hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,880 Commits 1,672 Branches 157 Tags
redsun82/codegen-readme
Commit Graph

6371 Commits

Author SHA1 Message Date
Max Schaefer
f540dcb486 JavaScript: Address review comments. 2019-03-12 16:56:10 +00:00
semmle-qlci
4de297c964 Merge pull request #1072 from asger-semmle/prop-write-static-accessor 
Approved by esben-semmle
 2019-03-12 16:51:54 +00:00
Rebecca Valentine
ea55c1a589 adds getAnUndefinedReturn 2019-03-11 12:41:59 -07:00
Asger F
f632379c44 JS: whitelist accessors in DeadStoreOfProperty 2019-03-11 16:38:08 +00:00
Max Schaefer
77e59f1a47 JavaScript: Be more lenient about namespace matching. 2019-03-11 12:42:51 +00:00
Max Schaefer
41d83d5b7d JavaScript: Introduce additional flow steps between sockets. 2019-03-11 12:42:51 +00:00
Max Schaefer
36c9af977b JavaScript: Connect up client and server sockets. 2019-03-11 12:42:51 +00:00
Max Schaefer
dc614ebefe JavaScript: Introduce indices for sent/received items. 2019-03-11 12:42:51 +00:00
Max Schaefer
b47b26ca61 JavaScript: Add basic model of client-side socket.io API. 2019-03-11 12:42:34 +00:00
Max Schaefer
363c11e89d JavaScript: Improve handling of acknowledgment callbacks. 2019-03-11 12:41:19 +00:00
Max Schaefer
37bc36d92e JavaScript: Factor out handling of EventEmitter API. 2019-03-11 12:41:19 +00:00
Max Schaefer
f92f9594ea JavaScript: Add a convenience predicate to get the last parameter of a function. 2019-03-11 12:41:19 +00:00
Max Schaefer
eb07754eee JavaScript: Introduce representation of socket.io servers and namespaces. 2019-03-11 12:41:19 +00:00
Jonas Jensen
a90e4a7bdf Merge pull request #1066 from xiemaisi/fix-qhelp-backticks 
Fix qhelp backticks
 2019-03-08 19:06:48 +01:00
Max Schaefer
c74db8bbbc JavaScript: Fix erroneous backticks in query help. 2019-03-08 15:28:03 +00:00
semmle-qlci
9dccd9f62c Merge pull request #1050 from asger-semmle/prototype-instance-methods 
Approved by xiemaisi
 2019-03-07 16:10:29 +00:00
Max Schaefer
b85f44643a Merge pull request #1049 from asger-semmle/js-type-tracking 
JS: Add TypeTracking library
 2019-03-07 16:09:19 +00:00
Asger F
56977b80a0 JS: update comment 2019-03-07 11:35:41 +00:00
Asger F
f21871d275 JS: relax instantiation requirement for .prototype field 2019-03-06 14:31:37 +00:00
Max Schaefer
48c0949705 Merge pull request #1036 from asger-semmle/hide-implicit-ssa-defs 
JS: Omit uninteresting nodes from path explanations
 2019-03-06 13:30:11 +00:00
Asger F
732ddbcbbd JS: Mark API as experimental 2019-03-06 13:04:34 +00:00
Asger F
3422fa328d JS: Add test 2019-03-06 12:50:59 +00:00
Asger F
e6a1374218 JS: Make separate type for back-tracking types 2019-03-06 12:50:50 +00:00
Asger F
0b2c94684d JS: Add TypeTracker library 2019-03-06 11:52:28 +00:00
Jason Reed
0a91d919b0 JS: Allow path.basename sanitization in zipslip. 2019-03-06 09:46:41 +00:00
Asger F
ee7461380e JS: Omit uninteresting nodes from path explanations 2019-03-06 08:41:03 +00:00
semmle-qlci
9a2a328243 Merge pull request #1025 from xiemaisi/js/fix-exports-assign 
Approved by asger-semmle
 2019-03-04 21:25:56 +00:00
Max Schaefer
3cabc12be3 JavaScript: Teach InvalidExport to never flag module.exports = exports = ... and similar. 
This was previously flagged if `exports` wasn't used any further. While it's true that the assignment to `exports` is redundant in this case, the assignment is also flagged by DeadStorOfLocal, so there is no point in InvalidExport flagging it as well.
 2019-03-04 09:53:37 +00:00
semmle-qlci
4c3ecf0f76 Merge pull request #989 from asger-semmle/class-node-get-this-access 
Approved by xiemaisi
 2019-03-01 19:40:31 +00:00
Max Schaefer
83e0f3bc8d Merge pull request #946 from esben-semmle/js/captured-nodes-query-and-type-inference-1 
JS: Captured Nodes, type inference + a query
 2019-03-01 10:48:52 +00:00
semmle-qlci
6cafe222c4 Merge pull request #1013 from asger-semmle/closure-string-ops 
Approved by esben-semmle
 2019-03-01 10:31:27 +00:00
Max Schaefer
a6f3305edc Merge pull request #1006 from asger-semmle/express-end 
JS: Treat res.end() as alias for res.send() in Express
 2019-03-01 10:30:06 +00:00
Max Schaefer
8dcd8715b9 Merge pull request #889 from jcreedcmu/jcreed/tarslip 
JavaScript: Add new query for ZipSlip (CWE-022).
 2019-03-01 08:16:35 +00:00
Jason Reed
c1b218a5ff JS: Documentation fixes 2019-02-28 15:46:19 -05:00
Jason Reed
c5e57dacf8 JS: Actually use fileName in examples 2019-02-28 15:46:14 -05:00
Jason Reed
674d2790b4 JS: Address review comments 2019-02-28 15:46:07 -05:00
Jason Reed
caebdd2f68 JS: Fix incorrect sample link 2019-02-28 15:46:00 -05:00
Jason Reed
2fc2a393b7 JS: Address review comments 2019-02-28 15:45:52 -05:00
Jason Reed
09b9a57783 JS: More efficient reasoning through pipe 2019-02-28 15:45:38 -05:00
Jason Reed
b0636dd410 JS: Better local flow through .pipe chaining 2019-02-28 15:45:33 -05:00
Jason Reed
32d48ba98b JS: Run auto-formatter 2019-02-28 15:45:20 -05:00
Jason Reed
abd2644af7 JS: Address review comments 2019-02-28 15:45:13 -05:00
Jason Reed
baa4f08259 JS: Add new query for ZipSlip (CWE-022) 2019-02-28 15:45:08 -05:00
Asger F
2bfb015218 JS: Add closure string ops 2019-02-28 16:47:53 +00:00
Max Schaefer
2ecabad553 Merge pull request #1004 from asger-semmle/suffix-check-bug 
JS: Recognize '+' in suffix check
 2019-02-28 14:23:26 +00:00
Asger F
03ef167c56 JS: Treat res.end() as alias for res.send() in Express 2019-02-28 12:37:11 +00:00
Max Schaefer
c8a37297f3 Merge pull request #997 from asger-semmle/closure-promise 
JS: model of closure Promises
 2019-02-28 10:05:12 +00:00
Max Schaefer
1b5887014b Merge pull request #988 from asger-semmle/spread-taint-step 
JS: add taint step through object/array spread operators
 2019-02-28 09:58:23 +00:00
semmle-qlci
6602b4dbda Merge pull request #992 from xiemaisi/js/socket.io 
Approved by asger-semmle
 2019-02-27 18:43:40 +00:00
Asger F
9497199cbd JS: add localFieldStep 2019-02-27 14:20:47 +00:00