hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

6144 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
ef3b107cc1 JS: sharpen the js/trivial-conditional whitelist 2019-01-25 18:19:45 +01:00
Mark Shannon
3850f87879 Make qhelp for 'Incomplete URL substring sanitization' consistent across languages. 2019-01-25 16:47:23 +00:00
semmle-qlci
d8947a71a5 Merge pull request #735 from asger-semmle/string-ops 
Approved by xiemaisi
 2019-01-25 15:15:19 +00:00
Asger F
ccbfaa7c9e JS: explain return step more thoroughly 2019-01-25 15:12:24 +00:00
Max Schaefer
254fafc6ce JavaScript: Round down percentage in DuplicateToplevel.ql. 
All the other duplication queries already do this.
 2019-01-25 22:44:07 +08:00
semmle-qlci
247d615c01 Merge pull request #802 from Semmle/xiemaisi-patch-5-1 
Approved by asger-semmle
 2019-01-25 12:32:43 +00:00
Asger F
8294aeea74 JS: fix doc comments 2019-01-25 11:12:07 +00:00
Asger F
c48b529846 JS: autoformat 2019-01-25 11:06:31 +00:00
Asger F
3bbe542ef4 JS: fix whitespace 2019-01-25 11:06:17 +00:00
Max Schaefer
e6672aaf70 Merge pull request #804 from esben-semmle/js/sharpen-unneeded-defensive 
JS: better handling of nested expressions in js/unneeded-defensive-code
 2019-01-25 11:23:51 +08:00
imsolost
e1aa3def25 removed extra parenthesis around argument for set state arrow function 2019-01-23 17:05:32 -08:00
Asger F
bb775e3343 JS: reapply review fixes 2019-01-23 10:42:03 +00:00
Esben Sparre Andreasen
00ef80dfc5 Merge pull request #741 from asger-semmle/this-access-path 
JS: support 'this' as the root of an access path
 2019-01-21 16:48:34 +01:00
Asger F
10db0d53a8 JS: copy changes to TrackedNode 2019-01-21 10:49:27 +00:00
Max Schaefer
43f4fe1a7e Update DoubleEscaping.qhelp 
Somewhat ironic, considering the object of the query.
 2019-01-21 18:48:22 +08:00
Asger F
3a6e6f95b9 JS: autoformat 2019-01-21 10:39:35 +00:00
Asger F
77d748aa00 JS: "return" flow through callbacks 2019-01-21 10:39:35 +00:00
Esben Sparre Andreasen
9e4613094a JS: sharpen js/unneeded-defensive-code for negations and sequences 2019-01-21 09:00:35 +01:00
Asger F
4b4daa645f JS: handle accessors separately 2019-01-18 15:42:05 +00:00
Asger F
e18b635314 JS: add getADirectSuperClass() 2019-01-18 15:42:05 +00:00
Asger F
c82690f4c1 JS: address comments 2019-01-18 15:42:05 +00:00
Asger F
cc1204acef JS: remove isAmbient() check 2019-01-18 15:42:05 +00:00
Asger F
1eb0ca4b4a JS: make ClassNode::Range abstract 2019-01-18 15:42:05 +00:00
Asger F
3cb2341e63 JS: split ClassNode into two classes 2019-01-18 14:46:38 +00:00
Asger F
5b7675d972 JS: introduce DataFlow::ClassNode 2019-01-18 14:46:38 +00:00
Asger F
cf3dfcae21 JS: recognize A.substr(0, B.length) == B 2019-01-18 10:40:48 +00:00
Asger F
f9951f67fe JS: add simple variants of StringOps::EndsWith 2019-01-18 10:40:48 +00:00
Asger F
b6626995cf JS: bugfix in indexOf-based include test 2019-01-18 10:40:48 +00:00
Asger F
d603824feb JS: add StringOps::StartsWith and StringOps::Includes 2019-01-18 10:40:18 +00:00
Asger F
0bb6692c19 JS: add 'this' as possible access path root 2019-01-18 10:39:02 +00:00
semmle-qlci
5e712b3ff6 Merge pull request #784 from asger-semmle/dedup-promiseTaintStep 
Approved by esben-semmle
 2019-01-18 08:52:09 +00:00
Asger F
a8d750f086 JS: update header doc in Promises.qll 2019-01-17 15:26:45 +00:00
Asger F
e9c4f13a31 JS: Remove trailing whitespace again 2019-01-17 13:10:15 +00:00
Asger F
b6fdbdcf84 JS: deduplicate promiseTaintStep 2019-01-17 13:04:16 +00:00
Asger F
882b337c15 JS: Move ResolvedPromiseDefinition into StandardLibrary.qll 2019-01-17 13:02:03 +00:00
Asger F
fc27b26bd5 JS: Remove duplicate PromiseFlowStep 2019-01-17 12:56:40 +00:00
Asger F
66901dc7b8 JS: remove duplicate ES2015PromiseDefinition 2019-01-17 12:55:38 +00:00
Asger F
9aaea40719 JS: address comments and support TrackedNode 2019-01-16 11:12:38 +00:00
Asger F
6d1eab8a4b JS: support flow out of "this" in constructor call 2019-01-16 11:09:38 +00:00
Max Schaefer
4a7e0fe104 Merge pull request #766 from asger-semmle/ts-compiler-3.2 
TS: Support TypeScript 3.2
 2019-01-16 08:49:45 +00:00
semmle-qlci
5bc17923b1 Merge pull request #665 from asger-semmle/js-property-concat-sanitizer 
Approved by esben-semmle, xiemaisi
 2019-01-16 08:44:55 +00:00
semmle-qlci
cf3a4ac956 Merge pull request #767 from esben-semmle/js/unknown-bound-event-handler-receiver 
Approved by xiemaisi
 2019-01-16 08:36:11 +00:00
semmle-qlci
8655e5ae17 Merge pull request #768 from xiemaisi/js/call-summaries 
Approved by asger-semmle
 2019-01-16 08:35:31 +00:00
Max Schaefer
0360df6e05 JavaScript: Improve terminology and comments. 2019-01-15 09:01:39 +00:00
Asger F
a7b0f7e2ce TS: upgrade script, version string, stats 2019-01-14 18:26:09 +00:00
Asger F
3ed9575529 TS: add support for bigints 2019-01-14 18:26:09 +00:00
Asger F
ad6add383c JS: improve concatenation-sanitizer for property injection 2019-01-14 15:34:01 +00:00
semmle-qlci
955bad0618 Merge pull request #640 from asger-semmle/lodash-case 
Approved by esben-semmle
 2019-01-14 07:59:59 +00:00
Esben Sparre Andreasen
b35c4b2a9a JS: support FP pattern for js/unbound-event-handler-receiver 2019-01-14 08:47:37 +01:00
semmle-qlci
9c41b214ee Merge pull request #748 from esben-semmle/js/fix/js/useless-assignment-to-property 
Approved by xiemaisi
 2019-01-13 21:40:35 +00:00