hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,999 Commits 1,671 Branches 157 Tags
query-help-tests-lgtm
Commit Graph

3856 Commits

Author SHA1 Message Date
Asger Feldthaus
9fc5c0bdb8 JS: Update ComposedFunctions 2020-10-28 10:09:40 +00:00
Erik Krogh Kristensen
2e514c4d7b add model for Node Redis 2020-10-28 09:52:54 +01:00
Asger Feldthaus
7345df63c0 JS: Include DataFlow::AdditionalFlowStep in TaintSteps metric 2020-10-27 08:41:50 +00:00
Erik Krogh Kristensen
33465dbe6b refactor parameterPropRead and reachesReturn to get a slight performance improvement 2020-10-26 16:49:49 +01:00
Erik Krogh Kristensen
0b41a59dbf add support for imports into "outDir" from tsconfig.json 2020-10-25 22:51:21 +01:00
CodeQL CI
da58306f2d Merge pull request #4506 from asgerf/js/separate-jquery-config 
Approved by esbena
 2020-10-21 03:13:42 -07:00
CodeQL CI
9faf675f1f Merge pull request #4486 from erik-krogh/lessTokens 
Approved by asgerf
 2020-10-21 02:56:38 -07:00
CodeQL CI
897d8de65a Merge pull request #4523 from erik-krogh/optionalPromise 
Approved by asgerf
 2020-10-21 00:34:12 -07:00
Erik Krogh Kristensen
bdbc8f5c91 add support for OptionalUse in js/missing-await 2020-10-20 16:52:57 +02:00
CodeQL CI
7ea8652f49 Merge pull request #4521 from erik-krogh/moreMiddle 
Approved by asgerf
 2020-10-20 07:14:14 -07:00
Erik Krogh Kristensen
e061c6a006 add support for more custom CSRF checking middlewares 2020-10-20 15:16:14 +02:00
CodeQL CI
d2282fc474 Merge pull request #4517 from erik-krogh/logAssign 
Approved by esbena
 2020-10-20 05:24:49 -07:00
Asger Feldthaus
c91cdb5194 JS: Address review comments 2020-10-20 12:00:02 +01:00
CodeQL CI
8b084ffe22 Merge pull request #4518 from asgerf/js/fix-oom 
Approved by erik-krogh
 2020-10-20 03:37:00 -07:00
Asger Feldthaus
50a015c73e JS: Move $() sink into separate dataflow config 2020-10-20 10:52:33 +01:00
CodeQL CI
4cc7138784 Merge pull request #4507 from erik-krogh/template 
Approved by asgerf
 2020-10-20 02:45:00 -07:00
Erik Krogh Kristensen
8c8cf4fc01 autoformat 2020-10-20 11:17:06 +02:00
Erik Krogh Kristensen
eb786078cb support modern compund-assignment in js/implicit-operand-conversion 2020-10-20 10:40:47 +02:00
Erik Krogh Kristensen
f47fb5ebd8 switch extends around to match @assignlogandexpr and @assignlogorexpr correctly 2020-10-20 10:38:45 +02:00
Asger Feldthaus
78c85775e3 JS: Do not extend AdditionalTaintStep in the ldap library 2020-10-20 09:07:12 +01:00
CodeQL CI
4c5ecb4093 Merge pull request #4478 from erik-krogh/homegrownCsrf 
Approved by asgerf
 2020-10-19 11:04:10 -07:00
CodeQL CI
502faa7d1c Merge pull request #4494 from erik-krogh/callLimit 
Approved by asgerf
 2020-10-19 11:03:25 -07:00
CodeQL CI
5ead4244fe Merge pull request #4450 from asgerf/js/angular 
Approved by erik-krogh
 2020-10-19 07:25:59 -07:00
Erik Krogh Kristensen
ce95676130 add express.csrf as an CSRF protecting middleware 2020-10-19 15:39:02 +02:00
CodeQL CI
d644a30b19 Merge pull request #4434 from erik-krogh/printAST 
Approved by asgerf
 2020-10-19 04:42:42 -07:00
CodeQL CI
2e52cbeb4a Merge pull request #4499 from max-schaefer/js/module_compile 
Approved by asgerf
 2020-10-19 03:06:21 -07:00
Erik Krogh Kristensen
8f6165cd5f print synthetic constructors in PrintAst.ql 2020-10-19 11:10:14 +02:00
Erik Krogh Kristensen
5b1ed97d68 Update javascript/ql/src/semmle/javascript/TypeScript.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2020-10-19 11:01:06 +02:00
Erik Krogh Kristensen
8c44392638 add local dataflow to js/template-syntax-in-string-literal 2020-10-19 10:58:40 +02:00
Max Schaefer
e1d90e90ad JavaScript: Add modelling for Module.prototype._compile. 2020-10-19 09:42:17 +01:00
Erik Krogh Kristensen
8cf21e3b2b autoformat 2020-10-16 16:56:35 +02:00
Erik Krogh Kristensen
27a2cd310d inline value in nodeLeadingToCsrfWrite 2020-10-16 14:21:49 +02:00
Erik Krogh Kristensen
017c73dce3 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2020-10-16 14:20:40 +02:00
Erik Krogh Kristensen
c2338b218f Update javascript/ql/src/semmle/javascript/dataflow/Nodes.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2020-10-16 14:12:36 +02:00
CodeQL CI
1d9b0ce059 Merge pull request #4460 from max-schaefer/js/unsafe-shell-command-construction-infeasible-paths 
Approved by asgerf
 2020-10-16 05:05:29 -07:00
Erik Krogh Kristensen
b3d5f9c4dd support throttle like calls as partial calls 2020-10-16 13:33:02 +02:00
Asger Feldthaus
583f3d7fd9 JS: Also materialize labels in ZipSlip 2020-10-16 07:12:30 +01:00
Asger Feldthaus
4337c5adaf JS: Workaround ascii PR check 2020-10-16 07:12:29 +01:00
Asger Feldthaus
b3d8b95433 JS: Autoformat 2020-10-16 07:12:29 +01:00
Asger Feldthaus
42fc4ff78c JS: Don't create new flow labels in *Customizations.qll files 2020-10-16 07:12:29 +01:00
Asger Feldthaus
28b449226c JS: Do not import UrlConcatenation from customizations libraries 2020-10-16 07:12:29 +01:00
Asger Feldthaus
afd82e202d JS: Add Angular2 model 2020-10-16 07:12:29 +01:00
Erik Krogh Kristensen
9112d417e4 avoid using getFirstToken for sorting 2020-10-15 20:57:29 +02:00
Erik Krogh Kristensen
4d1a9740f0 add support for home made CSRF protection middlewares in js/missing-token-validation 2020-10-15 14:50:59 +02:00
Erik Krogh Kristensen
f9f29f53cf remove locations where we have no exact location 2020-10-15 11:59:51 +02:00
Erik Krogh Kristensen
2bb8b78a29 remove "</>" from the end when printing HTML 2020-10-15 11:56:00 +02:00
Erik Krogh Kristensen
a019312953 improve printing of JS object literals 2020-10-15 11:47:45 +02:00
Erik Krogh Kristensen
ab7542c0d2 improve printing of JSON values 2020-10-15 11:05:22 +02:00
Erik Krogh Kristensen
1ebd49b0eb remove location from "mapping i" print node 2020-10-15 10:51:34 +02:00
Erik Krogh Kristensen
3e2d266343 improve YAMLMapping printing 2020-10-15 10:49:37 +02:00