hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

11808 Commits

Author SHA1 Message Date
Max Schaefer
7e3adec789 Merge pull request #135 from esben-semmle/js/pick-get-taint-steps 
JS: model property projection calls (RC)
 2018-09-03 08:17:42 +01:00
Max Schaefer
69ca103e06 Merge pull request #115 from esben-semmle/js/composed-function-taint 
JS: model composed functions
 2018-08-31 08:14:18 +01:00
Max Schaefer
7e18426fde Merge pull request #113 from esben-semmle/js/pick-get-taint-steps 
JS: model property projection calls
 2018-08-31 08:13:40 +01:00
Esben Sparre Andreasen
90b3902244 JS: add a taint step for property projection 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
df97132519 JS: add model for property projection 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
86ab9adb06 JS: support push and sort taint steps for arrays 2018-08-30 09:14:06 +02:00
Esben Sparre Andreasen
dc72788746 JS: add a model of some function composition libraries 2018-08-30 08:17:01 +02:00
semmle-qlci
d22a65a66b Merge pull request #108 from esben-semmle/js/classify-generated-data-files 
Approved by xiemaisi
 2018-08-29 14:15:55 +01:00
Esben Sparre Andreasen
02d56306c9 JS: classify generated data files 2018-08-27 15:06:00 +02:00
Dave Bartolomeo
d920fc7d94 Force LF line endings for .ql, .qll, and .qlref files 2018-08-24 11:58:58 -07:00
semmle-qlci
55ceb9be8b Merge pull request #91 from esben-semmle/js/additional-indexof-sanitizers 
Approved by xiemaisi
 2018-08-24 08:37:41 +01:00
Esben Sparre Andreasen
a1d79ef906 JS: make the new .*indexOfSanitizer-classes private 2018-08-23 15:59:27 +02:00
Esben Sparre Andreasen
2b41f62eb0 JS: introduce RelationalComparison.isInclucive 2018-08-23 14:51:39 +02:00
Max Schaefer
2187b0c245 Merge pull request #89 from esben-semmle/js/sharpen-type-confusion 
JS: remove emptiness checks from the type confusion `x.length` sinks
 2018-08-23 08:04:09 +01:00
Esben Sparre Andreasen
20b48a2d24 JS: support relational indexof comparison sanitizers 2018-08-22 15:58:47 +02:00
Esben Sparre Andreasen
b4c77b8344 JS: s/can not/cannot/ 2018-08-22 14:08:14 +02:00
Esben Sparre Andreasen
218c0cb51a JS: address review comments 2018-08-22 13:54:07 +02:00
Esben Sparre Andreasen
fef257b1ec JS: remove emptiness checks from the type confusion x.length sinks 2018-08-22 13:25:22 +02:00
Asger F
35aa2e6fbb TypeScript: update test output 2018-08-22 10:18:38 +01:00
Asger F
1569f73ed8 TypeScript: update stats 2018-08-22 10:18:38 +01:00
Asger F
4eeaf63a3a TypeScript: update related test output 2018-08-22 10:18:38 +01:00
Asger F
d26aa04642 TypeScript: support optional and rest elements in static tuple type 2018-08-22 10:18:38 +01:00
Asger F
96005d2147 TypeScript: support unknown static type 2018-08-22 10:18:38 +01:00
Asger F
9a9bbac99e TypeScript: support syntax for unknown types 2018-08-22 10:18:38 +01:00
Asger F
4a9eb0fd3f TypeScript: Add tests for OptionalTypeExpr and RestTypeExpr 2018-08-22 10:18:38 +01:00
Asger F
241ce10da4 TypeScript: support syntax for rest elements in tuple types 2018-08-22 10:18:38 +01:00
Asger F
204b2a3002 TypeScript: support syntax for optional tuple type elements 2018-08-22 10:18:38 +01:00
semmle-qlci
7e7e30c01c Merge pull request #73 from esben-semmle/js/cleartext-logging-query 
Approved by xiemaisi
 2018-08-22 08:04:36 +01:00
semmle-qlci
7661a98909 Merge pull request #68 from esben-semmle/determinate-1-cfa-type-inference 
Approved by xiemaisi
 2018-08-22 08:02:27 +01:00
Esben Sparre Andreasen
2b9f5c3fa2 JS: remove check for test-environment in js/clear-text-logging 2018-08-21 22:32:52 +02:00
Esben Sparre Andreasen
3636708d30 JS: extract and expose StringConcatenationTaintStep in TaintTracking 2018-08-21 22:32:52 +02:00
Esben Sparre Andreasen
7607b6beff JS: use DataFlow::SourceNode in two additional locations 2018-08-21 22:32:52 +02:00
Esben Sparre Andreasen
6950bfe915 JS: review fixups in documentation and comments 2018-08-21 22:32:52 +02:00
Esben Sparre Andreasen
605695e117 JS: review fixups in documentation 2018-08-21 22:08:10 +02:00
Esben Sparre Andreasen
19e5db75a3 JS: make AnalyzedFunction public and move getAReturnValue there 2018-08-21 22:08:10 +02:00
Esben Sparre Andreasen
ac947f10e7 JS: address some review comments 2018-08-21 22:08:08 +02:00
Esben Sparre Andreasen
6f5fb2a9fe JS: update queries and tests for improved type inference 2018-08-21 22:07:38 +02:00
Esben Sparre Andreasen
3692667af2 JS: improve inter-procedural type inference for "local functions" 2018-08-21 22:07:11 +02:00
Esben Sparre Andreasen
4e45ad2d5a JS: generalize inter procedural IIFE type inference 2018-08-21 21:59:30 +02:00
Esben Sparre Andreasen
eb356d8d0b Merge branch 'master' into js/format-string-taint-step 2018-08-21 15:47:31 +02:00
semmle-qlci
6969466202 Merge pull request #83 from esben-semmle/js/bitwise-indexof-sanitizer 
Approved by xiemaisi
 2018-08-21 14:17:20 +01:00
semmle-qlci
a01a453045 Merge pull request #78 from xiemaisi/js/remove-old-test 
Approved by esben-semmle
 2018-08-21 09:04:52 +01:00
Esben Sparre Andreasen
2d63524f83 JS: explain sanitizer equivalence 2018-08-21 09:54:32 +02:00
Esben Sparre Andreasen
bbdf6b0f1d JS: mark PrintfStyleCall as a taint step 2018-08-21 09:02:35 +02:00
Esben Sparre Andreasen
c058b91587 JS: extract PrintfStyleCall out of TaintedFormatString 2018-08-21 09:02:35 +02:00
Esben Sparre Andreasen
be8a32bb18 JS: add sanitizer support for ~whitelist.indexOf(x) 2018-08-20 20:32:57 +02:00
Max Schaefer
46ef208e09 JavaScript: Remove spurious test file. 2018-08-20 15:02:51 +01:00
semmle-qlci
e1f3637b66 Merge pull request #75 from asger-semmle/server-side-url-redirect-performance 
Approved by xiemaisi
 2018-08-20 14:53:16 +01:00
semmle-qlci
0adeef73ff Merge pull request #74 from xiemaisi/js/multi-step-export-from 
Approved by asger-semmle
 2018-08-20 12:36:26 +01:00
Max Schaefer
b2e304951e Merge branch 'master' into ts-typescript2.9 2018-08-20 08:14:58 +01:00