hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,880 Commits 1,672 Branches 157 Tags
redsun82/codegen-readme
Commit Graph

6371 Commits

Author SHA1 Message Date
Asger F
f7543aec95 JS: Support Reflect.ownKeys 2020-01-14 10:52:59 +00:00
Asger F
8af233307a JS: Support enumeration through Object.entries 2020-01-14 10:52:59 +00:00
Asger F
ac2f0a8e11 JS: Do not require flow from key -> rhs 2020-01-14 10:52:59 +00:00
Asger F
96bf9db200 JS: Add another test and more barriers 2020-01-14 10:52:59 +00:00
Asger F
bc7871078a JS: Fix FPs from Object.create(null) 2020-01-14 10:52:59 +00:00
Asger F
654f145772 JS: Add PrototypePollutionUtility query 2020-01-14 10:52:59 +00:00
Asger F
52cec25035 JS: Build access paths for array accesses 2020-01-14 10:52:59 +00:00
Asger Feldthaus
73e60a7400 JS: Ignore strict-mode-call-stack-introspection for expr stmts 2020-01-13 16:03:03 +00:00
Erik Krogh Kristensen
1619a98bc8 make the default registration/dispatch extend DataFlow::InvokeNode 2020-01-10 17:40:16 +01:00
Erik Krogh Kristensen
ec5896abba add additional data-flow edges to data-flow related to promises 2020-01-10 14:12:53 +01:00
Erik Krogh Kristensen
87bbbd643c changes based on review feedback 2020-01-09 16:18:32 +01:00
Erik Krogh Kristensen
af8b36b750 Merge remote-tracking branch 'upstream/master' into EventEmitter 2020-01-09 15:09:43 +01:00
semmle-qlci
f1f69ef85d Merge pull request #2589 from esbena/js/ignore-duplicate-params-for-empty-functions 
Approved by erik-krogh
 2020-01-09 11:58:04 +00:00
Max Schaefer
308da0774d Merge pull request #2525 from asger-semmle/promise-missing-await 
JS: New query: missing await
 2020-01-08 15:29:45 +00:00
Max Schaefer
de15ecf47b Merge pull request #2593 from asger-semmle/regexp-always-matches 
JS: Add RegExpAlwaysMatches query
 2020-01-08 15:21:39 +00:00
Asger Feldthaus
775e63d9c0 JS: Fix qhelp validation error 2020-01-08 10:38:10 +00:00
Asger F
ef79023e52 Update javascript/ql/src/Expressions/MissingAwait.qhelp 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-01-08 10:23:30 +00:00
Asger Feldthaus
d55d5cc4ed JS: Address comments from doc review 2020-01-07 10:27:46 +00:00
Asger Feldthaus
9f6e04887b JS: Fix FP from word boundaries 2020-01-07 10:09:17 +00:00
Asger F
b604be5cfb Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-01-06 14:44:02 +00:00
Max Schaefer
9160fbf106 Merge pull request #2435 from asger-semmle/phi-edge-barrier-guards 
JS: Phi edge barrier guards
 2020-01-06 14:14:18 +00:00
semmle-qlci
0c0073fb02 Merge pull request #2582 from asger-semmle/spurious-css-import 
Approved by max-schaefer
 2020-01-06 14:00:08 +00:00
Asger F
9928762769 JS: Add RegExpAlwaysMatches query 2020-01-06 13:48:02 +00:00
semmle-qlci
39531c6516 Merge pull request #2574 from max-schaefer/js/fix-17 
Approved by erik-krogh
 2020-01-06 12:43:56 +00:00
Asger F
aa6572b5c8 JS: Sanitize phi edges from barrier guards 2020-01-06 11:37:21 +00:00
semmle-qlci
48deb30756 Merge pull request #2573 from max-schaefer/js/generalise-alert-suppression 
Approved by asgerf
 2020-01-06 10:43:17 +00:00
semmle-qlci
5dcc5b3b1e Merge pull request #2581 from erik-krogh/FlowUselessExpr 
Approved by max-schaefer
 2020-01-06 08:33:36 +00:00
Esben Sparre Andreasen
96748ca32e JS: sharpen js/duplicate-parameter-name 2020-01-06 08:51:00 +01:00
Asger F
503bcdc5d7 JS: Dont capitalize Promise in prose 2020-01-03 14:16:31 +00:00
Asger F
3c601fce74 Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-03 14:15:52 +00:00
Asger F
30a8769dad JS: Add more bad promise contexts 2020-01-03 14:12:55 +00:00
Asger F
4772798d7b JS: do not resolve arbitrary extensions to JavaScript files 2020-01-03 11:37:51 +00:00
semmle-qlci
06d812a6ff Merge pull request #2556 from erik-krogh/RegexpVoidCxt 
Approved by max-schaefer
 2020-01-03 08:38:56 +00:00
Max Schaefer
8d1ad5c5f3 JavaScript: Alert suppression through single-line /* */ style comments. 2020-01-02 10:45:20 +00:00
Erik Krogh Kristensen
d1a77d6993 refactor isInterpretedAsRegExp to directly work on a DataFlow node 2020-01-02 11:18:14 +01:00
Max Schaefer
de02bb4a0d JavaScript: Prevent joining on configuration in onPath. 2020-01-02 09:49:09 +00:00
Max Schaefer
2a55ba5d4f JavaScript: Fix join order in PathNode.getASuccessor. 2020-01-02 09:48:57 +00:00
semmle-qlci
f921cf7d01 Merge pull request #2512 from erik-krogh/moarExceptions 
Approved by esbena, max-schaefer
 2019-12-20 20:31:50 +00:00
Erik Krogh Kristensen
a0b5aa5ae4 more precise heuristic to identify allowed call targets 2019-12-20 10:51:39 +01:00
Erik Krogh Kristensen
15d74b7d03 remove FP from js/regexpinjection where no regexp was constructed 2019-12-19 10:47:03 +01:00
Tom Hvitved
29cd6a9e30 Sync XML.qll 2019-12-19 10:29:30 +01:00
Erik Krogh Kristensen
2e5b7273ab changes based on review feedback. 2019-12-17 17:30:05 +01:00
Erik Krogh Kristensen
0a8a2ecc61 make EventEmitter classses non final, and add a comment about extending EventEmitter::Range 2019-12-17 16:37:03 +01:00
Erik Krogh Kristensen
fed9302996 uppercase E in Electron 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-17 16:29:55 +01:00
Erik Krogh Kristensen
f140820511 fix FP related to block-level flow type annotations 2019-12-17 16:10:20 +01:00
Erik Krogh Kristensen
9dd7d1c6d7 changes based on review feedback 2019-12-17 13:19:53 +01:00
Erik Krogh Kristensen
f9ddd5891a minor documentation fixes 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-17 13:05:20 +01:00
Max Schaefer
09ee106333 Java/JavaScript: Add two deprecated predicates to XML.qll. 
This makes XML.qll identical across C++, Java, JavaScript and Python.
 2019-12-17 10:15:43 +00:00
Max Schaefer
923e36ba4f C++/Java/JavaScript/Python: Make qldoc consistent. 2019-12-17 10:15:43 +00:00
Max Schaefer
a2fe678464 C++/Java/JavaScript/Python: Unify imports in XML.qll. 2019-12-17 10:15:43 +00:00