hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

11858 Commits

Author SHA1 Message Date
Max Schaefer
1d5bb97121 JavaScript: Refine PasswordInConfigurationFile to avoid FPs. 
We now exclude passwords that look like they might be filled in via
templating or shell substitution.
 2019-04-15 12:10:21 +01:00
Max Schaefer
ce53a7d575 Merge pull request #1175 from psygnisfive/NullSensitiveContext 
[JS] Null Sensitive Context (new library)
 2019-04-15 08:50:14 +01:00
Rebecca Valentine
fb40548be5 fixes semicolon issues 2019-04-12 10:56:31 -07:00
Rebecca Valentine
a66d1c0e09 fixes test errors 2019-04-12 10:39:34 -07:00
Rebecca Valentine
d4f2172bdc void exprs are also ok 2019-04-12 10:39:20 -07:00
Asger F
b8ec7083d4 JS: Update isBarrier test output 2019-04-12 16:35:01 +01:00
Asger F
b36075ca46 JS: step through refinements in AccessPaths 2019-04-12 11:12:50 +01:00
Asger F
720555be45 JS: Add test case 2019-04-12 11:11:26 +01:00
Esben Sparre Andreasen
9c65277b53 JS: reformulate js/incomplete-hostname-regexp with type tracking 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
5a7101481c JS: make message for js/incomplete-hostname-regexp more informative 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
d643904faf JS: improve tests for fixup js/incomplete-hostname-regexp 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
cf7d0a7ea5 JS: fixup qhelp 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
74144b0271 JS: make RegExpPatterns::commonTLD more robust 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
9eb039038e JS: update docstring example for TypeBackTracker 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
1f565bd49c JS: Introduce TypeBackTracker::step and TypeBackTracker::smallstep 2019-04-12 08:51:28 +02:00
Esben Sparre Andreasen
fd429ce639 JS: whitelist delimiter unwrapping for js/incomplete-sanitization 2019-04-12 08:38:44 +02:00
Esben Sparre Andreasen
a0ed362310 JS: add test case for js/incomplete-sanitization 2019-04-12 08:37:47 +02:00
semmle-qlci
ccbb7ce04b Merge pull request #1224 from asger-semmle/cheerio 
Approved by esben-semmle
 2019-04-11 15:21:44 +01:00
semmle-qlci
a1cc2fbed3 Merge pull request #1233 from xiemaisi/js/amd-type-inference 
Approved by asger-semmle
 2019-04-11 15:20:00 +01:00
semmle-qlci
ed5fd96603 Merge pull request #1227 from asger-semmle/typescript3.4 
Approved by xiemaisi
 2019-04-11 10:39:57 +01:00
semmle-qlci
9f13b6be18 Merge pull request #1234 from xiemaisi/js/customizations-qll 
Approved by esben-semmle
 2019-04-11 08:31:28 +01:00
Esben Sparre Andreasen
a6cf9503da Merge pull request #1235 from xiemaisi/js/include-yaml 
JavaScript: Teach AutoBuilder to extract YAML files by default.
 2019-04-11 09:28:59 +02:00
Max Schaefer
f22cb186e3 JavaScript: Teach AutoBuilder to extract YAML files by default. 2019-04-10 18:47:06 -07:00
Max Schaefer
078151f9d1 JavaScript: Add an (empty) Customizations.qll module. 
Somewhat analogous to the `Options.qll` module in C++; see module
comments for further explanation.
 2019-04-10 18:26:27 -07:00
Max Schaefer
301dab0e40 JavaScript: Improve AMD support in type inference. 
Now leverages the recently introduced logic for resolving AMD imports
based on unique matching paths.
 2019-04-10 09:47:54 -07:00
Max Schaefer
20312fc3bf JavaScript: Improve socket.io model. 
Recognise `io` imports and use type-tracking to better track handlers.
 2019-04-10 08:02:40 -07:00
Asger F
bfa6208a58 TS: Fix test output 2019-04-10 15:44:37 +01:00
Asger F
ef7bde472b TS: Fix javadoc 2019-04-10 15:33:39 +01:00
Max Schaefer
6ac72bd469 Update javascript/ql/src/semmle/javascript/TypeScript.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-10 15:33:22 +01:00
Asger F
4b4e7eb5ff TS: update trap test output 2019-04-10 13:17:15 +01:00
Asger F
d28597ffbb TS: DB upgrade script and stats 2019-04-10 13:13:46 +01:00
Esben Sparre Andreasen
b86f43be98 JS: reformulate CallToObjectDefineProperty::getAPropertyAttribute 2019-04-10 14:03:28 +02:00
Asger F
c1c7ebfc48 TS: Support const type assertions 2019-04-10 12:54:42 +01:00
Asger F
d5ae69d40a TS: Support readonly type expressions 2019-04-10 12:26:46 +01:00
Asger F
11f460c6a3 JS: Generalize KeyofTypeExpr to UnaryTypeExpr 2019-04-10 12:21:28 +01:00
Asger F
8304ce1e16 TS: Update test output with new toString value 2019-04-10 11:34:27 +01:00
Asger F
65d863f8fb TS: update to TypeScript 3.4 2019-04-10 11:18:23 +01:00
Esben Sparre Andreasen
e70413922b Update javascript/ql/src/semmle/javascript/frameworks/Cheerio.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:33 +01:00
Esben Sparre Andreasen
2113e6e4d3 Update javascript/ql/src/semmle/javascript/frameworks/Cheerio.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:19 +01:00
Esben Sparre Andreasen
ad119dae21 Update javascript/ql/src/semmle/javascript/frameworks/jQuery.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:11 +01:00
Esben Sparre Andreasen
b72c678b2c Update javascript/ql/src/semmle/javascript/frameworks/jQuery.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:01 +01:00
Asger F
bd1d9ed810 JS: Add test 2019-04-09 12:21:54 +01:00
Asger F
0fcdf91d4a JS: Add model of cheerio 2019-04-09 12:21:54 +01:00
Esben Sparre Andreasen
e7adb62288 Merge pull request #1221 from asger-semmle/contextual-typing 
TS: Extract contextual type for object/array literals
 2019-04-09 10:43:01 +02:00
Esben Sparre Andreasen
9d1f511ca0 JS: fixup missing space 2019-04-09 10:39:26 +02:00
Esben Sparre Andreasen
89596052cf JS: autoformat TypeTracking.qll 2019-04-09 10:39:26 +02:00
semmle-qlci
92acd322fc Merge pull request #1218 from esben-semmle/js/whitelist-typeconfusion-lt1-checks 
Approved by asger-semmle
 2019-04-09 01:11:34 +01:00
Rebecca Valentine
c120cca9d3 better explanation of null sensitive contexts 2019-04-08 10:12:04 -07:00
Asger F
db9fd3f721 TS: update test change 2019-04-08 15:17:40 +01:00
semmle-qlci
f54366bf95 Merge pull request #1214 from asger-semmle/taint-addexpr-phi 
Approved by esben-semmle, xiemaisi
 2019-04-08 11:55:06 +01:00