hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

5316 Commits

Author SHA1 Message Date
CodeQL CI
036a36a474 Merge pull request #4317 from max-schaefer/js/api-node-depth 
Approved by asgerf
 2020-09-22 05:58:48 -07:00
Erik Krogh Kristensen
717ea2369c Merge pull request #4311 from erik-krogh/indirect-fix 
JS: improve join-order for HTTP::isDecoratedCall
 2020-09-22 14:35:50 +02:00
CodeQL CI
9a306866c5 Merge pull request #4282 from erik-krogh/es2021 
Approved by esbena
 2020-09-22 05:34:35 -07:00
Erik Krogh Kristensen
32b0f1b480 add code example to isDecoratedCall 2020-09-22 10:42:49 +02:00
Max Schaefer
dafd45f0f4 JavaScript: Add a few metric queries for API graphs. 2020-09-22 09:30:19 +01:00
Max Schaefer
46ba4a1fa8 JavaScript: Expose another useful predicate on API-graph nodes. 2020-09-22 09:30:12 +01:00
Erik Krogh Kristensen
ec49c444ef Apply suggestions from code review 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-09-22 10:15:30 +02:00
Erik Krogh Kristensen
4243504c8b improve join-order for HTTP::isDecoratedCall 2020-09-21 23:20:16 +02:00
Erik Krogh Kristensen
4bc91c4439 add support for Promise.any 2020-09-21 10:50:06 +02:00
Erik Krogh Kristensen
b09015380a add support for String.prototype.replaceAll 2020-09-21 10:50:04 +02:00
Erik Krogh Kristensen
4dfc0680e2 support non SourceNode receiver for partialInvoke in routeHandlerStep 2020-09-21 10:42:19 +02:00
Erik Krogh Kristensen
4cde48cfb8 change comma to dot in qldoc 2020-09-21 10:23:21 +02:00
Erik Krogh Kristensen
edebbd640e revert change to return-type 2020-09-21 10:18:22 +02:00
Erik Krogh Kristensen
6c050d3160 revert change of return-type 2020-09-20 22:21:42 +02:00
Erik Krogh Kristensen
ae228cb5b2 move new predicates to a more fitting location 2020-09-20 22:15:03 +02:00
Erik Krogh Kristensen
5fd4c7a422 use PartialInvokeNode 2020-09-20 22:06:48 +02:00
Erik Krogh Kristensen
bef09254ee rename forwardingCall to isAForwardingRouteHandlerCall 2020-09-20 21:59:33 +02:00
Erik Krogh Kristensen
62332121b2 remove getNumParameter constraint 2020-09-20 21:57:55 +02:00
Erik Krogh Kristensen
3aaa2d11a7 rename decoratedRouteHandler to isDecoratedCall 2020-09-20 21:54:56 +02:00
Erik Krogh Kristensen
0b16f81f8b improve performance by using RouteHandlerCandidate 2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen
b4e75bf567 update expected output 2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen
1f95311342 further loosen the RouteHandlerCandidate heuristic 2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen
3eaa56ed60 support containers with decorated route handlers 2020-09-18 09:29:08 +02:00
Erik Krogh Kristensen
c087e94d47 add additional indirect route-handler steps 2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen
02c1d689e4 support indirect route-handlers for NodeJS 2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen
dafcd59148 add another indirect route-handler test 2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen
43e5c0212c add basic support for indirect route handlers 2020-09-18 09:26:33 +02:00
CodeQL CI
c2175b678c Merge pull request #4263 from erik-krogh/importScripts 
Approved by esbena
 2020-09-16 06:01:35 -07:00
CodeQL CI
951e3093d2 Merge pull request #4231 from erik-krogh/CVE767 
Approved by asgerf
 2020-09-15 03:47:40 -07:00
Erik Krogh Kristensen
fa255f3534 add test for self.importScripts(..) 2020-09-15 12:23:48 +02:00
Erik Krogh Kristensen
c5b5a4fd55 improve performance of NodeJS::NodeModule::exports 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
c1cb19abd7 add level PreCallGrapSteps to the callgraph 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
f2ecb63e5a add a direct Export step as a PreCallGraphStep 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
29457c52dc add reexported test to PackageExports test 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
61f6580d1e add API in PackageExports.qll for getting a value exported under a name 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
d3653b3030 add support for re-exports using the spread operator for NodeJS exports 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
03a3c4f4b2 update expected output 2020-09-14 16:50:47 +02:00
Erik Krogh Kristensen
f4f96ce04d use new source in client-side-url-redirect test 2020-09-14 16:50:47 +02:00
Erik Krogh Kristensen
cb7de2714a add onmessage handlers registered using global property as PostMessageEventHandler 2020-09-14 16:50:45 +02:00
Erik Krogh Kristensen
6e84ac8e6c add test for importScripts 2020-09-14 16:02:34 +02:00
Erik Krogh Kristensen
2e3df74dce add importScripts as a sink for js/client-side-unvalidated-url-redirection 2020-09-14 16:02:34 +02:00
Erik Krogh Kristensen
6fb534f178 fix catastrophic join order in UnsafeJQueryPlugin 2020-09-14 09:59:48 +02:00
Erik Krogh Kristensen
9502869e3c improve join-order for aliasPropertyPresenceStep 2020-09-14 09:59:22 +02:00
CodeQL CI
903bc007b8 Merge pull request #4082 from max-schaefer/js/api-graph 
Approved by asgerf
 2020-09-11 04:41:38 -07:00
Max Schaefer
b71a8e2ad0 JavaScript: Expose an API-graph predicate that is useful for flow summaries. 2020-09-10 08:44:06 +01:00
CodeQL CI
a1cec12377 Merge pull request #4220 from erik-krogh/colonCmd 
Approved by esbena
 2020-09-09 10:13:14 +01:00
Erik Krogh Kristensen
cffe573d06 add taint-steps for underscore methods 2020-09-09 09:57:53 +02:00
Erik Krogh Kristensen
eb80705e99 add a taint-step for require("bluebird").mapSeries() 2020-09-09 09:57:53 +02:00
Erik Krogh Kristensen
b97c09a319 use tuples to simplify arrayFunctionTaintStep 2020-09-09 09:57:53 +02:00
Erik Krogh Kristensen
bb97829e1d add a model for the ClientRequest new require("net").Socket() 2020-09-09 09:57:53 +02:00