hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

6144 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
96748ca32e JS: sharpen js/duplicate-parameter-name 2020-01-06 08:51:00 +01:00
Asger F
503bcdc5d7 JS: Dont capitalize Promise in prose 2020-01-03 14:16:31 +00:00
Asger F
3c601fce74 Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-03 14:15:52 +00:00
Asger F
30a8769dad JS: Add more bad promise contexts 2020-01-03 14:12:55 +00:00
Asger F
4772798d7b JS: do not resolve arbitrary extensions to JavaScript files 2020-01-03 11:37:51 +00:00
semmle-qlci
06d812a6ff Merge pull request #2556 from erik-krogh/RegexpVoidCxt 
Approved by max-schaefer
 2020-01-03 08:38:56 +00:00
Max Schaefer
8d1ad5c5f3 JavaScript: Alert suppression through single-line /* */ style comments. 2020-01-02 10:45:20 +00:00
Erik Krogh Kristensen
d1a77d6993 refactor isInterpretedAsRegExp to directly work on a DataFlow node 2020-01-02 11:18:14 +01:00
Max Schaefer
de02bb4a0d JavaScript: Prevent joining on configuration in onPath. 2020-01-02 09:49:09 +00:00
Max Schaefer
2a55ba5d4f JavaScript: Fix join order in PathNode.getASuccessor. 2020-01-02 09:48:57 +00:00
semmle-qlci
f921cf7d01 Merge pull request #2512 from erik-krogh/moarExceptions 
Approved by esbena, max-schaefer
 2019-12-20 20:31:50 +00:00
Erik Krogh Kristensen
a0b5aa5ae4 more precise heuristic to identify allowed call targets 2019-12-20 10:51:39 +01:00
Erik Krogh Kristensen
15d74b7d03 remove FP from js/regexpinjection where no regexp was constructed 2019-12-19 10:47:03 +01:00
Tom Hvitved
29cd6a9e30 Sync XML.qll 2019-12-19 10:29:30 +01:00
Erik Krogh Kristensen
2e5b7273ab changes based on review feedback. 2019-12-17 17:30:05 +01:00
Erik Krogh Kristensen
0a8a2ecc61 make EventEmitter classses non final, and add a comment about extending EventEmitter::Range 2019-12-17 16:37:03 +01:00
Erik Krogh Kristensen
fed9302996 uppercase E in Electron 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-17 16:29:55 +01:00
Erik Krogh Kristensen
f140820511 fix FP related to block-level flow type annotations 2019-12-17 16:10:20 +01:00
Erik Krogh Kristensen
9dd7d1c6d7 changes based on review feedback 2019-12-17 13:19:53 +01:00
Erik Krogh Kristensen
f9ddd5891a minor documentation fixes 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-17 13:05:20 +01:00
Max Schaefer
09ee106333 Java/JavaScript: Add two deprecated predicates to XML.qll. 
This makes XML.qll identical across C++, Java, JavaScript and Python.
 2019-12-17 10:15:43 +00:00
Max Schaefer
923e36ba4f C++/Java/JavaScript/Python: Make qldoc consistent. 2019-12-17 10:15:43 +00:00
Max Schaefer
a2fe678464 C++/Java/JavaScript/Python: Unify imports in XML.qll. 2019-12-17 10:15:43 +00:00
Erik Krogh Kristensen
8f17db6670 changes based on review feedback 2019-12-16 14:43:29 +01:00
Erik Krogh Kristensen
7c931452d9 autoformat 2019-12-16 13:45:42 +01:00
Erik Krogh Kristensen
3ca3fa7e9e add quotes on code in documentation 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2019-12-16 13:32:01 +01:00
Erik Krogh Kristensen
c19d8ecb73 refactorizations and preparations for SocketIO implementation 2019-12-16 10:13:27 +01:00
Erik Krogh Kristensen
8c0b6f26da Merge remote-tracking branch 'upstream/master' into moarExceptions 2019-12-16 08:35:45 +01:00
Erik Krogh Kristensen
1efe2ba167 inline ifStmt field 2019-12-13 19:00:54 +01:00
Erik Krogh Kristensen
3b2cc4674e autoformat 2019-12-13 11:44:52 +01:00
Erik Krogh Kristensen
e164f46330 changes based on review feedback 2019-12-13 11:44:31 +01:00
Asger F
e8f0e3811a JS: Replace backticks with <code> 2019-12-12 15:52:09 +00:00
Asger F
eb82b17f16 JS: QHelp and a bit of qldoc 2019-12-12 15:40:41 +00:00
Erik Krogh Kristensen
f35dc5d274 Merge remote-tracking branch 'upstream/master' into moarExceptions 2019-12-12 16:13:52 +01:00
Erik Krogh Kristensen
17358606cb change callback to rely on an behavior heuristic rather than a naming heuristic 2019-12-12 16:12:37 +01:00
Asger F
f398247d2f JS: Step through rephinements in getImmediatePredecessor 2019-12-12 15:11:25 +00:00
Asger F
a30f991b5e JS: Add query for missing await 2019-12-12 15:11:25 +00:00
Erik Krogh Kristensen
08d0cb795b revert the introduction of getEnclosingCall 2019-12-12 15:14:02 +01:00
Max Schaefer
dfeca63677 JavaScript: Fix characteristic predicate of XMLParent. 
The database type `@xmlparent` is defined a bit too loosely in that it includes all of `@file`, not just XML files. Fixing that would involve fiddling with the extractor/dbscheme, so I have opted to fix it at the QL level instead.
 2019-12-12 12:38:29 +00:00
Erik Krogh Kristensen
e818f4c08b refactored some duplicated methods into the abstract class, and specialized the type of emitter in NodeJS EventEmitter dispatch/registration 2019-12-11 18:25:03 +01:00
Erik Krogh Kristensen
f537e28389 add pragma to internalBlocks predicate to fix performance 2019-12-11 15:19:30 +01:00
Erik Krogh Kristensen
62512dd3e9 expand the js/exception-xss to handle more types of exceptional flow 2019-12-11 10:43:50 +01:00
Erik Krogh Kristensen
267c4c07ed refactor EventEmitter model to use the ::Range pattern 2019-12-10 15:54:14 +01:00
Erik Krogh Kristensen
c4fd80d12b some review feedback 2019-12-10 14:53:01 +01:00
Erik Krogh Kristensen
e5d465da9a documentation fixes from @max-schaefer 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-10 12:01:51 +01:00
Erik Krogh Kristensen
60a825cf66 fix tabs and spaces 2019-12-09 16:06:17 +01:00
Erik Krogh Kristensen
110302678c add model for EventEmitter in NodeJS, and base the Electron::IPC model on top of the new EventEmitter model 2019-12-09 14:27:35 +01:00
Asger F
abec4badb5 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-06 11:53:09 +00:00
Asger F
344f0b4995 Fix typo in qldoc 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-06 11:53:09 +00:00
Asger F
c1da83bf6c Fix typo in qldoc 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-06 11:53:09 +00:00