hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,404 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.1
Commit Graph

2121 Commits

Author SHA1 Message Date
semmle-qlci
58cc8d0ecc Merge pull request #936 from xiemaisi/js/revive-electron-support 
Approved by esben-semmle
 2019-02-25 15:23:20 +00:00
Esben Sparre Andreasen
4dc147d506 JS: rename CapturedSource -> LocalObject (files) 2019-02-25 16:09:07 +01:00
Asger F
050626aca0 JS: remove audit alerts from package.json 2019-02-25 15:04:47 +00:00
Esben Sparre Andreasen
66367987af JS: rename CapturedSource -> LocalObject 2019-02-25 16:04:37 +01:00
Esben Sparre Andreasen
65fb1423b7 JS: format test case (update expected output) 2019-02-25 15:55:44 +01:00
Esben Sparre Andreasen
1150f4c02b JS: add documentation to test case 2019-02-25 15:52:23 +01:00
Asger F
7d14429dce JS: handle deeper access paths in Closure::moduleImport 2019-02-25 12:31:18 +00:00
Asger F
2f6496f6bd JS: add test with undeclared nested access 2019-02-25 12:27:36 +00:00
Asger F
b31d7d1f5f JS: add test case 2019-02-25 11:31:09 +00:00
Esben Sparre Andreasen
4ce7ec1661 JS: add XSS vector for Vue's v-html 2019-02-25 12:17:56 +01:00
Esben Sparre Andreasen
da1ffcfd1b JS: introduce Vue Template Element 2019-02-25 12:17:33 +01:00
Esben Sparre Andreasen
9f4f945975 JS: introduce Vue::InstanceHeapStep 2019-02-25 12:17:33 +01:00
Asger F
614ba92fac JS: add ClassContainsTwo.expected 2019-02-25 09:51:40 +00:00
semmle-qlci
014d4b9ed0 Merge pull request #934 from asger-semmle/module-import 
Approved by xiemaisi
 2019-02-25 09:46:52 +00:00
Max Schaefer
e7c95bae49 JavaScript: Add flow steps modelling Electron IPC. 2019-02-23 21:43:13 +00:00
Max Schaefer
a4e4957f31 JavaScript: Model webContents property. 2019-02-23 21:43:13 +00:00
Max Schaefer
ff83e600dc JavaScript: Track Electron browser objects inter-procedurally. 2019-02-23 21:43:13 +00:00
Max Schaefer
d59c12e6eb JavaScript: Recognise Electron browser objects based on TypeScript types when available. 2019-02-23 21:43:13 +00:00
Esben Sparre Andreasen
6c1b29e4b6 JS: add missing flowstep for unused parameter field initializers 2019-02-21 21:44:28 +01:00
Esben Sparre Andreasen
6766716867 JS: add PropWrite tests for parameter field initializers 2019-02-21 21:44:28 +01:00
Esben Sparre Andreasen
bdd8691e65 JS: add type inference for the return value of captured method calls 2019-02-21 21:44:28 +01:00
Esben Sparre Andreasen
0cf2eaec5e JS: introduce CapturedSource 2019-02-21 21:44:28 +01:00
Asger F
e7e29101e4 JS: add StringOps::Concatenation 2019-02-15 16:57:26 +00:00
Asger F
c115451b9d JS: Fix copy-pasta bug 2019-02-15 16:48:42 +00:00
semmle-qlci
26525fc1b5 Merge pull request #929 from asger-semmle/typescript-no-expansion 
Approved by xiemaisi
 2019-02-13 18:20:41 +00:00
semmle-qlci
92a6e7e04c Merge pull request #932 from asger-semmle/cookbook-prepare 
Approved by xiemaisi
 2019-02-13 18:20:09 +00:00
Asger F
dfe3f254de JS: generalize to include default imports 2019-02-13 18:03:57 +00:00
Max Schaefer
5b2df068d3 Merge pull request #921 from asger-semmle/class-node-absval 
JS: use type inference to back up function-style classes
 2019-02-13 10:12:20 +00:00
Asger F
be10f24de7 JS: make moduleImport() work for named imports 2019-02-12 17:22:06 +00:00
Anders Schack-Mulligen
15a6044445 Javascript: Autoformat qlls 2019-02-12 14:41:31 +01:00
Asger F
3290c174c3 JS: Add DataFlow::Node.getAFunctionValue 2019-02-12 13:38:46 +00:00
Asger F
2fd1ee60a2 JS: add DataFlow::Node.getIntValue() 2019-02-12 13:38:46 +00:00
Anders Schack-Mulligen
1182fca665 Javascript: Autoformat qls 2019-02-12 14:38:42 +01:00
semmle-qlci
c133362660 Merge pull request #910 from xiemaisi/js/regexp-taint 
Approved by esben-semmle
 2019-02-12 13:15:16 +00:00
Asger F
0444fa307d TS: update test expectations 2019-02-12 12:33:09 +00:00
semmle-qlci
10b00254ec Merge pull request #915 from asger-semmle/closure-uri-methods 
Approved by xiemaisi
 2019-02-11 10:51:07 +00:00
Asger F
74a9c4b500 JS: use type inference to back up function-style classes 2019-02-08 16:42:24 +00:00
Asger F
f6e0ccfcf0 JS: model URI and XHR methods from closure library 2019-02-08 15:18:27 +00:00
semmle-qlci
7e298cfbbe Merge pull request #900 from esben-semmle/js/defuse-default 
Approved by xiemaisi
 2019-02-08 11:28:32 +00:00
semmle-qlci
a48594ad8e Merge pull request #906 from asger-semmle/q-library 
Approved by xiemaisi
 2019-02-08 11:12:50 +00:00
Asger F
bfe88e9784 JS: make Closure::moduleImport handle member access. 2019-02-08 10:51:07 +00:00
Max Schaefer
b314c546e1 JavaScript: Track taint through RegExp.prototype.replace. 2019-02-08 09:57:07 +00:00
Asger F
c2321045f2 TS: fix import of q.d.ts in test case 2019-02-07 12:37:54 +00:00
Asger F
e4b230ba60 Revert "Merge pull request #897 from Semmle/revert-817-closure-modules" 
This reverts commit 95185345fd, reversing
changes made to b8be66ec48.
 2019-02-07 11:58:38 +00:00
Esben Sparre Andreasen
5ad83360be JS: move default parameter values to the DefUse graph 2019-02-07 11:41:36 +01:00
Esben Sparre Andreasen
f956e570cb JS: support default destructuring values in the dataflow graph 2019-02-07 11:41:36 +01:00
Esben Sparre Andreasen
687b7f0a7f JS: exclude direct flow from the RHS in a destructuring assignment 2019-02-07 11:41:36 +01:00
Esben Sparre Andreasen
f333419bb4 JS: add defuse+dataflow tests for destructuring and default values 2019-02-07 11:24:46 +01:00
Max Schaefer
812cba0fe3 Merge pull request #828 from esben-semmle/js/vue-support-1 
JS: basic Vue support
 2019-02-07 08:00:17 +00:00
Asger F
e46e2b2515 Revert "JS: Add support for Closure modules" 2019-02-06 17:30:45 +00:00