hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

5056 Commits

Author SHA1 Message Date
Asger Feldthaus
93500bd95a JS: Improve mssql model 2021-03-30 11:34:01 +01:00
Asger Feldthaus
95937c9ac7 JS: Improve sqlite3 model 2021-03-30 11:34:01 +01:00
Asger Feldthaus
0b21b273ed JS: Improve pg model 2021-03-30 11:33:59 +01:00
Asger Feldthaus
937a620f4d JS: Improve mysql2 model 2021-03-30 11:33:42 +01:00
CodeQL CI
e8d7925084 Merge pull request #5555 from asgerf/js/misc-steps 
Approved by esbena
 2021-03-30 11:30:12 +01:00
CodeQL CI
25e26b9ac0 Merge pull request #5554 from asgerf/js/non-recursive-propref 
Approved by esbena
 2021-03-30 11:29:32 +01:00
CodeQL CI
6cceb73807 Merge pull request #5553 from asgerf/js/pg-promise 
Approved by esbena
 2021-03-30 11:28:24 +01:00
Asger Feldthaus
faf07dac91 JS: Autoformat 2021-03-29 14:52:37 +01:00
Asger Feldthaus
3e26236648 JS: Add recursion guard test 2021-03-29 14:32:13 +01:00
Asger Feldthaus
2770a53d38 JS: More babel.transform steps 2021-03-29 13:00:23 +01:00
Asger Feldthaus
c103939c2d JS: Fix handling of createRequire 2021-03-29 12:47:23 +01:00
Asger Feldthaus
49ca88957c JS: Use types 2021-03-29 12:25:15 +01:00
Asger F
f1d0b50670 Update javascript/ql/src/semmle/javascript/frameworks/SQL.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-03-29 11:54:45 +01:00
Asger Feldthaus
f453fe26c6 JS: Autoformat 2021-03-29 11:28:46 +01:00
Asger Feldthaus
149af57eac JS: Add model of pg-promise 2021-03-29 11:25:28 +01:00
CodeQL CI
f584ff9acf Merge pull request #5533 from asgerf/js/fix-query-metadata 
Approved by esbena
 2021-03-26 11:09:54 +00:00
Asger Feldthaus
cc2a531684 JS: Cache PropRef.getBase 2021-03-26 10:48:25 +00:00
Erik Krogh Kristensen
5e59f6d558 Update javascript/ql/src/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironmentCustomizations.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-03-25 19:03:37 +01:00
Asger Feldthaus
446ad5ec9e JS: Remove code duplication library 2021-03-25 15:20:59 +00:00
Asger Feldthaus
6cab85712f JS: Delete filter queries 2021-03-25 15:12:35 +00:00
Asger Feldthaus
1c27ca610a JS: Remove precision atags from metric queries 2021-03-25 15:12:09 +00:00
Erik Krogh Kristensen
3d49b8cb91 consider quoted string concatenations as sanitizers for js/shell-command-injection-from-environment 2021-03-25 15:17:02 +01:00
Erik Krogh Kristensen
3b82452d76 detect fs modules that pass through a reduce call 2021-03-25 14:47:43 +01:00
Erik Krogh Kristensen
77ba7b473d Merge branch 'main' into topPack 2021-03-25 11:52:58 +01:00
CodeQL CI
0511e72520 Merge pull request #5458 from erik-krogh/shellTrue 
Approved by asgerf
 2021-03-25 10:49:24 +00:00
CodeQL CI
9d52db3ca7 Merge pull request #5507 from erik-krogh/joins 
Approved by asgerf
 2021-03-25 09:18:26 +00:00
Asger Feldthaus
dbc6cf63c2 JS: Fix bad join order in PropertyProjection 2021-03-25 09:00:10 +00:00
Asger Feldthaus
bd3f6d1234 JS: Add o[o.length] = y taint step 2021-03-25 09:00:10 +00:00
Asger Feldthaus
51f489211b JS: Support react-native-base64 2021-03-25 09:00:10 +00:00
Asger Feldthaus
5d9778c64d JS: Step through babel.transform 2021-03-25 09:00:10 +00:00
Asger Feldthaus
3e67ebacb0 JS: Support lodash-es 2021-03-25 09:00:10 +00:00
Erik Krogh Kristensen
3b6b40489f Merge branch 'main' into topPack 2021-03-25 09:58:15 +01:00
Esben Sparre Andreasen
801eb538db Merge pull request #5514 from github/aibaars/fix-javascript-metadata 
Javascript: remove bad QLDoc tag
 2021-03-25 08:56:08 +01:00
Erik Krogh Kristensen
c146b27c1a Merge branch 'main' into shellTrue 2021-03-24 20:09:23 +01:00
CodeQL CI
8ff9c98d26 Merge pull request #5449 from erik-krogh/asExec 
Approved by esbena
 2021-03-24 19:04:30 +00:00
Arthur Baars
b25dc03dac Javascript: remove bad QLDoc tag 2021-03-24 16:47:27 +01:00
Asger Feldthaus
e13a9c9716 JS: Avoid recursion through SourceNode::Range, again 2021-03-24 15:26:50 +00:00
Asger Feldthaus
de879c0707 JS: Make PropRef.getBase non-recursive 2021-03-24 12:57:16 +00:00
Asger Feldthaus
2f2d72f282 JS: Improve react-router support 2021-03-24 12:53:26 +00:00
Asger Feldthaus
88932a495c JS: Handle redux-form HOCs 2021-03-24 12:53:26 +00:00
CodeQL CI
e3ab94fc6b Merge pull request #5498 from asgerf/js/flow-through-accessors 
Approved by erik-krogh, max-schaefer
 2021-03-24 12:46:05 +00:00
Erik Krogh Kristensen
9610ed163a remove SourceNode type to preserve behavior 2021-03-24 11:59:56 +01:00
Erik Krogh Kristensen
b8bfdcc719 improve performance in ServiceDefinitions by inlining, and refactoring away a SourceNode 2021-03-23 19:13:40 +01:00
Erik Krogh Kristensen
93bcc3724a use pragma to improve 2 join-orders in TaintTracking 2021-03-23 19:12:33 +01:00
Asger Feldthaus
c067d519d9 JS: Inline some public predicates in GlobalAccessPaths 2021-03-23 14:53:15 +00:00
Asger Feldthaus
61e89d4841 JS: Cache StepSummary and PropertyName 2021-03-23 14:53:14 +00:00
Asger Feldthaus
0056c39bdd JS: Deprecate AdditionalFlowStep 2021-03-23 14:53:14 +00:00
Asger Feldthaus
9e6aac8ef4 JS: Deprecate CollectionFlowStep 2021-03-23 14:53:14 +00:00
Asger Feldthaus
f8f3770a58 JS: BadRandomness can just use type-tracking now 2021-03-23 14:53:14 +00:00
Asger Feldthaus
52c2e37aca JS: Update CollectionStep usage in HTTP 2021-03-23 14:53:14 +00:00