hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,886 Commits 1,671 Branches 157 Tags
codeql-cli-2.1.4-cloudbuild
Commit Graph

1638 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
ec5896abba add additional data-flow edges to data-flow related to promises 2020-01-10 14:12:53 +01:00
Erik Krogh Kristensen
af8b36b750 Merge remote-tracking branch 'upstream/master' into EventEmitter 2020-01-09 15:09:43 +01:00
semmle-qlci
f1f69ef85d Merge pull request #2589 from esbena/js/ignore-duplicate-params-for-empty-functions 
Approved by erik-krogh
 2020-01-09 11:58:04 +00:00
Max Schaefer
308da0774d Merge pull request #2525 from asger-semmle/promise-missing-await 
JS: New query: missing await
 2020-01-08 15:29:45 +00:00
Max Schaefer
de15ecf47b Merge pull request #2593 from asger-semmle/regexp-always-matches 
JS: Add RegExpAlwaysMatches query
 2020-01-08 15:21:39 +00:00
Asger Feldthaus
66a16d21a9 JS: Fix buggy test cases 2020-01-07 10:19:09 +00:00
Asger Feldthaus
2d534163d0 JS: Add test for empty regex 2020-01-07 10:10:29 +00:00
Asger Feldthaus
9f6e04887b JS: Fix FP from word boundaries 2020-01-07 10:09:17 +00:00
Asger Feldthaus
4c25d84b6e JS: Fix and expand test cases 2020-01-06 14:43:29 +00:00
Max Schaefer
9160fbf106 Merge pull request #2435 from asger-semmle/phi-edge-barrier-guards 
JS: Phi edge barrier guards
 2020-01-06 14:14:18 +00:00
semmle-qlci
f48e4bc2a0 Merge pull request #2580 from asger-semmle/typescript-unbounded-recursion 
Approved by max-schaefer
 2020-01-06 14:00:55 +00:00
semmle-qlci
0c0073fb02 Merge pull request #2582 from asger-semmle/spurious-css-import 
Approved by max-schaefer
 2020-01-06 14:00:08 +00:00
Asger F
9928762769 JS: Add RegExpAlwaysMatches query 2020-01-06 13:48:02 +00:00
Asger F
4d25bfc038 JS: Fix copy pasta 2020-01-06 11:37:21 +00:00
Asger F
142c83f38f JS: Add negative dominance test 2020-01-06 11:37:21 +00:00
Asger F
aa6572b5c8 JS: Sanitize phi edges from barrier guards 2020-01-06 11:37:21 +00:00
Asger F
0b04f0d8f7 JS: Add test case for phi input 2020-01-06 11:37:20 +00:00
semmle-qlci
48deb30756 Merge pull request #2573 from max-schaefer/js/generalise-alert-suppression 
Approved by asgerf
 2020-01-06 10:43:17 +00:00
semmle-qlci
5dcc5b3b1e Merge pull request #2581 from erik-krogh/FlowUselessExpr 
Approved by max-schaefer
 2020-01-06 08:33:36 +00:00
Esben Sparre Andreasen
9279bfc8a2 JS: add test case for arrow functions with duplicate parameter names 2020-01-06 09:21:36 +01:00
Esben Sparre Andreasen
96748ca32e JS: sharpen js/duplicate-parameter-name 2020-01-06 08:51:00 +01:00
Esben Sparre Andreasen
5718fbd98a JS: update test 2020-01-06 08:33:38 +01:00
Asger F
30a8769dad JS: Add more bad promise contexts 2020-01-03 14:12:55 +00:00
semmle-qlci
dc7863ce29 Merge pull request #2579 from asger-semmle/typescript-trace-resolution 
Approved by max-schaefer
 2020-01-03 12:57:43 +00:00
Asger F
4772798d7b JS: do not resolve arbitrary extensions to JavaScript files 2020-01-03 11:37:51 +00:00
Asger F
c5f73cb868 JS: Add test showing spurious .css import 2020-01-03 10:59:10 +00:00
Asger F
f31d47c66e TS: explain test case 2020-01-03 10:48:15 +00:00
Erik Krogh Kristensen
c22d3d0b3a add test for block-level flow type annotations 2020-01-03 11:07:35 +01:00
semmle-qlci
06d812a6ff Merge pull request #2556 from erik-krogh/RegexpVoidCxt 
Approved by max-schaefer
 2020-01-03 08:38:56 +00:00
Asger F
202746e92d TS: Guard getTypeAtLocation with try/catch 2020-01-02 16:31:23 +00:00
Asger F
0388e9ca0c TS: Add regression test 2020-01-02 16:28:49 +00:00
Asger F
2ca0e7d232 TS: Disable output from tracing 2020-01-02 15:38:10 +00:00
Asger F
8f478f7caf TS: Add test with traceResolution: true 2020-01-02 15:04:30 +00:00
Max Schaefer
8d1ad5c5f3 JavaScript: Alert suppression through single-line /* */ style comments. 2020-01-02 10:45:20 +00:00
semmle-qlci
f921cf7d01 Merge pull request #2512 from erik-krogh/moarExceptions 
Approved by esbena, max-schaefer
 2019-12-20 20:31:50 +00:00
Erik Krogh Kristensen
15d74b7d03 remove FP from js/regexpinjection where no regexp was constructed 2019-12-19 10:47:03 +01:00
Erik Krogh Kristensen
4fdfa51e44 add support for import.meta expressions in JavaScript 2019-12-18 10:45:54 +01:00
Erik Krogh Kristensen
bf56797ad7 update expected output of tests 2019-12-17 16:27:55 +01:00
Erik Krogh Kristensen
7c931452d9 autoformat 2019-12-16 13:45:42 +01:00
Erik Krogh Kristensen
904976c7ac update tests after removing control-flow checks from error-callbacks 2019-12-16 08:30:21 +01:00
Erik Krogh Kristensen
e164f46330 changes based on review feedback 2019-12-13 11:44:31 +01:00
Erik Krogh Kristensen
f35dc5d274 Merge remote-tracking branch 'upstream/master' into moarExceptions 2019-12-12 16:13:52 +01:00
Asger F
a30f991b5e JS: Add query for missing await 2019-12-12 15:11:25 +00:00
Erik Krogh Kristensen
08d0cb795b revert the introduction of getEnclosingCall 2019-12-12 15:14:02 +01:00
semmle-qlci
cb8e5fa3fc Merge pull request #2411 from asger-semmle/regexp-sanitizer-guards 
Approved by esbena, max-schaefer
 2019-12-11 12:00:21 +00:00
Erik Krogh Kristensen
62512dd3e9 expand the js/exception-xss to handle more types of exceptional flow 2019-12-11 10:43:50 +01:00
Erik Krogh Kristensen
59bafab6c3 update test to not use private class 2019-12-10 10:39:01 +01:00
Erik Krogh Kristensen
72cf14989a update expected output of test 2019-12-10 10:33:37 +01:00
Erik Krogh Kristensen
110302678c add model for EventEmitter in NodeJS, and base the Electron::IPC model on top of the new EventEmitter model 2019-12-09 14:27:35 +01:00
Henning Makholm
66b3c7cf07 JS tests: add queries.xml 
The `queries.xml` file defines which extractor the `codeql test` runner will use
to extract databases for the tests. In the future one will be able to write this
information in `qlpack.yml`, but we can't do that immediately because the
_existing_ CodeQL tooling would refuse to parse a `qlpack.yml` that has the new
field in it.

Adding a queries.xml file means that the normalization of file names in the test
output changes even with the old QLTest, so there are a number of consequential
updates of expected output files.
 2019-12-07 02:38:02 +01:00