hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,672 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

5849 Commits

Author SHA1 Message Date
Asger F
f3aea0706a JS: Use type info in Express Request/Response 2019-09-04 11:43:21 +01:00
semmle-qlci
6778f28424 Merge pull request #1854 from asger-semmle/prototype-pollution-precision 
Approved by esben-semmle, xiemaisi
 2019-09-03 10:50:24 +01:00
semmle-qlci
e4d59c361a Merge pull request #1856 from asger-semmle/ts-base-types 
Approved by xiemaisi
 2019-09-03 10:12:30 +01:00
Asger F
7790d4b667 JS: Make getALocalValue overriders include super 2019-09-02 16:45:06 +01:00
Asger F
2006826101 JS: Avoid breaking local object analysis 2019-09-02 16:45:06 +01:00
Asger F
9f2f10fa15 JS: Make type inference flow go through ssa definition node 2019-09-02 16:45:06 +01:00
Asger F
8737dbb73d JS: Add test 2019-09-02 14:31:40 +01:00
Asger F
54d47f60da JS: Include base types in TypeName 2019-09-02 14:18:48 +01:00
Asger F
e9159acecb TS: Fix skewed arrays due to recursive call 2019-09-02 13:03:25 +01:00
Asger F
a41a23fdba JS: Raise precision of prototype-pollution query 2019-09-02 11:00:24 +01:00
Max Schaefer
91e46cd6fd JavaScript: Fix parsing of asynchronous generator methods. 2019-09-02 09:56:42 +01:00
semmle-qlci
6d55d1f7c0 Merge pull request #1707 from asger-semmle/canonical-name-call-graph 
Approved by xiemaisi
 2019-09-02 09:45:24 +01:00
Asger F
89b91af6db JS: Make getDocumentation handle chain assignments 2019-08-30 18:20:54 +01:00
Asger F
3926436bd4 JS: Explain use of t.call() 2019-08-30 18:19:19 +01:00
Asger F
d6578e10c8 JS: Handle constructor calls to avoid regression 2019-08-30 18:19:19 +01:00
Asger F
1b6cc4ebcc JS: Update test 2019-08-30 18:19:19 +01:00
Asger F
a13fb8e2ba JS: Handle RHS in more cases 2019-08-30 18:19:19 +01:00
Asger F
1e5f0a4e2f JS: Update DataFlow tests 2019-08-30 18:19:19 +01:00
Asger F
5512846e6f JS: Update TypeTracking test 2019-08-30 18:19:19 +01:00
Asger F
bd6768e2c8 JS: Fix closure namespace prefix and update tests 2019-08-30 18:19:19 +01:00
Asger F
b1f9db9145 JS: Make getAFunctionValue follow global access paths 2019-08-30 18:19:19 +01:00
Asger F
8d59df229a JS: Allow calls to externs 2019-08-30 18:19:19 +01:00
Asger F
cfa2ec1084 JS: Remove fake JSONType from es5.js externs 2019-08-30 18:19:19 +01:00
Asger F
e7166c2a1c JS: Workaround for JSON externs 2019-08-30 18:19:19 +01:00
Asger F
221d94961a JS: Resolve simple calls based on qualified name 2019-08-30 18:19:19 +01:00
Asger F
ca71d3117e JS: Use access paths from Closure module 2019-08-30 18:19:19 +01:00
Asger F
8c5b6b256b JS: Remove globalFlowPred() 2019-08-30 18:19:18 +01:00
Asger F
96d9e66ced JS: cache things 2019-08-30 18:19:18 +01:00
Asger F
313579c258 JS: Restrict flow to access paths assigned in a unique file 2019-08-30 18:19:18 +01:00
Asger F
48b70c4f1d JS: Add type-tracking test case 2019-08-30 18:19:18 +01:00
Asger F
7315a2baee JS: Make type tracking work through access paths 2019-08-30 18:19:18 +01:00
Asger F
2105e0bdee JS: use JSDoc types in class tracking 2019-08-30 18:19:18 +01:00
Asger F
6b05aa129c JS: Use global access paths to recognize .prototype 2019-08-30 18:19:18 +01:00
Asger F
f219598281 JS: Update DeclarationFiles test 2019-08-30 16:02:42 +01:00
Asger F
5874c14a9c JS: Avoid materializing JSONValue.getFile() 2019-08-30 16:02:42 +01:00
Asger F
6c0f9be6df JS: Avoid materializing HTML::Element.getFile() 2019-08-30 16:02:42 +01:00
Asger F
33267067e0 JS: Deprecate and remove path resolution for reference comments 2019-08-30 16:02:42 +01:00
Asger F
fa3532ca8c TS: Handle locally defined packages 2019-08-30 16:02:42 +01:00
Asger F
d8cda5e268 JS: Add Firebase test with types 2019-08-30 16:02:41 +01:00
Asger F
ec81e368da JS: Use type info in Firebase model 2019-08-30 16:02:41 +01:00
Asger F
f4144831ab TS: Emit module bindings for all files in node_modules 2019-08-30 16:02:41 +01:00
Asger F
efa7e1112b JS: Add Node.hasUnderlyingType 2019-08-30 16:02:41 +01:00
Max Schaefer
b6220998d1 JavaScript: Restrict setAttribute sink to potentially dangerous attribute names. 2019-08-30 11:57:29 +01:00
Max Schaefer
78ce290de3 JavaScript: Fix DomMethodCallExpr.interpretsArgumentsAsHTML. 2019-08-28 11:22:03 +01:00
semmle-qlci
fc59dd6819 Merge pull request #1788 from asger-semmle/additional-type-tracking-step 
Approved by xiemaisi
 2019-08-24 11:55:16 +01:00
Pavel Avgustinov
da29d99560 Merge branch 'master' of github.com:Semmle/ql into attribute 2019-08-23 21:47:31 +01:00
semmle-qlci
af469fdeb8 Merge pull request #1773 from xiemaisi/js/undocumented-parameter-precision 
Approved by esben-semmle
 2019-08-23 21:29:10 +01:00
Pavel Avgustinov
cc854dd937 Merge branch 'master' of github.com:Semmle/ql into attribute 2019-08-23 09:55:35 +01:00
semmle-qlci
cf24c9ff4a Merge pull request #1804 from asger-semmle/template-literal-tag 
Approved by esben-semmle
 2019-08-23 09:37:38 +01:00
Asger F
45d4b83fc8 TS: Extract type args to tagged template exprs 2019-08-22 18:07:29 +01:00