hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,671 Branches 157 Tags
yo-h/java15
Commit Graph

2263 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
deedc8c2d7 aggregate the tests in library-tests/TypeScript/TypeParameters into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
c9a0179f42 aggregate the tests in library-tests/TypeScript/Enums into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
fcee5fa960 aggregate the tests in library-tests/TypeScript/Modifiers into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
1e76471791 aggregate the tests in library-tests/TypeScript/TypeVariableTypes into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
a667b69d91 aggregate the tests in library-tests/NodeJS into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
c8af1d15ab aggregate the tests in library-tests/TypeScript/Types into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
69093629e9 aggregate the tests in library-tests/XML into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
4f28b6ddd8 aggregate the tests in frameworks/UrlLibraries into a single .ql file 2020-10-20 14:08:53 +02:00
Erik Krogh Kristensen
3e532c235b aggregate the tests in library-tests/DataFlow into a single .ql file 2020-10-20 14:08:53 +02:00
Asger Feldthaus
8779b7c1ce JS: Update expected output after rebase 2020-10-20 11:10:30 +01:00
Asger Feldthaus
28a73c1e18 JS: Add test case 2020-10-20 10:53:15 +01:00
Asger Feldthaus
6aac353777 JS: Update test output 2020-10-20 10:53:12 +01:00
Asger Feldthaus
50a015c73e JS: Move $() sink into separate dataflow config 2020-10-20 10:52:33 +01:00
CodeQL CI
4cc7138784 Merge pull request #4507 from erik-krogh/template 
Approved by asgerf
 2020-10-20 02:45:00 -07:00
Erik Krogh Kristensen
7d87699e42 add test for modern compound assignment in js/implicit-operand-conversion 2020-10-20 10:50:20 +02:00
CodeQL CI
4c5ecb4093 Merge pull request #4478 from erik-krogh/homegrownCsrf 
Approved by asgerf
 2020-10-19 11:04:10 -07:00
CodeQL CI
502faa7d1c Merge pull request #4494 from erik-krogh/callLimit 
Approved by asgerf
 2020-10-19 11:03:25 -07:00
CodeQL CI
5ead4244fe Merge pull request #4450 from asgerf/js/angular 
Approved by erik-krogh
 2020-10-19 07:25:59 -07:00
Erik Krogh Kristensen
ce95676130 add express.csrf as an CSRF protecting middleware 2020-10-19 15:39:02 +02:00
CodeQL CI
d644a30b19 Merge pull request #4434 from erik-krogh/printAST 
Approved by asgerf
 2020-10-19 04:42:42 -07:00
Erik Krogh Kristensen
ca0870da53 update expected output from InterfaceDefinition -> InterfaceDeclaration change 2020-10-19 12:36:48 +02:00
CodeQL CI
2e52cbeb4a Merge pull request #4499 from max-schaefer/js/module_compile 
Approved by asgerf
 2020-10-19 03:06:21 -07:00
Erik Krogh Kristensen
8f6165cd5f print synthetic constructors in PrintAst.ql 2020-10-19 11:10:14 +02:00
Erik Krogh Kristensen
8c44392638 add local dataflow to js/template-syntax-in-string-literal 2020-10-19 10:58:40 +02:00
Max Schaefer
e1d90e90ad JavaScript: Add modelling for Module.prototype._compile. 2020-10-19 09:42:17 +01:00
Asger Feldthaus
f0034138ce JS: Fix DefaultFlowLabels test 2020-10-16 18:13:13 +01:00
Asger Feldthaus
4137d3f971 JS: Split CWE-079 tests into their own folders 2020-10-16 17:32:36 +01:00
CodeQL CI
1d9b0ce059 Merge pull request #4460 from max-schaefer/js/unsafe-shell-command-construction-infeasible-paths 
Approved by asgerf
 2020-10-16 05:05:29 -07:00
Erik Krogh Kristensen
b3d5f9c4dd support throttle like calls as partial calls 2020-10-16 13:33:02 +02:00
Asger Feldthaus
287ec0cbbb JS: Add test for default flow labels 2020-10-16 07:16:02 +01:00
Asger Feldthaus
4337c5adaf JS: Workaround ascii PR check 2020-10-16 07:12:29 +01:00
Asger Feldthaus
afd82e202d JS: Add Angular2 model 2020-10-16 07:12:29 +01:00
Erik Krogh Kristensen
8206933e85 add test for home grown CSRF protection 2020-10-15 14:51:02 +02:00
Erik Krogh Kristensen
11ee7c7946 update expected output 2020-10-15 12:06:17 +02:00
Max Schaefer
4100ab2919 JavaScript: Add another test to show that flow through functions still works. 2020-10-14 10:03:27 +01:00
Max Schaefer
1c04c07f07 JavaScript: Eliminate source of false positives in UnsafeShellCommandConstruction. 2020-10-14 10:03:04 +01:00
CodeQL CI
e2b0c60627 Merge pull request #4449 from max-schaefer/js/api-graphs-type-handling-improvements 
Approved by erik-krogh
 2020-10-12 11:41:21 -07:00
Max Schaefer
cd33d358aa JavaScript: Add a test showing a false positive from UnsafeShellCommandConstruction due to infeasible paths. 
The path from the API entry point to the sink contains a "return" step. A client of the library cannot match that step, resulting in an infeasible path.
 2020-10-12 14:50:47 +01:00
CodeQL CI
8eb84b2599 Merge pull request #4391 from max-schaefer/js/api-graph-reexport 
Approved by asgerf
 2020-10-12 05:26:53 -07:00
CodeQL CI
6d1634ef8f Merge pull request #4329 from erik-krogh/DVSA 
Approved by esbena
 2020-10-12 05:23:29 -07:00
Erik Krogh Kristensen
d3e3c11fa6 add printAst query for printing JS/TS/JSON/YAML/HTML 2020-10-08 21:20:28 +02:00
Max Schaefer
4bf6f6ac7c JavaScript: Add a negative test for API graphs. 
The test ensures that flow summarization won't label property `f` of the first parameter of `assertNotNull` as a sink, which would be very imprecise.
 2020-10-08 19:53:23 +01:00
Erik Krogh Kristensen
1ed026fcce add a RemoteFlowSource for serverless handlers 2020-10-06 22:36:21 +02:00
Max Schaefer
98ab38a630 JavaScript: Add yet another API-graph test with re-exports. 2020-10-06 15:32:21 +01:00
Max Schaefer
1d8051eee0 JavaScript: Further improve handling of re-exports in API graphs. 2020-10-06 14:22:55 +01:00
Max Schaefer
d054206004 JavaScript: Improve handling of re-exports in API graphs. 2020-10-06 14:22:51 +01:00
Max Schaefer
95b6b16b57 JavaScript: Add another API-graph test with re-exports. 2020-10-06 14:20:41 +01:00
CodeQL CI
4e116ba0db Merge pull request #4419 from erik-krogh/jsxFactory 
Approved by asgerf
 2020-10-06 06:13:21 -07:00
CodeQL CI
0753c8a31b Merge pull request #4247 from erik-krogh/CVE760-reexport 
Approved by asgerf
 2020-10-06 06:10:21 -07:00
CodeQL CI
ef703e72d8 Merge pull request #4401 from asgerf/js/angular-prerequisites 
Approved by erik-krogh
 2020-10-06 06:09:48 -07:00