hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,672 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

11944 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
a6d3afd817 JS: support additional Koa request sources 2020-01-29 14:49:01 +01:00
Esben Sparre Andreasen
d4d910b681 JS: add koa test 2020-01-29 14:41:23 +01:00
Anders Schack-Mulligen
743b612d0d Javascript/Python: Sync XML.qll 2020-01-29 13:31:25 +01:00
Erik Krogh Kristensen
b8834ffcad add support for private fields in classes 2020-01-29 13:10:45 +01:00
semmle-qlci
fb90c2ba52 Merge pull request #2681 from asger-semmle/csrf-only-session-cookie-access 
Approved by erik-krogh, max-schaefer
 2020-01-29 10:46:48 +00:00
Erik Krogh Kristensen
aea365c424 adjust API naming 2020-01-28 15:09:31 +01:00
Erik Krogh Kristensen
cb16116b4d adjust type-tracking on custom EventEmitters 2020-01-28 14:00:26 +01:00
Asger F
701d9989be Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-28 12:46:51 +00:00
Asger F
310dd05185 Update javascript/ql/src/Security/CWE-352/MissingCsrfMiddleware.ql 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-28 12:46:34 +00:00
semmle-qlci
5ab6457370 Merge pull request #2699 from asger-semmle/js/callback-doc-typo 
Approved by max-schaefer
 2020-01-28 11:00:49 +00:00
Asger Feldthaus
b306571d52 JS: Type-track react component factories 2020-01-28 10:22:04 +00:00
Erik Krogh Kristensen
082967a629 add EventEmitter models for net.createServer() and respjs. 2020-01-28 09:38:38 +01:00
Erik Krogh Kristensen
a2e54b1477 add support for this references in classes that extend EventEmitter 2020-01-28 09:37:54 +01:00
Asger Feldthaus
3d567eb889 JS: Close an unterminated code block 2020-01-27 12:03:58 +00:00
semmle-qlci
8a6de11268 Merge pull request #2689 from erik-krogh/LastEventEmitters 
Approved by esbena
 2020-01-27 08:55:33 +00:00
semmle-qlci
7d9956e3f3 Merge pull request #2675 from erik-krogh/WebSocket 
Approved by esbena
 2020-01-27 08:40:37 +00:00
Erik Krogh Kristensen
8492f6031f reuse existing type-tracking for classes 2020-01-24 13:36:32 +01:00
Erik Krogh Kristensen
0b55aed626 use the EventEmitter registration methods instead of just "on" 2020-01-24 13:06:00 +01:00
Erik Krogh Kristensen
148ec9aad0 fix typos 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-01-24 12:36:03 +01:00
Asger Feldthaus
7fa0fea253 TS: Address comments in guessMainFile 2020-01-24 10:11:53 +00:00
Asger Feldthaus
1f647223e0 TS: Move definition of mainStr 2020-01-24 10:02:06 +00:00
Asger Feldthaus
9ed77585a7 Merge branch 'ts-monorepo-deps' of github.com:asger-semmle/ql into ts-monorepo-deps 2020-01-24 09:58:35 +00:00
Asger F
5448bffede Update javascript/extractor/lib/typescript/src/main.ts 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-24 09:58:27 +00:00
Asger Feldthaus
3ca5a3dbe4 TS: Document nodeModulesRex 2020-01-24 09:57:40 +00:00
Asger Feldthaus
804aef507f TS: Remove unneeded alias PackageLocationMap 2020-01-24 09:51:03 +00:00
Asger Feldthaus
542ce816dc TS: Simplify string equality check 2020-01-24 09:49:11 +00:00
Asger Feldthaus
fc04e06456 TS: Allow .js extensions in cross package imports 2020-01-24 09:48:43 +00:00
Asger Feldthaus
b98db62e82 JS: Recognize req.user a cookie access 2020-01-24 09:44:20 +00:00
Erik Krogh Kristensen
c0af3780c4 adjust the ReceiveNode docstrings 2020-01-24 10:06:28 +01:00
Erik Krogh Kristensen
2044b4bc82 changes based on review 2020-01-23 20:29:06 +01:00
Asger Feldthaus
852b90a6c9 TS: Be compatible with odasa/qltest 2020-01-23 16:13:53 +00:00
Asger Feldthaus
a68bb9ffd1 JS: Ignore calls and csrf/captcha access 2020-01-23 15:32:05 +00:00
Asger Feldthaus
b1ec3e1bf2 JS: Add test and dont check predecessors 2020-01-23 14:59:03 +00:00
Asger Feldthaus
406c6eb981 JS: Sharpen missing CSRF middleware query 2020-01-23 14:22:49 +00:00
Asger Feldthaus
dc30dcf1f8 TS: Only require SCRATCH_DIR when installing dependencies 2020-01-23 12:39:19 +00:00
Asger Feldthaus
7e8fb1428e TS: Support tsconfig.json extending from ./node_modules 2020-01-22 15:03:03 +00:00
Erik Krogh Kristensen
b526a2ea0f implement a model of WebSocket and ws based on the EventEmitter model 2020-01-22 14:46:53 +01:00
semmle-qlci
007b0795ec Merge pull request #2636 from erik-krogh/NewSocketIO 
Approved by esbena
 2020-01-22 13:46:11 +00:00
Asger Feldthaus
5719b44fa5 TS: Add some documentation 2020-01-22 11:47:02 +00:00
Asger Feldthaus
a220268ad8 TS: Install deps under scratch dir 2020-01-22 11:47:02 +00:00
Asger Feldthaus
303bac9710 TS: Guess main file location 2020-01-22 11:25:24 +00:00
Asger Feldthaus
21eecc4c9c JS: Make return type class for installDependencies() 2020-01-22 10:52:38 +00:00
Asger Feldthaus
71b540755d TS: Print TypeScript semantic errors in log 2020-01-22 10:52:37 +00:00
Asger Feldthaus
dde0f868b3 TS: Handle monorepos by rewriting package.json 2020-01-22 10:52:37 +00:00
Erik Krogh Kristensen
5063e3820d update expected output 2020-01-22 11:18:47 +01:00
Erik Krogh Kristensen
8370699344 add support for creating a promise with another resolved promise, e.g: Promise.resolve(otherPromise) 2020-01-21 20:11:27 +01:00
Erik Krogh Kristensen
8679132624 copy data from both callbacks in Promise data-flow 2020-01-21 18:00:06 +01:00
Erik Krogh Kristensen
86477a2249 changes based on review 2020-01-21 16:45:53 +01:00
Erik Krogh Kristensen
fe0b6a86d7 add data-flow steps for when Promise handlers return other promises 2020-01-21 16:15:18 +01:00
Erik Krogh Kristensen
d8b25ef5a2 add data-flow steps for resolved promises using pseudo-properties 2020-01-21 15:52:50 +01:00