codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00

Author	SHA1	Message	Date
semmle-qlci	5e712b3ff6	Merge pull request #784 from asger-semmle/dedup-promiseTaintStep Approved by esben-semmle	2019-01-18 08:52:09 +00:00
Asger F	a8d750f086	JS: update header doc in Promises.qll	2019-01-17 15:26:45 +00:00
Asger F	e9c4f13a31	JS: Remove trailing whitespace again	2019-01-17 13:10:15 +00:00
Asger F	7a344c8546	JS: Add resolved promise taint test case	2019-01-17 13:08:55 +00:00
Asger F	b6fdbdcf84	JS: deduplicate promiseTaintStep	2019-01-17 13:04:16 +00:00
Asger F	882b337c15	JS: Move ResolvedPromiseDefinition into StandardLibrary.qll	2019-01-17 13:02:03 +00:00
Asger F	fc27b26bd5	JS: Remove duplicate PromiseFlowStep	2019-01-17 12:56:40 +00:00
Asger F	66901dc7b8	JS: remove duplicate ES2015PromiseDefinition	2019-01-17 12:55:38 +00:00
Max Schaefer	8f8068695d	JavaScript: Bump extractor version to avoid trap cache.	2019-01-17 09:30:18 +00:00
Max Schaefer	ce65fcedc1	JavaScript: Abort AutoBuild if an exception happens in one of the extractor threads.	2019-01-17 09:29:49 +00:00
Max Schaefer	7765c6d486	JavaScript: Await termination of extractor threadpool.	2019-01-17 09:29:49 +00:00
Max Schaefer	3b5315aa7e	JavaScript: Improve logging.	2019-01-17 09:29:49 +00:00
Max Schaefer	a6cb63e9c8	JavaScript: Make number of threads configurable through `LGTM_INDEX_THREADS`. If the number of threads specified is one or lower, we fall back onto single-threaded extraction.	2019-01-17 09:29:49 +00:00
Max Schaefer	d625ebf86d	JavaScript: Extract JavaScript files after TypeScript files. This way we only start multi-threaded extraction after the TypeScript parser has already been shut down, reducing the chance of running out of memory.	2019-01-17 09:29:49 +00:00
Max Schaefer	57133f91ff	JavaScript: Prevent interleaved progress messages on stdout.	2019-01-17 09:29:49 +00:00
Max Schaefer	1c84dc011a	JavaScript: Parallelise extraction of JavaScript (but not TypeScript) files.	2019-01-17 09:29:49 +00:00
Max Schaefer	8014ded973	JavaScript: Remove static state in `JSDocParser`.	2019-01-17 09:29:49 +00:00
Max Schaefer	5832f7c3ad	JavaScript: Pull `ExtractorState` out of `FileExtractor`.	2019-01-17 09:29:49 +00:00
Max Schaefer	335d43b122	JavaScript: Make `AutoBuild` less stateful.	2019-01-17 09:29:49 +00:00
Max Schaefer	a058d7a502	JavaScript: Fix examples in flow-summaries.rst The S-expression examples still used the old order of parameters for `parameter` and `member`.	2019-01-17 09:12:40 +00:00
Asger F	9aaea40719	JS: address comments and support TrackedNode	2019-01-16 11:12:38 +00:00
Asger F	6d1eab8a4b	JS: support flow out of "this" in constructor call	2019-01-16 11:09:38 +00:00
Max Schaefer	4a7e0fe104	Merge pull request #766 from asger-semmle/ts-compiler-3.2 TS: Support TypeScript 3.2	2019-01-16 08:49:45 +00:00
semmle-qlci	5bc17923b1	Merge pull request #665 from asger-semmle/js-property-concat-sanitizer Approved by esben-semmle, xiemaisi	2019-01-16 08:44:55 +00:00
semmle-qlci	cf3a4ac956	Merge pull request #767 from esben-semmle/js/unknown-bound-event-handler-receiver Approved by xiemaisi	2019-01-16 08:36:11 +00:00
semmle-qlci	8655e5ae17	Merge pull request #768 from xiemaisi/js/call-summaries Approved by asger-semmle	2019-01-16 08:35:31 +00:00
Max Schaefer	0360df6e05	JavaScript: Improve terminology and comments.	2019-01-15 09:01:39 +00:00
Asger F	a7b0f7e2ce	TS: upgrade script, version string, stats	2019-01-14 18:26:09 +00:00
Asger F	3ed9575529	TS: add support for bigints	2019-01-14 18:26:09 +00:00
Asger F	1c6deb65cd	TS: update test expectation	2019-01-14 18:15:30 +00:00
Asger F	5fc4147a23	TS: bump TypeScript compiler dependency to 3.2.1	2019-01-14 15:56:50 +00:00
Asger F	f4c89601ff	JS: fix typo	2019-01-14 15:34:01 +00:00
Asger F	ad6add383c	JS: improve concatenation-sanitizer for property injection	2019-01-14 15:34:01 +00:00
semmle-qlci	955bad0618	Merge pull request #640 from asger-semmle/lodash-case Approved by esben-semmle	2019-01-14 07:59:59 +00:00
semmle-qlci	7bb8edd16d	Merge pull request #720 from esben-semmle/js/more-flow-parsing Approved by xiemaisi	2019-01-14 07:58:28 +00:00
Esben Sparre Andreasen	b35c4b2a9a	JS: support FP pattern for js/unbound-event-handler-receiver	2019-01-14 08:47:37 +01:00
semmle-qlci	9c41b214ee	Merge pull request #748 from esben-semmle/js/fix/js/useless-assignment-to-property Approved by xiemaisi	2019-01-13 21:40:35 +00:00
Esben Sparre Andreasen	64346e1321	JS: bump extractor version for improved support for Flow	2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen	c26ae26f53	JS: support explicit type arguments for Flow	2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen	45a4026385	JS: support additional export statements for Flow	2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen	c6f9a043ca	JS: support additional import statements for Flow	2019-01-13 22:10:56 +01:00
semmle-qlci	04c15028ab	Merge pull request #750 from aschackmull/javascript/autoformat Approved by xiemaisi	2019-01-11 16:35:38 +00:00
Anders Schack-Mulligen	db9407bae5	Javascript: Update .expected files.	2019-01-11 14:27:16 +01:00
semmle-qlci	b0dd3dfeb1	Merge pull request #502 from xiemaisi/js/summaries Approved by asger-semmle	2019-01-11 10:27:03 +00:00
Max Schaefer	f9d704bdcf	JavaScript: Add example of indirect command injection.	2019-01-11 10:24:41 +00:00
Anders Schack-Mulligen	e58094c732	Javascript: Autoformat.	2019-01-11 11:02:42 +01:00
Max Schaefer	7d2d33840a	JavaScript: Track flow through forwarding higher-order calls.	2019-01-11 09:15:58 +00:00
Max Schaefer	59bac829b1	JavaScript: Refactor `flowsIntoHigherOrderCall` predicate.	2019-01-11 08:34:09 +00:00
Max Schaefer	edc5117dfd	JavaScript: Track flow into (simple) higher-order function calls. The only case we support for now are functions that invoke one of their arguments, passing another argument as input.	2019-01-11 08:11:15 +00:00
Max Schaefer	414ab8ea8c	JavaScript: Refactor `argumentPassing`.	2019-01-11 07:57:58 +00:00

... 216 217 218 219 220 ...

11726 Commits