hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,671 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

3044 Commits

Author SHA1 Message Date
CodeQL CI
39ec7132af Merge pull request #7049 from asgerf/js/routing-trees 
Approved by erik-krogh
 2021-12-17 12:26:38 +00:00
CodeQL CI
f274f06d9b Merge pull request #7409 from asgerf/js/track-functions-with-methods 
Approved by erik-krogh
 2021-12-16 09:01:42 +00:00
CodeQL CI
acbf7913b2 Merge pull request #7408 from asgerf/js/trusted-types-sinks 
Approved by esbena
 2021-12-16 08:59:51 +00:00
Asger Feldthaus
53b3581ed0 JS: Add test to stress flow through properties 2021-12-15 17:16:56 +01:00
Asger Feldthaus
4d85799fc7 JS: Add test for fastify-rate-limit 2021-12-15 16:18:22 +01:00
Asger Feldthaus
615b2ec539 JS: Fix handling of fastify-plugin 2021-12-15 16:04:46 +01:00
Asger Feldthaus
995e33158f JS: Add test for res.locals flow to template 2021-12-15 16:00:19 +01:00
Asger Feldthaus
04bdba85ea JS: Shift line numbers in test expectations 2021-12-15 16:00:19 +01:00
Asger Feldthaus
7e947b2a65 JS: Use return value of trusted type policy callback as a sink 2021-12-14 13:28:46 +01:00
Ian Wright
1c79d1f985 Merge pull request #7352 from github/esbena/atm-endpoint-polish 
ATM Endpoint filtering improvements
 2021-12-14 08:19:23 +00:00
Erik Krogh Kristensen
de4458346f Merge pull request #7344 from SZFsir/main 
JS: Improve inter-procedural type inference for FunctionExpr
 2021-12-13 21:58:53 +01:00
Esben Sparre Andreasen
c66d29998e update test output for additional DatabaseAccesses 2021-12-13 13:42:28 +01:00
Andrew Eisenberg
66c1629974 Merge pull request #7285 from github/post-release-prep-2.7.3-ddd4ccbb 
Post-release preparation 2.7.3
 2021-12-10 09:59:45 -08:00
Esben Sparre Andreasen
9ffc02944d add file write model for express-fileupload mv 2021-12-10 15:05:34 +01:00
Asger Feldthaus
b336c29283 JS: Track functions with methods 2021-12-10 09:38:29 +01:00
Asger Feldthaus
4ef2a5f4f1 JS: Add test 2021-12-10 09:38:29 +01:00
Erik Krogh Kristensen
e7209d1ee1 Merge pull request #7216 from erik-krogh/ts45 
JS: Add support for TypeScript 4.5
 2021-12-09 20:33:52 +01:00
JrXnm
1a1a7413c2 JS: Improv inter-procedural type inference for FunctionExpr 2021-12-10 01:09:49 +08:00
Asger Feldthaus
da8e67b7ee JS: Use routing trees to detect deeply tainted req.body 2021-12-07 10:46:18 +01:00
Asger Feldthaus
7492293c5b JS: Add test with route handler indirection 2021-12-07 10:46:18 +01:00
Asger Feldthaus
3cbe94ac0a JS: Add consistency checks to TemplateObjectInjection test 2021-12-07 10:46:18 +01:00
Asger Feldthaus
64db70f3ac JS: Add explicit body-parsers to TemplateObjectInjection test 2021-12-07 10:46:18 +01:00
Asger Feldthaus
8af430d40f JS: Shift line numbers in TemplateObjectInjection test 2021-12-07 10:46:17 +01:00
Asger Feldthaus
b73219392b JS: Improve precision of missing CSRF middleware 2021-12-07 10:46:17 +01:00
Asger Feldthaus
d0e94e655d JS: Exclude error handling from auth calls 2021-12-07 10:46:17 +01:00
Asger Feldthaus
71820569e1 JS: Instantiate for Fastify 2021-12-07 10:46:15 +01:00
Asger Feldthaus
5269933461 JS: Port missing rate limiting query 2021-12-07 10:44:19 +01:00
Asger Feldthaus
389a3c9073 JS: Port CSRF query 2021-12-07 10:43:06 +01:00
Asger Feldthaus
3dd5d4d7b4 JS: Instantiate for Express and add tests 2021-12-07 10:43:03 +01:00
Erik Krogh Kristensen
6327fced6f remove paths without unmatched returns from polynomial-redos 2021-12-02 10:03:28 +01:00
Erik Krogh Kristensen
de53727ab3 remove spurious whitespace 
Co-authored-by: Asger F <asgerf@github.com>
 2021-12-01 14:29:57 +01:00
Dave Bartolomeo
2dfcd1dd9c Add groups property 
Also removed versions from test packs
 2021-11-29 14:15:53 -05:00
Erik Krogh Kristensen
fdcc144a98 add test for import assertions 2021-11-29 13:51:28 +01:00
Erik Krogh Kristensen
591aeff906 add TypeScript test for new private field syntax 2021-11-29 13:51:28 +01:00
Erik Krogh Kristensen
19bbe6d276 add JavaScript support for new private fields syntax 2021-11-29 13:51:25 +01:00
Erik Krogh Kristensen
d946802057 add support for type-only import specifiers 2021-11-29 13:49:10 +01:00
Erik Krogh Kristensen
57399b733e add test for String types as Discriminants 2021-11-29 13:49:10 +01:00
Erik Krogh Kristensen
0e890fd788 add test for the Awaited type 2021-11-29 13:49:10 +01:00
Erik Krogh Kristensen
eef3905c46 update expected output. The TypeScript compiler now emits types in more cases 2021-11-29 13:49:10 +01:00
Erik Krogh Kristensen
c13cad7e87 Merge branch 'main' into apiLabel2 2021-11-29 13:43:11 +01:00
Erik Krogh Kristensen
08ce03cd93 Merge branch 'main' into explicit-this 2021-11-24 15:24:58 +01:00
Erik Krogh Kristensen
e9df860431 refactor implementation to make Label implementations private 2021-11-22 12:17:19 +01:00
Erik Krogh Kristensen
089d030bc2 make ApiLabel into a IPA type, and cache the public API of ApiGraphs 2021-11-22 09:03:33 +01:00
Erik Krogh Kristensen
011fc20963 use matches instead of regexpMatch 2021-11-18 15:41:25 +01:00
Erik Krogh Kristensen
1cca377e7d Merge pull request #6561 from erik-krogh/htmlReg 
JS/Py/Ruby: add a bad-tag-filter query
 2021-11-18 09:39:13 +01:00
Erik Krogh Kristensen
474c808373 Merge pull request #7137 from erik-krogh/functionExport 
JS: recognize library inputs when the library exports "through" a function
 2021-11-17 09:49:02 +01:00
Erik Krogh Kristensen
a7cd097ca2 Merge pull request #6756 from erik-krogh/extractBigReg 
JS: extract regexp literals for string concatenations
 2021-11-16 13:33:21 +01:00
Erik Krogh Kristensen
b9ea4a8709 recognize library inputs when the library exports "through" a function 2021-11-15 22:43:38 +01:00
Erik Krogh Kristensen
12c24c07df improve the got model 2021-11-15 21:52:12 +01:00
Erik Krogh Kristensen
0023b885f5 update expected output 2021-11-15 13:50:12 +01:00