hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,267 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.1
Commit Graph

11277 Commits

Author SHA1 Message Date
Asger F
cad5a064cd JS: recognize a-sync-waterfall package 2019-02-05 16:38:47 +00:00
Esben Sparre Andreasen
b72441f9c2 JS: use StringOps:: in js/incomplete-url-substring-sanitization 2019-02-05 15:17:55 +01:00
Asger F
51360d8772 JS: add Parameter.getJSDocTag 2019-02-05 11:35:16 +00:00
Asger F
79b9784b08 JS: handle ES2015 modules compiling to Node.js modules 2019-02-04 14:26:24 +00:00
Asger F
5e10e955ee JS: update trivial TRAP changes 2019-02-04 14:25:05 +00:00
Asger F
4b32d8c63f JS: refactor SourceType/Platform 2019-02-04 14:24:39 +00:00
Asger F
ac6b9d1282 JS: add TRAP test with closure modules 2019-02-04 14:24:39 +00:00
Asger F
cac09cf154 JS: Update TRAP output 2019-02-04 14:24:39 +00:00
Asger F
be105b6348 JS: add dbscheme upgrade script 2019-02-04 14:21:34 +00:00
Asger F
8f3b0f584a JS: Extract predicates for ES2015/closure modules 2019-02-04 14:21:34 +00:00
Asger F
51fe31d049 JS: fix FPs in DeadStoreOfLocal 2019-02-04 14:21:34 +00:00
Asger F
6a451a6b53 JS: Fix InvalidExport.ql 2019-02-04 14:21:34 +00:00
Asger F
72fe63074a JS: convert tabs to spaces 2019-02-04 14:21:34 +00:00
Asger F
df88534b36 JS: use PropWrite in exports() predicate 2019-02-04 14:21:34 +00:00
Asger F
c707935841 JS: add Closure::moduleImport and Closure::moduleMember 2019-02-04 14:21:34 +00:00
Asger F
82c0756248 JS: autoformat 2019-02-04 14:21:34 +00:00
Asger F
2ae926462c JS: Move closure code into a module 2019-02-04 14:21:34 +00:00
Asger F
6bcae5e7c2 JS: address comments 2019-02-04 14:21:34 +00:00
Asger F
6a63c3f149 JS: raise precision of global accesses 2019-02-04 14:21:34 +00:00
Asger F
9589ccd40d JS: support imports/exports for closure library code 2019-02-04 14:21:34 +00:00
Asger F
30ba7aedfe JS: split SourceType.MODULE into two 2019-02-04 14:21:34 +00:00
Asger F
f00b16e500 JS: recognize Closure modules files as modules 2019-02-04 14:21:34 +00:00
semmle-qlci
e195ac996e Merge pull request #868 from xiemaisi/js/discard-tokens-early 
Approved by esben-semmle
 2019-02-04 11:32:03 +00:00
Max Schaefer
7be3336aaf JavaScript: Document per-function caches in CFG extractor. 2019-02-04 08:17:21 +00:00
Max Schaefer
6ad45b2451 JavaScript: Temporarily remove unstable test. 2019-02-04 08:10:39 +00:00
Max Schaefer
9bfde9553d Merge pull request #839 from asger-semmle/field-propwrite 
JS: add PropWrites cases for instance fields initialization
 2019-02-01 10:56:25 +00:00
semmle-qlci
222738072d Merge pull request #840 from esben-semmle/js/propagate-sound-avalue 
Approved by xiemaisi
 2019-02-01 09:23:43 +00:00
Max Schaefer
b87abc9602 JavaScript: Extend suspiciousCredentials predicate to recognise authKey and similar. 2019-01-31 09:03:23 +00:00
Max Schaefer
87e62f0bd5 JavaScript: Teach PostMessageStar to reason about partially tainted objects. 2019-01-31 08:59:47 +00:00
Max Schaefer
aeb8cc62b2 JavaScript: Reclassify PostMessageStar as CWE-201. 2019-01-31 08:08:52 +00:00
Asger F
720f442ea5 JS: Rename to StaticClassMemberAsPropWrite 2019-01-30 15:49:21 +00:00
semmle-qlci
fc5b9dd55e Merge pull request #837 from asger-semmle/hardcoded-empty-string 
Approved by esben-semmle
 2019-01-30 13:40:39 +00:00
semmle-qlci
24c8a47bb1 Merge pull request #841 from asger-semmle/private-higher-order-call 
Approved by esben-semmle
 2019-01-30 13:34:04 +00:00
Max Schaefer
17ce21c481 JavaScript: Remove an unused import in TrapTests.java. 2019-01-30 12:29:20 +00:00
Max Schaefer
5eba486d34 JavaScript: Clear per-function CFG caches after each function. 2019-01-30 12:29:20 +00:00
Esben Sparre Andreasen
cfc53ade69 JS: add more tests for js/incomplete-url-substring-sanitization 2019-01-30 12:57:03 +01:00
Felicity Chapman
54242f4009 Merge pull request #849 from jf205/locations 
Update links to QL help topics in GH repo files (SD-2999)
 2019-01-30 11:06:22 +00:00
Max Schaefer
769e407c24 JavaScript: Add new query PostMessageStar. 2019-01-30 10:26:43 +00:00
james
7cc1442ecb Update link text 2019-01-30 09:44:07 +00:00
Esben Sparre Andreasen
321b3f1ab5 JS: use ports to sharpen js/incomplete-url-substring-sanitization 2019-01-30 10:18:00 +01:00
james
81137aa7b4 update links to locations in .ql files 2019-01-30 08:02:02 +00:00
james
9d1a050f35 update links to locations in .qll files 2019-01-30 08:01:49 +00:00
Taus
9adb19f3a9 Merge branch 'master' into python-incomplete-url-sanitize 2019-01-29 14:17:37 +01:00
Max Schaefer
e9500e8b75 JavaScript: Update trap tests. 2019-01-29 13:01:03 +00:00
Max Schaefer
6013b918fc JavaScript: Extract tokens and comments before AST. 
This allows us to discard token/comment information sooner, thereby reducing heap pressure for very large files.
 2019-01-29 13:00:17 +00:00
Max Schaefer
aa54d67301 JavaScript: Update trap tests. 2019-01-29 12:59:42 +00:00
Max Schaefer
99a4f34b7a JavaScript: Omit numlines for functions. 2019-01-29 12:59:33 +00:00
Max Schaefer
a480c6ecaa JavaScript: Implement LoC counting for functions in QL. 2019-01-29 12:58:44 +00:00
Max Schaefer
c09c35a737 JavaScript: Update trap tests. 2019-01-29 12:58:41 +00:00
Max Schaefer
d6c3ae2fb4 JavaScript: Fix bug in extraction of next_token. 2019-01-29 12:58:32 +00:00