hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,886 Commits 1,671 Branches 157 Tags
codeql-cli-2.1.4-cloudbuild
Commit Graph

3270 Commits

Author SHA1 Message Date
Max Schaefer
ee62706ad2 JavaScript: Split up a predicate to avoid bad join order. 2020-03-19 11:47:53 +00:00
Max Schaefer
d91e6a4893 JavaScript: Avoid a few bad join orders. 2020-03-19 11:47:53 +00:00
Asger Feldthaus
4f42675b35 JS: Autformat 2020-03-19 09:36:27 +00:00
Asger Feldthaus
3ae33e3c1a JS: Update prototype pollution query 2020-03-18 23:59:25 +00:00
Asger Feldthaus
b6ca4fbee3 JS: Add getDefaultSourceLabel() 2020-03-18 23:52:25 +00:00
Asger Feldthaus
7393844699 JS: Update some queries that used data as source 2020-03-18 11:55:13 +00:00
Asger Feldthaus
506ddaf3f4 JS: Add explanation for test failure 2020-03-18 11:55:13 +00:00
Asger Feldthaus
028022158d JS: Add variant of test that passes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a7e337ab28 JS: Add some lines in test case 2020-03-18 11:55:13 +00:00
Asger Feldthaus
3e68072e38 JS: Accept test case change 2020-03-18 11:55:13 +00:00
Asger Feldthaus
18eea96cf8 JS: Autoformat 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a9901a44e8 JS: Update TaintBarriers/isBarrier test 2020-03-18 11:55:13 +00:00
Asger Feldthaus
0edb765958 JS: Split test case function in two 2020-03-18 11:55:13 +00:00
Asger Feldthaus
4e75fe3977 JS: Update some qldoc comments 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a195429471 JS: Add test with non-guard sanitizer 2020-03-18 11:55:12 +00:00
Asger Feldthaus
83606e7b60 JS: Dont use data label in taint-tracking configs 2020-03-18 11:55:12 +00:00
Asger Feldthaus
8da0584b12 JS: Add test 2020-03-18 11:55:12 +00:00
Esben Sparre Andreasen
b1a722fcda JS: typo fix 2020-03-18 10:11:38 +01:00
Esben Sparre Andreasen
12d8177b4b Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:12:05 +01:00
Esben Sparre Andreasen
ce3b196b93 Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:57 +01:00
Esben Sparre Andreasen
b9860d3444 Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:49 +01:00
Esben Sparre Andreasen
d74c16f86c Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:36 +01:00
semmle-qlci
8792d0d248 Merge pull request #3070 from erik-krogh/DataPerf 
Approved by asgerf
 2020-03-17 13:47:09 +00:00
semmle-qlci
fa08258c14 Merge pull request #3036 from erik-krogh/CustomTrack 
Approved by asgerf
 2020-03-17 13:44:51 +00:00
semmle-qlci
ea46873bfe Merge pull request #3065 from erik-krogh/PathSinks 
Approved by esbena
 2020-03-17 13:00:00 +00:00
Erik Krogh Kristensen
1dfe9e9c2a changes based on review 2020-03-17 11:28:29 +01:00
Erik Krogh Kristensen
9a3176d3cc Apply suggestions from code review 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-03-17 11:26:35 +01:00
Esben Sparre Andreasen
380f66cb19 JS: rename Mongoose::CommonInterfase -> Mongoose::InvokeNode 2020-03-17 11:25:05 +01:00
Erik Krogh Kristensen
095d4d711a change import to an absolute import to fix warning 2020-03-17 11:21:46 +01:00
Erik Krogh Kristensen
d7b69fcfea autoformat 2020-03-17 09:52:08 +01:00
Esben Sparre Andreasen
7dc80664e6 Merge pull request #3045 from Semmle/esbena-patch-2 
JS: loosen qldoc for `barrierGuardIsRelevant`
 2020-03-16 22:28:22 +01:00
Esben Sparre Andreasen
b75486bb58 JS: refactor NoSQL::Mongoose. Introduce Mongoose::CommonInterface 2020-03-16 22:12:30 +01:00
Esben Sparre Andreasen
833d1b1ab0 JS: fixup mongoose test 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
9d9926fdbf JS: model Mongoose Document for additional js/nosql-injection sinks 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
55ab519fbe JS: add Mongoose Document tests 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
dc27a8f52c JS: model mongoose Model on createConnection.<model/models> 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
730396df12 JS: add Mongoose createConnection tests 2020-03-16 22:11:22 +01:00
Erik Krogh Kristensen
7145a57db3 refactor StepSummary into an internal .qll 2020-03-16 17:52:04 +01:00
Erik Krogh Kristensen
cd6fe8115d Update javascript/ql/src/semmle/javascript/Promises.qll 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-16 16:27:50 +01:00
semmle-qlci
eb7d8092a6 Merge pull request #3064 from asger-semmle/js/typescript-semantic-errors 
Approved by erik-krogh
 2020-03-16 11:57:55 +00:00
Erik Krogh Kristensen
f2548aa3b1 add more models for file related sinks and sources 2020-03-16 11:07:23 +01:00
Erik Krogh Kristensen
557b642a8e add isRelevant check on flowStep predicate 2020-03-16 11:01:20 +01:00
semmle-qlci
1d4dd2b2f7 Merge pull request #3057 from esbena/js/infer-this-as-exports 
Approved by asgerf
 2020-03-15 12:55:12 +00:00
Asger Feldthaus
b2f008ea9e JS: Dont report TypeScript diagnostics by default 2020-03-15 12:06:08 +00:00
semmle-qlci
7e093a8e5c Merge pull request #3041 from erik-krogh/JQueryAjax 
Approved by esbena
 2020-03-14 22:31:59 +00:00
semmle-qlci
ff03478ae8 Merge pull request #3049 from asger-semmle/js/fix-cyclic-join 
Approved by erik-krogh
 2020-03-14 16:19:25 +00:00
Erik Krogh Kristensen
486efbab77 refactor based on review 2020-03-14 14:53:38 +01:00
Erik Krogh Kristensen
4f39c28741 Merge branch 'master' of git.semmle.com:Semmle/ql into CustomTrack 2020-03-14 14:37:52 +01:00
semmle-qlci
20cae302fd Merge pull request #3054 from erik-krogh/NoDeferred 
Approved by asgerf
 2020-03-14 13:36:16 +00:00
Esben Sparre Andreasen
4d6aa20990 Merge pull request #3004 from esbena/js/additional-mongodb-and-mongoose-injection-sinks 
JS: Mongoose and MongoDB improvements
 2020-03-14 12:31:43 +01:00