hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

2615 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
92cebea235 update tests to include empty reciever case 2019-10-27 00:25:59 +02:00
Erik Krogh Kristensen
da23898eba update tests 2019-10-26 23:26:45 +02:00
Erik Krogh Kristensen
5b26d03f1c introduce backtracking, and also marking join/slice calls 2019-10-25 16:50:09 +02:00
Max Schaefer
89f68f47a0 JavaScript: Improve type inference for captured variables. 2019-10-25 14:22:24 +01:00
Max Schaefer
6269dd99ab JavaScript: Improve type inference for destructuring assignments. 2019-10-25 14:22:24 +01:00
Asger F
04ee483c9e JS: update test output 2019-10-25 14:10:18 +01:00
Asger F
5636d42c13 JS: Update test 2019-10-25 09:57:10 +01:00
Erik Krogh Kristensen
5489a80372 add query for detecting ignored calls to Array.prototype.concat 2019-10-24 16:17:19 +02:00
Erik Krogh Kristensen
834b572f45 add initial support for expressions in TypeScript 2019-10-24 10:17:00 +02:00
semmle-qlci
1c79ec550e Merge pull request #2092 from esben-semmle/js/brittle-system-reflection-command 
Approved by mchammer01, xiemaisi
 2019-10-22 08:36:44 +01:00
semmle-qlci
0dcb189e67 Merge pull request #2162 from xiemaisi/js/remove-deprecated-queries 
Approved by esben-semmle
 2019-10-22 07:15:58 +01:00
Esben Sparre Andreasen
5a983cb535 JS: add query js/shell-command-injection-from-environment 2019-10-21 23:31:55 +02:00
Erik Krogh Kristensen
2e0244cda6 address review feedback 2019-10-21 20:32:45 +02:00
Max Schaefer
55fb86d618 JavaScript: Remove deprecated queries. 
These queries have all been deprecated since 1.17 (released in July 2018). I think it's time to say goodbye.
 2019-10-21 14:42:02 +01:00
Erik Krogh Kristensen
9eda120de4 implement a new query to detect unreachable overloaded methods in TypeScript 2019-10-21 13:34:42 +02:00
Asger F
8aa34e6a54 JS: Add XSS test case for new PostMessageEventHandler cases 2019-10-21 11:32:22 +01:00
Asger F
96b6c83eba JS: Tests and fixes for PartialInvokeNode 2019-10-21 11:32:22 +01:00
Max Schaefer
a4bffe35fd JavaScript: Add support for globalThis. 2019-10-17 12:04:01 +01:00
Esben Sparre Andreasen
e1d7434be4 JS: add query js/useless-regexp-character-escape 2019-10-16 00:15:54 +02:00
Max Schaefer
dca808126f Merge pull request #2032 from erik-krogh/lessSpaces 
JS: remove false positive in js/missing-space-in-concatenation
 2019-10-14 14:25:40 +01:00
Erik Krogh Kristensen
28056791a5 add .getALocalSource() when testing for lodash-members 2019-10-14 14:14:26 +02:00
Erik Krogh Kristensen
a7c1c34e1e fix test output, and add new test for array callbacks 2019-10-11 17:14:58 +02:00
Erik Krogh Kristensen
31009d979d add type tracking to detect instances 2019-10-11 12:04:34 +02:00
semmle-qlci
7ba04768cd Merge pull request #2098 from asger-semmle/ts-computed-field-name-context 
Approved by esben-semmle
 2019-10-10 12:06:46 +01:00
Erik Krogh Kristensen
c7eb0f17a9 add TaintTracking test for new Deferred model 2019-10-09 13:59:00 +02:00
Esben Sparre Andreasen
0e79d3db46 Merge pull request #2065 from erik-krogh/noReturn 
JS: use of returnless function
 2019-10-09 13:44:39 +02:00
Asger F
45b108842b JS: Update CallGraph test output 2019-10-09 12:16:11 +01:00
Asger F
b392559b39 JS: Accept that types may degrade CG precision 2019-10-09 12:16:11 +01:00
Asger F
07df479b94 JS: IllegalInvocation: be more convservative 2019-10-09 12:16:11 +01:00
Asger F
ad8667d6db JS: IllegalInvocation regression test 2019-10-09 12:16:11 +01:00
Asger F
d3f587c12a JS: Restrict class values flowing through globals 2019-10-09 12:16:11 +01:00
Asger F
dbfd0ae03b JS: InconsistentNew regression test 2019-10-09 12:16:11 +01:00
Esben Sparre Andreasen
ea63414e97 Merge pull request #2016 from asger-semmle/jquery 
Add type tracking and type info to jQuery model
 2019-10-09 10:55:57 +02:00
semmle-qlci
c8e5be74d5 Merge pull request #2093 from asger-semmle/ts-unused-var-fix 
Approved by erik-krogh
 2019-10-08 13:51:46 +01:00
Asger F
8146619913 JS: Set context of computed field names to enclosing ctor 2019-10-08 13:51:12 +01:00
Asger F
2235072841 JS: Add tests 2019-10-08 13:51:12 +01:00
Asger F
90ad55e8ce JS: Update DOM test 2019-10-08 11:50:18 +01:00
Erik Krogh Kristensen
0933235132 whitelist calls to functions that always throw an exception 2019-10-08 11:54:57 +02:00
Erik Krogh Kristensen
1bbe1ecdba the js/use-of-returnless-function query now support multiple callees 2019-10-08 11:54:57 +02:00
Erik Krogh Kristensen
7025ba36c0 refactor of js/use-of-returnless-function 2019-10-08 11:54:57 +02:00
Erik Krogh Kristensen
dedae5ba1d refactor isExplicitConditional into a library file, and use it from js/use-of-returnless-function 2019-10-08 11:54:56 +02:00
Erik Krogh Kristensen
bda37b6d6f refactor of benignContext predicate based on code review 2019-10-08 11:54:56 +02:00
Erik Krogh Kristensen
bed14244ae add query for detecting uses return-values from functions that does not return a value 2019-10-08 11:53:14 +02:00
Asger F
316580334a TS: Fix extraction of default-exported class 2019-10-07 16:46:59 +01:00
Asger F
8fcf0ed30c JS: Update Angular/JQLiteObject test 2019-10-07 14:31:09 +01:00
Erik Krogh Kristensen
3a55880d51 update expected output for js/suspicious-method-name-declaration 2019-10-07 15:18:37 +02:00
Asger F
c1e9eec267 JS: Modernize jQuery attribute defs 2019-10-07 08:29:42 +01:00
Asger F
284a24c18e JS: Update tests with deprecation warning 2019-10-07 08:29:42 +01:00
Asger F
fb181c2d14 JS: Use type info and type tracking in jQuery 2019-10-07 08:29:42 +01:00
Erik Krogh Kristensen
b741a65e9b documentation changes based on review 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-10-04 14:42:16 +02:00