hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

1793 Commits

Author SHA1 Message Date
Asger Feldthaus
54021a1c30 JS: Update old entry point and add a test 2020-03-25 13:24:18 +00:00
semmle-qlci
cf5b1f0cd5 Merge pull request #3019 from erik-krogh/ArrayStep 
Approved by asgerf
 2020-03-25 12:08:44 +00:00
Max Schaefer
efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
Erik Krogh Kristensen
36981f385a Merge branch 'master' of git.semmle.com:Semmle/ql into MorePathSinks 2020-03-24 11:20:33 +01:00
Erik Krogh Kristensen
fa710c5864 Merge remote-tracking branch 'upstream/master' into UrlSearch 2020-03-24 00:23:15 +01:00
Erik Krogh Kristensen
5b4f091257 add test for remote flow sources in WebSockets 2020-03-23 23:58:20 +01:00
Erik Krogh Kristensen
6a1491d83d add SockJS to the existing WebSocket model 2020-03-23 23:56:11 +01:00
Erik Krogh Kristensen
9a18dc32c1 autoformat WebSocket tests 2020-03-23 23:49:26 +01:00
Erik Krogh Kristensen
7b7eddff1e remove previous SockJS implementation, and move example to WebSocket test 2020-03-23 23:45:05 +01:00
Erik Krogh Kristensen
f1e0d37273 Update javascript/ql/test/library-tests/frameworks/Concepts/file-access.js 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-23 14:02:22 +01:00
Erik Krogh Kristensen
90a324148d add extra sinks to js/tainted-path 2020-03-20 09:07:39 +01:00
Asger Feldthaus
4f42675b35 JS: Autformat 2020-03-19 09:36:27 +00:00
Asger Feldthaus
a9901a44e8 JS: Update TaintBarriers/isBarrier test 2020-03-18 11:55:13 +00:00
Asger Feldthaus
0edb765958 JS: Split test case function in two 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a195429471 JS: Add test with non-guard sanitizer 2020-03-18 11:55:12 +00:00
Asger Feldthaus
83606e7b60 JS: Dont use data label in taint-tracking configs 2020-03-18 11:55:12 +00:00
Asger Feldthaus
8da0584b12 JS: Add test 2020-03-18 11:55:12 +00:00
semmle-qlci
fa08258c14 Merge pull request #3036 from erik-krogh/CustomTrack 
Approved by asgerf
 2020-03-17 13:44:51 +00:00
Erik Krogh Kristensen
f2548aa3b1 add more models for file related sinks and sources 2020-03-16 11:07:23 +01:00
semmle-qlci
1d4dd2b2f7 Merge pull request #3057 from esbena/js/infer-this-as-exports 
Approved by asgerf
 2020-03-15 12:55:12 +00:00
semmle-qlci
7e093a8e5c Merge pull request #3041 from erik-krogh/JQueryAjax 
Approved by esbena
 2020-03-14 22:31:59 +00:00
Esben Sparre Andreasen
2fac7434df JS: infer this to be module.exports in node modules 2020-03-13 14:10:35 +01:00
Esben Sparre Andreasen
ae8d38236b JS: add some tests for this 2020-03-13 14:09:23 +01:00
Erik Krogh Kristensen
91bc124f78 autoformat 2020-03-12 10:45:25 +01:00
Erik Krogh Kristensen
d32d14f572 model responseText and responseXml on jqXHR objects 2020-03-11 17:00:44 +01:00
Asger Feldthaus
6645df93ad JS: Blacklist another cyclic property 2020-03-11 13:09:37 +00:00
Erik Krogh Kristensen
cb5ef7dbed add basic support for jqXHR with ajax calls 2020-03-11 13:05:41 +01:00
Erik Krogh Kristensen
13e855910e add more ClientRequest models for JQuery 2020-03-10 17:21:22 +01:00
Erik Krogh Kristensen
066568ea60 add promise tracking to Files.qll 2020-03-10 12:36:42 +01:00
Erik Krogh Kristensen
a24bc564a4 add extra tests for file-name with promises 2020-03-10 12:35:34 +01:00
Erik Krogh Kristensen
ad52d6446e add test case for tuple-like use 2020-03-09 19:47:05 +01:00
Erik Krogh Kristensen
a476fc5c3b revert Array.from change 2020-03-09 17:09:31 +01:00
Erik Krogh Kristensen
68ffd52d4c update expected output 2020-03-09 16:45:10 +01:00
Erik Krogh Kristensen
b4b05696e1 two bugfixes 2020-03-09 16:45:03 +01:00
Erik Krogh Kristensen
dc4e361d75 add data-flow steps for arrays 2020-03-09 09:53:08 +01:00
Erik Krogh Kristensen
8e3cf5c9c8 add test for data-flow on arrays 2020-03-09 09:25:17 +01:00
Asger Feldthaus
a1d479e975 JS: Declassify sensitive exprs with special characters 2020-03-07 15:15:13 +00:00
semmle-qlci
7891f8621e Merge pull request #2982 from esbena/js/request-model-with-chaining 
Approved by asgerf
 2020-03-06 08:57:42 +00:00
semmle-qlci
98cee5cc1d Merge pull request #2967 from asger-semmle/js/flow-through-prop 
Approved by esbena
 2020-03-05 09:46:35 +00:00
Esben Sparre Andreasen
db335ae89b JS: add default/chaining for request 2020-03-04 12:36:49 +01:00
Esben Sparre Andreasen
92b3e8c060 JS: add default/chaining tests for request 2020-03-04 12:25:23 +01:00
Esben Sparre Andreasen
ae43e90a67 JS: model process as an EventEmitter 2020-03-04 09:49:16 +01:00
Esben Sparre Andreasen
dfa07130b5 JS: add process EventEmitter test 2020-03-03 14:26:03 +01:00
Asger Feldthaus
98524556c3 JS: Add some tests 2020-03-03 11:32:23 +00:00
Asger Feldthaus
e405a9769c JS: Really autoformat everything 2020-03-02 10:48:33 +00:00
Asger Feldthaus
fefcf1a7a6 JS: Autoformat everything 2020-02-27 09:41:01 +00:00
Asger F
160fc48803 Merge pull request #2896 from asger-semmle/typescript-3.8 
TS: Support Typescript 3.8
 2020-02-25 08:19:01 +00:00
Asger Feldthaus
01309d7c2e TS: Add test for named re-export and exportsAs 2020-02-24 11:40:28 +00:00
Asger Feldthaus
78954489fb TS: Fix expected output 2020-02-24 11:40:28 +00:00
Asger Feldthaus
47673c6e21 TS: Disable export analysis for type-only exports 2020-02-24 11:40:27 +00:00