hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

11808 Commits

Author SHA1 Message Date
Max Schaefer
8bb91bf001 JavaScript: Autoformat. 2019-03-29 08:30:05 +00:00
Max Schaefer
41a3ad3f82 JavaScript: Tweak some regexes in Files.qll. 
It seems preferable to use the same regex everywhere, even if it's overly general for a few cases.
 2019-03-29 08:30:05 +00:00
Max Schaefer
f5279b2a1d JavaScript: Resolve AMD imports based on absolute paths if there is only a single candidate. 2019-03-29 08:30:05 +00:00
Max Schaefer
b29b3dff4d JavaScript: Use proper camel-case for AMD-related class names. 2019-03-29 08:14:07 +00:00
Max Schaefer
d541bd58fb JavaScript: Unify (most) overrides of getAnImportedModule. 2019-03-29 08:11:29 +00:00
Max Schaefer
6a78e37d93 JavaScript: Make AMD dependencies Imports. 2019-03-29 08:11:29 +00:00
Asger F
4908902f47 JS: Update to use TypeTracker::end() 2019-03-28 15:26:55 +00:00
Asger F
365db0ff1f JS: track document and dom values using type tracking 2019-03-28 15:24:00 +00:00
semmle-qlci
35ea746045 Merge pull request #1172 from asger-semmle/hostname-prefix-sanitizer 
Approved by xiemaisi
 2019-03-28 11:55:10 +00:00
Max Schaefer
c097031c7e JavaScript: Fix uses of TypeTracker with custom flow steps. 
These steps need to check that the type hasn't been tracked into a property.
 2019-03-28 10:33:04 +00:00
Max Schaefer
b2faac30c9 JavaScript: Add a few missing doc comments. 2019-03-28 10:12:08 +00:00
Rebecca Valentine
e4c5fd4f61 autoformats 2019-03-27 17:12:10 -07:00
Rebecca Valentine
a049d9a4c6 moves lib to right place 2019-03-27 16:58:33 -07:00
Rebecca Valentine
2d3c522efc cleans up naming conventions 2019-03-27 16:57:35 -07:00
Rebecca Valentine
336eb9dcf3 adds initial qll 2019-03-27 16:31:49 -07:00
Asger F
99dc2435af JS: update test 2019-03-27 15:03:04 +00:00
Asger F
0eb9231cb1 JS: Make use of TypeTracker::end() 2019-03-27 13:25:01 +00:00
Asger F
208bcd438b JS: Make type-tracking predicates private 2019-03-27 13:21:45 +00:00
Asger F
7bfad8c360 JS: trailing whitespace 2019-03-27 13:21:45 +00:00
Asger F
9bbdf84e5d JS: missing qldoc 2019-03-27 13:21:45 +00:00
Asger F
28a776a82b JS: dataflow -> data flow 2019-03-27 13:21:45 +00:00
Asger F
c0b58f6b09 JS: Capitalize Firebase in comments 2019-03-27 13:21:45 +00:00
Asger F
99cc09df8c JS: use TypeBackTracker where appropriate 2019-03-27 13:21:45 +00:00
Asger F
42c0efd549 JS: add test 2019-03-27 13:21:45 +00:00
Asger F
ad592d7cd1 JS: handle .after and .before 2019-03-27 13:21:45 +00:00
Asger F
0401b26b48 JS: handle CloudFunctions 2019-03-27 13:21:45 +00:00
Asger F
49a746b87a JS: handle Reference.transaction() 2019-03-27 13:21:45 +00:00
Asger F
f554f859aa JS: handle 'firebase-admin' package 2019-03-27 13:21:45 +00:00
Asger F
e0c06cb518 JS: handle Query methods 2019-03-27 13:21:45 +00:00
Asger F
06b0851072 JS: Add Firebase model 2019-03-27 13:21:45 +00:00
semmle-qlci
86040575b1 Merge pull request #1161 from esben-semmle/js/classify-mode-html 
Approved by xiemaisi
 2019-03-27 12:56:04 +00:00
Asger F
d4c7312d80 JS: more sanitizing prefixes 2019-03-27 11:22:31 +00:00
Asger F
50f2afb622 JS: add test 2019-03-27 11:20:39 +00:00
Max Schaefer
3e16d16525 JavaScript: Make type tracking-related parameter and predicate names more consistent. 2019-03-26 13:00:09 +00:00
Max Schaefer
bf04664bd7 Update javascript/ql/src/semmle/javascript/GeneratedCode.qll 
Co-Authored-By: esben-semmle <42067045+esben-semmle@users.noreply.github.com>
 2019-03-26 10:01:24 +01:00
Esben Sparre Andreasen
3cd93129a6 JS: classify HTML files with > 20 elements on a line as generated 2019-03-26 08:03:56 +01:00
Max Schaefer
c50067b597 JavaScript: Refactor type tracking to avoid computing very large relations. 2019-03-25 20:38:58 +00:00
Max Schaefer
084159dcfd JavaScript: Teach type trackers to track flow through one level of properties. 2019-03-25 20:38:58 +00:00
Max Schaefer
9fbc0eb717 JavaScript: Switch from path summaries to step summaries for type tracking. 
This is sufficient since we are not doing summarisation.
 2019-03-25 20:37:05 +00:00
Max Schaefer
8e926333a9 JavaScript: Simplify a few newtypes and remove unused predicates. 2019-03-25 16:57:46 +00:00
Max Schaefer
55394df96f JavaScript: Refactor HTTP libraries to use type tracking instead of tracked nodes. 2019-03-25 16:57:46 +00:00
Max Schaefer
74db8b1979 JavaScript: Use type tracking instead of tracked nodes in Express. 2019-03-25 16:57:46 +00:00
Max Schaefer
276f216ef9 JavaScript: Use type tracking to improve modelling of socket.io. 2019-03-25 16:57:46 +00:00
Max Schaefer
4702790696 JavaScript: Refactor AMD/CommonJS path expression analysis to avoid bad magic. 2019-03-25 16:57:46 +00:00
Max Schaefer
0e0fe2545d JavaScript: Refactor Closure::isTopLevelExpr to avoid unhelpful magic. 2019-03-25 16:57:46 +00:00
Max Schaefer
c17f4d7d41 JavaScript: Cache SourceNode::track and SourceNode::backtrack. 2019-03-25 16:57:46 +00:00
Max Schaefer
2b778afdf5 JavaScript: Cache a bunch of flow steps to avoid recomputation. 2019-03-25 16:57:46 +00:00
Esben Sparre Andreasen
4ab3407726 JS: add classification test cases 2019-03-25 10:45:44 +01:00
Esben Sparre Andreasen
335a969946 JS: fix performance in ObjectDefinePropertyAsPropWrite::getRhs 2019-03-22 12:29:34 +01:00
Max Schaefer
8c460ae385 Merge remote-tracking branch 'upstream/master' into rc/1.20-merge-master 
Conflict in `javascript/extractor/src/com/semmle/js/extractor/Main.java` resolved
in favour of `master`.
 2019-03-21 14:46:29 +00:00