Erik Krogh Kristensen
|
a476fc5c3b
|
revert Array.from change
|
2020-03-09 17:09:31 +01:00 |
|
Erik Krogh Kristensen
|
68ffd52d4c
|
update expected output
|
2020-03-09 16:45:10 +01:00 |
|
Erik Krogh Kristensen
|
b4b05696e1
|
two bugfixes
|
2020-03-09 16:45:03 +01:00 |
|
Max Schaefer
|
3c785ecaa7
|
JavaScript: Move flow summaries to experimental.
Also update description and change note to call out their experimental character more clearly.
|
2020-03-09 12:57:20 +00:00 |
|
Asger Feldthaus
|
6c1f98a5ae
|
JS: Update vague variable name
|
2020-03-09 11:58:38 +00:00 |
|
Erik Krogh Kristensen
|
0f0187d585
|
move Array.from to ArrayCreationNode
|
2020-03-09 10:26:21 +01:00 |
|
Erik Krogh Kristensen
|
dc4e361d75
|
add data-flow steps for arrays
|
2020-03-09 09:53:08 +01:00 |
|
Erik Krogh Kristensen
|
8e3cf5c9c8
|
add test for data-flow on arrays
|
2020-03-09 09:25:17 +01:00 |
|
Erik Krogh Kristensen
|
14740d4ccc
|
move existing array taint stracking into Arrays.qll
|
2020-03-09 09:20:45 +01:00 |
|
Asger Feldthaus
|
a1d479e975
|
JS: Declassify sensitive exprs with special characters
|
2020-03-07 15:15:13 +00:00 |
|
Asger Feldthaus
|
759631ae56
|
JS: Raise default memory limit to 2.4G
|
2020-03-07 15:13:53 +00:00 |
|
Asger Feldthaus
|
c55dcf88d5
|
JS: Improve error reporting
|
2020-03-07 15:13:52 +00:00 |
|
Asger Feldthaus
|
549d4e9b57
|
JS: Do not restart in the middle of a message
|
2020-03-07 15:13:52 +00:00 |
|
Asger Feldthaus
|
e1657b237b
|
JS: Extract compiler-restarting into a function
|
2020-03-07 15:13:52 +00:00 |
|
Asger Feldthaus
|
2ef21ea4b8
|
JS: Only evaluate relevant barrier guards
|
2020-03-07 15:13:20 +00:00 |
|
Asger Feldthaus
|
fd1a14d3bd
|
JS: Add qldoc to a private predicate
|
2020-03-07 15:13:20 +00:00 |
|
Asger Feldthaus
|
eed4204e04
|
JS: Lift some internal members to private top-level
|
2020-03-07 15:13:20 +00:00 |
|
semmle-qlci
|
7891f8621e
|
Merge pull request #2982 from esbena/js/request-model-with-chaining
Approved by asgerf
|
2020-03-06 08:57:42 +00:00 |
|
Asger Feldthaus
|
2c8eae22d1
|
JS: Autoformat
|
2020-03-05 16:58:49 +00:00 |
|
semmle-qlci
|
0d76c71ed7
|
Merge pull request #2981 from asger-semmle/js/lower-syntax-error-severity
Approved by max-schaefer
|
2020-03-05 09:47:56 +00:00 |
|
semmle-qlci
|
98cee5cc1d
|
Merge pull request #2967 from asger-semmle/js/flow-through-prop
Approved by esbena
|
2020-03-05 09:46:35 +00:00 |
|
semmle-qlci
|
85ee5fc988
|
Merge pull request #2955 from erik-krogh/BetterHeader
Approved by asgerf
|
2020-03-05 08:24:43 +00:00 |
|
semmle-qlci
|
98034aaa53
|
Merge pull request #2988 from asger-semmle/js/autoformat-again-again
Approved by esbena
|
2020-03-04 21:20:52 +00:00 |
|
semmle-qlci
|
c6e3d8df49
|
Merge pull request #2969 from esbena/js/process-as-event-emitter
Approved by erik-krogh
|
2020-03-04 20:24:12 +00:00 |
|
Asger Feldthaus
|
53569453ba
|
JS: Autoformat again
|
2020-03-04 19:28:24 +00:00 |
|
semmle-qlci
|
c5d39039bc
|
Merge pull request #2962 from erik-krogh/YetAnotherSanitizer
Approved by asgerf
|
2020-03-04 15:27:09 +00:00 |
|
Asger Feldthaus
|
c2f7cdce25
|
JS: Change precision to very-high
|
2020-03-04 15:06:10 +00:00 |
|
Esben Sparre Andreasen
|
db335ae89b
|
JS: add default/chaining for request
|
2020-03-04 12:36:49 +01:00 |
|
Esben Sparre Andreasen
|
92b3e8c060
|
JS: add default/chaining tests for request
|
2020-03-04 12:25:23 +01:00 |
|
Asger Feldthaus
|
af0df6c369
|
JS: Lower severity of js/syntax-error
|
2020-03-04 11:16:59 +00:00 |
|
Esben Sparre Andreasen
|
ae43e90a67
|
JS: model process as an EventEmitter
|
2020-03-04 09:49:16 +01:00 |
|
Esben Sparre Andreasen
|
4625217a68
|
Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules
|
2020-03-03 15:07:51 +01:00 |
|
Esben Sparre Andreasen
|
dfa07130b5
|
JS: add process EventEmitter test
|
2020-03-03 14:26:03 +01:00 |
|
Erik Krogh Kristensen
|
f03c67266a
|
add taint step for replace call that only removes dots
|
2020-03-03 12:58:06 +01:00 |
|
Erik Krogh Kristensen
|
95819c8731
|
use RegExpTerm to generalize predicate
|
2020-03-03 12:34:18 +01:00 |
|
Asger Feldthaus
|
a2042094cf
|
JS: Restrict reachableFromStoreBase
|
2020-03-03 11:32:23 +00:00 |
|
Asger Feldthaus
|
98524556c3
|
JS: Add some tests
|
2020-03-03 11:32:23 +00:00 |
|
Erik Krogh Kristensen
|
622a2fcfdc
|
use regexp term instead of char class
|
2020-03-03 12:24:13 +01:00 |
|
semmle-qlci
|
57b3e6addf
|
Merge pull request #2958 from erik-krogh/InnerPrefix
Approved by asgerf
|
2020-03-03 11:10:44 +00:00 |
|
Erik Krogh Kristensen
|
bc13204193
|
refactor header checks to be based on dominance
|
2020-03-03 12:04:31 +01:00 |
|
semmle-qlci
|
7f3f629d39
|
Merge pull request #2913 from asger-semmle/js/prototype-pollution-path
Approved by erik-krogh
|
2020-03-03 10:29:47 +00:00 |
|
semmle-qlci
|
b3cbf8baa8
|
Merge pull request #2960 from erik-krogh/OverloadsWithThis
Approved by asgerf
|
2020-03-03 10:10:00 +00:00 |
|
Esben Sparre Andreasen
|
adddebf039
|
Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules
|
2020-03-03 10:55:16 +01:00 |
|
semmle-qlci
|
e1c5449885
|
Merge pull request #2867 from erik-krogh/UselessCat
Approved by esbena
|
2020-03-03 09:10:25 +00:00 |
|
Erik Krogh Kristensen
|
9016f43d80
|
update expected output
|
2020-03-03 10:04:57 +01:00 |
|
Erik Krogh Kristensen
|
1781179e25
|
doc fixes
|
2020-03-03 09:50:02 +01:00 |
|
Erik Krogh Kristensen
|
c4ebd66b34
|
fix capitalization of predicate
|
2020-03-03 09:29:04 +01:00 |
|
Erik Krogh Kristensen
|
d2d5af42bf
|
add IndirectInclusionTest and IndirectEndsWith
|
2020-03-02 21:42:08 +01:00 |
|
Erik Krogh Kristensen
|
97c16929ca
|
implement getPolarity and forward to inner StartsWith
|
2020-03-02 21:38:22 +01:00 |
|
Erik Krogh Kristensen
|
53d1cd33f6
|
support sanitizers that remove all forward slashes
|
2020-03-02 21:34:40 +01:00 |
|