hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

2852 Commits

Author SHA1 Message Date
Tom Hvitved
61ef9e2e5c JS: Switch to shared XML.qll implementation 2024-03-19 13:17:50 +01:00
Tom Hvitved
5ab1047b14 Merge pull request #15882 from hvitved/js/dataflow-node-get-location 
JS: Add `DataFlow::Node.getLocation`
 2024-03-19 09:21:00 +01:00
github-actions[bot]
aebe9f6992 Post-release preparation for codeql-cli-2.16.5 2024-03-18 12:16:26 +00:00
github-actions[bot]
0a6243d07b Release preparation for version 2.16.5 2024-03-18 10:14:07 +00:00
Asger F
711a08b0d4 JS: Add TODO about switching to the shared library 2024-03-15 09:26:19 +01:00
Asger F
eff5f3b7d6 JS: Remove duplicate dependency from qlpack.yml 2024-03-13 20:43:44 +01:00
Tom Hvitved
54fa8181da Address review comment 2024-03-13 20:03:01 +01:00
Erik Krogh Kristensen
bd121b98ae Merge pull request #15893 from erik-krogh/more-filter-taint 
JS: allow more flow through .filter()
 2024-03-13 16:19:28 +01:00
Asger F
8ecdb5cefe Update VariableCapture.qll 2024-03-13 15:24:20 +01:00
Asger F
82abd867a0 JS: Update uses of AccessPathSyntax 
This doesn't yet migrate to the FlowSummaryImpl.qll in a qlpack, just trying to make things compile first
 2024-03-13 15:17:58 +01:00
Asger F
e5bc8db2f0 JS: Fix conflicting default for visbleImplInCallContext 2024-03-13 15:17:08 +01:00
Asger F
bb1f729a3f Update VariableCapture.qll 2024-03-13 15:16:37 +01:00
Asger F
97567f412e JS: Update VariableCapture.qll after changes to API 2024-03-13 14:53:00 +01:00
Asger F
5e7d1d5c2c Merge branch 'main' into js/shared-dataflow-merged 2024-03-13 14:27:16 +01:00
Erik Krogh Kristensen
53502a8662 Merge pull request #15510 from yoff/ts-54 
JS: Add support for TS 5.4
 2024-03-13 14:22:24 +01:00
Tom Hvitved
16cef92106 JS: Add DataFlow::Node.getLocation 2024-03-13 13:06:16 +01:00
Asger F
c5a02dae2b Merge pull request #15768 from asgerf/js/amd-pseudo-deps 
JS: Do not treat AMD pseudo-dependencies as imports
 2024-03-13 12:49:17 +01:00
Asger F
fa8933eb41 JS: Reduce duplication in UnsafeDynamicMethodAccessQuery 2024-03-13 12:30:05 +01:00
Asger F
ea4bc9cdbb JS: Comment about manually applying taint steps 2024-03-13 12:30:05 +01:00
erik-krogh
129286aa1c allow more flow through .filter() 2024-03-13 12:03:00 +01:00
Asger F
406b080ce3 JS: Add comment about allowImplicitRead in PostMessageStar 2024-03-13 11:30:52 +01:00
Asger F
0a2050bc42 JS: Deduplicate predicate in HostHeaderPoisoningQuery 2024-03-13 11:27:18 +01:00
Asger F
11983faccf JS: Remove out-commented code 2024-03-13 11:26:56 +01:00
Asger F
b31f20a64e JS: Explain why ObjetWrapperFlowLabel is deprecated 2024-03-13 11:08:25 +01:00
Asger F
e0aae53ac7 JS: Remove unnecessary BarrierGuardLegacy class 2024-03-13 11:05:23 +01:00
Asger F
fce2be0af3 JS: Use BarrierGuardLegacy in TaintedPath 2024-03-13 11:02:09 +01:00
Asger F
e640154048 JS: Be backwards compatible with AdditionalBarrierGuardNode 
I've confirmed that the 'legacyBarrier' predicate does not occur in the DIL
 2024-03-13 10:54:02 +01:00
Asger F
14e75be510 JS: Expand comments and synthetic node name in ForOfLoops 2024-03-13 09:27:00 +01:00
Asger F
e66f27cfe3 JS: Move hasWildcardReplaceRegExp to a shared place 2024-03-13 09:19:26 +01:00
Asger F
4043bc13ab JS: Explicit mark comment as a TODO 2024-03-13 09:19:03 +01:00
Asger F
858c79e395 JS: Add plain taint step through Promise.all() 2024-03-13 08:57:42 +01:00
Asger F
2c1aa08f79 JS: Rename Strings2 -> Strings 2024-03-12 21:18:14 +01:00
Asger F
478dd25f3e JS: Rename Sets2 -> Sets 2024-03-12 21:17:29 +01:00
Asger F
433489478d JS: Rename Promise2 -> Promise 2024-03-12 21:16:43 +01:00
Asger F
e2f3565227 JS: Rename Maps2 -> Maps 2024-03-12 21:14:29 +01:00
Asger F
b3fad7a8dc JS: Rename Iterators2 -> Iterators 2024-03-12 15:12:07 +01:00
Asger F
5aafd33cec JS: Rename Arrays2 -> Arrays 2024-03-12 15:11:29 +01:00
Asger F
76e0445af0 JS: Be consistent about caching in PreCallGraphStep 2024-03-12 15:08:59 +01:00
Asger F
28fc8ba0c1 JS: Remove EmptyType 2024-03-12 14:59:04 +01:00
Asger F
f94aa2ceec Update javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowNode.qll 2024-03-12 14:41:11 +01:00
erik-krogh
9f410eb2d6 Merge branch 'main' into ts-54 2024-03-11 18:07:52 +01:00
Asger F
7c35309732 Merge pull request #15823 from asgerf/js/lift-cg-restriction 
JS: Call graph improvements
 2024-03-08 13:40:38 +01:00
Asger F
245cd5c0b5 Merge pull request #15760 from asgerf/js/summarised-tt-store-steps 
JS: Summarise store steps for type tracking
 2024-03-08 13:16:25 +01:00
Asger F
ac4601cb8f Update javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-03-08 13:01:38 +01:00
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
Asger F
a54a73c9a2 JS: Detect more FunctionStyleClasses 2024-03-06 11:37:20 +01:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00