hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

10105 Commits

Author SHA1 Message Date
Chris Smowton
80b2f0d3cd Coopyedit Javascript changelog 2022-11-17 17:01:43 +00:00
github-actions[bot]
e105c13e77 Release preparation for version 2.11.4 2022-11-17 16:40:45 +00:00
Mauro Baluda
a7dc29bad4 Merge branch 'main' into main 2022-11-16 23:53:16 +01:00
Mauro Baluda
49f476d3b4 Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 23:53:07 +01:00
tiferet
4a1382925e Remove some imports that are no longer used 2022-11-16 14:01:16 -08:00
tiferet
ccbf1ca2a9 Add a comment 2022-11-16 13:05:06 -08:00
tiferet
38c40a7192 isEffectiveSink can't be final because ExtractMisclassifiedEndpointFeatures overrides it. 2022-11-16 12:12:50 -08:00
tiferet
8fee9cb0d5 Fix CodeQL warnings 2022-11-16 12:06:52 -08:00
tiferet
c2035e85d2 Be explicit in requiring that each ATM config set its endpoint type. 2022-11-16 11:55:23 -08:00
tiferet
0fd013f9fd Update the reason names in FilteredTruePositives.expected. 
This is needed because we changed the names of three endpoint filters that were all called "not a direct argument to a likely external library call or a heuristic sink" in order to disambiguate them (fc56c5a022).
 2022-11-16 11:54:10 -08:00
tiferet
eab270eb84 Move the definitions of isEffectiveSink and getAReasonSinkExcluded to the base class. 
They can now be implemented generically for all sink types.
 2022-11-16 11:47:24 -08:00
tiferet
fc56c5a022 Implement the type-specific endpoint filters as EndpointCharacteristics. 
Also disambiguate three filters from three different sink types that all have the same name, "not a direct argument to a likely external library call or a heuristic sink".
 2022-11-16 11:14:25 -08:00
erik-krogh
76c6943159 add stats for @satisfies_expr 2022-11-16 13:48:41 +01:00
erik-krogh
fe49e41d7b JS: convert some block-comments that could be QLDoc to QLDoc 2022-11-16 13:45:35 +01:00
erik-krogh
9eaeaf7322 ATM: convert some block-comments that could be QLDoc to QLDoc 2022-11-16 13:41:52 +01:00
Mauro Baluda
8bf0bbb715 code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:23 +01:00
Mauro Baluda
798b03f29d code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:07 +01:00
Mauro Baluda
784475dd66 Merge branch 'main' into main 2022-11-16 11:06:27 +01:00
Mauro Baluda
84cb59b942 Create 2022-11-08-hapi-glue.md 2022-11-16 11:05:23 +01:00
tiferet
13cb0ab554 Fix CodeQL warning 2022-11-15 17:32:30 -08:00
tiferet
2ecdfd1ff6 Delete some code that's no longer in use 2022-11-15 17:29:03 -08:00
tiferet
fedb98ddb5 Implement the standard getAReasonSinkExcluded using StandardEndpointFilterCharacteristics 2022-11-15 17:22:00 -08:00
tiferet
cf4e37a0ab Implement the standard endpoint filters as EndpointCharacteristics 2022-11-15 17:20:20 -08:00
tiferet
cb632b3534 Delete the file ExtractEndpointData.expected which was leftover in the last PR 2022-11-15 17:11:34 -08:00
Mauro Baluda
ec04f0c88f hapi/glue tests 2022-11-15 23:45:27 +01:00
erik-krogh
8cb68b79c1 bump extractor version 2022-11-15 22:09:09 +01:00
erik-krogh
b0b5761a8c update TS from 4.9.2-rc to 4.9.3 2022-11-15 22:08:54 +01:00
erik-krogh
364336e22a add downgrade script 2022-11-15 22:07:25 +01:00
erik-krogh
1f90f7dd4d add upgrade script 2022-11-15 22:07:25 +01:00
erik-krogh
d4c6f873af add test for auto-accessors 2022-11-15 22:07:25 +01:00
erik-krogh
65567fa1ce add test for the more precise type-narrowing with the in operator 2022-11-15 22:07:25 +01:00
erik-krogh
e98d1df5f4 add dataflow support 2022-11-15 22:07:25 +01:00
erik-krogh
a8973c1147 add test for dataflow 2022-11-15 22:07:24 +01:00
erik-krogh
75ef5b1b0b add support for satisfies-expressions 2022-11-15 22:07:24 +01:00
erik-krogh
30c66303ba initial skeleton for TypeScript 4.9 2022-11-15 22:07:24 +01:00
Tiferet Gazit
710b215c38 Merge pull request #11263 from github/tiferet/extract-training-data 
ATM: Extract training data
 2022-11-15 12:08:13 -08:00
tiferet
fc078a47fd Apply suggestion from code review 2022-11-15 11:14:01 -08:00
Tiferet Gazit
092e019de9 Apply suggestions from code review 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-11-15 10:48:32 -08:00
Andrew Eisenberg
88750a7000 Add more information about ATM queries for external users 2022-11-15 10:17:56 -08:00
erik-krogh
cec5045b52 Merge branch 'main' into erb 2022-11-15 17:16:05 +01:00
erik-krogh
e4dbf0acff use instead of a fixed version number 2022-11-15 17:14:38 +01:00
erik-krogh
39938b4dad add change-note 2022-11-15 17:14:38 +01:00
erik-krogh
29cf695b07 update expected output of the queries (some sorting changed due to locations being used slightly differently in the shared pack) 2022-11-15 17:14:38 +01:00
erik-krogh
e18ceba49e port the JS regex/redos queries to use the shared pack 2022-11-15 17:14:38 +01:00
erik-krogh
031a910989 add a JS implementation of RegexTreeViewSig 2022-11-15 17:14:38 +01:00
erik-krogh
4a2472a078 add hasLocationInfo predicate to regexp terms 2022-11-15 17:14:37 +01:00
erik-krogh
e928777cb7 add codeql/regex as a dependency 2022-11-15 17:14:37 +01:00
Mauro Baluda
8109a7b67a Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-15 16:27:21 +01:00
Mauro Baluda
e5e3bb3705 Generalize the server definition in plugin registration 2022-11-15 16:27:14 +01:00
Mauro Baluda
563a56af9d Update Hapi.qll 2022-11-15 15:46:34 +01:00