hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,929 Commits 1,671 Branches 157 Tags
rc/1.20
Commit Graph

1128 Commits

Author SHA1 Message Date
Asger F
c7300fa197 TS: Add workaround for 'globalThis' getProperties() crash 2019-05-02 13:28:30 +01:00
Asger F
9934996f9b TS: Fix handling of 'export =' 2019-05-02 13:07:29 +01:00
Esben Sparre Andreasen
fd429ce639 JS: whitelist delimiter unwrapping for js/incomplete-sanitization 2019-04-12 08:38:44 +02:00
Esben Sparre Andreasen
a0ed362310 JS: add test case for js/incomplete-sanitization 2019-04-12 08:37:47 +02:00
Asger F
1a6c95c908 TS: update test expectation 2019-03-21 11:06:04 +00:00
Asger F
aaa8bfb874 TS: allow namespace imports as types 2019-03-20 10:09:18 +00:00
Max Schaefer
77c383aee2 JavaScript: Simplify flow-summary queries. 
Previously, `AllConfigurations.qll` would pull in (almost) all taint
tracking configurations, which has started causing OOMEs during
compilation.

I've pruned it down to only the most interesting configurations. Since
flow summaries are experimental at this point and require a bit of manual
configuration anyway, this shouldn't be much of an issue in practice.
 2019-03-19 10:58:49 +00:00
semmle-qlci
d549a0dcb8 Merge pull request #1111 from xiemaisi/js/performance-fiddling 
Approved by esben-semmle
 2019-03-14 14:56:26 +00:00
Max Schaefer
8e52528219 JavaScript: Refactor reachableFromInput to improve join. 2019-03-14 11:53:46 +00:00
Max Schaefer
993345fb7b JavaScript: Track Electron browser objects locally only. 2019-03-14 11:53:46 +00:00
Max Schaefer
cc8d68082e JavaScript: Show ZipSlip results by default. 2019-03-14 08:50:47 +00:00
Max Schaefer
e2cb8c5ceb JavaScript: Fix example in TypeBackTracker qldoc. 2019-03-13 15:20:41 +00:00
semmle-qlci
4de297c964 Merge pull request #1072 from asger-semmle/prop-write-static-accessor 
Approved by esben-semmle
 2019-03-12 16:51:54 +00:00
semmle-qlci
13c6f55a2e Merge pull request #1085 from asger-semmle/extract-symbol 
Approved by xiemaisi
 2019-03-12 14:07:17 +00:00
Asger F
824a50d14e TS: fix extraction of symbols with unusual names 2019-03-12 11:24:16 +00:00
Asger F
5ef6eefda3 TS: update test 2019-03-12 09:47:06 +00:00
Asger F
146909ba13 TS: fix missing this type in method declarations 2019-03-11 16:53:25 +00:00
Asger F
f632379c44 JS: whitelist accessors in DeadStoreOfProperty 2019-03-11 16:38:08 +00:00
semmle-qlci
a2b1939319 Merge pull request #1059 from asger-semmle/ts-infinite-expansion 
Approved by esben-semmle, xiemaisi
 2019-03-11 15:52:53 +00:00
Asger F
16a2177aec JS: update tests 2019-03-11 11:36:46 +00:00
Asger F
dc6c33dd12 TS: Fix infinite type expansion issue 2019-03-11 11:26:46 +00:00
Asger F
04a6692aed JS: add test case 2019-03-11 09:44:59 +00:00
Jonas Jensen
a90e4a7bdf Merge pull request #1066 from xiemaisi/fix-qhelp-backticks 
Fix qhelp backticks
 2019-03-08 19:06:48 +01:00
Max Schaefer
c74db8bbbc JavaScript: Fix erroneous backticks in query help. 2019-03-08 15:28:03 +00:00
semmle-qlci
9dccd9f62c Merge pull request #1050 from asger-semmle/prototype-instance-methods 
Approved by xiemaisi
 2019-03-07 16:10:29 +00:00
Max Schaefer
b85f44643a Merge pull request #1049 from asger-semmle/js-type-tracking 
JS: Add TypeTracking library
 2019-03-07 16:09:19 +00:00
Asger F
56977b80a0 JS: update comment 2019-03-07 11:35:41 +00:00
Asger F
d4566af271 JS: update test output 2019-03-07 11:27:07 +00:00
Asger F
f21871d275 JS: relax instantiation requirement for .prototype field 2019-03-06 14:31:37 +00:00
Asger F
96f1d91150 JS: Add a new test 2019-03-06 14:31:37 +00:00
Max Schaefer
48c0949705 Merge pull request #1036 from asger-semmle/hide-implicit-ssa-defs 
JS: Omit uninteresting nodes from path explanations
 2019-03-06 13:30:11 +00:00
Asger F
732ddbcbbd JS: Mark API as experimental 2019-03-06 13:04:34 +00:00
Asger F
81476cff0b JS: Expand test case with call/return matching for backtracking 2019-03-06 12:58:52 +00:00
Asger F
3422fa328d JS: Add test 2019-03-06 12:50:59 +00:00
Asger F
e6a1374218 JS: Make separate type for back-tracking types 2019-03-06 12:50:50 +00:00
Asger F
0b2c94684d JS: Add TypeTracker library 2019-03-06 11:52:28 +00:00
Jason Reed
8829fde86b JS: Add test for zipslip basename sanitization. 2019-03-06 09:46:41 +00:00
Jason Reed
0a91d919b0 JS: Allow path.basename sanitization in zipslip. 2019-03-06 09:46:41 +00:00
Asger F
50a77ea843 JS: update test expectations 2019-03-06 08:41:03 +00:00
Asger F
ee7461380e JS: Omit uninteresting nodes from path explanations 2019-03-06 08:41:03 +00:00
Max Schaefer
29f381eb34 JavaScript: Consolidate DOM tests. 2019-03-05 08:24:39 +00:00
Max Schaefer
3ab465edcc JavaScript: Consolidate ReactJS tests. 2019-03-05 08:24:39 +00:00
Max Schaefer
1c97a57888 JavaScript: Consolidate Promises tests. 2019-03-05 08:24:36 +00:00
Max Schaefer
41349c547f JavaScript: Consolidate stmts tests. 2019-03-05 08:14:47 +00:00
Max Schaefer
eb02e8bd36 JavaScript: Consolidate CallGraphs tests. 2019-03-05 08:14:47 +00:00
Max Schaefer
9178da4f61 JavaScript: Consolidate Expr tests. 2019-03-05 08:14:47 +00:00
Max Schaefer
256f3b013b JavaScript: Consolidate tutorial tests. 2019-03-05 08:14:47 +00:00
Max Schaefer
5a242d4849 JavaScript: Consolidate ModuleImportNode tests. 
Note that `CustomImport.ql` is still separate since it customises the standard library and would hence influennce other tests.
 2019-03-05 08:14:47 +00:00
Max Schaefer
deff97a9e6 JavaScript: Consolidate PropWrite tests. 2019-03-05 08:14:39 +00:00
Max Schaefer
0b5599d009 JavaScript: Consolidate connect, koa, hapi and restify tests. 2019-03-05 08:04:01 +00:00