Esben Sparre Andreasen
|
33a297c829
|
JS: add query: js/useless-assignment-to-property
|
2018-11-08 13:23:19 +01:00 |
|
Esben Sparre Andreasen
|
6ee47c437e
|
JS: generalize and move DeadStoreOfLocal.qhelp to DeadStore.qhelp
|
2018-11-08 13:23:19 +01:00 |
|
Esben Sparre Andreasen
|
cacb8fdee0
|
JS: move DeadStoreOfLocal::isDefaultInit to separate module
|
2018-11-08 13:23:19 +01:00 |
|
semmle-qlci
|
3c49bc6e67
|
Merge pull request #407 from asger-semmle/email-xss
Approved by xiemaisi
|
2018-11-08 10:53:10 +00:00 |
|
semmle-qlci
|
29cabc0e09
|
Merge pull request #424 from esben-semmle/js/syntactic-nullOrUndefined
Approved by asger-semmle
|
2018-11-08 10:52:44 +00:00 |
|
semmle-qlci
|
990c7e057f
|
Merge pull request #419 from xiemaisi/js/fix-mixed-whitespace
Approved by esben-semmle
|
2018-11-07 23:47:48 +00:00 |
|
Aditya Sharad
|
ed49c623f1
|
Version: Bump to 1.18.2 release.
|
2018-11-07 14:36:40 +00:00 |
|
Esben Sparre Andreasen
|
0afbea968c
|
Merge pull request #421 from xiemaisi/js/open-source-extractor
JavaScript: Open-source extractor
|
2018-11-07 15:13:27 +01:00 |
|
Asger F
|
e0d5557ef4
|
JS: add email HTML body as XSS sink
|
2018-11-07 11:31:40 +00:00 |
|
Esben Sparre Andreasen
|
f0343d0678
|
JS: use isUserControlledObject in js/type-confusion-through-parameter-tampering
|
2018-11-07 12:18:46 +01:00 |
|
Esben Sparre Andreasen
|
a2df4f9bfe
|
JS: mark Koa params as user-controlled objects
|
2018-11-07 12:18:46 +01:00 |
|
Aditya Sharad
|
194042348a
|
Eclipse plugins: Remove plugin metadata.
This is only needed to build QL for Eclipse, and will be moved into the internal Semmle repository.
|
2018-11-07 11:01:05 +00:00 |
|
Max Schaefer
|
b058854964
|
JavaScript: Teach type inference about AMD imports.
|
2018-11-07 09:18:21 +00:00 |
|
Max Schaefer
|
22640f891e
|
JavaScript: Make lodash/underscore recognition extensible.
|
2018-11-07 09:02:17 +00:00 |
|
Esben Sparre Andreasen
|
e6a190c06e
|
JS: replace .stripParens query uses w. .getUnderlyingReference
|
2018-11-07 09:32:02 +01:00 |
|
Esben Sparre Andreasen
|
f04293f73c
|
JS: replace .stripParens library uses w. .getUnderlyingReference
|
2018-11-07 09:32:02 +01:00 |
|
Esben Sparre Andreasen
|
43e215c7af
|
JS: replace .stripParens query uses w. .getUnderlyingValue
|
2018-11-07 09:32:02 +01:00 |
|
Esben Sparre Andreasen
|
030d9202de
|
JS: replace .stripParens library uses w. .getUnderlyingValue
|
2018-11-07 09:32:02 +01:00 |
|
semmle-qlci
|
4225e0bb44
|
Merge pull request #356 from asger-semmle/parameter-node
Approved by xiemaisi
|
2018-11-07 08:31:05 +00:00 |
|
semmle-qlci
|
2457eb98df
|
Merge pull request #166 from asger-semmle/documentable-self-assign
Approved by esben-semmle, xiemaisi
|
2018-11-07 08:30:17 +00:00 |
|
semmle-qlci
|
c20e24d549
|
Merge pull request #385 from asger-semmle/async-model
Approved by xiemaisi
|
2018-11-07 08:28:37 +00:00 |
|
semmle-qlci
|
282d1e2096
|
Merge pull request #404 from asger-semmle/useless-conditional2
Approved by xiemaisi
|
2018-11-07 08:28:01 +00:00 |
|
Max Schaefer
|
212a78b5fc
|
Merge pull request #323 from esben-semmle/js/always-return-type-inference
JS: additional return type inference
|
2018-11-07 08:25:28 +00:00 |
|
Max Schaefer
|
f75ce7a6ef
|
JavaScript: Fix project layout for trap tests.
|
2018-11-07 07:48:25 +00:00 |
|
Max Schaefer
|
4c4920c3a9
|
JavaScript: Open-source extractor.
|
2018-11-07 07:48:25 +00:00 |
|
Max Schaefer
|
5ffe45a80b
|
JavaScript: Fix mixed tabs/spaces in qhelp.
|
2018-11-07 07:40:51 +00:00 |
|
Esben Sparre Andreasen
|
a79a6a07b8
|
JS: stop tracking properties of object literals
|
2018-11-06 16:04:46 +01:00 |
|
Esben Sparre Andreasen
|
a07c094437
|
JS: introduce TypeInferredCalleeWithAnalyzedReturnFlow
|
2018-11-06 16:04:46 +01:00 |
|
Esben Sparre Andreasen
|
fef3573152
|
JS: use global layer in AnalyzedNode::getABooleanValue and -getAType
|
2018-11-06 16:04:46 +01:00 |
|
Asger F
|
1252cde7f3
|
JS: remove a comma
|
2018-11-06 12:24:34 +00:00 |
|
Asger F
|
dcf6218d1d
|
JS: update test expectations
|
2018-11-06 12:22:05 +00:00 |
|
Asger F
|
c991d67fcb
|
JS: fix typos
|
2018-11-06 12:12:43 +00:00 |
|
Asger F
|
460521616c
|
JS: rename getIteratee to getIteratorCallback
|
2018-11-06 12:12:43 +00:00 |
|
Asger F
|
97d65fb82f
|
JS: fix bad join ordering
|
2018-11-06 12:12:43 +00:00 |
|
Asger F
|
b40fa3845f
|
JS: add model of async package
|
2018-11-06 12:12:43 +00:00 |
|
Aditya Sharad
|
553c2f5d34
|
Merge master into next.
As of 2846d80f1c.
|
2018-11-06 11:52:51 +00:00 |
|
semmle-qlci
|
76475fef3b
|
Merge pull request #406 from xiemaisi/js/configuration-fiddling
Approved by asger-semmle
|
2018-11-06 11:51:12 +00:00 |
|
Asger F
|
87e0027974
|
JS: address comments
|
2018-11-06 10:29:04 +00:00 |
|
Asger F
|
56707fc79a
|
JS: recognize more conditionals in useless-conditional
|
2018-11-06 10:28:05 +00:00 |
|
Esben Sparre Andreasen
|
651f32514b
|
JS: use 'Util::describeExpression' in js/trivial-conditional
|
2018-11-05 13:00:07 +01:00 |
|
Esben Sparre Andreasen
|
4e54af3b41
|
JS: introduce 'Util::describeExpression'
|
2018-11-05 12:58:12 +01:00 |
|
Asger F
|
e670919807
|
JS: mention @type tag in qhelp
|
2018-11-05 11:31:32 +00:00 |
|
Asger F
|
e39b0c7a75
|
JavaScript: address comments
|
2018-11-05 11:31:02 +00:00 |
|
Asger F
|
4f4ad2b942
|
JavaScript: ignore self-assignments with a JSDoc comment
|
2018-11-05 11:31:02 +00:00 |
|
semmle-qlci
|
b743ee4179
|
Merge pull request #314 from esben-semmle/js/json-stringify-as-command-line-injection-source-heuristic
Approved by xiemaisi
|
2018-11-05 07:37:36 +00:00 |
|
Aditya Sharad
|
3483245870
|
Merge rc/1.18 into master.
As of 3291a30bf4.
|
2018-11-02 09:54:50 +00:00 |
|
Max Schaefer
|
e77ea62179
|
JavaScript: Tweak storeStep predicate.
|
2018-11-01 21:24:16 -04:00 |
|
Max Schaefer
|
94bba88080
|
JavaScript: Avoid unhelpful magic.
|
2018-11-01 21:22:51 -04:00 |
|
Max Schaefer
|
a72507a621
|
JavaScript: Remove a pragma[noopt].
|
2018-11-01 21:22:03 -04:00 |
|
Aditya Sharad
|
3291a30bf4
|
Version: Bump to 1.18.2 dev.
|
2018-11-01 18:46:56 +00:00 |
|