on manual string interpolation. 2025-06-12 11:35:33 +02:00
Napalys Klicius
bafe7e66ad JS: Fix template literal detection in string concatination 2025-06-12 11:18:20 +02:00
Napalys Klicius
92084dd74f JS: add js/template-syntax-in-string-literal to the Code Quality suite. 2025-06-11 11:48:05 +02:00
Tamas Vajk
d56c5225f6 Use code-quality-selectors in JS suite 2025-04-29 16:23:08 +02:00
erik-krogh
94b7bda3dc exclude tagged template literals from js/superfluous-trailing-arguments 2024-02-06 09:36:30 +01:00
Kasper Svendsen
67950c8e6b JS: Make implicit this receivers explicit 2023-05-03 15:31:00 +02:00
Erik Krogh Kristensen
bbdda9ef70 Merge pull request #10727 from erik-krogh/js-last-msg 
JS: fix some more style-guide violations in the alert-messages
 2022-10-27 15:48:12 +02:00
Josh Soref
3358c5f664 spelling: apparent 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:35 -04:00
erik-krogh
368f84785b fix some more style-guide violations in the alert-messages 2022-10-07 11:22:22 +02:00
Sid Shankar
639af0a9a3 Use Wayback Machine 🔗 for IE Conditional Comments 2022-08-15 14:45:34 -04:00
Erik Krogh Kristensen
a49d34cf0f Merge branch 'main' into missDocParam 2022-07-13 09:58:04 +02:00
Erik Krogh Kristensen
86e97c32d6 fix all ql/use-string-compare 2022-05-17 14:11:05 +02:00
Erik Krogh Kristensen
efba220b45 JS: fix most ql/missing-parameter-qldoc issues 2022-03-16 22:56:52 +01:00
Erik Krogh Kristensen
69353bb014 patch upper-case acronyms to be PascalCase 2022-03-11 11:10:33 +01:00
Erik Krogh Kristensen
b8f1fb3954 JS: fix ql/field-only-used-in-charpred within JavaScript 2022-01-20 09:41:13 +01:00
Erik Krogh Kristensen
db40ccae81 add explicit this to all member calls 2021-11-01 09:51:15 +01:00
Andrew Eisenberg
57ef989a89 Fixes compile errors by moving files 
The two files moved in this commit are referenced from the
javascript/lib qlpack, but they are located in the
javascript/src qlpack. This causes compile errors when running
compile-ish commands for javascript queries. Moving the
files fixes it.
 2021-10-05 14:00:02 -07:00
Rasmus Wriedt Larsen
987b573709 Fix hasLocationInfo URL reference 
Follow up to https://github.com/github/codeql/pull/5830
 2021-09-29 13:47:58 +02:00
Chris Smowton
455b840712 Fix all dead qhelp links 
For those documents with no obvious new home I've pointed the links to the Internet Archive.
 2021-04-23 15:20:21 +01:00
Asger Feldthaus
1637b72092 JS: Ignore Angular templates in a few non-security queries 2021-01-27 11:02:19 +00:00
Anders Schack-Mulligen
8f2094f0bf Autoformat. 2020-11-30 14:42:38 +01:00
Erik Krogh Kristensen
8c44392638 add local dataflow to js/template-syntax-in-string-literal 2020-10-19 10:58:40 +02:00
Erik Krogh Kristensen
b3f7c26669 renamed "isGenerator" to "is_generator" 2020-09-04 11:52:14 +02:00
Erik Krogh Kristensen
cf3f275aa1 make DestructuringPattern non-abstract 2020-08-04 16:02:32 +02:00
Asger Feldthaus
23d28967a7 JS: Autoformat 2020-06-15 20:40:17 +01:00
Asger Feldthaus
824054ba62 JS: Change note and updated help 2020-06-15 17:34:36 +01:00
Asger Feldthaus
7091a9f704 JS: Special-case alert message for type annotations 2020-06-15 17:17:47 +01:00
Asger Feldthaus
c8ab69af11 JS: Avoid duplicate alerts 2020-06-15 16:57:54 +01:00
Max Schaefer
a803120414 Lower precision for a number of queries. 
These queries are currently run by default, but don't have their results displayed.

Looking through results on LGTM.com, they are either false positives (e.g., `BitwiseSignCheck` which flags many perfectly harmless operations and `CompareIdenticalValues` which mostly flags NaN checks) or harmless results that developers are unlikely to care about (e.g., `EmptyArrayInit` or `MisspelledIdentifier`).

With this PR, the only queries that are still run but not displayed are security queries, where different considerations may apply.
 2020-05-19 13:43:17 +01:00
Asger Feldthaus
c2f7cdce25 JS: Change precision to very-high 2020-03-04 15:06:10 +00:00
Asger Feldthaus
af0df6c369 JS: Lower severity of js/syntax-error 2020-03-04 11:16:59 +00:00
Asger Feldthaus
fefcf1a7a6 JS: Autoformat everything 2020-02-27 09:41:01 +00:00
Asger Feldthaus
73e60a7400 JS: Ignore strict-mode-call-stack-introspection for expr stmts 2020-01-13 16:03:03 +00:00
Max Schaefer
b333c6a214 Merge pull request #2106 from asger-semmle/call-graph-3 
JS: Call graph changes
 2019-10-28 09:24:10 +00:00
Max Schaefer
55fb86d618 JavaScript: Remove deprecated queries. 
These queries have all been deprecated since 1.17 (released in July 2018). I think it's time to say goodbye.
 2019-10-21 14:42:02 +01:00
Asger F
07df479b94 JS: IllegalInvocation: be more convservative 2019-10-09 12:16:11 +01:00
Max Schaefer
149ae5d7ab JavaScript: Fix IllegalInvocation. 
This fixes false positives that arise when a call such as `f.apply` can either be interpreted as a reflective invocation of `f`, or a normal call to method `apply` of `f`.
 2019-09-23 07:44:14 +01:00
semmle-qlci
72db219c13 Merge pull request #1910 from xiemaisi/js/unused-index-variable 
Approved by esben-semmle, shati-semmle
 2019-09-11 14:33:32 +01:00
Max Schaefer
500cde68c3 JavaScript: Add new query UnusedIndexVariable. 2019-09-11 11:36:50 +01:00
Anders Schack-Mulligen
ca45fb5a60 JavaScript: Autoformat. 2019-09-06 09:04:51 +02:00
Esben Sparre Andreasen
90862fea99 JS: whitelist trivial throwers in js/superfluous-trailing-arguments 2019-08-01 11:49:43 +02:00
Max Schaefer
69c63110c1 JavaScript: Teach Function.isGenerator to check for yield. 2019-03-14 10:48:44 +00:00
Anders Schack-Mulligen
1182fca665 Javascript: Autoformat qls 2019-02-12 14:38:42 +01:00
james
7cc1442ecb Update link text 2019-01-30 09:44:07 +00:00