hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,671 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

3044 Commits

Author SHA1 Message Date
Asger F
d7bfeeefd0 TS: add test case with nested literals 2019-04-05 18:40:24 +01:00
Asger F
80f413177a Merge branch 'master' into shelljs 2019-04-05 14:44:32 +01:00
Asger F
e55330b820 JS: Fix flow through += 2019-04-05 13:55:48 +01:00
semmle-qlci
063dbeeff3 Merge pull request #1198 from esben-semmle/js/more-express-route-handlers 
Approved by xiemaisi
 2019-04-05 09:47:51 +01:00
Esben Sparre Andreasen
60ba74a210 JS: Express cleanup and generalization 2019-04-04 21:42:08 +02:00
Esben Sparre Andreasen
c94ca46366 JS: add more Express tests 2019-04-04 21:42:08 +02:00
Asger F
43f6b8fa70 JS: Add test 2019-04-04 11:44:56 +01:00
Asger F
3da76cb798 JS: add model of ShellJS 2019-04-04 11:44:56 +01:00
Asger F
3bc7371fd6 JS: be less conservative about incomplete nodes in prefix sanitizers 2019-04-03 15:20:03 +01:00
Esben Sparre Andreasen
3c608fe11e Merge branch 'master' into js/improve-createServer 2019-04-03 12:37:33 +02:00
semmle-qlci
1da828fa80 Merge pull request #1195 from esben-semmle/js/firebase-express-requests 
Approved by xiemaisi
 2019-04-03 11:36:02 +01:00
Esben Sparre Andreasen
f23a5a5fee JS: model firebase-functions/https.onRequest 2019-04-03 08:01:45 +02:00
Esben Sparre Andreasen
0b733b4f23 JS: treat the last argument to https.createServer as a route handler 2019-04-02 14:38:31 +02:00
semmle-qlci
02f4695a5b Merge pull request #1152 from esben-semmle/js/koa-improvements 
Approved by xiemaisi
 2019-04-02 08:51:19 +01:00
semmle-qlci
54b4e59d12 Merge pull request #1182 from esben-semmle/js/sourcenode-regexp-literals 
Approved by xiemaisi
 2019-04-01 21:58:58 +01:00
Esben Sparre Andreasen
2622fc64db JS: autoformat 2019-04-01 22:55:17 +02:00
Esben Sparre Andreasen
7fec005806 JS: use DataFlow::SourceNode in three locations in Koa 2019-04-01 22:55:17 +02:00
Esben Sparre Andreasen
919eed6630 JS: add koa tests 2019-04-01 22:55:17 +02:00
Esben Sparre Andreasen
00c8387bb3 JS: model Koa redirects 2019-04-01 22:55:17 +02:00
Esben Sparre Andreasen
298dbe13c4 JS: improve Koa model to account for aliases on the context object 2019-04-01 22:49:00 +02:00
Esben Sparre Andreasen
0e01988622 JS: add koa tests 2019-04-01 22:49:00 +02:00
Rebecca Valentine
2b6869fff3 updates expecteds to reflect changes in the test file 2019-04-01 11:21:21 -07:00
Rebecca Valentine
0d0adada42 fixes tests and adds test results to expecteds 2019-04-01 11:13:04 -07:00
Rebecca Valentine
a16b5d36a8 adds tests 2019-04-01 10:40:51 -07:00
semmle-qlci
a4de82de06 Merge pull request #1185 from xiemaisi/js/improve-amd-imports 
Approved by asger-semmle
 2019-04-01 16:30:47 +01:00
semmle-qlci
a7d9a50dcf Merge pull request #1176 from xiemaisi/js/fix-socket-io-type-tracking 
Approved by asger-semmle
 2019-04-01 13:57:13 +01:00
Esben Sparre Andreasen
364ba1b4ac JS: use RegExpLiteral as a SourceNode 2019-04-01 09:19:25 +02:00
Esben Sparre Andreasen
7923c9d77c JS: add tests for missing flow of regular expressions 2019-04-01 09:19:25 +02:00
Esben Sparre Andreasen
42d3012f81 JS: let RegExpLiteral be a DataFlow::SourceNode 2019-04-01 09:19:25 +02:00
semmle-qlci
ed0ef36427 Merge pull request #1035 from asger-semmle/firebase 
Approved by xiemaisi
 2019-03-29 13:44:02 +00:00
Max Schaefer
f5279b2a1d JavaScript: Resolve AMD imports based on absolute paths if there is only a single candidate. 2019-03-29 08:30:05 +00:00
Max Schaefer
b29b3dff4d JavaScript: Use proper camel-case for AMD-related class names. 2019-03-29 08:14:07 +00:00
semmle-qlci
35ea746045 Merge pull request #1172 from asger-semmle/hostname-prefix-sanitizer 
Approved by xiemaisi
 2019-03-28 11:55:10 +00:00
Max Schaefer
c097031c7e JavaScript: Fix uses of TypeTracker with custom flow steps. 
These steps need to check that the type hasn't been tracked into a property.
 2019-03-28 10:33:04 +00:00
Asger F
99dc2435af JS: update test 2019-03-27 15:03:04 +00:00
Asger F
42c0efd549 JS: add test 2019-03-27 13:21:45 +00:00
semmle-qlci
86040575b1 Merge pull request #1161 from esben-semmle/js/classify-mode-html 
Approved by xiemaisi
 2019-03-27 12:56:04 +00:00
Asger F
d4c7312d80 JS: more sanitizing prefixes 2019-03-27 11:22:31 +00:00
Asger F
50f2afb622 JS: add test 2019-03-27 11:20:39 +00:00
Esben Sparre Andreasen
3cd93129a6 JS: classify HTML files with > 20 elements on a line as generated 2019-03-26 08:03:56 +01:00
Max Schaefer
084159dcfd JavaScript: Teach type trackers to track flow through one level of properties. 2019-03-25 20:38:58 +00:00
Max Schaefer
9fbc0eb717 JavaScript: Switch from path summaries to step summaries for type tracking. 
This is sufficient since we are not doing summarisation.
 2019-03-25 20:37:05 +00:00
Max Schaefer
55394df96f JavaScript: Refactor HTTP libraries to use type tracking instead of tracked nodes. 2019-03-25 16:57:46 +00:00
Max Schaefer
74db8b1979 JavaScript: Use type tracking instead of tracked nodes in Express. 2019-03-25 16:57:46 +00:00
Esben Sparre Andreasen
4ab3407726 JS: add classification test cases 2019-03-25 10:45:44 +01:00
Max Schaefer
8c460ae385 Merge remote-tracking branch 'upstream/master' into rc/1.20-merge-master 
Conflict in `javascript/extractor/src/com/semmle/js/extractor/Main.java` resolved
in favour of `master`.
 2019-03-21 14:46:29 +00:00
Asger F
1a6c95c908 TS: update test expectation 2019-03-21 11:06:04 +00:00
Max Schaefer
4533e1f6fe JavaScript: Add model of adm-zip library for ZipSlip query. 2019-03-21 08:04:06 +00:00
Asger F
aaa8bfb874 TS: allow namespace imports as types 2019-03-20 10:09:18 +00:00
Max Schaefer
6fbf487524 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19 2019-03-19 14:09:03 +00:00