hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

2976 Commits

Author SHA1 Message Date
Asger F
2cbba65617 JS: Sync with JS 
fixup JS
 2022-09-06 09:30:02 +02:00
Erik Krogh Kristensen
4e14177614 fix typo in change-note 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
54eb0414cb rename an upper-cased acronym 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
90bc8a5038 run the explicit-this patch on javascript/ 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
b398f968e2 expand change-note to mention classes that have a changed basetype 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
e64f96c1ce rewrite the change-note to emphasise that the change is potentially breaking 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
26f5643f3e update the deprecation notice of RouteExpr such that it points to public APIs 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
e387ebaedd add domNode.innerHTML += sink as a DOM sink 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
74a79f8622 simplify int check 
Co-authored-by: Asger F <asgerf@github.com>
 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
73a936104a fix typo in qldoc 
Co-authored-by: Asger F <asgerf@github.com>
 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
833480d5c5 add change note 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
5b61db9fd3 refactor miscellaneous expression uses to dataflow nodes 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
6697dd1396 rewrite some expression based predicates in TaintTracking.qll 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
b4968eb645 refactor the SensitiveExpr to be a dataflow node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
0c4f08c841 refactor the CredentialsExpr to be a dataflow node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
c5b1588096 update the SQL/NoSQL models to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
4d0534352e refactor a use of MethodCallExpr in ClientSideUrlRedirectCustomizations.qll 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
e0e8085b95 update the cryptoLibraries to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
aa9261f1b1 convert the AngularJS model to use DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
9bea110d24 convert the DOM model to use DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
2f429e7d29 convert some leftovers to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
136124fbaa convert the remaining Koa models to DataFlow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
fc54ba823b update the existing expression based Express models 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
8266b083d7 update the predicates on Express::RouteHandler to use dataflow nodes 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
4cfbf15d18 deprecate RouteHandlerExpr and make RouteHandlerNode instead 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
3da34ca7a0 update Express::RouteExpr to a DataFlow::Node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
3eb486610b update Express::RouterDefinition to a DataFlow::InvokeNode 2022-09-05 16:11:51 +02:00
Erik Krogh Kristensen
dfb7782be0 replace getA?RouteHandlerExpr with getA?RouteHandlerNode 2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen
30d929909c deprecate RequestExpr and ResponseExpr and use ResponseNode and RequestNode instead 2022-09-05 15:46:25 +02:00
Erik Krogh Kristensen
9cb7522bc1 change RouteSetup to a DataFlow::Node 2022-09-05 15:45:31 +02:00
Erik Krogh Kristensen
d98028be1a change ServerDefinition to a DataFlow::Node 2022-09-05 15:44:56 +02:00
Erik Krogh Kristensen
ced4843dd7 change CookieDefinition to a DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
24b845589d change ResponseBody to a DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
19e808186d refactor definesExplicitly to use DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
ce0175a046 don't use astNode in StandardHeaderDefinition 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
d4ccc75ce1 refactor RedirectInvocation to a DataFlow::Node 2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen
a03e6a800d deprecate the HTTP flowsTo predicates to avoid confusion with SourceNode::flowsTo 2022-09-05 15:44:12 +02:00
erik-krogh
aa56ca37ae make the alert messages of taint-tracking queries more consistent 2022-09-05 14:04:52 +02:00
erik-krogh
a86a940df7 add getRepr() and toString() on RelevantState 2022-09-05 13:27:34 +02:00
erik-krogh
3f1cb04f3e sync files 2022-09-05 11:22:34 +02:00
Asger F
56bbba2241 JS: Sync with JS 2022-09-03 13:51:02 +02:00
Asger F
55fdf84d15 Ruby+JS: change LabelEntryPoint.toString() 
fixup Ruby entry point tests
 2022-09-03 13:24:45 +02:00
erik-krogh
c38062ce93 convert RelevantState to a class in the PrefixConstruction module 2022-09-02 20:26:31 +02:00
Edoardo Pirovano
8f332714f4 Merge pull request #10260 from github/edoardo/3.7-mergeback 
Merge `rc/3.7` into `main`
 2022-09-01 15:44:17 +01:00
Ian Lynagh
7dc5bdafe3 Merge pull request #10186 from github/post-release-prep/codeql-cli-2.10.4 
Post-release preparation for codeql-cli-2.10.4
 2022-08-31 17:29:57 +01:00
Asger F
32c8688805 JS: Make API graph more sparse for escaping class instance members 2022-08-30 20:24:55 +02:00
Asger F
5ad6c05a9c Merge pull request #10205 from asgerf/mad-generics 
Support type variables in MaD typings
 2022-08-30 18:07:39 +02:00
Erik Krogh Kristensen
72942afe3e Merge pull request #10220 from erik-krogh/overlapsWithNothing 
print a correct range for ranges that doesn't contain any alpha-numeric chars
 2022-08-30 15:38:34 +02:00
Asger F
b107dd6855 Fix typo: receiver step -> type step 2022-08-30 14:08:33 +02:00
Asger F
f8b1aa7e7e Also apply type step in getNodeFromSubPath 2022-08-30 14:08:33 +02:00