hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,886 Commits 1,671 Branches 157 Tags
codeql-cli-2.1.4-cloudbuild
Commit Graph

3270 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
2fac7434df JS: infer this to be module.exports in node modules 2020-03-13 14:10:35 +01:00
Esben Sparre Andreasen
ae8d38236b JS: add some tests for this 2020-03-13 14:09:23 +01:00
semmle-qlci
25b9fcfafd Merge pull request #3058 from asger-semmle/js/may-receive-argument-fix 
Approved by max-schaefer
 2020-03-13 11:49:49 +00:00
Asger Feldthaus
2bdf26a8f1 JS: Remove unneeded forwarding method 2020-03-12 15:48:47 +00:00
Asger Feldthaus
788c0f9037 JS: Refactor metadata class a bit 2020-03-12 15:45:22 +00:00
Erik Krogh Kristensen
799c3eb06c remove model of Deferred 2020-03-12 16:38:20 +01:00
Asger Feldthaus
ddab13ab44 JS: Add a comment 2020-03-12 15:29:51 +00:00
Erik Krogh Kristensen
59d2d6d4fd autoformat 2020-03-12 14:48:16 +01:00
Asger Feldthaus
4391b70b5f JS: Fix perf issue in mayReceiveArgument 2020-03-12 13:45:34 +00:00
Erik Krogh Kristensen
172c5ccaca changes based on review 2020-03-12 11:04:33 +01:00
Erik Krogh Kristensen
91bc124f78 autoformat 2020-03-12 10:45:25 +01:00
semmle-qlci
4355f8d2b4 Merge pull request #3023 from erik-krogh/RedundantUpdate 
Approved by esbena
 2020-03-12 09:34:53 +00:00
Pavel Avgustinov
ecded4c11c Merge pull request #3048 from jbj/desemmlify 
Docs: Remove some Semmle references
 2020-03-12 09:27:36 +00:00
Asger Feldthaus
1a1b7d4ee0 JS: Switch to whitelisting allowed properties 2020-03-11 16:09:14 +00:00
Erik Krogh Kristensen
d32d14f572 model responseText and responseXml on jqXHR objects 2020-03-11 17:00:44 +01:00
Erik Krogh Kristensen
26d8e33434 Autoformat 2020-03-11 16:42:48 +01:00
Jonas Jensen
86ad4d0357 Docs: Remove some Semmle references 
The only Semmle references now left in the public Markdown files are in
URLs and in legal text. There are also two Semmle references left in
`docs/language/vale-styles/README.md` because I didn't understand them
well enough to change them.
 2020-03-11 15:20:15 +01:00
Erik Krogh Kristensen
e88dac3dea remove FP for js/redundant-operation 2020-03-11 14:42:32 +01:00
Asger Feldthaus
6645df93ad JS: Blacklist another cyclic property 2020-03-11 13:09:37 +00:00
semmle-qlci
1d5fba85f9 Merge pull request #3034 from esbena/js/sharpen-useless-regexp-character-escape 
Approved by asgerf
 2020-03-11 12:29:45 +00:00
Erik Krogh Kristensen
cb5ef7dbed add basic support for jqXHR with ajax calls 2020-03-11 13:05:41 +01:00
Erik Krogh Kristensen
b987f2cf29 autoformat 2020-03-11 10:54:20 +01:00
Erik Krogh Kristensen
7f147221f5 refactor to include promise tracking as a core part of type tracking 2020-03-11 10:44:11 +01:00
Erik Krogh Kristensen
fa26ce9f4b update expected output 2020-03-11 09:36:12 +01:00
Esben Sparre Andreasen
4dac835bb0 JS: loosen qldoc for barrierGuardIsRelevant 2020-03-11 07:54:38 +01:00
Erik Krogh Kristensen
13e855910e add more ClientRequest models for JQuery 2020-03-10 17:21:22 +01:00
semmle-qlci
e3fed39f88 Merge pull request #3000 from asger-semmle/js/late-barrier-guards 
Approved by erik-krogh
 2020-03-10 15:38:35 +00:00
Erik Krogh Kristensen
62ae484545 autoformat and update expected output 2020-03-10 14:01:40 +01:00
semmle-qlci
570f095ae3 Merge pull request #2998 from asger-semmle/js/typescript-memory 
Approved by erik-krogh
 2020-03-10 12:24:52 +00:00
Esben Sparre Andreasen
5c8800a1c7 JS: make autoformatter happy 2020-03-10 13:11:31 +01:00
Erik Krogh Kristensen
066568ea60 add promise tracking to Files.qll 2020-03-10 12:36:42 +01:00
Erik Krogh Kristensen
a24bc564a4 add extra tests for file-name with promises 2020-03-10 12:35:34 +01:00
Erik Krogh Kristensen
97f2760583 refactor Files.qll to use type-tracking (without tracking anything) 2020-03-10 12:34:20 +01:00
Erik Krogh Kristensen
6110f85748 refactor chrome-remote-interface to use type-tracking promise steps 2020-03-10 12:27:21 +01:00
Esben Sparre Andreasen
5b1b945c35 JS: distinguishes escapes in strings and regular expression literals 2020-03-10 12:26:20 +01:00
Erik Krogh Kristensen
3ddfd7ba73 add extra promise test for chrome-remote-interface 2020-03-10 12:24:16 +01:00
Erik Krogh Kristensen
69d8cf643d add type tracking predicates for promises 2020-03-10 12:23:23 +01:00
Esben Sparre Andreasen
3bfda6cd38 JS: refactoring: make separate modules for mongoose Model and Query 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
480be06d86 JS: replace Model class with opaque type tracking predicate 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
dbeb216af0 JS: make use of TypeScript types for mongoose Model and Query 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
0c46e4d1af JS: fixup typetracking usage: t2 -> t2.continue() 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
aae92ad795 JS: add test for DatabaseAccess 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
6b9bd8bd97 JS: adjust tests slightly to also support DatabaseAccess testing 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
7a2faa0b6b JS: add additional mongoose and mongodb js/nosql-injection sinks 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
b6c616efd3 JS: support optional options argument to MongoClient.connect 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
f24f03e1f8 JS: add mongodb .connect tests 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
21e6e69f22 JS: support mongodb v3 (minimally) 
https://github.com/github/codeql-javascript-team/issues/79
 2020-03-10 09:57:45 +01:00
Erik Krogh Kristensen
ad52d6446e add test case for tuple-like use 2020-03-09 19:47:05 +01:00
Erik Krogh Kristensen
981eef2587 expose arrayFunctionTaintStep in TaintTracking.qll 2020-03-09 17:22:29 +01:00
Erik Krogh Kristensen
509941649c remove redundant qldoc, and change parameter names to better reflect behavior 2020-03-09 17:20:12 +01:00