hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

2834 Commits

Author SHA1 Message Date
Asger F
c8bb0e2117 JS: Treat d.ts as a single extension in Folder.getJavaScriptFile 2022-05-24 14:30:36 +02:00
Asger F
7d4a191a32 JS: Simplify 2022-05-24 14:18:06 +02:00
Asger F
db4b6d620a JS: Remove Buffer.from as sink for js/resource-exhaustion 2022-05-24 14:18:05 +02:00
Erik Krogh Kristensen
82c6c22d50 make a model for hasOwnProperty calls and similar 2022-05-24 14:13:53 +02:00
Erik Krogh Kristensen
2a97dd9f6f add support for Object.hasOwn(obj, key) 2022-05-24 13:59:25 +02:00
Erik Krogh Kristensen
1717d17fb3 add flow step for Array.prototype.at 2022-05-24 12:41:27 +02:00
Erik Krogh Kristensen
fc25d14af7 add change note 2022-05-24 12:37:28 +02:00
Asger F
631527fe49 JS: Rename Node.{getASource -> asSource, getASink -> asSink} 2022-05-24 11:57:30 +02:00
Asger F
bc601261ed JS: Use 'ql' language for markdown snippets 2022-05-24 11:57:30 +02:00
Asger F
f80f8b6630 JS: Update a comment mentioning getARhs 2022-05-24 11:57:30 +02:00
Asger F
18dc39484d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
1e96b1e559 JS: Fix typo 2022-05-24 11:57:30 +02:00
Asger Feldthaus
777d344dde JS: Fix up qldoc for getAValueReachingSink 2022-05-24 11:57:30 +02:00
Asger Feldthaus
8da96ed403 JS: Update doc comment 2022-05-24 11:57:30 +02:00
Asger F
1ae97d9d54 Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
9fad4b883b JS: Autoformat 2022-05-24 11:57:30 +02:00
Asger Feldthaus
76ba78294f JS: Make API::EntryPoint overrides optional 2022-05-24 11:57:30 +02:00
Asger Feldthaus
ce9c3b3eb5 JS: Also rename predicates on API::EntryPoint 2022-05-24 11:57:30 +02:00
Asger Feldthaus
19a5db9f89 JS: Rename getARhs -> getASink 2022-05-24 11:57:30 +02:00
Asger Feldthaus
4c6192670e JS: Rename getAnImmediateUse -> getASource 2022-05-24 11:57:30 +02:00
Asger F
a7b73f44b2 Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Calum Grant <42069085+calumgrant@users.noreply.github.com>
 2022-05-24 11:57:30 +02:00
Asger F
73baa49c5d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
82c35e6f65 Mention that the interaction and be with any external codebase 2022-05-24 11:57:29 +02:00
Asger Feldthaus
6a12864dab JS: Document how API graphs should be interpreted 2022-05-24 11:57:29 +02:00
Erik Krogh Kristensen
b2d3a7dca5 add change-note for the public renamed predicate 2022-05-24 11:20:08 +02:00
Erik Krogh Kristensen
a404a8c61a use more set literals instead of big disjunctions 2022-05-24 11:09:10 +02:00
Erik Krogh Kristensen
b48806968c delete redundant import 2022-05-24 11:02:41 +02:00
Erik Krogh Kristensen
395ec106b9 remove unused field 2022-05-24 11:02:18 +02:00
Erik Krogh Kristensen
d58fe8e193 add explicit this 2022-05-24 10:59:13 +02:00
Erik Krogh Kristensen
d1ad08ecb5 fix misspellings in predicate names 2022-05-24 10:57:13 +02:00
Erik Krogh Kristensen
aa01cf11c2 Merge pull request #9125 from erik-krogh/exportObj 
JS: recognize functions that return object of methods as library input
 2022-05-23 19:57:34 +02:00
Rasmus Wriedt Larsen
85fa6fba63 Concepts: Move CryptographicOperation.isWeak to be Ruby specific 2022-05-23 14:39:06 +02:00
Erik Krogh Kristensen
ba844aa0ab Merge branch 'main' into exportObj 2022-05-23 14:18:31 +02:00
Asger Feldthaus
33dac5e95f JS: API graph support for accessors (and classes) 2022-05-23 13:12:52 +02:00
Alex Ford
fb53fc5373 Javascript: add missing import in ConceptsImports.qll 2022-05-19 15:51:25 +01:00
Alex Ford
d3662cf54a Deprecate CryptographicOperation#isWeak and add a default implementation 2022-05-19 15:46:13 +01:00
Alex Ford
3d66905dc6 Share the CryptographicOperation and BlockMode concepts between dynamic langs 2022-05-19 15:46:03 +01:00
Stephan Brandauer
67697e1066 update meta information and release note for typescript 4.7 upgrade 2022-05-19 15:45:27 +02:00
Erik Krogh Kristensen
215a6a72cc Merge branch 'main' into useStringComp 2022-05-18 10:55:31 +02:00
Erik Krogh Kristensen
7245591468 Merge pull request #7763 from erik-krogh/unused-field 
QL: add unused-field query
 2022-05-18 09:15:16 +02:00
Alex Ford
4bb6d1db3a Add missing qldoc 2022-05-17 15:01:28 +01:00
Alex Ford
f92782d4e7 Ruby: fix some cases where we assume that a CryptographicOperation is using CBC when it is not 2022-05-17 14:57:11 +01:00
Erik Krogh Kristensen
86e97c32d6 fix all ql/use-string-compare 2022-05-17 14:11:05 +02:00
Erik Krogh Kristensen
bb289e29b9 sync typo fix to JS/RB 2022-05-17 12:26:31 +02:00
Mathias Vorreiter Pedersen
1280d43e36 Merge pull request #9141 from github/post-release-prep/codeql-cli-2.9.2 
Post-release preparation for codeql-cli-2.9.2
 2022-05-17 10:01:37 +01:00
Nick Rolfe
c518150b49 Merge pull request #9132 from github/nickrolfe/misspelling 
QL for QL: generalise non-US spelling query
 2022-05-16 16:03:36 +01:00
Erik Krogh Kristensen
23981cb323 Merge pull request #7626 from erik-krogh/CWE-377 
JS: add query for detecting insecure temporary files
 2022-05-16 15:25:17 +02:00
Alex Ford
66736ebd9d sync CryptoAlgorithmNames.qll (remove isWeakBlockMode predicate) 2022-05-13 21:26:01 +01:00
github-actions[bot]
b7cbd8fd75 Post-release preparation for codeql-cli-2.9.2 2022-05-12 18:21:38 +00:00
Nick Rolfe
1115227f9d Merge remote-tracking branch 'origin/main' into nickrolfe/misspelling 2022-05-12 16:10:27 +01:00