hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,672 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

5849 Commits

Author SHA1 Message Date
semmle-qlci
cf5b1f0cd5 Merge pull request #3019 from erik-krogh/ArrayStep 
Approved by asgerf
 2020-03-25 12:08:44 +00:00
Erik Krogh Kristensen
abcdfe3c53 use LibraryName class for websocket library names 2020-03-25 13:06:21 +01:00
Erik Krogh Kristensen
f2b9e2019c remove isRelevant from flowStep 2020-03-25 09:46:07 +01:00
Erik Krogh Kristensen
6f0e507242 outline predicate to fix join-ordering 2020-03-25 09:44:03 +01:00
Erik Krogh Kristensen
3000486b35 add more isRelevant calls 2020-03-25 09:42:24 +01:00
Erik Krogh Kristensen
1d8e103322 autoformat 2020-03-25 00:19:23 +01:00
Max Schaefer
efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
Erik Krogh Kristensen
36981f385a Merge branch 'master' of git.semmle.com:Semmle/ql into MorePathSinks 2020-03-24 11:20:33 +01:00
semmle-qlci
4c9a6b73ee Merge pull request #3107 from erik-krogh/FArgs 
Approved by esbena
 2020-03-24 08:32:56 +00:00
Erik Krogh Kristensen
fa710c5864 Merge remote-tracking branch 'upstream/master' into UrlSearch 2020-03-24 00:23:15 +01:00
Erik Krogh Kristensen
5b4f091257 add test for remote flow sources in WebSockets 2020-03-23 23:58:20 +01:00
Erik Krogh Kristensen
6a1491d83d add SockJS to the existing WebSocket model 2020-03-23 23:56:11 +01:00
Erik Krogh Kristensen
9a18dc32c1 autoformat WebSocket tests 2020-03-23 23:49:26 +01:00
Erik Krogh Kristensen
7b7eddff1e remove previous SockJS implementation, and move example to WebSocket test 2020-03-23 23:45:05 +01:00
Asger F
a1e032bee6 Merge pull request #3098 from kyprizel/master 
Experimental SockJS support
 2020-03-23 22:39:10 +00:00
kyprizel
dec1b8b070 Update javascript/ql/src/experimental/SockJS/SockJS.qll 
Fix comments

Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-23 22:59:48 +03:00
kyprizel
b90ff5e84d Update javascript/ql/src/experimental/SockJS/SockJS.qll 
do not import specific libs

Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-23 22:59:23 +03:00
semmle-qlci
e5590091a0 Merge pull request #3109 from max-schaefer/js/performance-fixes 
Approved by asgerf
 2020-03-23 16:08:07 +00:00
Max Schaefer
55e7b22cdf JavaScript: Autoformat. 2020-03-23 14:37:04 +00:00
kyprizel
49e5a22cab Fixed code style for SockJS 
also fixed appCreation, thanks to Erik Krogh.
 2020-03-23 17:16:17 +03:00
Erik Krogh Kristensen
7bc7ffffd6 autoformat 2020-03-23 14:10:07 +01:00
Erik Krogh Kristensen
f1e0d37273 Update javascript/ql/test/library-tests/frameworks/Concepts/file-access.js 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-23 14:02:22 +01:00
Max Schaefer
b13e6141a2 JavaScript: Inline promiseStep/4. 2020-03-23 12:01:52 +00:00
Asger F
6c2842bd49 Merge pull request #2919 from asger-semmle/js/property-barriers 
JS: Make sanitizers no longer block taint inside an object
 2020-03-23 11:43:18 +00:00
Erik Krogh Kristensen
2c43d1d731 fix FP in superfluous-trailing-arguments related to Function.arguments 2020-03-23 10:40:35 +01:00
Eldar T. Zaitov
ee0b65ad39 Added experimental SockJS support 2020-03-20 21:24:16 +03:00
Erik Krogh Kristensen
f88cc2a977 inline promiseStep predicate 2020-03-20 09:07:52 +01:00
Erik Krogh Kristensen
90a324148d add extra sinks to js/tainted-path 2020-03-20 09:07:39 +01:00
semmle-qlci
deb20fc37f Merge pull request #3076 from esbena/js/even-more-mongoose-improvements 
Approved by erik-krogh
 2020-03-19 12:03:53 +00:00
Max Schaefer
ee62706ad2 JavaScript: Split up a predicate to avoid bad join order. 2020-03-19 11:47:53 +00:00
Max Schaefer
d91e6a4893 JavaScript: Avoid a few bad join orders. 2020-03-19 11:47:53 +00:00
Asger Feldthaus
4f42675b35 JS: Autformat 2020-03-19 09:36:27 +00:00
Asger Feldthaus
3ae33e3c1a JS: Update prototype pollution query 2020-03-18 23:59:25 +00:00
Asger Feldthaus
b6ca4fbee3 JS: Add getDefaultSourceLabel() 2020-03-18 23:52:25 +00:00
Asger Feldthaus
7393844699 JS: Update some queries that used data as source 2020-03-18 11:55:13 +00:00
Asger Feldthaus
506ddaf3f4 JS: Add explanation for test failure 2020-03-18 11:55:13 +00:00
Asger Feldthaus
028022158d JS: Add variant of test that passes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a7e337ab28 JS: Add some lines in test case 2020-03-18 11:55:13 +00:00
Asger Feldthaus
3e68072e38 JS: Accept test case change 2020-03-18 11:55:13 +00:00
Asger Feldthaus
18eea96cf8 JS: Autoformat 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a9901a44e8 JS: Update TaintBarriers/isBarrier test 2020-03-18 11:55:13 +00:00
Asger Feldthaus
0edb765958 JS: Split test case function in two 2020-03-18 11:55:13 +00:00
Asger Feldthaus
4e75fe3977 JS: Update some qldoc comments 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a195429471 JS: Add test with non-guard sanitizer 2020-03-18 11:55:12 +00:00
Asger Feldthaus
83606e7b60 JS: Dont use data label in taint-tracking configs 2020-03-18 11:55:12 +00:00
Asger Feldthaus
8da0584b12 JS: Add test 2020-03-18 11:55:12 +00:00
Esben Sparre Andreasen
b1a722fcda JS: typo fix 2020-03-18 10:11:38 +01:00
Esben Sparre Andreasen
12d8177b4b Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:12:05 +01:00
Esben Sparre Andreasen
ce3b196b93 Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:57 +01:00
Esben Sparre Andreasen
b9860d3444 Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:49 +01:00