Asger Feldthaus
4ff135e827
JS: Port class-based components to API graphs
2021-08-31 11:19:05 +02:00
Asger Feldthaus
5cd0996d92
JS: Deprecate getOwnOptionsObject()
2021-08-31 11:19:04 +02:00
Asger Feldthaus
7be4b76abb
JS: Simplify getABoundFunction
2021-08-31 11:19:04 +02:00
Asger Feldthaus
0ee1e8bd97
JS: Rename ExtendedVue to ComponentExtension
2021-08-31 11:19:03 +02:00
Asger Feldthaus
881951368d
JS: Merge VueInstance and ExtendedInstance into one case
2021-08-31 11:19:03 +02:00
Asger Feldthaus
ecda79834d
JS: Remove getOption(name) override subsumed by new implementation
2021-08-31 11:19:02 +02:00
Asger Feldthaus
e4901eda91
JS: Handle .extend called on any component
2021-08-31 11:19:01 +02:00
Asger Feldthaus
2a79817c3b
JS: Add test for "extends"
2021-08-31 11:19:01 +02:00
Asger Feldthaus
4d4443c3cf
JS: Use API graphs in getOption(s)
2021-08-31 11:19:00 +02:00
Asger Feldthaus
f450476b27
JS: Improve handling of default exports in Vue
2021-08-31 11:19:00 +02:00
Asger Feldthaus
cd6a60dc70
JS: Treat default-export from .vue file as entry point
2021-08-31 11:18:59 +02:00
Asger Feldthaus
b223049682
JS: Add getComponentRef()
2021-08-31 11:18:58 +02:00
Asger Feldthaus
b9d1b5584e
JS: Add API-node version of getOwnOptions
2021-08-31 11:18:58 +02:00
Asger Feldthaus
63b7c6a8d9
JS: Use API:: classes for clarity (no semantic change)
2021-08-31 11:18:57 +02:00
Asger Feldthaus
f7f69dc3ab
JS: Make MkExtendedInstance handle cross-module flow
2021-08-31 11:18:56 +02:00
Asger Feldthaus
76c38a564d
JS: Port vue() to API graphs
2021-08-31 11:18:56 +02:00
Tom Hvitved
7fc536db15
Data flow: Add precise call contexts to stage 2
2021-08-31 10:44:33 +02:00
CodeQL CI
cf9ab83dee
Merge pull request #6498 from bananabr/main
...
Approved by asgerf
2021-08-31 08:46:11 +02:00
CodeQL CI
c3e122f5fc
Merge pull request #6569 from erik-krogh/packageJsonModule
...
Approved by asgerf
2021-08-31 08:23:45 +02:00
Benjamin Muskalla
09aaa8f78e
Merge pull request #6562 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2021-08-30 21:31:02 +02:00
Rasmus Lerchedahl Petersen
a01fca5d48
Merge branch 'main' of github.com:github/codeql into python-regex-parsing-consistency-checks
...
To fix conflicts
2021-08-30 18:40:12 +02:00
yoff
13c5857241
Update python/ql/src/semmle/python/RegexTreeView.qll
...
Co-authored-by: Taus <tausbn@github.com >
2021-08-30 18:38:38 +02:00
Rasmus Lerchedahl Petersen
a855074588
Python: Try to remove py2/3 differences
2021-08-30 15:41:51 +02:00
Rasmus Lerchedahl Petersen
0de621edf9
Python: Add qldoc
2021-08-30 15:03:58 +02:00
Tom Hvitved
789e2e48cf
C#: Remove temporary dispatch restriction
2021-08-30 14:49:04 +02:00
Tom Hvitved
05b45da42f
Merge pull request #6556 from hvitved/csharp/insecure-sql-conn-flow
...
C#: Use data flow instead of taint tracking in `InsecureSQLConnection.ql`
2021-08-30 11:31:22 +02:00
Tom Hvitved
7dbdfeb161
Merge pull request #6548 from hvitved/csharp/dataflow/tests
...
C#: Update call-context data-flow tests
2021-08-30 11:30:55 +02:00
Rasmus Lerchedahl Petersen
1903cb8f82
Python: Add change note
2021-08-30 11:27:55 +02:00
Erik Krogh Kristensen
486b283c20
support the "module" field in package.json files
2021-08-30 11:05:32 +02:00
Rasmus Lerchedahl Petersen
a762373ad6
Python: Implement simple barrier guard
...
The one found in the original test case
2021-08-30 11:04:27 +02:00
Erik Krogh Kristensen
f5a1a12435
support case insensitive regexps in the ReDoS queries
2021-08-30 09:59:33 +02:00
github-actions[bot]
b28e956dd2
Add changed framework coverage reports
2021-08-30 00:08:31 +00:00
Andrew Eisenberg
bf15b18f22
Merge pull request #6565 from github/dbartol/suite-helpers-incomatbility
2021-08-27 12:40:11 -07:00
Sauyon Lee
adcb90aa8c
fixup generateflowtestcase chaneg
2021-08-27 11:25:03 -07:00
Sauyon Lee
23b9028d2c
Correctly determine which support method definitions are required
2021-08-27 11:25:03 -07:00
Sauyon Lee
04e04b3031
Use array allocation syntax
2021-08-27 11:25:03 -07:00
Sauyon Lee
97faeb026f
Fix side of stack that gen method types are used
2021-08-27 11:25:03 -07:00
Sauyon Lee
119de6c60c
Replace type variables before attempting to match to an array generation
2021-08-27 11:25:03 -07:00
Sauyon Lee
9d66761eeb
Consider a callable to ambiguous if it has a varargs parameter
2021-08-27 11:25:02 -07:00
Sauyon Lee
0d174f2daf
Only include support methods and imports from working test cases
2021-08-27 11:25:02 -07:00
Dave Bartolomeo
ede2ae11e9
Fix incompatibility with release CLI
...
This fixes #6563 , in which a customer reports being unable to run a query suite despite following the "Getting Started with the CodeQL CLI" instructions. The problem is that the released versions of the CodeQL CLI incorrectly disallow any reference to a library pack from within a .qls file. This is a CLI bug that will be fixed in the next CLI release, but since our policy is to make `github/codeql`'s `main` branch compatible with the latest released CLI, we need to work around this for now by pretending `codeql/suite-helpers` is a query pack.
2021-08-27 14:17:48 -04:00
Erik Krogh Kristensen
81742528a2
add test
2021-08-27 10:04:39 +02:00
Erik Krogh Kristensen
1b6e1dbd13
include property writes in super-classes when reading a property in a sub-class
2021-08-27 10:04:39 +02:00
Erik Krogh Kristensen
285c659541
add src as a potential unsafe DOM property name for js/xss-through-dom
2021-08-27 10:04:39 +02:00
jorgectf
64b305cf7a
Add .qhelp along with its example
2021-08-26 23:29:45 +02:00
Edoardo Pirovano
48829450bb
Merge pull request #6560 from edoardopirovano/bump-js-packs
...
JS: Release new version of library and upgrade pack
2021-08-26 16:53:29 +01:00
Sauyon Lee
2132ee52d5
Restrict the size of appliesTo for default methods
2021-08-26 08:02:21 -07:00
Sauyon Lee
abf3bbbe8d
Add qldoc for public elements
2021-08-26 08:02:21 -07:00
Sauyon Lee
e7611ab641
Move getCall and appliesTo to relevant classes
2021-08-26 08:02:21 -07:00
Sauyon Lee
ce8d14e6ef
Add a priority predicate for test generation support methods
2021-08-26 08:02:21 -07:00
