hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

3047 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
7b7eddff1e remove previous SockJS implementation, and move example to WebSocket test 2020-03-23 23:45:05 +01:00
Erik Krogh Kristensen
f1e0d37273 Update javascript/ql/test/library-tests/frameworks/Concepts/file-access.js 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-23 14:02:22 +01:00
Asger F
6c2842bd49 Merge pull request #2919 from asger-semmle/js/property-barriers 
JS: Make sanitizers no longer block taint inside an object
 2020-03-23 11:43:18 +00:00
Erik Krogh Kristensen
2c43d1d731 fix FP in superfluous-trailing-arguments related to Function.arguments 2020-03-23 10:40:35 +01:00
Erik Krogh Kristensen
90a324148d add extra sinks to js/tainted-path 2020-03-20 09:07:39 +01:00
semmle-qlci
deb20fc37f Merge pull request #3076 from esbena/js/even-more-mongoose-improvements 
Approved by erik-krogh
 2020-03-19 12:03:53 +00:00
Asger Feldthaus
4f42675b35 JS: Autformat 2020-03-19 09:36:27 +00:00
Asger Feldthaus
7393844699 JS: Update some queries that used data as source 2020-03-18 11:55:13 +00:00
Asger Feldthaus
506ddaf3f4 JS: Add explanation for test failure 2020-03-18 11:55:13 +00:00
Asger Feldthaus
028022158d JS: Add variant of test that passes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a7e337ab28 JS: Add some lines in test case 2020-03-18 11:55:13 +00:00
Asger Feldthaus
3e68072e38 JS: Accept test case change 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a9901a44e8 JS: Update TaintBarriers/isBarrier test 2020-03-18 11:55:13 +00:00
Asger Feldthaus
0edb765958 JS: Split test case function in two 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a195429471 JS: Add test with non-guard sanitizer 2020-03-18 11:55:12 +00:00
Asger Feldthaus
83606e7b60 JS: Dont use data label in taint-tracking configs 2020-03-18 11:55:12 +00:00
Asger Feldthaus
8da0584b12 JS: Add test 2020-03-18 11:55:12 +00:00
semmle-qlci
fa08258c14 Merge pull request #3036 from erik-krogh/CustomTrack 
Approved by asgerf
 2020-03-17 13:44:51 +00:00
Esben Sparre Andreasen
833d1b1ab0 JS: fixup mongoose test 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
9d9926fdbf JS: model Mongoose Document for additional js/nosql-injection sinks 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
55ab519fbe JS: add Mongoose Document tests 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
dc27a8f52c JS: model mongoose Model on createConnection.<model/models> 2020-03-16 22:11:22 +01:00
Esben Sparre Andreasen
730396df12 JS: add Mongoose createConnection tests 2020-03-16 22:11:22 +01:00
Erik Krogh Kristensen
f2548aa3b1 add more models for file related sinks and sources 2020-03-16 11:07:23 +01:00
semmle-qlci
1d4dd2b2f7 Merge pull request #3057 from esbena/js/infer-this-as-exports 
Approved by asgerf
 2020-03-15 12:55:12 +00:00
semmle-qlci
7e093a8e5c Merge pull request #3041 from erik-krogh/JQueryAjax 
Approved by esbena
 2020-03-14 22:31:59 +00:00
semmle-qlci
ff03478ae8 Merge pull request #3049 from asger-semmle/js/fix-cyclic-join 
Approved by erik-krogh
 2020-03-14 16:19:25 +00:00
Erik Krogh Kristensen
4f39c28741 Merge branch 'master' of git.semmle.com:Semmle/ql into CustomTrack 2020-03-14 14:37:52 +01:00
Esben Sparre Andreasen
4d6aa20990 Merge pull request #3004 from esbena/js/additional-mongodb-and-mongoose-injection-sinks 
JS: Mongoose and MongoDB improvements
 2020-03-14 12:31:43 +01:00
Esben Sparre Andreasen
2fac7434df JS: infer this to be module.exports in node modules 2020-03-13 14:10:35 +01:00
Esben Sparre Andreasen
ae8d38236b JS: add some tests for this 2020-03-13 14:09:23 +01:00
Erik Krogh Kristensen
91bc124f78 autoformat 2020-03-12 10:45:25 +01:00
Erik Krogh Kristensen
d32d14f572 model responseText and responseXml on jqXHR objects 2020-03-11 17:00:44 +01:00
Erik Krogh Kristensen
e88dac3dea remove FP for js/redundant-operation 2020-03-11 14:42:32 +01:00
Asger Feldthaus
6645df93ad JS: Blacklist another cyclic property 2020-03-11 13:09:37 +00:00
Erik Krogh Kristensen
cb5ef7dbed add basic support for jqXHR with ajax calls 2020-03-11 13:05:41 +01:00
Erik Krogh Kristensen
fa26ce9f4b update expected output 2020-03-11 09:36:12 +01:00
Erik Krogh Kristensen
13e855910e add more ClientRequest models for JQuery 2020-03-10 17:21:22 +01:00
Erik Krogh Kristensen
62ae484545 autoformat and update expected output 2020-03-10 14:01:40 +01:00
Esben Sparre Andreasen
5c8800a1c7 JS: make autoformatter happy 2020-03-10 13:11:31 +01:00
Erik Krogh Kristensen
066568ea60 add promise tracking to Files.qll 2020-03-10 12:36:42 +01:00
Erik Krogh Kristensen
a24bc564a4 add extra tests for file-name with promises 2020-03-10 12:35:34 +01:00
Erik Krogh Kristensen
6110f85748 refactor chrome-remote-interface to use type-tracking promise steps 2020-03-10 12:27:21 +01:00
Esben Sparre Andreasen
5b1b945c35 JS: distinguishes escapes in strings and regular expression literals 2020-03-10 12:26:20 +01:00
Erik Krogh Kristensen
3ddfd7ba73 add extra promise test for chrome-remote-interface 2020-03-10 12:24:16 +01:00
Esben Sparre Andreasen
dbeb216af0 JS: make use of TypeScript types for mongoose Model and Query 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
aae92ad795 JS: add test for DatabaseAccess 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
6b9bd8bd97 JS: adjust tests slightly to also support DatabaseAccess testing 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
7a2faa0b6b JS: add additional mongoose and mongodb js/nosql-injection sinks 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
f24f03e1f8 JS: add mongodb .connect tests 2020-03-10 09:57:45 +01:00