hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

11944 Commits

Author SHA1 Message Date
semmle-qlci
829a5cc451 Merge pull request #259 from asger-semmle/open-redirect-expr 
Approved by xiemaisi
 2018-10-02 08:32:48 +01:00
Max Schaefer
92afcd32f8 Merge pull request #241 from asger-semmle/host-header-forgery 
JS: Add HostHeaderPoisoningInEmailGeneration query
 2018-10-02 08:32:00 +01:00
Esben Sparre Andreasen
595fe217dd JS: support noop parentheses in js/useless-assignment-to-local 
The syntatic recognizer `isNullOrUndef` did not handle expressions
that were wrapped in parentheses.

This eliminates some results here:
https://lgtm.com/projects/g/vuejs/vue/alerts?mode=tree&ruleFocus=7900088
 2018-10-02 09:31:32 +02:00
Denis Levin
9c487bc6d9 Merge branch 'master' 2018-10-01 14:51:56 -07:00
Denis Levin
82d8b4e371 Adding the source link to the test case samples 2018-10-01 11:45:38 -07:00
Aditya Sharad
337defdf3d Merge master into next. 2018-10-01 17:39:27 +01:00
Arthur Baars
13ef492fc1 Merge pull request #258 from adityasharad/merge/1.18-master-011018 
Merge rc/1.18 into master.
 2018-10-01 18:36:16 +02:00
Asger F
d3a1df644c TypeScript: test case for tokens starting with ">" 2018-10-01 17:35:21 +01:00
Asger F
a199035a05 TypeScript: test case for whitespace before a rescanned token 2018-10-01 17:35:15 +01:00
Max Schaefer
7518267281 Merge pull request #257 from xiemaisi/js/fix-DOMException-model 
JavaScript: Update model of `DOMException`.
 2018-10-01 17:12:50 +01:00
Asger F
9146cc26bd TypeScript: test case for tokenization of template literals 2018-10-01 14:36:19 +01:00
Asger F
9f07b1011d JS: bugfix in server-side redirect query 2018-10-01 12:34:13 +01:00
Aditya Sharad
0882eb7bb3 Merge rc/1.18 into master. 2018-10-01 12:08:16 +01:00
Asger F
d005d7127f JS: address doc review 2018-10-01 10:58:38 +01:00
Max Schaefer
8cc7f5c242 JavaScript: Update model of DOMException. 
cf. https://developer.mozilla.org/en-US/docs/Web/API/DOMException/DOMException
 2018-10-01 08:50:53 +01:00
Max Schaefer
1ab943c16b JavaScript: Fix typo in query help. 2018-10-01 08:04:45 +01:00
Aditya Sharad
1c71a856e1 Version: Bump to 1.18.1 dev. 2018-09-28 16:39:44 +01:00
Aditya Sharad
f5bd737ada Version: Fix C# and JavaScript Eclipse plugins for 1.18. 2018-09-28 14:10:06 +01:00
Asger F
e4c8653549 JS: Factor RequestHeaderAccess into separate class 2018-09-27 16:28:58 +01:00
semmle-qlci
df4bd36b0f Merge pull request #236 from aschackmull/xml-qll/use-concat 
Approved by hvitved, xiemaisi, yh-semmle
 2018-09-27 11:58:58 +01:00
Asger F
c879654796 JS: add qhelp 2018-09-27 10:21:57 +01:00
Asger F
433db7a3e6 JS: add to security suite 2018-09-27 10:20:35 +01:00
Asger F
46336a5643 JS: Add HostHeaderPoisoningInEmailGeneration query 2018-09-27 10:20:35 +01:00
Asger F
1b4fc93e9d JS: add HTTP::RequestInputAccess.getAHeaderName() 2018-09-27 10:20:35 +01:00
Asger F
f7775f36a8 JS: Add EmailClients lib 2018-09-27 10:20:35 +01:00
Aditya Sharad
51697f077c Version: Bump to 1.18.0 release. 2018-09-26 18:18:20 +01:00
semmle-qlci
c36e7f07be Merge pull request #231 from asger-semmle/express-headers 
Approved by xiemaisi
 2018-09-26 15:40:58 +01:00
Asger F
f0886fd0bb JS: fix indefinite check on callback 2018-09-26 15:25:26 +01:00
Anders Schack-Mulligen
9198f5b9bd CPP/CSharp/Java/Javascript: Use concat in XMLParent.allCharactersString(). 2018-09-26 15:47:21 +02:00
Anders Schack-Mulligen
26c1397216 CPP/CSharp/Javascript: Clean up QLDoc and bring the different XML.qll files closer. 2018-09-26 15:36:20 +02:00
semmle-qlci
a93939b827 Merge pull request #230 from esben-semmle/js/ad-hoc-whitelisting 
Approved by xiemaisi
 2018-09-26 14:14:25 +01:00
Aditya Sharad
75680dbfef Merge branch 'next' into qlucie/master 2018-09-26 12:08:33 +01:00
Asger F
057c3a92b4 JS: update other Express test outputs 2018-09-26 08:36:52 +01:00
Esben Sparre Andreasen
7c006d4530 Merge pull request #222 from xiemaisi/js/identity-replacement 
JavaScript: Add new query flagging identity replacements.
 2018-09-26 09:25:19 +02:00
Asger F
a47b1dc774 JS: recognize Express header access with dynamic name 2018-09-26 08:22:21 +01:00
Esben Sparre Andreasen
52061b35d8 JS: address review comments: improve regex, limit sanitizer usage 2018-09-26 09:20:07 +02:00
Asger F
e78a4e9f10 JS: update output from other Express tests 2018-09-26 07:58:44 +01:00
Asger F
ce11b5330d JS: recognize Express headers as RequestInputAccess 2018-09-26 07:58:44 +01:00
Max Schaefer
0e63ea1b51 JavaScript: Update tests. 2018-09-25 11:27:12 +01:00
Max Schaefer
659c67c715 JavaScript: Produce friendlier message for empty-string replacements. 2018-09-25 11:27:12 +01:00
Max Schaefer
5fb22ba021 JavaScript: Handle zero-width assertions and sequences. 2018-09-25 11:27:12 +01:00
Max Schaefer
ec9a3c87a7 JavaScript: Do not flag case-insensitive replace. 2018-09-25 11:27:11 +01:00
Max Schaefer
1ab11109f9 JavaScript: Add new query flagging identity replacements. 2018-09-25 11:27:11 +01:00
Asger F
0936cda0e9 JS: avoid expensive join_rhs in callInputStep 2018-09-25 10:16:40 +01:00
Asger F
52c913b325 JavaScript: cache AdditionalPartialInvokeNode 2018-09-25 10:16:40 +01:00
Asger F
3ca7d6b4bf JavaScript: address comments 2018-09-25 10:16:40 +01:00
Asger F
269bbc9a1a JavaScript: add flow steps through partial function application 2018-09-25 10:16:40 +01:00
Denis Levin
1438cae362 Correction to the test's expected file as the test was modified. 2018-09-24 10:45:54 -07:00
semmle-qlci
7f56be6fe2 Merge pull request #216 from asger-semmle/lusca-csrf 
Approved by esben-semmle
 2018-09-24 11:34:24 +01:00
semmle-qlci
46178271d1 Merge pull request #213 from asger-semmle/sendfile 
Approved by xiemaisi
 2018-09-24 11:32:46 +01:00