hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,672 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

11309 Commits

Author SHA1 Message Date
Max Schaefer
38a38ab780 JavaScript: Make autobuilder fail if no JS/TS code was seen. 
In particular, the autobuilder will no longer succeed for projects that
contain HTML or YAML files but no JS/TS code. Further down the line,
this prevents LGTM.com from classifying such projects as "JavaScript"
projects.
 2019-05-28 14:43:59 +01:00
semmle-qlci
9fb61d5f26 Merge pull request #1371 from xiemaisi/js/index-xml 
Approved by asger-semmle
 2019-05-28 14:30:43 +01:00
semmle-qlci
ead59baa0e Merge pull request #1369 from xiemaisi/js/fix-autobuild-test 
Approved by asger-semmle
 2019-05-28 12:27:17 +01:00
semmle-qlci
bd15994bb4 Merge pull request #1367 from xiemaisi/js/configuration-api-consistency 
Approved by esben-semmle
 2019-05-28 12:26:58 +01:00
Asger F
ef1ad0d3b7 JS: Summary expected output (not taint-tracking config anymore) 2019-05-28 12:05:51 +01:00
Asger F
9f43844f1e JS: Remove obsolete code 2019-05-28 11:54:57 +01:00
Asger F
8d60ae7200 JS: Avoid unnecessary casts 2019-05-28 11:54:42 +01:00
Asger F
9f1617a6a8 JS: Update TaintedPath.expected (4x paths) 2019-05-28 11:22:08 +01:00
Asger F
6617747185 JS: Update DataFlowTracking output for booleanOps.js 2019-05-28 11:19:23 +01:00
Max Schaefer
7f8f126338 JavaScript: Add support for XML extraction. 2019-05-28 09:44:24 +01:00
Max Schaefer
4992970181 JavaScript: Fix an auto-build test. 2019-05-28 09:44:24 +01:00
Max Schaefer
86e96c6dc3 JavaScript: Introduce is{Barrier,Sanitizer}Edge predicate. 
This name is more intuitive than the previous binary
`is{Barrier,Sanitizer}` predicates, and is consistent with the other
languages.
 2019-05-28 08:08:14 +01:00
Max Schaefer
d9b3e461ba Merge pull request #1351 from asger-semmle/js-incomplete-nodes 
JS: Mark some more nodes as incomplete
 2019-05-28 07:59:23 +01:00
Max Schaefer
bad5465aad Merge pull request #1360 from asger-semmle/customize-window-document 
JS: Make some DOM concepts customizable
 2019-05-28 07:58:44 +01:00
Esben Sparre Andreasen
fd4c749e27 JS: change FrameworkLibraryInstance Script/TopLevel inheritance 
This is theoretically a breaking change, but it preserves the
semantics of all queries in this repository, as far as I can see.
 2019-05-28 08:31:23 +02:00
Esben Sparre Andreasen
1b1e9ed51a JS: cache matchMarkerComment 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
189ac6c2bd JS: add js/prototype-pollution to the security suite 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
eb13ab52cf JS: sharpen js/prototype-pollution with version analysis 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
c143e31fb5 JS: rename getDefaultNode to getImportedModuleNode 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
0660db37f6 JS: introduce SemVer matching library 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
7d57d1915a JS: introduce DataFlow::DependencyModuleImport 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
1cea29d89f JS: improve prototype pollution tests 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
af3f0b1d04 JS: add test for missing support for package-lock.json 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
ef6f4c7a5e JS: update docstring 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
f74653be46 JS: extract getDefaultNode from DefaultRange 2019-05-27 22:32:32 +02:00
Max Schaefer
1bf7bcf010 Merge pull request #1356 from asger-semmle/tainted-path-cherry-picked 
JS: Refactor LabelledBarrierGuard
 2019-05-23 12:26:35 +01:00
Asger F
6bb011a4cc JS: Stop using data/taint as flow labels in TaintedPath 2019-05-23 10:16:41 +01:00
Asger F
0823f6c935 JS: fix use of dataOrTaint() 2019-05-23 10:16:41 +01:00
Asger F
37fa2446d4 JS: review comments 2019-05-23 10:16:31 +01:00
Asger F
07d508d1bf JS: Track taint through .replace() 2019-05-23 09:23:48 +01:00
Asger F
1ec3475457 JS: All of TaintedPath 2019-05-23 09:23:47 +01:00
semmle-qlci
fac620d6f3 Merge pull request #1357 from asger-semmle/jump-to-namespace 
Approved by xiemaisi
 2019-05-23 09:00:24 +01:00
Asger F
9046fd15f7 JS: Update expected output of XSS query (benign) 2019-05-23 08:56:01 +01:00
Asger F
2fc0ab5595 JS: Stop using the AST-based isDocumentURL internally 2019-05-23 08:55:21 +01:00
Asger F
8b7dbf8b0f JS: Align DOM::locationRef with isDocumentURL 2019-05-23 08:45:08 +01:00
Asger F
8590042a7e JS: customizable window, document, DOM value 2019-05-22 15:49:56 +01:00
Asger F
153e778f7f JS: Remove jump-to-namespace 2019-05-22 14:42:48 +01:00
Asger F
deb217326d JS: Update our own queries 2019-05-22 13:13:08 +01:00
Asger F
61ef73b0f7 JS: Add change note and deprecation member 2019-05-22 12:23:29 +01:00
Asger F
6246eb2fe3 JS: Refactor LabeledSantizerGuard 2019-05-22 12:08:03 +01:00
semmle-qlci
dc8123db8e Merge pull request #1355 from xiemaisi/js/data-flow-api-fiddling 
Approved by asger-semmle
 2019-05-22 10:40:32 +01:00
semmle-qlci
c100c70a65 Merge pull request #1348 from xiemaisi/js/add-external-link-cwe 
Approved by esben-semmle
 2019-05-22 08:12:51 +01:00
semmle-qlci
114ba0e722 Merge pull request #1349 from EdoDodo/js-performance 
Approved by xiemaisi
 2019-05-21 17:50:01 +01:00
Asger F
180b5443ba JS: Update output of incomplete.ql 2019-05-21 17:02:43 +01:00
Asger F
de2f323172 JS: Mark unused parameter nodes as incomplete 2019-05-21 16:53:39 +01:00
Asger F
69dbbcf1c8 JS: Mark destructuring nodes as incomplete 2019-05-21 16:52:35 +01:00
Asger F
faa47029d5 JS: Mark exceptional nodes as incomplete 2019-05-21 13:51:59 +01:00
Asger F
68ae409947 JS: Test for mismatch between taint and type inference 2019-05-21 13:26:02 +01:00
Edoardo Pirovano
9d2580f778 JS: Fix performance regression of query. 2019-05-21 12:26:11 +01:00
semmle-qlci
8cd3cb501a Merge pull request #1346 from xiemaisi/js/revert-1078 
Approved by esben-semmle
 2019-05-21 12:19:57 +01:00