hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

6736 Commits

Author SHA1 Message Date
Asger Feldthaus
88fee2748e JS: Add change note 2021-03-29 11:21:03 +01:00
CodeQL CI
f584ff9acf Merge pull request #5533 from asgerf/js/fix-query-metadata 
Approved by esbena
 2021-03-26 11:09:54 +00:00
Asger Feldthaus
cc2a531684 JS: Cache PropRef.getBase 2021-03-26 10:48:25 +00:00
Erik Krogh Kristensen
5e59f6d558 Update javascript/ql/src/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironmentCustomizations.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-03-25 19:03:37 +01:00
Asger Feldthaus
a456458a38 JS: Add change note for code duplication library removal 2021-03-25 15:21:48 +00:00
Asger Feldthaus
446ad5ec9e JS: Remove code duplication library 2021-03-25 15:20:59 +00:00
Asger Feldthaus
c812bd948a JS: Add @problem.severity to an example query 2021-03-25 15:14:48 +00:00
Asger Feldthaus
7aae51c876 JS: Add change note for filter query removal 2021-03-25 15:13:51 +00:00
Asger Feldthaus
6cab85712f JS: Delete filter queries 2021-03-25 15:12:35 +00:00
Asger Feldthaus
1c27ca610a JS: Remove precision atags from metric queries 2021-03-25 15:12:09 +00:00
Erik Krogh Kristensen
3d49b8cb91 consider quoted string concatenations as sanitizers for js/shell-command-injection-from-environment 2021-03-25 15:17:02 +01:00
Erik Krogh Kristensen
3b82452d76 detect fs modules that pass through a reduce call 2021-03-25 14:47:43 +01:00
Erik Krogh Kristensen
77ba7b473d Merge branch 'main' into topPack 2021-03-25 11:52:58 +01:00
CodeQL CI
0511e72520 Merge pull request #5458 from erik-krogh/shellTrue 
Approved by asgerf
 2021-03-25 10:49:24 +00:00
CodeQL CI
9d52db3ca7 Merge pull request #5507 from erik-krogh/joins 
Approved by asgerf
 2021-03-25 09:18:26 +00:00
Asger Feldthaus
dbc6cf63c2 JS: Fix bad join order in PropertyProjection 2021-03-25 09:00:10 +00:00
Asger Feldthaus
bd3f6d1234 JS: Add o[o.length] = y taint step 2021-03-25 09:00:10 +00:00
Asger Feldthaus
51f489211b JS: Support react-native-base64 2021-03-25 09:00:10 +00:00
Asger Feldthaus
5d9778c64d JS: Step through babel.transform 2021-03-25 09:00:10 +00:00
Asger Feldthaus
3e67ebacb0 JS: Support lodash-es 2021-03-25 09:00:10 +00:00
Erik Krogh Kristensen
3b6b40489f Merge branch 'main' into topPack 2021-03-25 09:58:15 +01:00
Esben Sparre Andreasen
801eb538db Merge pull request #5514 from github/aibaars/fix-javascript-metadata 
Javascript: remove bad QLDoc tag
 2021-03-25 08:56:08 +01:00
Erik Krogh Kristensen
c146b27c1a Merge branch 'main' into shellTrue 2021-03-24 20:09:23 +01:00
CodeQL CI
8ff9c98d26 Merge pull request #5449 from erik-krogh/asExec 
Approved by esbena
 2021-03-24 19:04:30 +00:00
Arthur Baars
b25dc03dac Javascript: remove bad QLDoc tag 2021-03-24 16:47:27 +01:00
Asger Feldthaus
e13a9c9716 JS: Avoid recursion through SourceNode::Range, again 2021-03-24 15:26:50 +00:00
Asger Feldthaus
de879c0707 JS: Make PropRef.getBase non-recursive 2021-03-24 12:57:16 +00:00
Asger Feldthaus
2f2d72f282 JS: Improve react-router support 2021-03-24 12:53:26 +00:00
Asger Feldthaus
88932a495c JS: Handle redux-form HOCs 2021-03-24 12:53:26 +00:00
CodeQL CI
e3ab94fc6b Merge pull request #5498 from asgerf/js/flow-through-accessors 
Approved by erik-krogh, max-schaefer
 2021-03-24 12:46:05 +00:00
Erik Krogh Kristensen
9610ed163a remove SourceNode type to preserve behavior 2021-03-24 11:59:56 +01:00
Erik Krogh Kristensen
b8bfdcc719 improve performance in ServiceDefinitions by inlining, and refactoring away a SourceNode 2021-03-23 19:13:40 +01:00
Erik Krogh Kristensen
93bcc3724a use pragma to improve 2 join-orders in TaintTracking 2021-03-23 19:12:33 +01:00
Asger Feldthaus
98cee7d339 JS: Update Collection step test and its output 2021-03-23 14:53:15 +00:00
Asger Feldthaus
c067d519d9 JS: Inline some public predicates in GlobalAccessPaths 2021-03-23 14:53:15 +00:00
Asger Feldthaus
61e89d4841 JS: Cache StepSummary and PropertyName 2021-03-23 14:53:14 +00:00
Asger Feldthaus
0056c39bdd JS: Deprecate AdditionalFlowStep 2021-03-23 14:53:14 +00:00
Asger Feldthaus
9e6aac8ef4 JS: Deprecate CollectionFlowStep 2021-03-23 14:53:14 +00:00
Asger Feldthaus
f8f3770a58 JS: BadRandomness can just use type-tracking now 2021-03-23 14:53:14 +00:00
Asger Feldthaus
52c2e37aca JS: Update CollectionStep usage in HTTP 2021-03-23 14:53:14 +00:00
Asger Feldthaus
2759d53f42 JS: SetKeys 2021-03-23 14:53:14 +00:00
Asger Feldthaus
c5ddd40dc3 JS: MapAndSetValues 2021-03-23 14:53:14 +00:00
Asger Feldthaus
9abaad65c6 JS: MapSet 2021-03-23 14:53:14 +00:00
Asger Feldthaus
530be38b84 JS: MapGet 2021-03-23 14:53:14 +00:00
Asger Feldthaus
4a45731c85 JS: SetMapForEach 2021-03-23 14:53:14 +00:00
Asger Feldthaus
c9c99464cf JS: ForOfStep (unify with Arrays version) 2021-03-23 14:53:13 +00:00
Asger Feldthaus
1a5eede39f JS: SetConstructor 2021-03-23 14:53:13 +00:00
Asger Feldthaus
5c9a239776 JS: SetAdd 2021-03-23 14:53:13 +00:00
Asger Feldthaus
98398a9efd JS: add two-prop version of loadStoreStep and infer pseudo properties 
Initial step towards migrating CollectionFlowStep to PreCallGraphStep
 2021-03-23 14:53:13 +00:00
Asger Feldthaus
67ec5d325c JS: Stop caching AdditionalFlowStep 2021-03-23 14:53:13 +00:00