codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00

Author	SHA1	Message	Date
Max Schaefer	f9106b3bfe	Merge pull request #685 from asger-semmle/useless-conditional-as-value JS: fix FPs in UselessConditional	2018-12-14 08:44:10 +00:00
semmle-qlci	7f21f145e2	Merge pull request #678 from asger-semmle/function-receiver Approved by xiemaisi	2018-12-14 08:39:04 +00:00
Aditya Sharad	f71e5ac338	Merge master into next.	2018-12-13 17:57:31 +00:00
Asger F	f737830f18	JS: fix typo	2018-12-13 15:56:00 +00:00
Asger F	ae4b55de9a	JS: fix FPs in UselessConditional	2018-12-13 15:41:41 +00:00
Asger F	cb349348e7	JS: rename getThisParameter to getReceiver	2018-12-13 10:19:44 +00:00
Max Schaefer	e194021c3b	Merge pull request #629 from esben-semmle/js/persistent-read-taint JS: add persistent storage taint steps	2018-12-13 08:24:42 +00:00
Max Schaefer	969fe6e4f1	Merge pull request #657 from esben-semmle/js/classify-more-files JS: classify additional files	2018-12-13 08:20:33 +00:00
Max Schaefer	e8c8360ad1	Merge pull request #659 from esben-semmle/js/more-constant-string-usage JS: replace StringLiteral with ConstantString in two queries	2018-12-13 08:19:22 +00:00
Max Schaefer	f1dcec8369	Merge pull request #667 from asger-semmle/ts-binding-pattern-with-defaults TS: fix extraction of binding pattern with default	2018-12-13 08:18:22 +00:00
Max Schaefer	54bb9d185f	Merge pull request #632 from asger-semmle/pseudo-random-bytes JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql	2018-12-13 08:14:40 +00:00
Max Schaefer	df42707050	Merge pull request #675 from asger-semmle/window.name JS: Add window.name as remote flow source	2018-12-13 08:13:15 +00:00
Aditya Sharad	f92456fcad	Merge master into next. Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`, resolved by accepting test output (combining changes).	2018-12-12 17:26:18 +00:00
Asger F	635a3cb1ec	JS: add FunctionNode.getThisParameter	2018-12-12 16:26:02 +00:00
Asger F	a96c53f9b8	JS: restrict when a variable reference is considered a source	2018-12-12 12:28:26 +00:00
Asger F	14621760bb	JS: add window.name as DOM-based remote flow source	2018-12-12 12:22:39 +00:00
Asger F	aa04e9c77f	TS: fix extraction of binding pattern with default	2018-12-12 10:36:30 +00:00
Max Schaefer	faaca21996	JavaScript: Avoid more unhelpful magic.	2018-12-12 08:40:21 +00:00
Max Schaefer	4fc27aaa51	Merge branch 'master' into pseudo-random-bytes	2018-12-12 08:19:57 +00:00
semmle-qlci	06dd5f3616	Merge pull request #656 from xiemaisi/js/unused-local-underscore Approved by esben-semmle	2018-12-12 08:11:37 +00:00
Esben Sparre Andreasen	fac638ffab	JS: improve alert location of js/angular/unused-dependency	2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen	b5bbf990b0	JS: improve alert location of js/angular/repeated-dependency-injection	2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen	5acd1ca26d	JS: improve alert location of js/angular/duplicate-dependency	2018-12-11 21:47:08 +01:00
Asger F	a01a9dc5cc	JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql	2018-12-11 16:06:22 +00:00
Aditya Sharad	dde42a5723	Merge rc/1.19 into next.	2018-12-11 14:38:58 +00:00
Esben Sparre Andreasen	376ed7a4d2	JS: generalize js/command-line-injection to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	a1d92bfa50	JS: generalize js/incomplete-sanitization to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	1bc73ab592	JS: address review comments	2018-12-11 13:03:17 +01:00
Esben Sparre Andreasen	7cc6f2f4d8	JS: add test case	2018-12-11 10:17:25 +01:00
Esben Sparre Andreasen	73aa223b08	JS: handle additional multi-license file patterns	2018-12-11 09:55:38 +01:00
Max Schaefer	4d186e0edc	JavaScript: Teach `Unused{Variable,Parameter}` to ignore variables with leading underscore.	2018-12-11 08:50:50 +00:00
Esben Sparre Andreasen	edbef289a7	JS: improve whitespace handling for multi-license file recognition	2018-12-11 09:30:10 +01:00
Esben Sparre Andreasen	e016098f86	JS: support purs classification	2018-12-11 09:17:01 +01:00
Esben Sparre Andreasen	3879e57f18	JS: support <meta name="generator"/> classification	2018-12-11 09:12:39 +01:00
Esben Sparre Andreasen	a295dfd2c5	JS: support AutoRest classification	2018-12-11 08:54:19 +01:00
Esben Sparre Andreasen	ab519d4abf	JS: rename query "Incomplete URL regular expression" -> "Incomplete regular expression for hostnames".	2018-12-10 22:22:54 +01:00
Esben Sparre Andreasen	7c6e28d917	JS: introduce near-empty RegularExpressions.qll	2018-12-10 22:22:54 +01:00
Esben Sparre Andreasen	994fe1bea5	JS: address non-semantic review comments	2018-12-10 22:21:02 +01:00
Esben Sparre Andreasen	d4e4bc6a0b	JS: sharpen js/incomplete-url-regexp by not matching `.*` or `.+`	2018-12-10 22:21:02 +01:00
Esben Sparre Andreasen	52ca696ff4	JS: add query js/incomplete-url-regexp	2018-12-10 22:20:29 +01:00
Esben Sparre Andreasen	6d6379fc09	JS: address review comments	2018-12-10 22:03:52 +01:00
semmle-qlci	57de628ab8	Merge pull request #650 from xiemaisi/js/nomagic-isDOMProperty Approved by asger-semmle	2018-12-10 13:52:47 +00:00
Max Schaefer	e7df9b8b01	JavaScript: Avoid unhelpful magic.	2018-12-10 10:40:37 +00:00
semmle-qlci	1ca27e2c18	Merge pull request #647 from xiemaisi/js/fix-msita-perf Approved by esben-semmle	2018-12-09 21:32:31 +00:00
Max Schaefer	74e70615ed	JavaScript: Fix performance regression in `MixedStaticInstanceThisAccess`.	2018-12-07 13:17:36 +00:00
Aditya Sharad	fcfab26267	Merge rc/1.19 into next.	2018-12-07 12:31:51 +00:00
semmle-qlci	9e73ed71b9	Merge pull request #623 from esben-semmle/js/incomplete-url-sanitization Approved by mc-semmle	2018-12-06 20:46:37 +00:00
Esben Sparre Andreasen	4f53411397	JS: recognize HTTP URLs in js/incomplete-url-sanitization	2018-12-06 15:53:20 +01:00
Esben Sparre Andreasen	229eea00dc	JS: add query js/incomplete-url-substring-sanitization	2018-12-06 15:53:20 +01:00
semmle-qlci	3397533045	Merge pull request #628 from xiemaisi/js/setUnsafeHTML Approved by esben-semmle	2018-12-06 13:58:52 +00:00

... 101 102 103 104 105 ...

5849 Commits