hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

6874 Commits

Author SHA1 Message Date
Asger Feldthaus
8632c2a3b2 JS: Factor out VirtualSourceRoot 2020-06-29 08:18:29 +01:00
Asger Feldthaus
bfedcb01c4 JS: Make TypeScript aware of custom extractor extensions 2020-06-29 08:16:58 +01:00
Asger Feldthaus
d55e3300f3 JS: Bundle FileExtractors into a class 2020-06-29 08:16:58 +01:00
Asger Feldthaus
ea6b99e726 JS: Add shouldExtract predicate 2020-06-29 08:16:58 +01:00
Asger Feldthaus
164a18f02d JS: Factor out extractFiles 2020-06-29 08:16:05 +01:00
Asger Feldthaus
da3d1a3b5f JS: Recognize 'lang' attribute of script tags 2020-06-29 08:15:52 +01:00
Asger F
bdb7e3def3 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-06-29 07:55:15 +01:00
Asger Feldthaus
03c91a66c5 JS: Update expected output 2020-06-29 07:52:25 +01:00
Alessio Della Libera
ce32d646dc Update javascript/ql/src/semmle/javascript/frameworks/Logging.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-06-28 21:58:45 +02:00
Asger Feldthaus
9ca25d5bef JS: Support .hash extraction via a few more methods 2020-06-28 01:38:59 +01:00
Asger Feldthaus
19db418395 JS: Add missing store step in Xss query 2020-06-28 01:26:11 +01:00
Asger Feldthaus
3e616e998e JS: Add test 2020-06-27 21:31:40 +01:00
Asger Feldthaus
84d21074e5 JS: Support Vue class components 2020-06-27 21:24:46 +01:00
Asger Feldthaus
ac5b9cd168 JS: Autoformat 2020-06-26 23:15:04 +01:00
ubuntu
9135bbd5c8 JS: model fancy-log (and recognize the 'dir' log level) 2020-06-26 21:33:52 +02:00
Asger Feldthaus
6707e3424d JS: Prevent bad join ordering 2020-06-26 20:21:56 +01:00
Asger Feldthaus
06dd3ab2ca JS: Propagate into RegExp.$x 2020-06-26 18:58:43 +01:00
Asger Feldthaus
17af8f7650 JS: Add test for taint propagating into RegExp.$1 2020-06-26 18:58:43 +01:00
semmle-qlci
3aefb7fad9 Merge pull request #3613 from erik-krogh/Reassigned 
Approved by asgerf
 2020-06-26 17:05:45 +01:00
semmle-qlci
b015c735d0 Merge pull request #3809 from max-schaefer/util-deprecate 
Approved by asgerf
 2020-06-26 14:20:14 +01:00
semmle-qlci
1b4df57426 Merge pull request #3731 from asger-semmle/js/monorepo-bugfixes 
Approved by erik-krogh
 2020-06-26 14:18:35 +01:00
Erik Krogh Kristensen
0b050204ad add missing dot in qldoc 2020-06-26 15:07:12 +02:00
Erik Krogh Kristensen
e4fe236d37 autoformat 2020-06-26 13:59:06 +02:00
Max Schaefer
640c194c92 JavaScript: Model util.deprecate as a pre call-graph step. 2020-06-26 11:47:19 +01:00
Max Schaefer
712a216461 Add self-verifying type-tracking tests. 2020-06-26 11:47:19 +01:00
semmle-qlci
f81fc77e9e Merge pull request #3782 from erik-krogh/promiseSteps 
Approved by asgerf
 2020-06-26 10:11:10 +01:00
semmle-qlci
92cc59b47b Merge pull request #3800 from esbena/js/npmlog 
Approved by erik-krogh
 2020-06-26 07:54:08 +01:00
Erik Krogh Kristensen
7cb6516bc4 make internal predicates within DominatingPaths smaller. 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
1ec2c549d2 autoformat 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
8b3ca73c1c autoformat 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
081b03c8f4 add tests that access-path domination can happen within a statement 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
47d52870f2 Use a ControlFlowNode based API to determine domination 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
926f2c139f require that a write must dominate the enclosing stmt of a read 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
55565a51df don't use getEnclosingStmt 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
34d6a4dcf8 use Rhs of a prop-write 
Co-authored-by: Asger F <asgerf@github.com>
 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
cc2e61531e update expected output 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
f7c42ca1b5 autoformat 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
252f805db4 performance improvement 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
21e5a522b0 give the same rank to all expressions inside a single stmt 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
e467d3ccbf use dominating write check in js/path-injection 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
6bc821b1ab add tests for dominating writes 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
2b2d691e45 don't treated a property from a tainted object as tainted when there exists a dominating write 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
5e4acfbe19 implement predicate for finding dominating writes to an access-path 2020-06-25 23:00:52 +02:00
semmle-qlci
056e1a8c4b Merge pull request #3599 from asger-semmle/js/nameditem 
Approved by esbena
 2020-06-25 17:34:14 +01:00
Erik Krogh Kristensen
690bde47aa remove a .getALocalSource() that isn't needed 2020-06-25 16:51:10 +02:00
Asger Feldthaus
e28284bd01 JS: Fix javadoc 2020-06-25 15:39:00 +01:00
Asger Feldthaus
ad48c4e54d JS: Always prepare package.json files 2020-06-25 15:38:20 +01:00
Asger Feldthaus
675c64d9d4 JS: Prefer extracting file with tsconfig that included it 2020-06-25 15:38:19 +01:00
Asger Feldthaus
4c4acd50bd JS: Factor out loading of tsconfig files 2020-06-25 15:38:19 +01:00
Asger Feldthaus
cc3e62f535 JS: Move stack trace limit to top of file 2020-06-25 15:38:19 +01:00