hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,876 Commits 1,671 Branches 157 Tags
dave/InsecureMemset
Commit Graph

2217 Commits

Author SHA1 Message Date
semmle-qlci
d2f3574427 Merge pull request #2165 from erik-krogh/dosHigh 
Approved by asger-semmle
 2019-10-25 16:28:07 +01:00
semmle-qlci
89896c02c4 Merge pull request #2176 from Semmle/esbena-patch-1 
Approved by erik-krogh
 2019-10-25 09:26:12 +01:00
Erik Krogh Kristensen
ab42b5de80 fix line end at end of dbscheme 2019-10-24 10:17:06 +02:00
Erik Krogh Kristensen
a584d7c850 change update script description 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-10-24 10:17:06 +02:00
Erik Krogh Kristensen
834b572f45 add initial support for expressions in TypeScript 2019-10-24 10:17:00 +02:00
semmle-qlci
fc8c1e195a Merge pull request #2177 from asger-semmle/nodejs-detector-class-expression 
Approved by max-schaefer
 2019-10-23 14:33:07 +01:00
Asger F
45667cc127 TS: Tolerate syntax errors in class declaration 2019-10-23 11:40:34 +01:00
Esben Sparre Andreasen
207692a7a1 add missing .ql extension to suite file name 2019-10-23 11:18:48 +02:00
Pavel Avgustinov
325dbfe9c0 Merge pull request #2172 from hmakholm/qlpack.yml 
qlpack files are now YAML rather than JSON
 2019-10-22 17:19:52 +01:00
semmle-qlci
cbfa1cd058 Merge pull request #2168 from xiemaisi/js/remove-duplicate-configuration 
Approved by erik-krogh
 2019-10-22 17:02:26 +01:00
Henning Makholm
347d97c14c qlpack.json is now qlpack.yml 2019-10-22 17:36:35 +02:00
Henning Makholm
fd768a1af6 Add some new-style suite definitions 2019-10-22 15:51:00 +02:00
semmle-qlci
cb3a05c6de Merge pull request #2166 from xiemaisi/js/fix-typo 
Approved by esben-semmle
 2019-10-22 12:38:10 +01:00
Max Schaefer
1c23615742 JavaScript: Fix typo in doc comment. 2019-10-22 10:44:25 +01:00
semmle-qlci
1c79ec550e Merge pull request #2092 from esben-semmle/js/brittle-system-reflection-command 
Approved by mchammer01, xiemaisi
 2019-10-22 08:36:44 +01:00
Erik Krogh Kristensen
1ae8e25603 change precision of js/loop-bound-injection and fix a false positive 2019-10-22 09:21:19 +02:00
semmle-qlci
eb9d90dff6 Merge pull request #2143 from esben-semmle/js/fix-all-sanitisers 
Approved by xiemaisi
 2019-10-22 07:16:27 +01:00
semmle-qlci
0dcb189e67 Merge pull request #2162 from xiemaisi/js/remove-deprecated-queries 
Approved by esben-semmle
 2019-10-22 07:15:58 +01:00
Esben Sparre Andreasen
5a983cb535 JS: add query js/shell-command-injection-from-environment 2019-10-21 23:31:55 +02:00
Max Schaefer
b9203377c7 JavaScript: Remove a duplicate Configuration class. 2019-10-21 17:32:02 +01:00
Max Schaefer
55fb86d618 JavaScript: Remove deprecated queries. 
These queries have all been deprecated since 1.17 (released in July 2018). I think it's time to say goodbye.
 2019-10-21 14:42:02 +01:00
Erik Krogh Kristensen
9eda120de4 implement a new query to detect unreachable overloaded methods in TypeScript 2019-10-21 13:34:42 +02:00
Esben Sparre Andreasen
80a32aebc1 JS: add SystemCommandExecution::isShellInterpreted 2019-10-17 13:29:24 +02:00
Max Schaefer
a4bffe35fd JavaScript: Add support for globalThis. 2019-10-17 12:04:01 +01:00
Esben Sparre Andreasen
93b1e59d62 JS: fix spelling: sanitisers -> sanitizers 2019-10-17 09:05:03 +02:00
semmle-qlci
280a62ed30 Merge pull request #2138 from Semmle/xiemaisi-patch-1 
Approved by erik-krogh
 2019-10-16 15:14:29 +01:00
Pavel Avgustinov
7fa6c54731 Merge pull request #2119 from hmakholm/pr/qlpacks 
Add qlpack.json files
 2019-10-16 14:27:10 +01:00
Max Schaefer
f963ebcddc JavaScript: Remove stray comma from @tags. 2019-10-16 12:42:33 +01:00
Esben Sparre Andreasen
e1d7434be4 JS: add query js/useless-regexp-character-escape 2019-10-16 00:15:54 +02:00
Max Schaefer
dca808126f Merge pull request #2032 from erik-krogh/lessSpaces 
JS: remove false positive in js/missing-space-in-concatenation
 2019-10-14 14:25:40 +01:00
semmle-qlci
82db8c8856 Merge pull request #2108 from asger-semmle/typescript-3.6.3 
Approved by esben-semmle
 2019-10-14 12:33:06 +01:00
Henning Makholm
29167bbff8 Add qlpack.json files 
Eventually these files will subsume the current `queries.xml` files
at the top of query-containing and library directories. For now they're
just here to support internal testing of the tooling support for them
we're writing on.

Format and contents is a work in progress. If you're not in Semmle,
don't depend on anything here making sense (or staying stable) until
you see the version tags increase to something nonzero.
 2019-10-12 17:38:01 +02:00
semmle-qlci
7ba04768cd Merge pull request #2098 from asger-semmle/ts-computed-field-name-context 
Approved by esben-semmle
 2019-10-10 12:06:46 +01:00
Asger F
3e83d8486f TS: Update @types/node 2019-10-10 10:56:07 +01:00
Asger F
c10e48ddea TS: Bump to TypeScript 3.6.3 2019-10-10 10:24:48 +01:00
semmle-qlci
3726b79a23 Merge pull request #2103 from asger-semmle/remove-rollup-deps 
Approved by esben-semmle
 2019-10-10 10:10:45 +01:00
Esben Sparre Andreasen
0e79d3db46 Merge pull request #2065 from erik-krogh/noReturn 
JS: use of returnless function
 2019-10-09 13:44:39 +02:00
Asger F
7355fdf900 JS: Update trap output 2019-10-09 11:59:42 +01:00
Asger F
1f2c331ad9 TS: Remove dependency on rollup 2019-10-09 11:42:13 +01:00
Esben Sparre Andreasen
ea63414e97 Merge pull request #2016 from asger-semmle/jquery 
Add type tracking and type info to jQuery model
 2019-10-09 10:55:57 +02:00
Asger F
c09e748bca JS: Migrate JQueryMethodCall to new API 2019-10-08 14:05:10 +01:00
semmle-qlci
c8e5be74d5 Merge pull request #2093 from asger-semmle/ts-unused-var-fix 
Approved by erik-krogh
 2019-10-08 13:51:46 +01:00
Asger F
e4e10a3222 JS: Bump extractor version string 2019-10-08 13:51:13 +01:00
Asger F
8146619913 JS: Set context of computed field names to enclosing ctor 2019-10-08 13:51:12 +01:00
Asger F
2235072841 JS: Add tests 2019-10-08 13:51:12 +01:00
Asger F
90ad55e8ce JS: Update DOM test 2019-10-08 11:50:18 +01:00
Erik Krogh Kristensen
0933235132 whitelist calls to functions that always throw an exception 2019-10-08 11:54:57 +02:00
Erik Krogh Kristensen
a2993f1849 massively improve performance for detecting one-shot closures 2019-10-08 11:54:57 +02:00
Erik Krogh Kristensen
0b8ea3c504 remove redundant check in returnsVoid 2019-10-08 11:54:57 +02:00
Erik Krogh Kristensen
5ce356f509 two small doc fixes from docteam 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-10-08 11:54:57 +02:00