hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

11808 Commits

Author SHA1 Message Date
Asger F
9497199cbd JS: add localFieldStep 2019-02-27 14:20:47 +00:00
Asger F
b6648def19 JS: Add ClassNode.getAReceiverNode 2019-02-27 14:20:47 +00:00
Max Schaefer
9d77619afc JavaScript: Make file types customisable in AutoBuild. 
Every once in a while we encounter projects using some custom file extension for files that we could in principle extract, but since the extractor doesn't know about the extension the files are skipped.

To handle this, the legacy extractor has a `--file-type` option that one can use to specify a file type to use for all files in that particular extraction. So far, `AutoBuild` has nothing of the sort.

This PR proposes to introduce an environment variable `LGTM_INDEX_FILETYPES` to allow a similar customisation. In the fullness of time, this variable would be set through `lgtm.yml` in the usual way, but for now it is undocumented and for internal use only.

Specifically, `LGTM_INDEX_FILETYPES` is a newline-separated list of ".extension:filetype" pairs, specifying that files with the given `.extension` should be extracted as type `filetype`, where
`filetype` is one of `js`, `html`, `json`, `typescript` or `yaml`.

For example, `.jsm:js` causes all `.jsm` files to be extracted as JavaScript.

This can also be used to override default file types: for example, by specifying `.js:typescript` all JavaScript files will be extracted as TypeScript.
 2019-02-27 12:02:01 +00:00
Asger F
3d400cc57f JS: basic model of closure Promises 2019-02-27 11:58:51 +00:00
Max Schaefer
2ed37903d8 JavaScript: Include list of relevant environment variables in Javadoc for AutoBuild. 2019-02-27 11:54:59 +00:00
semmle-qlci
999e0c8b95 Merge pull request #947 from asger-semmle/string-ops-concat 
Approved by xiemaisi
 2019-02-27 09:54:46 +00:00
Max Schaefer
37a3085466 Merge pull request #993 from asger-semmle/getacallee 
JS: document new behavior of overriding InvokeNode.getACallee()
 2019-02-27 09:00:59 +00:00
Max Schaefer
6ecdb0edd5 JavaScript: Allow first expression in array literal to be an in expression. 2019-02-27 08:58:28 +00:00
Max Schaefer
0648d7aa09 JavaScript: Sharpen result type of getAReceivedItem. 2019-02-27 08:51:43 +00:00
Max Schaefer
cd9ccd4c8d Merge pull request #983 from asger-semmle/closure-global-ref 
JS: add closure library in globalObjectRef
 2019-02-26 16:55:58 +00:00
Max Schaefer
db5fbe29a3 Merge pull request #941 from esben-semmle/js/vue-support-2 
JS: Vue security improvements
 2019-02-26 16:49:38 +00:00
Asger F
eaf3f52372 JS: document new behavior of overriding InvokeNode.getACallee() 2019-02-26 16:09:19 +00:00
Max Schaefer
739705865b JavaScript: Add basic model of socket.io. 2019-02-26 15:53:29 +00:00
semmle-qlci
86e646beb4 Merge pull request #975 from asger-semmle/global-closure-dataflow 
Approved by esben-semmle
 2019-02-26 13:57:39 +00:00
Asger F
29d2d620e4 JS: add taint step through object/array spread operators 2019-02-26 11:43:59 +00:00
Esben Sparre Andreasen
f9111f68e9 Update javascript/ql/src/semmle/javascript/dataflow/TypeInference.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-02-26 11:11:44 +01:00
Asger F
6b9157540b JS: mark globalFlowPred as internal 2019-02-26 09:56:22 +00:00
semmle-qlci
681ff0f39c Merge pull request #977 from asger-semmle/extend-test-version 
Approved by xiemaisi
 2019-02-26 09:55:41 +00:00
semmle-qlci
74a4103857 Merge pull request #976 from asger-semmle/closure-import-deep 
Approved by esben-semmle
 2019-02-26 09:34:04 +00:00
semmle-qlci
00d490e84d Merge pull request #945 from asger-semmle/extensible-module-import 
Approved by xiemaisi
 2019-02-26 09:26:28 +00:00
Esben Sparre Andreasen
9511bdf6ae JS: address review comment 2019-02-26 10:07:00 +01:00
Max Schaefer
c2a5350bf2 Merge pull request #982 from asger-semmle/closure-string-lib 
JS: model string functions from closure library
 2019-02-26 08:26:14 +00:00
Asger F
93440014a0 JS: only propagate through first argument of truncate() 2019-02-25 17:11:55 +00:00
Asger F
d45f670646 JS: remove duplicate modelling of urlDecode/urlEncode 2019-02-25 17:04:56 +00:00
Asger F
29de1411b7 JS: remove restriction on truncate calls 2019-02-25 17:00:47 +00:00
Asger F
50e8f83ad5 JS: use globalVarRef/SourceNode instead 2019-02-25 16:54:45 +00:00
Asger F
8354909d46 JS: add closure library in globalObjectRef 2019-02-25 16:45:47 +00:00
Asger F
d70d0e21cc JS: add format function 2019-02-25 16:30:44 +00:00
Asger F
fab0afd755 JS: model string functions from closure library 2019-02-25 16:08:47 +00:00
Esben Sparre Andreasen
8e01ccd892 JS: fix docstring: s/node1/pred + s/node2/succ 2019-02-25 16:51:30 +01:00
semmle-qlci
58cc8d0ecc Merge pull request #936 from xiemaisi/js/revive-electron-support 
Approved by esben-semmle
 2019-02-25 15:23:20 +00:00
Esben Sparre Andreasen
ab1b1c1431 JS: update docstring 2019-02-25 16:11:35 +01:00
Esben Sparre Andreasen
4dc147d506 JS: rename CapturedSource -> LocalObject (files) 2019-02-25 16:09:07 +01:00
Asger F
050626aca0 JS: remove audit alerts from package.json 2019-02-25 15:04:47 +00:00
Esben Sparre Andreasen
66367987af JS: rename CapturedSource -> LocalObject 2019-02-25 16:04:37 +01:00
Esben Sparre Andreasen
65fb1423b7 JS: format test case (update expected output) 2019-02-25 15:55:44 +01:00
Esben Sparre Andreasen
1150f4c02b JS: add documentation to test case 2019-02-25 15:52:23 +01:00
Esben Sparre Andreasen
0d94fe3f54 JS: analyze assignments in with correctly 2019-02-25 15:32:17 +01:00
Esben Sparre Andreasen
047b69a4c2 JS: address review comments 2019-02-25 15:19:00 +01:00
Esben Sparre Andreasen
46a1c75549 Merge pull request #973 from xiemaisi/js/remove-package-json 
JavaScript: Delete an unused `package.json` in a test.
 2019-02-25 14:05:22 +01:00
Asger F
7d14429dce JS: handle deeper access paths in Closure::moduleImport 2019-02-25 12:31:18 +00:00
Asger F
2f6496f6bd JS: add test with undeclared nested access 2019-02-25 12:27:36 +00:00
semmle-qlci
c31ccbc114 Merge pull request #925 from asger-semmle/closure-reorg 
Approved by xiemaisi
 2019-02-25 12:02:00 +00:00
Esben Sparre Andreasen
b0358d7d11 JS: autoformat 2019-02-25 12:44:55 +01:00
Asger F
707886f259 JS: minor qldoc fixes 2019-02-25 11:31:09 +00:00
Asger F
b31d7d1f5f JS: add test case 2019-02-25 11:31:09 +00:00
Asger F
eab034ccfd JS: add ModuleImportNode::Range 2019-02-25 11:31:08 +00:00
Asger F
e9bc728919 JS: fixes in qldoc 2019-02-25 11:26:12 +00:00
Esben Sparre Andreasen
97edfc5524 JS: address review comments 2019-02-25 12:17:56 +01:00
Esben Sparre Andreasen
80a716f3b3 JS: fixup visibility of DataFlow::HtmlAttributeNode 2019-02-25 12:17:56 +01:00