hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,672 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

5849 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
cdde8aea58 revert changes to js/useless-expression 2019-10-08 11:54:56 +02:00
Erik Krogh Kristensen
bed14244ae add query for detecting uses return-values from functions that does not return a value 2019-10-08 11:53:14 +02:00
Asger F
d0cce12db9 JS: Bump extractor version 2019-10-07 16:51:57 +01:00
Asger F
52bd19b951 JS: Run Java formatter 2019-10-07 16:51:57 +01:00
Asger F
316580334a TS: Fix extraction of default-exported class 2019-10-07 16:46:59 +01:00
Asger F
8fcf0ed30c JS: Update Angular/JQLiteObject test 2019-10-07 14:31:09 +01:00
Erik Krogh Kristensen
3a55880d51 update expected output for js/suspicious-method-name-declaration 2019-10-07 15:18:37 +02:00
Asger F
755f76a308 JS: Mention the ::Range classes 2019-10-07 08:29:42 +01:00
Asger F
34b4eb69db JS: Cache JSDocTypeExpr.resolvedName() 2019-10-07 08:29:42 +01:00
Asger F
c1e9eec267 JS: Modernize jQuery attribute defs 2019-10-07 08:29:42 +01:00
Asger F
a224186fab JS: Migrate AngularJS.JQLiteObject 2019-10-07 08:29:42 +01:00
Asger F
afdcb1e075 JS: Handle jQuery objects from Parameter.getAnInitialUse() 2019-10-07 08:29:42 +01:00
Asger F
284a24c18e JS: Update tests with deprecation warning 2019-10-07 08:29:42 +01:00
Asger F
fb181c2d14 JS: Use type info and type tracking in jQuery 2019-10-07 08:29:42 +01:00
Erik Krogh Kristensen
14cc352bd9 small documentation change based on review 2019-10-04 15:26:32 +02:00
Erik Krogh Kristensen
144e831515 mention that "function" should not be used when declaring a call signature in an interface 2019-10-04 15:05:11 +02:00
Erik Krogh Kristensen
bf1fd83851 fix typo in predicate name 2019-10-04 15:04:39 +02:00
Erik Krogh Kristensen
b741a65e9b documentation changes based on review 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-10-04 14:42:16 +02:00
Erik Krogh Kristensen
c8d60c9e2a update @description of js/suspicious-method-name-declaration 2019-10-04 11:40:33 +02:00
Erik Krogh Kristensen
712a337bdd qhelp adjustments based on code-review 2019-10-04 11:06:11 +02:00
Erik Krogh Kristensen
ced5e3ea29 qhelp adjustment from code-review 
Co-Authored-By: Esben Sparre Andreasen <42067045+esben-semmle@users.noreply.github.com>
 2019-10-04 11:02:15 +02:00
Erik Krogh Kristensen
2b5e3aebb7 change tabs to spaces 2019-10-02 15:03:38 +02:00
Erik Krogh Kristensen
0c46e5c1a8 update description of js/suspicious-method-name-declaration 2019-10-02 15:01:25 +02:00
Erik Krogh Kristensen
c0b7538cf0 made the blacklist for methods named "function" work again 2019-10-02 14:56:41 +02:00
Erik Krogh Kristensen
e5290f3bb0 remove some parentheses 2019-10-02 14:51:47 +02:00
Erik Krogh Kristensen
22aac8e723 ensure that the existence of non-synthetic constructor is checked correctly 2019-10-02 14:49:33 +02:00
Erik Krogh Kristensen
a66e33ea5e add references to TypeScript spec for "new" and "constructor" keywords 2019-10-01 15:56:45 +02:00
Erik Krogh Kristensen
584b9d4e30 update expected test output 2019-10-01 15:53:37 +02:00
Erik Krogh Kristensen
2ad85d16bd refactor a list of negated conjunctions to a disjunction 2019-10-01 15:53:22 +02:00
Erik Krogh Kristensen
6c176fc967 introduce name as a variable, and adjust alert messages 2019-10-01 15:28:57 +02:00
Erik Krogh Kristensen
26a0bfac39 refactor js/suspicious-method-name-declaration to use isSynthetic predicate 2019-10-01 15:06:45 +02:00
Erik Krogh Kristensen
1e2aad5a29 fix pointer in .qlref, and update expected test results 2019-10-01 14:56:00 +02:00
Erik Krogh Kristensen
aa1368741b rename suspicious-method-name to suspicious-method-name-declaration 2019-10-01 14:37:07 +02:00
Erik Krogh Kristensen
0320f0f26b add query for detecting suspisous method names in TypeScript 2019-09-30 13:05:50 +02:00
Erik Krogh Kristensen
7fb8f8453d fix for when the concatenation root is in parentheses 2019-09-26 16:35:38 +02:00
Erik Krogh Kristensen
69365ccd03 remove false positive in missingSpaceInAppend by requring the presence of a word-like fragment 2019-09-26 12:59:05 +02:00
Asger F
c2f6855a7b JS: Update tests 2019-09-26 10:17:58 +01:00
Asger F
cafa9edf69 JS: upgrade script, stats, version string 2019-09-26 10:17:58 +01:00
Asger F
b4f67f20af JS: Extract types and signatures for functions 2019-09-26 10:17:58 +01:00
Asger F
999d10e1f0 JS: Use consistent indentation 2019-09-26 10:17:58 +01:00
Asger F
405d43d539 JS: Merge CallSignatureTypes test 2019-09-26 10:17:58 +01:00
Asger F
97494290de JS: Add getOverloadIndex() 2019-09-26 10:17:58 +01:00
Asger F
8ca294ae41 JS: Merge TypeScript/CallSignatures test 2019-09-26 10:17:58 +01:00
Max Schaefer
d4fca84898 JavaScript: Improve XSS sanitizer detection. 
We now use local data flow to detect more regexp-based sanitizers.
 2019-09-23 17:07:06 +01:00
semmle-qlci
825a3d2917 Merge pull request #1954 from asger-semmle/type-tracking-through-captured-vars 
Approved by xiemaisi
 2019-09-23 12:10:30 +01:00
semmle-qlci
e2c941c577 Merge pull request #1916 from erik-krogh/taintedLength 
Approved by asger-semmle, xiemaisi
 2019-09-23 11:47:48 +01:00
Max Schaefer
149ae5d7ab JavaScript: Fix IllegalInvocation. 
This fixes false positives that arise when a call such as `f.apply` can either be interpreted as a reflective invocation of `f`, or a normal call to method `apply` of `f`.
 2019-09-23 07:44:14 +01:00
Asger F
69a88c4fcd JS: Fix typo and add metadata to DomValueRefs 2019-09-20 15:43:08 +01:00
Asger F
1ce0a48996 JS: Update tests 2019-09-20 15:41:36 +01:00
semmle-qlci
6d9d859119 Merge pull request #1934 from asger-semmle/node-js-classification 
Approved by esben-semmle
 2019-09-20 09:50:34 +01:00