hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

11945 Commits

Author SHA1 Message Date
tiferet
eab270eb84 Move the definitions of isEffectiveSink and getAReasonSinkExcluded to the base class. 
They can now be implemented generically for all sink types.
 2022-11-16 11:47:24 -08:00
tiferet
fc56c5a022 Implement the type-specific endpoint filters as EndpointCharacteristics. 
Also disambiguate three filters from three different sink types that all have the same name, "not a direct argument to a likely external library call or a heuristic sink".
 2022-11-16 11:14:25 -08:00
erik-krogh
76c6943159 add stats for @satisfies_expr 2022-11-16 13:48:41 +01:00
erik-krogh
fe49e41d7b JS: convert some block-comments that could be QLDoc to QLDoc 2022-11-16 13:45:35 +01:00
erik-krogh
9eaeaf7322 ATM: convert some block-comments that could be QLDoc to QLDoc 2022-11-16 13:41:52 +01:00
Mauro Baluda
8bf0bbb715 code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:23 +01:00
Mauro Baluda
798b03f29d code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:07 +01:00
Mauro Baluda
784475dd66 Merge branch 'main' into main 2022-11-16 11:06:27 +01:00
Mauro Baluda
84cb59b942 Create 2022-11-08-hapi-glue.md 2022-11-16 11:05:23 +01:00
tiferet
13cb0ab554 Fix CodeQL warning 2022-11-15 17:32:30 -08:00
tiferet
2ecdfd1ff6 Delete some code that's no longer in use 2022-11-15 17:29:03 -08:00
tiferet
fedb98ddb5 Implement the standard getAReasonSinkExcluded using StandardEndpointFilterCharacteristics 2022-11-15 17:22:00 -08:00
tiferet
cf4e37a0ab Implement the standard endpoint filters as EndpointCharacteristics 2022-11-15 17:20:20 -08:00
tiferet
cb632b3534 Delete the file ExtractEndpointData.expected which was leftover in the last PR 2022-11-15 17:11:34 -08:00
Mauro Baluda
ec04f0c88f hapi/glue tests 2022-11-15 23:45:27 +01:00
erik-krogh
8cb68b79c1 bump extractor version 2022-11-15 22:09:09 +01:00
erik-krogh
b0b5761a8c update TS from 4.9.2-rc to 4.9.3 2022-11-15 22:08:54 +01:00
erik-krogh
364336e22a add downgrade script 2022-11-15 22:07:25 +01:00
erik-krogh
1f90f7dd4d add upgrade script 2022-11-15 22:07:25 +01:00
erik-krogh
d4c6f873af add test for auto-accessors 2022-11-15 22:07:25 +01:00
erik-krogh
65567fa1ce add test for the more precise type-narrowing with the in operator 2022-11-15 22:07:25 +01:00
erik-krogh
e98d1df5f4 add dataflow support 2022-11-15 22:07:25 +01:00
erik-krogh
a8973c1147 add test for dataflow 2022-11-15 22:07:24 +01:00
erik-krogh
75ef5b1b0b add support for satisfies-expressions 2022-11-15 22:07:24 +01:00
erik-krogh
30c66303ba initial skeleton for TypeScript 4.9 2022-11-15 22:07:24 +01:00
Tiferet Gazit
710b215c38 Merge pull request #11263 from github/tiferet/extract-training-data 
ATM: Extract training data
 2022-11-15 12:08:13 -08:00
tiferet
fc078a47fd Apply suggestion from code review 2022-11-15 11:14:01 -08:00
Tiferet Gazit
092e019de9 Apply suggestions from code review 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-11-15 10:48:32 -08:00
Andrew Eisenberg
88750a7000 Add more information about ATM queries for external users 2022-11-15 10:17:56 -08:00
erik-krogh
cec5045b52 Merge branch 'main' into erb 2022-11-15 17:16:05 +01:00
erik-krogh
e4dbf0acff use instead of a fixed version number 2022-11-15 17:14:38 +01:00
erik-krogh
39938b4dad add change-note 2022-11-15 17:14:38 +01:00
erik-krogh
29cf695b07 update expected output of the queries (some sorting changed due to locations being used slightly differently in the shared pack) 2022-11-15 17:14:38 +01:00
erik-krogh
e18ceba49e port the JS regex/redos queries to use the shared pack 2022-11-15 17:14:38 +01:00
erik-krogh
031a910989 add a JS implementation of RegexTreeViewSig 2022-11-15 17:14:38 +01:00
erik-krogh
4a2472a078 add hasLocationInfo predicate to regexp terms 2022-11-15 17:14:37 +01:00
erik-krogh
e928777cb7 add codeql/regex as a dependency 2022-11-15 17:14:37 +01:00
Mauro Baluda
8109a7b67a Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-15 16:27:21 +01:00
Mauro Baluda
e5e3bb3705 Generalize the server definition in plugin registration 2022-11-15 16:27:14 +01:00
Mauro Baluda
563a56af9d Update Hapi.qll 2022-11-15 15:46:34 +01:00
Asger F
dc440aaee6 Merge pull request #11255 from asgerf/js/dynamic-import-type-expr 
JS: Handle DynamicImport in the context of a type
 2022-11-15 13:31:08 +01:00
Stephan Brandauer
ec3578364e remove superfluous class in EndpointCharacteristics hierarchy 2022-11-15 10:17:38 +01:00
tiferet
9ecff0723c Fix non-ascii character in docs 2022-11-14 16:34:24 -08:00
tiferet
6b7612fed7 Fix import errors in DebugResultInclusion.ql 2022-11-14 15:33:46 -08:00
tiferet
b47723d607 Delete ExtractEndpointData. 
Also remove the associated test files.
 2022-11-14 14:57:59 -08:00
tiferet
9d7e7735d5 Extract training data: 
Implement the new query that selects data for training. For now we include clauses that implement logic that is identical to the old queries.

Include a temporary wrapper query that converts the resulting data into the format expected by the endpoint pipeline.

Move the small pieces of `ExtractEndpointData` that are still needed into `ExtractEndpointDataTraining.qll`.
 2022-11-14 14:33:08 -08:00
Mauro Baluda
3260c81397 Merge branch 'github:main' into main 2022-11-14 22:59:06 +01:00
Mauro Baluda
5ea03b1ded Update Hapi.qll 
Add `server` definitions in plugin registration and plugin dependency declaration
 2022-11-14 22:56:06 +01:00
Tiferet Gazit
855eddab80 Merge pull request #11174 from github/tiferet/non-sink-endpoint-characteristics 
Non-sink endpoint characteristics
 2022-11-14 09:37:25 -08:00
Asger F
2bcf9b86cf JS: Bump extractor version string 2022-11-14 15:09:50 +01:00