hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

6172 Commits

Author SHA1 Message Date
Asger F
45d4b83fc8 TS: Extract type args to tagged template exprs 2019-08-22 18:07:29 +01:00
Asger F
fd7cfedf4b JS: Add AdditionalTypeTrackingStep 2019-08-21 13:44:03 +01:00
Max Schaefer
d105de81a3 JavaScript: Raise precision of UndocumentedParameter to high. 
This is more consistent with the other JSDoc queries. Results are still not shown on LGTM by default, but the query can now be enabled selectively for projects that care about JSDoc.
 2019-08-20 09:32:00 +01:00
Asger F
ad67015720 JS: Address comments 2019-08-19 10:57:26 +01:00
Max Schaefer
020d31c3b6 JavaScript: Fix inconisstency in TaintedPath.qhelp. 2019-08-12 10:29:41 +01:00
Max Schaefer
80cfe070d4 JavaScript: Fix inconsistency in MissingRegExpAnchor.qhelp. 2019-08-12 10:29:21 +01:00
Max Schaefer
d2f4575978 JavaScript: Expand qldoc for {Barrier,Sanitizer}GuardNode. 2019-08-09 14:19:53 +01:00
semmle-qlci
6c3d1d676b Merge pull request #1694 from asger-semmle/concatenation-operand 
Approved by xiemaisi
 2019-08-08 12:41:30 +01:00
semmle-qlci
7482233a02 Merge pull request #1693 from asger-semmle/request-response 
Approved by esben-semmle, xiemaisi
 2019-08-08 12:40:35 +01:00
Asger F
d83f152f39 JS: Address review comments 2019-08-07 10:53:17 +01:00
Asger F
5e87d5c751 JS: Update syntactic heuristics 2019-08-07 10:53:17 +01:00
Asger F
f173e3024a JS: Add getConstantStringParts() and HTML concat node 2019-08-07 10:53:17 +01:00
Asger F
f101944c92 JS: Expand on the StringOps::Concatenation API 2019-08-07 10:53:17 +01:00
Asger F
687534e647 JS: Address review comments 2019-08-07 10:47:08 +01:00
Asger F
41bdd8a7cc JS: Fix qldoc indentation 2019-08-07 10:38:22 +01:00
semmle-qlci
d0a761477b Merge pull request #1704 from xiemaisi/js/fix-export-default-examples 
Approved by asger-semmle
 2019-08-07 09:34:36 +01:00
Asger F
075e47dce2 JS: Add header/headers response type 2019-08-06 15:42:22 +01:00
Asger F
ea4bfda2d1 JS: Add predicate that disappeared during conflict resolution 2019-08-06 15:33:33 +01:00
Asger F
4fb3fd992d JS: Address comments 2019-08-06 15:28:53 +01:00
Asger F
55ab7e6abf JS: Add qldoc 2019-08-06 15:28:53 +01:00
Asger F
64f1260220 JS: Rename getResponseFormat => getResponseType 2019-08-06 15:28:53 +01:00
Asger F
ea507db638 JS: Fix a qldoc comment 2019-08-06 15:28:52 +01:00
Asger F
a697a1b700 JS: Fix indentation of qldoc comment 2019-08-06 15:28:52 +01:00
Asger F
d3e796decc JS: Add caution to XMLHttpRequest class 2019-08-06 15:28:52 +01:00
Asger F
02fba482fa JS: Bugfixes 2019-08-06 15:28:52 +01:00
Asger F
0950b4d0f7 JS: Move ClientRequest classes into a module and publish them 2019-08-06 15:28:49 +01:00
Asger F
55ad3bb65f JS: add ClientRequest.getAResponseDataNode() 2019-08-06 15:28:13 +01:00
semmle-qlci
327d5acdcf Merge pull request #1686 from asger-semmle/lvalue-node 
Approved by xiemaisi
 2019-08-06 14:43:46 +01:00
Max Schaefer
82e15ada5f JavaScript: Fix export default examples. 
Only hoistable (function) declarations and class declarations can be default-exported (https://www.ecma-international.org/ecma-262/10.0/index.html#sec-exports).
 2019-08-06 14:40:53 +01:00
semmle-qlci
77eac2c980 Merge pull request #1687 from esben-semmle/js/hide-conflicting-html-attribute 
Approved by xiemaisi
 2019-08-06 11:38:33 +01:00
semmle-qlci
5de6da4ee4 Merge pull request #1697 from esben-semmle/js/fix-missing-this-in-method 
Approved by xiemaisi
 2019-08-06 11:38:11 +01:00
Max Schaefer
5026a55c25 JavaScript: Fix a Cartesian product. 2019-08-05 15:42:20 +01:00
Max Schaefer
d230921b89 JavaScript: Remove two unused fields. 2019-08-05 15:41:55 +01:00
Esben Sparre Andreasen
bc2785d143 JS: add missing binding for this in BuiltinServiceCall 2019-08-05 14:10:21 +02:00
Esben Sparre Andreasen
bc296e74a1 JS: generalize internal AngularJS::BuiltinServiceCall to handle calls 2019-08-05 13:59:48 +02:00
Esben Sparre Andreasen
a652f754ee JS: rename internal AngularJS::ServiceMethodCall 2019-08-05 13:56:49 +02:00
semmle-qlci
f60af2cfba Merge pull request #1683 from asger-semmle/type-tracking-non-exp 
Approved by xiemaisi
 2019-08-05 11:06:53 +01:00
semmle-qlci
77ae2bc8b7 Merge pull request #1684 from asger-semmle/protopollution-qhelp 
Approved by xiemaisi
 2019-08-05 11:06:34 +01:00
Asger F
8bec2fe7bf JS: Address comments 2019-08-05 10:44:39 +01:00
Esben Sparre Andreasen
c4eb258f5b JS: lower precision of js/conflicting-html-attribute 2019-08-05 09:22:10 +02:00
Asger F
5397da7579 JS: Handle implicit return in getImmediatePredecessor 2019-08-02 20:35:22 +01:00
Asger F
8e1893d0ed JS: Update range analysis to use getImmediatePredecessor 2019-08-02 20:35:22 +01:00
Asger F
9e949d0f44 JS: Add taint step through destructuring for-of loop 2019-08-02 20:35:21 +01:00
Asger F
de3c8bf711 JS: Introduce DataFlow::lvalueNode 2019-08-02 20:35:21 +01:00
semmle-qlci
d4e39a250d Merge pull request #1667 from xiemaisi/js/more-ranges 
Approved by esben-semmle
 2019-08-02 16:46:30 +01:00
Asger F
fcc51a8407 JS: Fix lodash version in proto pollution qhelp 2019-08-02 16:42:36 +01:00
Asger F
eb543c1ceb JS: Remove experimental warning from type tracking 2019-08-02 16:30:44 +01:00
semmle-qlci
34cdf7c96b Merge pull request #1677 from xiemaisi/js/flow-summary-fixes 
Approved by esben-semmle
 2019-08-02 14:02:47 +01:00
semmle-qlci
635a8edacc Merge pull request #1676 from xiemaisi/js/more-tests-classification 
Approved by esben-semmle
 2019-08-02 14:02:24 +01:00
Max Schaefer
e06ed503ec JavaScript: Make flow summaries work for non-taint configurations. 
With flow labels it often makes more sense to use a `DataFlow::Configuration` rather than a `TaintTracking::Configuration`, so flow summaries should support both.
 2019-08-02 11:45:41 +01:00