hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,186 Commits 1,672 Branches 157 Tags
mathiasvp/read-step-without-memory-operands
Commit Graph

4255 Commits

Author SHA1 Message Date
Max Schaefer
22ccae6006 JavaScript: Make PromiseFlow module public. 2020-08-31 11:55:10 +01:00
Erik Krogh Kristensen
f4060723bb add stats for new properties 2020-08-28 12:43:26 +02:00
Erik Krogh Kristensen
038cca814a Merge branch 'main' into ts4 2020-08-28 10:27:49 +02:00
CodeQL CI
80cb8be405 Merge pull request #4155 from asger-semmle/js/lower-duplicate-element-id-precision 
Approved by esbena
 2020-08-28 08:52:58 +01:00
CodeQL CI
ac94869978 Merge pull request #3978 from dellalibera/js/insecure-cookies 
Approved by esbena
 2020-08-28 08:31:38 +01:00
Asger Feldthaus
e7a0bc6be6 JS: Lower precision of ambiguous HTML ID attribute 2020-08-27 15:51:34 +01:00
Esben Sparre Andreasen
9aa1404646 JS: fix formatting of InsecureCookie.qll 2020-08-27 09:44:45 +02:00
Esben Sparre Andreasen
67278d9c93 Merge pull request #4141 from esbena/js/clarify-sanitization 
JS: make sanitization a "common" technique rather than "important"
 2020-08-27 08:08:17 +02:00
ubuntu
cd1d50b637 Update expected output 2020-08-26 23:50:15 +02:00
Alessio Della Libera
dcf51c75e9 Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.ql 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-08-26 23:33:52 +02:00
Esben Sparre Andreasen
d27442e846 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-26 20:18:54 +02:00
Esben Sparre Andreasen
89305865d0 JS: make sanitization a "common" technique rather than "important" 2020-08-26 15:41:54 +02:00
Alessio Della Libera
e027c8cc13 Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-08-26 01:48:05 +02:00
Alessio Della Libera
a1f64e26cf Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-08-26 01:47:52 +02:00
Alessio Della Libera
3bd7615a75 Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-08-26 01:47:37 +02:00
Alessio Della Libera
57cf447188 Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-08-26 01:46:59 +02:00
CodeQL CI
722b1a24f6 Merge pull request #4087 from erik-krogh/thisJsx 
Approved by asgerf
 2020-08-25 10:20:32 +01:00
CodeQL CI
844abc51e8 Merge pull request #4108 from erik-krogh/packType 
Approved by asgerf
 2020-08-25 10:17:28 +01:00
Erik Krogh Kristensen
b0d4e79653 split out trap tests to avoid "package.json" naming conflict in trap test 2020-08-24 21:36:34 +02:00
ubuntu
22f5ae4ad4 Format code 2020-08-24 18:53:37 +02:00
CodeQL CI
e2c6a01c00 Merge pull request #4097 from erik-krogh/createRequire 
Approved by esbena
 2020-08-24 15:57:10 +01:00
Erik Krogh Kristensen
309346841a Merge branch 'main' into packType 2020-08-24 12:44:24 +02:00
Erik Krogh Kristensen
5acfd92e0f bump the extractor version 2020-08-24 12:42:19 +02:00
Erik Krogh Kristensen
d633410e3c make the extractor not crash on invalid "package.json" files 2020-08-24 12:42:08 +02:00
Erik Krogh Kristensen
eb84f97e7f Merge branch 'main' into ts4 2020-08-24 12:20:48 +02:00
Erik Krogh Kristensen
db57f3661e Merge branch 'main' into ts4 2020-08-21 15:08:30 +02:00
Erik Krogh Kristensen
65a1769d43 Merge branch 'main' into asyncCalls 2020-08-21 14:58:27 +02:00
Erik Krogh Kristensen
1b655f9046 use threadsafe cache stored in ExtractorState 2020-08-21 14:45:24 +02:00
Erik Krogh Kristensen
7aca84cd45 search directly for "package.json" instead of iterating through the files in a folder 2020-08-21 14:31:49 +02:00
Erik Krogh Kristensen
3f0f2c796c pass extension instead of locationManager to isAlways*Module 2020-08-21 14:27:47 +02:00
Erik Krogh Kristensen
bbbb0a2c5e specialize module.createRequire support to ES2015 modules 2020-08-21 14:14:05 +02:00
Erik Krogh Kristensen
e00951edf0 update TypeScript to 4.0.2 2020-08-21 09:50:27 +02:00
CodeQL CI
29183fa0a1 Merge pull request #4067 from erik-krogh/noBin 
Approved by esbena
 2020-08-20 23:07:02 +01:00
Erik Krogh Kristensen
cef681d009 bump extractor version (again) 2020-08-20 15:58:44 +02:00
Erik Krogh Kristensen
68f7942820 Merge branch 'main' into noBin 2020-08-20 15:58:15 +02:00
Erik Krogh Kristensen
fa8edeed6a change StoredXss example to use TypeTracking 2020-08-20 15:05:38 +02:00
Erik Krogh Kristensen
906705f84c add SourceNode example to the TrackedNode deprecation description 2020-08-20 15:01:40 +02:00
Erik Krogh Kristensen
372e1a3d84 support the "type" field on package.json files while extracting 2020-08-20 14:26:15 +02:00
Erik Krogh Kristensen
bf88c81f78 bump extractor version 2020-08-20 12:57:48 +02:00
Erik Krogh Kristensen
a347569385 inline StandardCharsets.UTF_8 2020-08-20 12:57:05 +02:00
Erik Krogh Kristensen
410ef8fe0e exit early if the default encoding is not UTF-8 2020-08-20 12:50:43 +02:00
Erik Krogh Kristensen
fe41521e0c add tutorial for how to get around TrackedNodes deprecation 2020-08-20 12:46:17 +02:00
Erik Krogh Kristensen
8f68f512df deprecate TrackedNodes.qll 2020-08-20 11:26:22 +02:00
Erik Krogh Kristensen
3d5c1560e4 basic support for .cjs files 2020-08-19 10:53:57 +02:00
Erik Krogh Kristensen
103f739d16 add test for types of modules 2020-08-19 10:52:38 +02:00
Erik Krogh Kristensen
1e65ed2228 support module.createRequire 2020-08-18 14:43:03 +02:00
Erik Krogh Kristensen
246d9b8c70 update expected trap files 2020-08-18 12:51:36 +02:00
Erik Krogh Kristensen
03cb95c82b bump extractor version 2020-08-18 11:20:04 +02:00
Erik Krogh Kristensen
d1b3963e2d correctly treat ES2015 modules as being in strict-mode in the extractor 2020-08-18 10:13:20 +02:00
Erik Krogh Kristensen
61d4648893 update expected output of trap test 2020-08-17 22:53:16 +02:00