codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00

Author	SHA1	Message	Date
Esben Sparre Andreasen	1c100bbbc2	JS: recognize event emitters in nodejs client requests	2021-01-21 14:14:00 +01:00
Asger Feldthaus	144d04f3ce	JS: Add test exposing source location of attribute after line break	2021-01-21 11:25:39 +00:00
Asger Feldthaus	7c6704a63f	JS: Shift line numbers in test case	2021-01-21 11:09:36 +00:00
Asger Feldthaus	fbb5d14263	JS: Update angular test output	2021-01-18 12:19:09 +00:00
Asger Feldthaus	2a7b4487f1	JS: More auto format	2021-01-18 12:19:09 +00:00
Asger Feldthaus	c8901b62f5	JS: Add test for $any step	2021-01-18 12:19:08 +00:00
Asger Feldthaus	2ba98da107	JS: Only extract local vars in TemplateTopLevel Angular template expressions cannot refer to global variables, any unqualified identifier is a reference to a property provided by the component. We extract them as implicitly declared local variables which the QL model can then connect with data flow steps.	2021-01-18 12:19:08 +00:00
Asger Feldthaus	8848ee2d10	JS: Extract HTML from inline templates	2021-01-18 12:19:08 +00:00
Asger Feldthaus	6bf9345258	JS: Add test for class with locally-unused field	2021-01-18 12:19:08 +00:00
Asger Feldthaus	cc952bd2a4	JS: Reorganize test a bit	2021-01-18 12:19:08 +00:00
Asger Feldthaus	1ab36dc81f	JS: Flow through *ngFor loops	2021-01-18 12:19:08 +00:00
Asger Feldthaus	0da207a5f9	JS: Update test with pipes	2021-01-18 12:18:27 +00:00
Asger Feldthaus	ed27c8b13f	JS: Add test and fix bug in pipe parser	2021-01-18 12:16:13 +00:00
Asger Feldthaus	f894cf2074	JS: Add support for react-hot-loader	2020-11-20 15:28:32 +00:00
Asger Feldthaus	d116b424f4	JS: Add model of react hooks and react-router	2020-10-28 11:57:11 +00:00
Asger Feldthaus	9fc5c0bdb8	JS: Update ComposedFunctions	2020-10-28 10:09:40 +00:00
Erik Krogh Kristensen	10f41878a7	aggregate the tests in library-tests/frameworks/Concepts into a single .ql file	2020-10-20 14:08:54 +02:00
Erik Krogh Kristensen	aece1717aa	aggregate the tests in library-tests/frameworks/xUnit into a single .ql file	2020-10-20 14:08:54 +02:00
Erik Krogh Kristensen	771cab233e	aggregate the tests in library-tests/frameworks/Firebase into a single .ql file	2020-10-20 14:08:54 +02:00
Erik Krogh Kristensen	a3e6054ee5	aggregate the tests in library-tests/frameworks/Electron into a single .ql file	2020-10-20 14:08:54 +02:00
Erik Krogh Kristensen	ed77e055ed	aggregate some of the tests in library-tests/frameworks/HTTP-heuristics into a single .ql file	2020-10-20 14:08:54 +02:00
Erik Krogh Kristensen	1e537db103	aggregate the tests in library-tests/frameworks/Vue into a single .ql file	2020-10-20 14:08:54 +02:00
Erik Krogh Kristensen	4f28b6ddd8	aggregate the tests in frameworks/UrlLibraries into a single .ql file	2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen	1ed026fcce	add a RemoteFlowSource for serverless handlers	2020-10-06 22:36:21 +02:00
CodeQL CI	bc1d3de8fe	Merge pull request #4376 from erik-krogh/simpParam Approved by asgerf	2020-10-06 03:24:43 -07:00
CodeQL CI	36450a8998	Merge pull request #4338 from erik-krogh/nodejs-server-request-data Approved by asgerf	2020-10-01 06:00:17 -07:00
Erik Krogh Kristensen	18f7f2b559	autoformat	2020-10-01 13:49:31 +02:00
Erik Krogh Kristensen	4dec2171da	add http request server data as a RemoteFlowSource	2020-10-01 13:21:56 +02:00
Erik Krogh Kristensen	75b9237b81	use Parameter instead of SimpleParameter in the AngularJS model	2020-10-01 10:44:10 +02:00
Erik Krogh Kristensen	c675d72629	use Parameter instead of SimpleParameter in remaining route-handler models	2020-10-01 10:44:10 +02:00
Erik Krogh Kristensen	adc05022f3	update comment in test case Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2020-09-29 18:21:41 +02:00
Erik Krogh Kristensen	3857331657	avoid .getReturn().getAUse().(DataFlow::InvokeNode) in the SQL model	2020-09-29 17:08:09 +02:00
Erik Krogh Kristensen	6b9aea82ca	model method calls in the needle library	2020-09-25 14:13:31 +02:00
Erik Krogh Kristensen	a22ddb145b	model calls to needle	2020-09-25 13:53:22 +02:00
Erik Krogh Kristensen	b4e75bf567	update expected output	2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen	1f95311342	further loosen the RouteHandlerCandidate heuristic	2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen	3eaa56ed60	support containers with decorated route handlers	2020-09-18 09:29:08 +02:00
Erik Krogh Kristensen	c087e94d47	add additional indirect route-handler steps	2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen	02c1d689e4	support indirect route-handlers for NodeJS	2020-09-18 09:26:33 +02:00
CodeQL CI	951e3093d2	Merge pull request #4231 from erik-krogh/CVE767 Approved by asgerf	2020-09-15 03:47:40 -07:00
Erik Krogh Kristensen	bb97829e1d	add a model for the ClientRequest `new require("net").Socket()`	2020-09-09 09:57:53 +02:00
Erik Krogh Kristensen	d5097d820d	support direct callbacks to require("net").createServer	2020-09-09 09:46:17 +02:00
Max Schaefer	6d68036d85	JavaScript: Add test demonstrating more SQL flow.	2020-09-02 17:35:47 +01:00
CodeQL CI	722b1a24f6	Merge pull request #4087 from erik-krogh/thisJsx Approved by asgerf	2020-08-25 10:20:32 +01:00
Erik Krogh Kristensen	eb5dfe8438	autoformat	2020-08-17 22:46:20 +02:00
Erik Krogh Kristensen	6f28ddf1f8	proper support for `this` inside a JSX-name	2020-08-17 14:23:42 +02:00
Erik Krogh Kristensen	0004c28fe8	introduce and use FunctionReturnNode	2020-08-07 17:32:25 +02:00
semmle-qlci	224289c55f	Merge pull request #3845 from max-schaefer/js/walk-sync Approved by asgerf	2020-06-30 14:45:41 +01:00
semmle-qlci	c850938af0	Merge pull request #3833 from asger-semmle/js/vue-class-component Approved by erik-krogh	2020-06-30 13:16:42 +01:00
Max Schaefer	62d56a3d7c	JavaScript: Fix module name for `walk-sync` package.	2020-06-30 11:57:16 +01:00

... 6 7 8 9 10 ...

651 Commits