hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

6874 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
7180a1ed52 add Type to MkHasUnderlyingType 2021-03-18 15:16:31 +01:00
Erik Krogh Kristensen
af5a61782c also look for main modules in a lib folder 2021-03-18 14:51:11 +01:00
Erik Krogh Kristensen
6bab41ce8b Merge pull request #5350 from JarLob/actions 
github actions queries
 2021-03-18 14:46:25 +01:00
Erik Krogh Kristensen
f94f82a0dc use getAChainedMethodCall 2021-03-18 14:35:10 +01:00
Erik Krogh Kristensen
38a9c71380 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2021-03-18 14:33:13 +01:00
Erik Krogh Kristensen
0e98ea0c10 remove spurious import of PackageExports 2021-03-18 14:09:08 +01:00
Erik Krogh Kristensen
67a5831ac0 update expected output 2021-03-18 13:59:44 +01:00
Erik Krogh Kristensen
c0bb169342 recognize a src/index.js file as a main module for a package 2021-03-18 13:41:36 +01:00
Erik Krogh Kristensen
add0c88530 loosen the requirement that the package.json file must be the top-most package.json 2021-03-18 13:39:12 +01:00
Erik Krogh Kristensen
d998d06b94 add link to source in alert-message for js/shell-command-constructed-from-input 2021-03-18 13:37:18 +01:00
Asger Feldthaus
e30fa89405 JS: Update more test expectations 2021-03-18 10:04:39 +00:00
Erik Krogh Kristensen
8b931626ce add edge from root type MkHasUnderlyingType 2021-03-18 11:04:08 +01:00
Jaroslav Lobačevski
a9ed3317bf Fix regex per suggestion 2021-03-18 11:54:55 +02:00
Erik Krogh Kristensen
40ec23cf13 refactor MkHasUnderlyingType to use Label::instance() 2021-03-18 10:47:38 +01:00
Erik Krogh Kristensen
b2d6982318 add change note 2021-03-17 19:17:23 +01:00
Erik Krogh Kristensen
3995ff322d add models for koa-route and koa-router 2021-03-17 19:17:20 +01:00
Jaroslav Lobačevski
7b6773c96a Update javascript/ql/src/experimental/semmle/javascript/Actions.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-17 19:49:03 +02:00
Jaroslav Lobačevski
e3bf308952 Removed positive lookbehind 2021-03-17 17:32:10 +02:00
Asger Feldthaus
ae410aabd6 JS: Add change note 2021-03-17 15:24:10 +00:00
Asger Feldthaus
e4d891cab5 JS: Add tests for flow through replace 2021-03-17 15:20:40 +00:00
Asger Feldthaus
9cfbb90591 JS: Add test case for insufficient replace-sanitizer 2021-03-17 15:20:40 +00:00
Asger Feldthaus
198bdcab26 JS: Make XSS MetacharEscapeSanitizer more precise 2021-03-17 15:20:40 +00:00
Asger Feldthaus
effa52f9e1 JS: Step through string replace callbacks 2021-03-17 15:15:49 +00:00
CodeQL CI
7c20c4a664 Merge pull request #5396 from asgerf/js/shared-taint-step 
Approved by erik-krogh, esbena
 2021-03-17 08:07:20 -07:00
CodeQL CI
d95b295e52 Merge pull request #5400 from erik-krogh/replaceCallbacks 
Approved by asgerf
 2021-03-17 06:42:34 -07:00
Asger Feldthaus
ccc879dc5c JS: Autoformat 2021-03-17 13:29:17 +00:00
Asger Feldthaus
e1bfc6cd38 JS: Add qldoc to deprecated class member 2021-03-17 13:29:17 +00:00
Asger Feldthaus
ab1947a028 JS: Add comment explaining how to add new steps 2021-03-17 13:29:17 +00:00
Asger Feldthaus
c2764069b5 JS: Mention why we cache predicates outside the class 2021-03-17 13:29:17 +00:00
Asger Feldthaus
a97d3452a7 JS: Add DataFlow::SharedFlowStep to future-proof the tutorial 2021-03-17 13:29:17 +00:00
Asger Feldthaus
d74e84abd8 JS: Remove or update some mentions of AdditionalTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
c0b5a9ad0c JS: Deprecate AdditionalTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
332ee40984 JS: Autoformat 2021-03-17 13:29:17 +00:00
Asger Feldthaus
0675066ab9 JS: Fixup UriLibraries test 2021-03-17 13:29:17 +00:00
Asger Feldthaus
443b59e676 JS: Fixup bad merge in HeapTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
80bc5d921b JS: Update Vue test 2021-03-17 13:29:16 +00:00
Asger Feldthaus
d52ff3e4f6 JS: Autoformat and add qldoc 2021-03-17 13:29:16 +00:00
Asger Feldthaus
96c6e4d8d8 JS: Update with new AdditionalTaintStep subclasses 2021-03-17 13:29:16 +00:00
Asger Feldthaus
561b9d09b3 JS: Put in same stage as RemoteFlowSource 2021-03-17 13:29:16 +00:00
Asger Feldthaus
e4a75b42e9 JS: Autoformat 2021-03-17 13:29:16 +00:00
Asger Feldthaus
8542c7172e JS: Fix promiseStep documentation 2021-03-17 13:29:16 +00:00
Asger Feldthaus
f95c799d6e JS: Cache taint steps in same stage 2021-03-17 13:29:16 +00:00
Asger Feldthaus
e847043307 JS: Move React steps into React library 2021-03-17 13:29:16 +00:00
Asger Feldthaus
6324c4f22a JS: Add arrayStep but ignore overlap with heapStep for now 2021-03-17 13:29:15 +00:00
Asger Feldthaus
0bdf67f8aa JS: Remove duplicate await step 2021-03-17 13:29:15 +00:00
Asger Feldthaus
4116c1ec66 JS: Add category for promise steps 2021-03-17 13:29:15 +00:00
Asger Feldthaus
f009a6121e JS: Refactor steps into subcategories 2021-03-17 13:29:13 +00:00
Asger Feldthaus
d823fd15af JS: Fix join orders and use SourceNode API in React model 2021-03-17 13:26:02 +00:00
Asger Feldthaus
255424cdc2 JS: Fix bad join order from use of getAType() = TTRegExp 2021-03-17 13:26:02 +00:00
Asger Feldthaus
b049136008 JS: Fix bad join order in Vue model 2021-03-17 13:26:02 +00:00