codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00

Author	SHA1	Message	Date
Asger F	eead67ac6d	JS: Add Function.getInferredName()	2019-07-11 16:15:53 +01:00
Asger F	cf23c50f0c	JS: Add convenience layer Adds getASpreadArgument() and defines getCalleeName() for reflective calls to be the name of the property being invoked, if there is one.	2019-07-11 10:55:28 +01:00
Asger F	83908464e0	JS: more taint steps through array manipulation	2019-07-11 10:55:28 +01:00
Asger F	badca07606	JS: Add test	2019-07-09 21:37:02 +01:00
semmle-qlci	c5d0abaf8a	Merge pull request #1560 from asger-semmle/static-calls Approved by xiemaisi	2019-07-08 16:42:32 +01:00
Asger F	6019e48917	JS: Add annotated call graph test case	2019-07-08 13:55:29 +01:00
Asger F	b63f14fe94	JS: Move CallGraphs test into subfolder	2019-07-08 12:57:34 +01:00
semmle-qlci	a6b7f2d1f6	Merge pull request #1561 from xiemaisi/js/await-sourcenode Approved by asger-semmle	2019-07-08 09:44:05 +01:00
Ellen Arteca	39c37f519d	JavaScript: Use type tracking to identify more portal entry/exit nodes.	2019-07-05 09:03:37 +01:00
Arthur Baars	9bf0a3f2cd	Merge pull request #1547 from Semmle/rc/1.21 Merge rc/1.21 into master	2019-07-05 07:20:28 +02:00
semmle-qlci	298aa92814	Merge pull request #1543 from xiemaisi/js/reflective-call-flow Approved by asger-semmle	2019-07-04 12:02:24 +01:00
Max Schaefer	91a718cfe5	JavaScript: Fix data flow out of reflective calls. We were previously missing a data-flow edge from reflected calls to the corresponding reflective call, that is, for `f.call(...)` we didn't have a flow edge from the implicit call to `f` to the result of `f.call(...)`.	2019-07-04 08:29:04 +01:00
semmle-qlci	6cda33c39e	Merge pull request #511 from esben-semmle/js/classify-minified-by-variable-names Approved by xiemaisi	2019-07-03 16:31:43 +01:00
semmle-qlci	44823ca46d	Merge pull request #1522 from asger-semmle/ts-stringify-recursive-type-alias Approved by xiemaisi	2019-07-03 08:25:50 +01:00
Asger F	70cbecaf1b	JS: Update more test outputs	2019-07-02 21:08:13 +01:00
Asger F	52a5bce10d	TS: Update test affected by new stringification	2019-07-02 21:01:47 +01:00
Max Schaefer	bfb236f56d	JavaScript: Add more default source nodes. In particular, `await`, `yield` and dynamic `import` expressions are now source nodes, as well as a few other experimental and legacy language features involving non-local flow.	2019-07-02 08:10:28 +01:00
semmle-qlci	71c86fa69b	Merge pull request #1527 from esben-semmle/js/classify-more-generated-and-tests Approved by asger-semmle	2019-07-02 07:38:10 +01:00
semmle-qlci	b0b152aaaa	Merge pull request #1529 from xiemaisi/js/getter-summaries Approved by asger-semmle	2019-07-02 06:16:34 +01:00
Max Schaefer	b5b89c0eac	JavaScript: Track flow into method receivers.	2019-07-01 15:45:57 +01:00
Esben Sparre Andreasen	062778bdd8	JS: heuristically recognize x.spec.y and x.test.y as test files	2019-07-01 15:49:17 +02:00
Esben Sparre Andreasen	41e568d1f7	JS: classify files with many short variables as minified	2019-07-01 13:25:07 +02:00
Asger F	2ab72c4eef	JS: Support line breaks in types	2019-07-01 11:46:30 +01:00
Asger F	625cdb8765	JS: Update test output	2019-07-01 11:29:55 +01:00
Esben Sparre Andreasen	2eb7e4a818	JS: classify `x.test.js` files with `test(...)` calls as jest tests	2019-07-01 10:28:10 +02:00
Esben Sparre Andreasen	5ebcef41fa	JS: classify numeric file names as generated	2019-07-01 10:25:38 +02:00
Asger F	f5569b8b58	TS: Avoid infinite recursion in stringifyType	2019-06-28 10:53:33 +01:00
Max Schaefer	3c3422e221	JavaScript: Refactor unpromoted-candidate queries to no longer rely on tracked nodes.	2019-06-28 10:25:23 +01:00
Max Schaefer	b3e8103dce	JavaScript: Track flow through property getter functions.	2019-06-28 08:51:27 +01:00
semmle-qlci	44bd540c44	Merge pull request #1495 from asger-semmle/array-taint-step Approved by xiemaisi	2019-06-27 12:16:17 +01:00
semmle-qlci	1a9f3624c2	Merge pull request #1504 from xiemaisi/js/shift-bigint Approved by asger-semmle	2019-06-26 18:30:48 +01:00
Max Schaefer	e35fde322b	JavaScript: Teach `ShiftOutOfRange` about BigInt.	2019-06-26 09:16:34 -07:00
Asger F	57dac1d0d5	JS: Update test output to reflect new edge relation	2019-06-25 16:41:29 +01:00
Asger F	aa4d28028e	JS: Add test	2019-06-25 14:15:06 +01:00
Max Schaefer	4370f25b32	JavaScript: Remove dependency of module import on `globalVarRef`.	2019-06-20 21:08:34 +01:00
Ellen Arteca	99c32f08fb	JavaScript: Recognize imports from TypeScript type annotations	2019-06-20 10:45:30 +01:00
semmle-qlci	bffc3307b5	Merge pull request #1450 from esben-semmle/js/classify-json-js-as-generated Approved by xiemaisi	2019-06-13 09:45:37 +01:00
semmle-qlci	7332446ee1	Merge pull request #1444 from esben-semmle/js/express-node-inheritance Approved by xiemaisi	2019-06-12 21:43:44 +01:00
Esben Sparre Andreasen	3f11ae7eaa	Merge remote-tracking branch 'rc/1.21' into master	2019-06-12 12:57:55 +02:00
Esben Sparre Andreasen	59b7b0757a	JS: make Express' res/req extend Node's res/req	2019-06-12 12:45:01 +02:00
Esben Sparre Andreasen	29f9103b39	JS: classify single-line JSON files as generated	2019-06-12 09:05:12 +02:00
semmle-qlci	7790ac45bd	Merge pull request #1409 from esben-semmle/js/more-command-injection Approved by xiemaisi	2019-06-11 11:59:18 +01:00
Max Schaefer	70cf32c889	JavaScript: Add a few more tests.	2019-06-11 08:44:14 +01:00
Esben Sparre Andreasen	299d4c6e93	JS: add additional SystemCommandExecutors	2019-06-11 09:38:10 +02:00
Max Schaefer	398ee0c133	JavaScript: Add tests for data-flow tutorial.	2019-06-07 14:33:26 +01:00
Max Schaefer	d723ab76d8	JavaScript: Fix `getDelimiterMatchingRegexp` to work on multi-line strings.	2019-06-05 08:09:19 +01:00
Max Schaefer	a4876270ec	JavaScript: Tweak `PasswordInConfigurationFile` alerts. Only highlight first line, and include the password in the alert message.	2019-06-05 08:09:19 +01:00
semmle-qlci	80ff63a3bb	Merge pull request #1387 from esben-semmle/js/unanchored-url-regex Approved by mc-semmle, xiemaisi	2019-06-03 17:27:08 +01:00
Esben Sparre Andreasen	bf51c54338	JS: add `RegExpPatternSource::getAParse` to hide the subclasses	2019-06-03 14:23:22 +02:00
Max Schaefer	d8a101df6d	JavaScript: Shrink `Configurations.qll` some more.	2019-06-03 10:32:25 +01:00

... 63 64 65 66 67 ...

4104 Commits