hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,015 Commits 1,672 Branches 157 Tags
cs/assembly-prefix
Commit Graph

1119 Commits

Author SHA1 Message Date
semmle-qlci
fc59dd6819 Merge pull request #1788 from asger-semmle/additional-type-tracking-step 
Approved by xiemaisi
 2019-08-24 11:55:16 +01:00
Pavel Avgustinov
cc854dd937 Merge branch 'master' of github.com:Semmle/ql into attribute 2019-08-23 09:55:35 +01:00
Asger F
45d4b83fc8 TS: Extract type args to tagged template exprs 2019-08-22 18:07:29 +01:00
Asger F
fd7cfedf4b JS: Add AdditionalTypeTrackingStep 2019-08-21 13:44:03 +01:00
Pavel Avgustinov
ca951f1669 Add jquery-datatables license to make it clear which option we choose 2019-08-17 16:31:18 +01:00
semmle-qlci
6c3d1d676b Merge pull request #1694 from asger-semmle/concatenation-operand 
Approved by xiemaisi
 2019-08-08 12:41:30 +01:00
Asger F
5e87d5c751 JS: Update syntactic heuristics 2019-08-07 10:53:17 +01:00
Asger F
f173e3024a JS: Add getConstantStringParts() and HTML concat node 2019-08-07 10:53:17 +01:00
Asger F
f101944c92 JS: Expand on the StringOps::Concatenation API 2019-08-07 10:53:17 +01:00
Asger F
2df0b08b26 JS: Add test with header access 2019-08-06 15:43:39 +01:00
Asger F
c4006be0e8 JS: Add more axios tests 2019-08-06 15:28:53 +01:00
Asger F
af7b942eec JS: Add newline in test 2019-08-06 15:28:53 +01:00
Asger F
4fb3fd992d JS: Address comments 2019-08-06 15:28:53 +01:00
Asger F
7fb6615970 JS: Test for XhrIo 2019-08-06 15:28:53 +01:00
Asger F
4eb072a376 JS: Test for 'superagent' package 2019-08-06 15:28:53 +01:00
Asger F
ce4f098625 JS: Test for 'got' package 2019-08-06 15:28:52 +01:00
Asger F
f88a7162c5 JS: Test for fetch 2019-08-06 15:28:52 +01:00
Asger F
b8c1714ba9 JS: Test for 'axios' package 2019-08-06 15:28:52 +01:00
Asger F
4f6b6d12e0 JS: Test for 'request' package 2019-08-06 15:28:52 +01:00
Asger F
93be5ab715 JS: Test for XMLHttpRequest 2019-08-06 15:28:52 +01:00
Asger F
250a5997e2 JS: Add test query for getAResponseDataNode 2019-08-06 15:28:52 +01:00
Asger F
d1179be757 JS: Move ClientRequest tests into shared ql file 2019-08-06 15:28:52 +01:00
Asger F
5397da7579 JS: Handle implicit return in getImmediatePredecessor 2019-08-02 20:35:22 +01:00
Asger F
8e1893d0ed JS: Update range analysis to use getImmediatePredecessor 2019-08-02 20:35:22 +01:00
Asger F
9e949d0f44 JS: Add taint step through destructuring for-of loop 2019-08-02 20:35:21 +01:00
Asger F
de3c8bf711 JS: Introduce DataFlow::lvalueNode 2019-08-02 20:35:21 +01:00
semmle-qlci
d4e39a250d Merge pull request #1667 from xiemaisi/js/more-ranges 
Approved by esben-semmle
 2019-08-02 16:46:30 +01:00
Max Schaefer
3daa974255 JavaScript: Rename a test. 
The old test name would cause a compiler warning, which we don't want to include in the expected output.
 2019-08-02 14:05:57 +01:00
semmle-qlci
635a8edacc Merge pull request #1676 from xiemaisi/js/more-tests-classification 
Approved by esben-semmle
 2019-08-02 14:02:24 +01:00
Max Schaefer
97c0c97b28 JavaScript: Classify __mocks__ and __tests_ as tests. 
These are conventions used by jest: https://jestjs.io/docs/en/manual-mocks#mocking-user-modules.
 2019-08-02 11:15:02 +01:00
semmle-qlci
bb4f00d770 Merge pull request #1015 from esben-semmle/js/cli-cli 
Approved by xiemaisi
 2019-08-02 09:57:19 +01:00
Esben Sparre Andreasen
90862fea99 JS: whitelist trivial throwers in js/superfluous-trailing-arguments 2019-08-01 11:49:43 +02:00
semmle-qlci
0e64c84f7e Merge pull request #1656 from asger-semmle/rephrase-useless-def 
Approved by xiemaisi
 2019-07-31 09:55:38 +01:00
Esben Sparre Andreasen
bf4a324a86 JS: add query js/indirect-command-line-injection 2019-07-31 09:24:25 +02:00
Asger F
ea563f8b97 JS: Rephrase dead store of local at declaration site 2019-07-30 18:02:27 +01:00
Asger F
378b0bfb74 JS: Do not treat the empty string as a credential 2019-07-30 17:29:12 +01:00
semmle-qlci
d63e53f3a4 Merge pull request #1628 from asger-semmle/self-globalobj 
Approved by xiemaisi
 2019-07-30 11:23:54 +01:00
semmle-qlci
143016ed96 Merge pull request #1635 from xiemaisi/js/dont-taint-for-in 
Approved by asger-semmle
 2019-07-26 08:32:14 +01:00
Asger F
6f158182d1 JS: Add self as global object alias 2019-07-24 17:10:59 +01:00
Asger F
28efadea73 JS: Use defSourceNode from getRhsNode 2019-07-23 17:14:56 +01:00
Asger F
44f7e2d5c5 JS: Handle IIFE parameters 2019-07-23 17:14:56 +01:00
Asger F
7d2e83710a JS: Add JSDoc name resolution test 2019-07-23 17:14:56 +01:00
Asger F
80fa9915fd JS: Rename JSDoc.qll to avoid conflict with JSDoc module 2019-07-23 17:14:56 +01:00
Asger F
f3b8e39848 JS: Move JSDoc tests into JSDoc/Nodes 2019-07-23 17:13:01 +01:00
Asger F
13da242576 JS: Add GlobalAccessPaths library 2019-07-23 17:08:02 +01:00
Asger F
c97b9af4b8 JS: Add SsaExplicitDefinition.getRhsNode 2019-07-23 17:08:02 +01:00
semmle-qlci
8b60314d85 Merge pull request #1617 from asger-semmle/documentable 
Approved by xiemaisi
 2019-07-23 14:55:51 +01:00
Max Schaefer
8b3e647ae9 JavaScript: Do not taint for-in loop variable. 2019-07-23 10:52:55 +01:00
semmle-qlci
247848c931 Merge pull request #1577 from asger-semmle/infername 
Approved by xiemaisi
 2019-07-22 21:01:48 +01:00
semmle-qlci
2d82a5517f Merge pull request #1608 from asger-semmle/thisnode-basicblock 
Approved by xiemaisi
 2019-07-18 17:03:29 +01:00