hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

3047 Commits

Author SHA1 Message Date
Max Schaefer
4533e1f6fe JavaScript: Add model of adm-zip library for ZipSlip query. 2019-03-21 08:04:06 +00:00
Asger F
aaa8bfb874 TS: allow namespace imports as types 2019-03-20 10:09:18 +00:00
Max Schaefer
6fbf487524 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19 2019-03-19 14:09:03 +00:00
Max Schaefer
77c383aee2 JavaScript: Simplify flow-summary queries. 
Previously, `AllConfigurations.qll` would pull in (almost) all taint
tracking configurations, which has started causing OOMEs during
compilation.

I've pruned it down to only the most interesting configurations. Since
flow summaries are experimental at this point and require a bit of manual
configuration anyway, this shouldn't be much of an issue in practice.
 2019-03-19 10:58:49 +00:00
Jason Reed
4475dd4b9f JavaScript: Add test and fix change note. 2019-03-15 14:40:48 -04:00
Jason Reed
6589813ec7 JavaScript: Add tar-stream extraction to ZipSlip query. 2019-03-15 09:31:26 -04:00
Max Schaefer
5441352d41 Merge pull request #1113 from esben-semmle/js/useless-property-assign-setter 
JS: improve use of attributes from ~Object.defineProperty~
 2019-03-15 12:11:50 +00:00
semmle-qlci
cb86687302 Merge pull request #1078 from psygnisfive/UndefinedReturns 
Approved by xiemaisi
 2019-03-15 08:37:12 +00:00
Rebecca Valentine
f3683794d6 stylistic changes per PR change req. in description 
https://github.com/Semmle/ql/pull/1078#pullrequestreview-214401005
 2019-03-14 09:49:02 -07:00
semmle-qlci
d549a0dcb8 Merge pull request #1111 from xiemaisi/js/performance-fiddling 
Approved by esben-semmle
 2019-03-14 14:56:26 +00:00
semmle-qlci
5d9d23ee71 Merge pull request #1110 from xiemaisi/js/yield-in-non-generator 
Approved by asger-semmle
 2019-03-14 11:59:43 +00:00
semmle-qlci
7513bcf7ec Merge pull request #1095 from xiemaisi/js/base64 
Approved by esben-semmle
 2019-03-14 11:58:50 +00:00
Max Schaefer
993345fb7b JavaScript: Track Electron browser objects locally only. 2019-03-14 11:53:46 +00:00
Esben Sparre Andreasen
bd7eef08e8 JS: introduce CallToObjectDefineProperty::getAPropertyAttribute 2019-03-14 11:59:27 +01:00
Esben Sparre Andreasen
ff5b85067a JS: add tests 2019-03-14 11:55:41 +01:00
Max Schaefer
69c63110c1 JavaScript: Teach Function.isGenerator to check for yield. 2019-03-14 10:48:44 +00:00
Max Schaefer
5d35626c58 JavaScript: Rename a test file to avoid case clash. 2019-03-14 08:55:30 +00:00
Rebecca Valentine
f9012cb00e improves tests 2019-03-13 10:48:02 -07:00
Max Schaefer
f76efcb558 JavaScript: Fix modelling of Buffer base64 encoders and decoders. 2019-03-13 12:27:23 +00:00
Robert Brignull
5380e1df68 Merge remote-tracking branch 'upstream/rc/1.20' into merge/rc/1.20 2019-03-13 10:55:30 +00:00
Max Schaefer
28d8011bcf JavaScript: Add models for popular base64 transcoders. 2019-03-13 08:20:58 +00:00
semmle-qlci
6baf52614e Merge pull request #1074 from xiemaisi/js/socket.io-comm 
Approved by esben-semmle
 2019-03-13 07:38:12 +00:00
semmle-qlci
5f480af760 Merge pull request #1086 from esben-semmle/js/dead-local-destructuring-defaults 
Approved by xiemaisi
 2019-03-13 07:37:55 +00:00
semmle-qlci
4de297c964 Merge pull request #1072 from asger-semmle/prop-write-static-accessor 
Approved by esben-semmle
 2019-03-12 16:51:54 +00:00
Esben Sparre Andreasen
408ac9878b JS: document limitation of js/useless-assignment-to-local 2019-03-12 15:30:28 +01:00
semmle-qlci
13c6f55a2e Merge pull request #1085 from asger-semmle/extract-symbol 
Approved by xiemaisi
 2019-03-12 14:07:17 +00:00
Asger F
824a50d14e TS: fix extraction of symbols with unusual names 2019-03-12 11:24:16 +00:00
Asger F
5ef6eefda3 TS: update test 2019-03-12 09:47:06 +00:00
Rebecca Valentine
2affd2bef6 adds library tests 2019-03-11 16:03:48 -07:00
Asger F
146909ba13 TS: fix missing this type in method declarations 2019-03-11 16:53:25 +00:00
Asger F
f632379c44 JS: whitelist accessors in DeadStoreOfProperty 2019-03-11 16:38:08 +00:00
semmle-qlci
a2b1939319 Merge pull request #1059 from asger-semmle/ts-infinite-expansion 
Approved by esben-semmle, xiemaisi
 2019-03-11 15:52:53 +00:00
Max Schaefer
d2c3de6256 JavaScript: Consolidate tests. 2019-03-11 12:47:28 +00:00
Max Schaefer
41d83d5b7d JavaScript: Introduce additional flow steps between sockets. 2019-03-11 12:42:51 +00:00
Max Schaefer
36c9af977b JavaScript: Connect up client and server sockets. 2019-03-11 12:42:51 +00:00
Max Schaefer
dc614ebefe JavaScript: Introduce indices for sent/received items. 2019-03-11 12:42:51 +00:00
Max Schaefer
b47b26ca61 JavaScript: Add basic model of client-side socket.io API. 2019-03-11 12:42:34 +00:00
Max Schaefer
37bc36d92e JavaScript: Factor out handling of EventEmitter API. 2019-03-11 12:41:19 +00:00
Max Schaefer
eb07754eee JavaScript: Introduce representation of socket.io servers and namespaces. 2019-03-11 12:41:19 +00:00
Asger F
16a2177aec JS: update tests 2019-03-11 11:36:46 +00:00
Asger F
dc6c33dd12 TS: Fix infinite type expansion issue 2019-03-11 11:26:46 +00:00
Asger F
04a6692aed JS: add test case 2019-03-11 09:44:59 +00:00
semmle-qlci
9dccd9f62c Merge pull request #1050 from asger-semmle/prototype-instance-methods 
Approved by xiemaisi
 2019-03-07 16:10:29 +00:00
Max Schaefer
b85f44643a Merge pull request #1049 from asger-semmle/js-type-tracking 
JS: Add TypeTracking library
 2019-03-07 16:09:19 +00:00
Asger F
d4566af271 JS: update test output 2019-03-07 11:27:07 +00:00
Asger F
f21871d275 JS: relax instantiation requirement for .prototype field 2019-03-06 14:31:37 +00:00
Asger F
96f1d91150 JS: Add a new test 2019-03-06 14:31:37 +00:00
Max Schaefer
48c0949705 Merge pull request #1036 from asger-semmle/hide-implicit-ssa-defs 
JS: Omit uninteresting nodes from path explanations
 2019-03-06 13:30:11 +00:00
Asger F
81476cff0b JS: Expand test case with call/return matching for backtracking 2019-03-06 12:58:52 +00:00
Asger F
3422fa328d JS: Add test 2019-03-06 12:50:59 +00:00