hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,672 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

10370 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
f38d1f9a4e merge main into ts47 2022-05-25 10:13:25 +00:00
Erik Krogh Kristensen
009ba4c280 update query id to the updated id 2022-05-25 10:55:33 +02:00
Asger F
877a9d8bcc JS: Fix FP in js/type-confusion-through-parameter-tampering 2022-05-25 09:53:46 +02:00
github-actions[bot]
1f1b364feb Release preparation for version 2.9.3 2022-05-25 07:46:48 +00:00
tombolton
91fa17a05e simplify imports in counting queries 2022-05-24 15:02:26 +01:00
tombolton
7e32614c25 refactor counting code into a library 2022-05-24 15:02:26 +01:00
tombolton
33964383d7 add individual per-security-query counting queries 2022-05-24 15:02:26 +01:00
Asger F
ced1d21405 JS: Add getters for DeclarationSpace members 2022-05-24 14:30:36 +02:00
Asger Feldthaus
a5f2c949d3 JS: Add UnionOrIntersectionTypeExpr 2022-05-24 14:30:36 +02:00
Asger F
d7e3e9e5db JS: Fix extraction of identifiers in EXPORT_BASE context 
This is needed to ensure that the base of the RHS of an ImportEqualsDeclaration is bound to a namespace. That is, B below should be bound to a namespace:

import A = B.C.D;
 2022-05-24 14:30:36 +02:00
Asger F
665fa2af59 JS: Add test for export base scope 2022-05-24 14:30:36 +02:00
Asger F
c8bb0e2117 JS: Treat d.ts as a single extension in Folder.getJavaScriptFile 2022-05-24 14:30:36 +02:00
Asger F
987a830029 JS: Add test for import of d.ts file 2022-05-24 14:30:36 +02:00
Asger F
a955bd3695 JS: Change note 2022-05-24 14:18:06 +02:00
Asger F
7d4a191a32 JS: Simplify 2022-05-24 14:18:06 +02:00
Asger F
db4b6d620a JS: Remove Buffer.from as sink for js/resource-exhaustion 2022-05-24 14:18:05 +02:00
Erik Krogh Kristensen
82c6c22d50 make a model for hasOwnProperty calls and similar 2022-05-24 14:13:53 +02:00
Erik Krogh Kristensen
2a97dd9f6f add support for Object.hasOwn(obj, key) 2022-05-24 13:59:25 +02:00
Erik Krogh Kristensen
1717d17fb3 add flow step for Array.prototype.at 2022-05-24 12:41:27 +02:00
github-actions[bot]
1fa2fd73f2 JS: Bump patch version of ML-powered library and query packs post-release 2022-05-24 10:40:45 +00:00
Erik Krogh Kristensen
fc25d14af7 add change note 2022-05-24 12:37:28 +02:00
github-actions[bot]
53a25c8c42 JS: Bump minor version of ML-powered library and query packs 2022-05-24 10:34:26 +00:00
github-actions[bot]
1287925676 JS: Bump patch version of ML-powered model pack post-release 2022-05-24 10:34:26 +00:00
github-actions[bot]
171fe98084 JS: Bump ML model pack dependency of ML-powered model building and query packs 2022-05-24 10:34:26 +00:00
github-actions[bot]
e519304268 JS: Bump minor version of ML-powered model pack 2022-05-24 10:33:45 +00:00
Asger F
87cbf7b216 JS: Update ATM code 2022-05-24 11:57:30 +02:00
Asger F
631527fe49 JS: Rename Node.{getASource -> asSource, getASink -> asSink} 2022-05-24 11:57:30 +02:00
Asger F
bc601261ed JS: Use 'ql' language for markdown snippets 2022-05-24 11:57:30 +02:00
Asger F
f80f8b6630 JS: Update a comment mentioning getARhs 2022-05-24 11:57:30 +02:00
Asger F
18dc39484d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
1e96b1e559 JS: Fix typo 2022-05-24 11:57:30 +02:00
Asger Feldthaus
777d344dde JS: Fix up qldoc for getAValueReachingSink 2022-05-24 11:57:30 +02:00
Asger Feldthaus
e2858b7b64 JS: Update ATM code 2022-05-24 11:57:30 +02:00
Asger Feldthaus
8da96ed403 JS: Update doc comment 2022-05-24 11:57:30 +02:00
Asger F
1ae97d9d54 Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
9fad4b883b JS: Autoformat 2022-05-24 11:57:30 +02:00
Asger Feldthaus
76ba78294f JS: Make API::EntryPoint overrides optional 2022-05-24 11:57:30 +02:00
Asger Feldthaus
ce9c3b3eb5 JS: Also rename predicates on API::EntryPoint 2022-05-24 11:57:30 +02:00
Asger Feldthaus
19a5db9f89 JS: Rename getARhs -> getASink 2022-05-24 11:57:30 +02:00
Asger Feldthaus
4c6192670e JS: Rename getAnImmediateUse -> getASource 2022-05-24 11:57:30 +02:00
Asger F
a7b73f44b2 Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Calum Grant <42069085+calumgrant@users.noreply.github.com>
 2022-05-24 11:57:30 +02:00
Asger F
73baa49c5d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-24 11:57:30 +02:00
Asger Feldthaus
82c35e6f65 Mention that the interaction and be with any external codebase 2022-05-24 11:57:29 +02:00
Asger Feldthaus
6a12864dab JS: Document how API graphs should be interpreted 2022-05-24 11:57:29 +02:00
Erik Krogh Kristensen
b2d3a7dca5 add change-note for the public renamed predicate 2022-05-24 11:20:08 +02:00
Erik Krogh Kristensen
a404a8c61a use more set literals instead of big disjunctions 2022-05-24 11:09:10 +02:00
Erik Krogh Kristensen
b48806968c delete redundant import 2022-05-24 11:02:41 +02:00
Erik Krogh Kristensen
395ec106b9 remove unused field 2022-05-24 11:02:18 +02:00
Erik Krogh Kristensen
d58fe8e193 add explicit this 2022-05-24 10:59:13 +02:00
Erik Krogh Kristensen
d1ad08ecb5 fix misspellings in predicate names 2022-05-24 10:57:13 +02:00