hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

4992 Commits

Author SHA1 Message Date
Max Schaefer
3daa974255 JavaScript: Rename a test. 
The old test name would cause a compiler warning, which we don't want to include in the expected output.
 2019-08-02 14:05:57 +01:00
semmle-qlci
635a8edacc Merge pull request #1676 from xiemaisi/js/more-tests-classification 
Approved by esben-semmle
 2019-08-02 14:02:24 +01:00
Max Schaefer
97c0c97b28 JavaScript: Classify __mocks__ and __tests_ as tests. 
These are conventions used by jest: https://jestjs.io/docs/en/manual-mocks#mocking-user-modules.
 2019-08-02 11:15:02 +01:00
semmle-qlci
bb4f00d770 Merge pull request #1015 from esben-semmle/js/cli-cli 
Approved by xiemaisi
 2019-08-02 09:57:19 +01:00
Esben Sparre Andreasen
90862fea99 JS: whitelist trivial throwers in js/superfluous-trailing-arguments 2019-08-01 11:49:43 +02:00
semmle-qlci
0e64c84f7e Merge pull request #1656 from asger-semmle/rephrase-useless-def 
Approved by xiemaisi
 2019-07-31 09:55:38 +01:00
Esben Sparre Andreasen
bf4a324a86 JS: add query js/indirect-command-line-injection 2019-07-31 09:24:25 +02:00
Asger F
ea563f8b97 JS: Rephrase dead store of local at declaration site 2019-07-30 18:02:27 +01:00
Asger F
378b0bfb74 JS: Do not treat the empty string as a credential 2019-07-30 17:29:12 +01:00
semmle-qlci
d63e53f3a4 Merge pull request #1628 from asger-semmle/self-globalobj 
Approved by xiemaisi
 2019-07-30 11:23:54 +01:00
semmle-qlci
143016ed96 Merge pull request #1635 from xiemaisi/js/dont-taint-for-in 
Approved by asger-semmle
 2019-07-26 08:32:14 +01:00
Asger F
6f158182d1 JS: Add self as global object alias 2019-07-24 17:10:59 +01:00
Asger F
28efadea73 JS: Use defSourceNode from getRhsNode 2019-07-23 17:14:56 +01:00
Asger F
44f7e2d5c5 JS: Handle IIFE parameters 2019-07-23 17:14:56 +01:00
Asger F
7d2e83710a JS: Add JSDoc name resolution test 2019-07-23 17:14:56 +01:00
Asger F
80fa9915fd JS: Rename JSDoc.qll to avoid conflict with JSDoc module 2019-07-23 17:14:56 +01:00
Asger F
f3b8e39848 JS: Move JSDoc tests into JSDoc/Nodes 2019-07-23 17:13:01 +01:00
Asger F
13da242576 JS: Add GlobalAccessPaths library 2019-07-23 17:08:02 +01:00
Asger F
c97b9af4b8 JS: Add SsaExplicitDefinition.getRhsNode 2019-07-23 17:08:02 +01:00
semmle-qlci
8b60314d85 Merge pull request #1617 from asger-semmle/documentable 
Approved by xiemaisi
 2019-07-23 14:55:51 +01:00
Max Schaefer
8b3e647ae9 JavaScript: Do not taint for-in loop variable. 2019-07-23 10:52:55 +01:00
semmle-qlci
247848c931 Merge pull request #1577 from asger-semmle/infername 
Approved by xiemaisi
 2019-07-22 21:01:48 +01:00
semmle-qlci
2d82a5517f Merge pull request #1608 from asger-semmle/thisnode-basicblock 
Approved by xiemaisi
 2019-07-18 17:03:29 +01:00
Asger F
1e451bc541 JS: Restrict Expr.getDocumentation() 2019-07-18 13:14:23 +01:00
Asger F
ed56939650 JS: Add array literal elements 2019-07-18 12:56:41 +01:00
Asger F
87ceb1bbda JS: Add test for other expressions that have docs 2019-07-18 12:55:55 +01:00
Asger F
416b1b4ba8 JS: Move getDocumentation tests into one file 2019-07-18 12:54:02 +01:00
Asger F
e9c03c9820 JS: Implement getBasicBlock() for exceptional nodes 2019-07-18 10:01:28 +01:00
Asger F
44a270a43d JS: Add test 2019-07-18 09:37:45 +01:00
Asger F
cee742152d JS: Update test outputs 2019-07-17 09:16:15 +01:00
Asger F
4e77a368c3 JS: Avoid having multiple names again 2019-07-16 16:23:27 +01:00
Asger F
9408b96b9a JS: Update yet more tests 2019-07-16 16:09:29 +01:00
Asger F
7da341ba04 JS: Merge getInferredName() => getName() 2019-07-16 11:21:33 +01:00
Asger F
b2da2d2a4b JS: update tests again 2019-07-16 10:47:23 +01:00
Max Schaefer
ca36c7aa9a Revert "JavaScript: Use type tracking to identify more portal entry/exit nodes." 
This reverts commit 39c37f519d.
 2019-07-15 16:27:55 +01:00
Asger F
ab00da763d JS: Autoformat 2019-07-11 16:24:09 +01:00
Asger F
ec288c1eb1 JS: Update more expected test output 2019-07-11 16:23:48 +01:00
Asger F
c44a3b4735 JS: Add ClassDefinition.getInferredName 2019-07-11 16:19:11 +01:00
Asger F
eead67ac6d JS: Add Function.getInferredName() 2019-07-11 16:15:53 +01:00
Asger F
cf23c50f0c JS: Add convenience layer 
Adds getASpreadArgument() and defines getCalleeName() for reflective
calls to be the name of the property being invoked, if there is one.
 2019-07-11 10:55:28 +01:00
Asger F
83908464e0 JS: more taint steps through array manipulation 2019-07-11 10:55:28 +01:00
Asger F
badca07606 JS: Add test 2019-07-09 21:37:02 +01:00
semmle-qlci
c5d0abaf8a Merge pull request #1560 from asger-semmle/static-calls 
Approved by xiemaisi
 2019-07-08 16:42:32 +01:00
Asger F
6019e48917 JS: Add annotated call graph test case 2019-07-08 13:55:29 +01:00
Asger F
b63f14fe94 JS: Move CallGraphs test into subfolder 2019-07-08 12:57:34 +01:00
semmle-qlci
a6b7f2d1f6 Merge pull request #1561 from xiemaisi/js/await-sourcenode 
Approved by asger-semmle
 2019-07-08 09:44:05 +01:00
Ellen Arteca
39c37f519d JavaScript: Use type tracking to identify more portal entry/exit nodes. 2019-07-05 09:03:37 +01:00
Arthur Baars
9bf0a3f2cd Merge pull request #1547 from Semmle/rc/1.21 
Merge rc/1.21 into master
 2019-07-05 07:20:28 +02:00
semmle-qlci
298aa92814 Merge pull request #1543 from xiemaisi/js/reflective-call-flow 
Approved by asger-semmle
 2019-07-04 12:02:24 +01:00
Max Schaefer
91a718cfe5 JavaScript: Fix data flow out of reflective calls. 
We were previously missing a data-flow edge from reflected calls to the corresponding reflective call, that is, for `f.call(...)` we didn't have a flow edge from the implicit call to `f` to the result of `f.call(...)`.
 2019-07-04 08:29:04 +01:00