5090 Commits

Author	SHA1	Message	Date
Max Schaefer	96bf82e1ca	JavaScript: Make new source-node classes in API graphs more general and more useful.	2020-10-06 14:21:36 +01:00
Max Schaefer	95b6b16b57	JavaScript: Add another API-graph test with re-exports.	2020-10-06 14:20:41 +01:00
CodeQL CI	4e116ba0db	Merge pull request #4419 from erik-krogh/jsxFactory ... Approved by asgerf	2020-10-06 06:13:21 -07:00
CodeQL CI	0753c8a31b	Merge pull request #4247 from erik-krogh/CVE760-reexport ... Approved by asgerf	2020-10-06 06:10:21 -07:00
CodeQL CI	ef703e72d8	Merge pull request #4401 from asgerf/js/angular-prerequisites ... Approved by erik-krogh	2020-10-06 06:09:48 -07:00
Asger Feldthaus	396f353397	JS: Reapply fixed to javadoc	2020-10-06 14:06:10 +01:00
CodeQL CI	7e6fa7b4be	Merge pull request #4392 from erik-krogh/flask ... Approved by asgerf	2020-10-06 03:41:36 -07:00
Erik Krogh Kristensen	f7f82ffe4e	Merge branch 'main' into CVE760-reexport	2020-10-06 12:28:44 +02:00
CodeQL CI	bc1d3de8fe	Merge pull request #4376 from erik-krogh/simpParam ... Approved by asgerf	2020-10-06 03:24:43 -07:00
Erik Krogh Kristensen	99213b94f5	detect uses of jsxFactory and jsxFragmentFactory in js/unused-local-variable	2020-10-06 12:23:15 +02:00
Asger Feldthaus	5374b66029	JS: Make CachedOperation private	2020-10-06 11:13:04 +01:00
Asger F	433e3e7e4e	JS: Expand doc string in installFromTarballurl ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-10-06 11:13:04 +01:00
Asger F	4e2b990d14	Add doc string to semVerToken ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-10-06 11:13:04 +01:00
Asger Feldthaus	0ddd825ea6	JS: Address some more review comments	2020-10-06 11:13:04 +01:00
Asger Feldthaus	b1bd612232	JS: Undo unused export	2020-10-06 11:13:04 +01:00
Asger Feldthaus	26b7d57a94	JS: Parse preferred version directly	2020-10-06 11:13:04 +01:00
Asger Feldthaus	85224aad34	JS: Address some review comments	2020-10-06 11:13:04 +01:00
Asger Feldthaus	57a588ceb6	JS: Share extraction results via symlinks	2020-10-06 11:13:03 +01:00
Asger Feldthaus	c84e43d95b	JS: Replace yarn with manual dependency resolution	2020-10-06 11:13:03 +01:00
Asger Feldthaus	f5c3aa3d39	JS: Handle types/typings fields in package.json	2020-10-06 11:13:03 +01:00
Asger Feldthaus	0220ab6784	JS: Move some TypeScript classes into .ts.extractor	2020-10-06 11:13:03 +01:00
Asger Feldthaus	a962a8a3bd	JS: Autoformat	2020-10-06 10:01:36 +01:00
Asger Feldthaus	c31cdaacb2	JS: Add test for getFieldTypeAnnotation	2020-10-06 10:01:04 +01:00
Max Schaefer	0109805ab0	JavaScript: Use new API in NoSQL models.	2020-10-06 09:45:03 +01:00
Max Schaefer	8277d5c08f	JavaScript: Introduce convenience predicate for working with typed API-graph nodes.	2020-10-06 09:25:35 +01:00
Max Schaefer	9206549a38	JavaScript: Make integration of TypeScript canonical names with modules in API graphs more consistent. ... Previously, canonical names were direct successors of module definitions/uses, now they are successors of exports/imports.	2020-10-06 09:25:35 +01:00
Erik Krogh Kristensen	d6dc4bb655	allow flask url_for urls in TargetBlank.ql	2020-10-05 21:40:24 +02:00
Erik Krogh Kristensen	7d8bb339b6	add support for destructuring object exports in getAnExportedValue	2020-10-05 21:38:31 +02:00
CodeQL CI	339c0721c5	Merge pull request #4344 from esbena/js/fixup-cwe-20-to-cwe-020 ... Approved by erik-krogh	2020-10-05 12:30:53 -07:00
CodeQL CI	e95b665556	Merge pull request #4363 from erik-krogh/nosql-api ... Approved by max-schaefer	2020-10-05 12:01:34 -07:00
Erik Krogh Kristensen	c1b5357e74	remove stray todo	2020-10-05 16:53:05 +02:00
Erik Krogh Kristensen	2753a4f379	Apply suggestions from code review ... Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2020-10-05 15:11:04 +02:00
CodeQL CI	48fa8aacd5	Merge pull request #4403 from asgerf/js/remove-tslint-dependency ... Approved by erik-krogh	2020-10-05 05:58:48 -07:00
Asger Feldthaus	fee99105da	JS: Remove tslint dependency	2020-10-05 11:53:58 +01:00
CodeQL CI	43b2c90538	Merge pull request #4400 from max-schaefer/js/api-graph-classrefs ... Approved by asgerf	2020-10-05 03:12:23 -07:00
Asger Feldthaus	8689a9b3b9	JS: Fix a bad join order in barrierGuardBlocksNode	2020-10-05 09:55:22 +01:00
Asger Feldthaus	790d2ba0fc	JS: Fix FPs from ParameterFieldAsPropWrite.getPropertyNameExpr	2020-10-05 09:55:22 +01:00
Asger Feldthaus	cad259fb83	JS: Use more types in DOM model	2020-10-05 09:55:22 +01:00
Asger Feldthaus	3dabff6b17	JS: Recognize field types in untyped code	2020-10-05 09:55:22 +01:00
Erik Krogh Kristensen	856ad07694	join-order improvement in NoSQL.qll	2020-10-03 22:07:34 +02:00
Alexander Eyers-Taylor	30ed6a0dac	Merge pull request #4385 from aibaars/drop-queries ... Drop 'tech-inventory' and 'code duplication' queries from the standard query suites	2020-10-02 18:31:25 +01:00
Arthur Baars	daa1bcc06e	Also mark 'tech inventory' queries as deprecated	2020-10-02 17:23:11 +02:00
Arthur Baars	fc45b6cd3c	Drop 'tech-inventory' and 'code duplication' queries from the standard query suites	2020-10-02 17:22:04 +02:00
Erik Krogh Kristensen	6acb199074	improve precision using getAnImmediateUse to check parameter names	2020-10-02 11:09:50 +02:00
Erik Krogh Kristensen	abdbe92720	refactor the NoSQL model to use API graphs	2020-10-02 10:42:49 +02:00
Max Schaefer	98e93a7b9d	JavaScript: Improve API-graph support for function-style classes.	2020-10-02 09:25:51 +01:00
Chris Smowton	aa707e9370	Merge pull request #4381 from smowton/smowton/admin/fix-owasp-broken-links ... Fix OWASP broken links	2020-10-02 08:51:36 +01:00
Aditya Sharad	f7f05476a2	Merge pull request #4375 from adityasharad/javascript/client-side-url-redirect-regexp ... JavaScript: Track taint through RegExp.prototype.exec for URL redirection	2020-10-01 09:55:19 -07:00
CodeQL CI	36450a8998	Merge pull request #4338 from erik-krogh/nodejs-server-request-data ... Approved by asgerf	2020-10-01 06:00:17 -07:00
Erik Krogh Kristensen	d54a057457	Merge pull request #4377 from erik-krogh/babelCrash ... JS: prevent crash when TemplateLiteral is used in import	2020-10-01 14:58:45 +02:00