hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

5030 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
73aa223b08 JS: handle additional multi-license file patterns 2018-12-11 09:55:38 +01:00
Max Schaefer
4d186e0edc JavaScript: Teach Unused{Variable,Parameter} to ignore variables with leading underscore. 2018-12-11 08:50:50 +00:00
Esben Sparre Andreasen
edbef289a7 JS: improve whitespace handling for multi-license file recognition 2018-12-11 09:30:10 +01:00
Esben Sparre Andreasen
e016098f86 JS: support purs classification 2018-12-11 09:17:01 +01:00
Esben Sparre Andreasen
3879e57f18 JS: support <meta name="generator"/> classification 2018-12-11 09:12:39 +01:00
Esben Sparre Andreasen
a295dfd2c5 JS: support AutoRest classification 2018-12-11 08:54:19 +01:00
Esben Sparre Andreasen
ab519d4abf JS: rename query 
"Incomplete URL regular expression" -> "Incomplete regular expression for hostnames".
 2018-12-10 22:22:54 +01:00
Esben Sparre Andreasen
994fe1bea5 JS: address non-semantic review comments 2018-12-10 22:21:02 +01:00
Esben Sparre Andreasen
d4e4bc6a0b JS: sharpen js/incomplete-url-regexp by not matching .* or .+ 2018-12-10 22:21:02 +01:00
Esben Sparre Andreasen
52ca696ff4 JS: add query js/incomplete-url-regexp 2018-12-10 22:20:29 +01:00
Aditya Sharad
fcfab26267 Merge rc/1.19 into next. 2018-12-07 12:31:51 +00:00
semmle-qlci
9e73ed71b9 Merge pull request #623 from esben-semmle/js/incomplete-url-sanitization 
Approved by mc-semmle
 2018-12-06 20:46:37 +00:00
Esben Sparre Andreasen
4f53411397 JS: recognize HTTP URLs in js/incomplete-url-sanitization 2018-12-06 15:53:20 +01:00
Esben Sparre Andreasen
229eea00dc JS: add query js/incomplete-url-substring-sanitization 2018-12-06 15:53:20 +01:00
semmle-qlci
3397533045 Merge pull request #628 from xiemaisi/js/setUnsafeHTML 
Approved by esben-semmle
 2018-12-06 13:58:52 +00:00
Esben Sparre Andreasen
45b207c21b JS: introduce models of three cookie libraries 2018-12-06 14:53:22 +01:00
Esben Sparre Andreasen
28b4a78430 JS: introduce DOM::PersistentWebStorage 2018-12-06 14:53:22 +01:00
Max Schaefer
ef347b3870 JavaScript: Teach Xss query about WinJS HTML injection functions. 2018-12-06 09:13:21 +00:00
Max Schaefer
22502e7a10 JavaScript: Add query help for FileAccessToHttp query. 2018-12-05 13:12:52 +00:00
Max Schaefer
92c1e655dd JavaScript: Add query help for HttpToFileAccess query. 2018-12-05 12:58:38 +00:00
Max Schaefer
7ee0ba36af JavaScript: Fix expected test output. 2018-12-05 10:14:25 +00:00
Max Schaefer
3c00d4be6d Merge pull request #607 from esben-semmle/js/more-react-methods 
JS: model additional React component methods
 2018-12-05 08:00:16 +00:00
Esben Sparre Andreasen
d63d838534 JS: add regression test for ODASA-7506 2018-12-04 22:22:46 +01:00
semmle-qlci
d05b11f00d Merge pull request #587 from asger-semmle/incorrect-suffix-check 
Approved by mc-semmle, xiemaisi
 2018-12-04 16:18:42 +00:00
Aditya Sharad
3caf4e52a7 Merge rc/1.19 into next. 2018-12-04 12:39:41 +00:00
Esben Sparre Andreasen
a342fa36c6 JS: support React getSnapshotBeforeUpdate 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
67b1487384 JS: support React shouldComponentUpdate 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
417dac7ad6 JS: support React getDerivedStateFromProps 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
0d62191d84 JS: add more React tests 2018-12-04 10:48:35 +01:00
semmle-qlci
3d058a2895 Merge pull request #603 from xiemaisi/js/fix-inconsistent-new 
Approved by asger-semmle, esben-semmle
 2018-12-03 16:48:55 +00:00
semmle-qlci
b58c263fd0 Merge pull request #602 from esben-semmle/js/additional-route-handlers-from-context 
Approved by xiemaisi
 2018-12-03 14:31:10 +00:00
Max Schaefer
8627ddbe4b JavaScript: Adjust alert message. 2018-12-03 12:38:00 +00:00
Asger F
374f7ab65d JS: address comments 2018-12-03 11:23:02 +00:00
Asger F
0462eb4b50 JS: add IncorrectSuffixCheck query 2018-12-03 11:23:02 +00:00
Esben Sparre Andreasen
a3bd072590 JS: add Hapi::RouteHandlerCandidate 2018-12-03 09:22:21 +01:00
Max Schaefer
52b8a6bb56 Merge branch 'master' into js/invalid-entity-transcoding 2018-11-30 16:49:20 +00:00
Max Schaefer
3351650895 JavaScript: Make InconsistentNew give fewer results. 2018-11-30 16:13:46 +00:00
Max Schaefer
b17518a5eb JavaScript: Refactor InconsistentNew to improve performance. 
All the filtering is now done in `getALikelyCallee`, to which I have also added an additional parameter that improves the join in the `select` clause.

I've also simplified the alert message to no longer use `toString`, which isn't meant for alert messages anyway. (This is an old query.)
 2018-11-30 15:40:45 +00:00
Max Schaefer
10166be535 JavaScript: Add new query DoubleEscaping. 2018-11-30 09:39:00 +00:00
Max Schaefer
3ed40d5da1 Merge branch 'master' into range-analysis 2018-11-30 09:36:40 +00:00
semmle-qlci
1c5322274a Merge pull request #557 from esben-semmle/js/unused-react-variable 
Approved by xiemaisi
 2018-11-30 09:35:36 +00:00
Jonas Jensen
9babb4366b Merge remote-tracking branch 'upstream/master' into mergeback-20181130 2018-11-30 10:13:33 +01:00
Asger F
f85e30aa6c Merge pull request #571 from xiemaisi/js/numeric-constant-interpreted-as-code 
JavaScript: Add new query `HardcodedDataInterpretedAsCode`.
 2018-11-29 17:07:48 +00:00
Asger F
959776b775 JS: add test case 2018-11-29 11:22:15 +00:00
Asger F
d69e584cc2 JS: fix bug in foldedComparisonEdge 2018-11-29 11:22:15 +00:00
Asger F
477be260f3 JS: rename UselessRangeCheck -> UselessComparisonTest 2018-11-29 11:22:14 +00:00
Asger F
344bec3865 JS: Add UselessRangeCheck.ql 2018-11-29 11:22:14 +00:00
Asger F
43df9538bf JS: be conservative in presence of NaN comments 2018-11-29 11:22:14 +00:00
Asger F
6c53ad80c7 JS: add constant constraints in range analysis 2018-11-29 11:22:13 +00:00
Asger F
064b1099eb JS: range analysis through phi nodes 2018-11-29 11:22:13 +00:00