hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,802 Commits 1,673 Branches 157 Tags
0823f6c935d6c773b7d0459ea124d689be955f95
Commit Graph

1396 Commits

Author SHA1 Message Date
Asger F
0823f6c935 JS: fix use of dataOrTaint() 2019-05-23 10:16:41 +01:00
Asger F
37fa2446d4 JS: review comments 2019-05-23 10:16:31 +01:00
Asger F
07d508d1bf JS: Track taint through .replace() 2019-05-23 09:23:48 +01:00
Asger F
1ec3475457 JS: All of TaintedPath 2019-05-23 09:23:47 +01:00
Asger F
deb217326d JS: Update our own queries 2019-05-22 13:13:08 +01:00
Asger F
61ef73b0f7 JS: Add change note and deprecation member 2019-05-22 12:23:29 +01:00
Asger F
6246eb2fe3 JS: Refactor LabeledSantizerGuard 2019-05-22 12:08:03 +01:00
semmle-qlci
fe920ecfaa Merge pull request #1331 from asger-semmle/destructuring-assignment-fix 
Approved by xiemaisi
 2019-05-21 11:32:36 +01:00
semmle-qlci
2b5b8751ea Merge pull request #1316 from asger-semmle/incorrect-suffix-check-fps 
Approved by esben-semmle, xiemaisi
 2019-05-21 11:30:37 +01:00
Esben Sparre Andreasen
3af3c5413b Merge pull request #1318 from asger-semmle/prototype-pollution-query2 
Move prototype pollution query into suite
 2019-05-21 12:23:41 +02:00
Asger F
ba69e19e95 JS: Address doc review 2019-05-20 16:46:27 +01:00
Asger F
d4880540e8 JS: Update .expected after rebasing 2019-05-20 11:21:50 +01:00
Asger F
9989fcee21 JS: Add DataFlow::Configuration test 2019-05-20 09:22:02 +01:00
Asger F
87e0831872 JS: Fix flow for nested destructurings 2019-05-20 09:22:02 +01:00
Esben Sparre Andreasen
8256f2e736 Merge pull request #1308 from asger-semmle/exceptional-flow 
JS: Add flow through exceptions
 2019-05-17 08:33:44 +02:00
Asger F
65cbd47a2d Merge pull request #1314 from xiemaisi/js/fix-hardcoded-pw-fps 
JavaScript: Further broaden the whitelist in `PasswordInConfigurationFile`.
 2019-05-16 14:42:09 +01:00
Asger F
9293010e4c JS: Fix some FPs in IncorrectSuffixCheck 2019-05-16 10:56:17 +01:00
Asger F
8fe2319a23 JS: Fix lurking cartesian product in Express 2019-05-15 18:07:24 +01:00
Asger F
682f2790cd JS: Address comments 2019-05-15 10:09:56 +01:00
Asger F
778244878a JS: Normalize whitespace 2019-05-14 10:31:28 +01:00
Asger F
fd9765b99f JS: Add qhelp 2019-05-13 17:31:12 +01:00
Asger F
0c715f7540 JS: Lower precision to medium 2019-05-13 15:20:40 +01:00
Asger F
aaf503837d JS: Move prototype pollution into real query 2019-05-13 15:20:25 +01:00
Asger F
4db7aa6ed2 JS: Relax type inference to account for overriding 2019-05-13 10:18:19 +01:00
Max Schaefer
b478c0ddaa JavaScript: Further broaden the whitelist in PasswordInConfigurationFile. 2019-05-09 17:07:59 +01:00
semmle-qlci
9653fbd4f7 Merge pull request #1311 from emarteca/unreachableThrows 
Approved by xiemaisi
 2019-05-09 10:37:41 +01:00
Ellen Arteca
a12d12d59a JavaScript: Update UnreachableStmt query so unreachable throws no longer gives an alert 2019-05-08 16:25:54 +01:00
Asger F
27e8ea85f7 JS: Fix bug from sorting lines 2019-05-08 10:42:14 +01:00
Max Schaefer
c16e9a77f3 JavaScript: Fix a few false positives in PasswordInConfigurationFile. 2019-05-08 08:26:05 +01:00
Asger F
86885f4ff0 JS: Address comments 2019-05-07 18:00:36 +01:00
Asger F
7c9d20ae81 JS: Implement for TrackedNode to maintain consistency 2019-05-07 17:38:43 +01:00
Asger F
a3cf07af7e JS: Add flow steps through iteration callback 2019-05-07 13:52:31 +01:00
Asger F
e7bf485807 JS: Add another interprocedural flow test case 2019-05-07 10:33:01 +01:00
Asger F
3cbd6d3786 JS: Test case for nested statements 2019-05-07 10:26:30 +01:00
Asger F
f3a4acf0b2 JS: Add async functions to test 2019-05-07 10:11:42 +01:00
Asger F
1f897b4b63 JS: step through Error constructor and accept the potential FP 2019-05-07 10:11:41 +01:00
Asger F
b0090c2fe6 JS: Add test case for flow through new Error() 2019-05-07 10:11:41 +01:00
Asger F
36cefd8fc6 JS: Track taint through exceptions 2019-05-07 10:11:41 +01:00
Asger F
5c8dd7eedd TS: Add workaround for 'globalThis' getProperties() crash 2019-04-30 12:44:58 +01:00
Asger F
686d72c356 TS: Fix handling of 'export =' 2019-04-30 12:41:59 +01:00
semmle-qlci
3f70d91a11 Merge pull request #1288 from xiemaisi/js/fix-end-node-labels 
Approved by asger-semmle
 2019-04-30 07:32:29 +01:00
Max Schaefer
7ca5cc22d8 Merge pull request #1257 from asger-semmle/jsdoc 
JS: Add common interface between TypeExpr and JSDocTypeExpr
 2019-04-29 16:20:17 +01:00
Max Schaefer
8a34ea8b71 Merge pull request #1284 from esben-semmle/js/fix-azure-performance 
JS: fix azure performance
 2019-04-29 13:15:16 +01:00
semmle-qlci
52d6626547 Merge pull request #1242 from esben-semmle/js/whitelist-trailing-newline-removal 
Approved by xiemaisi
 2019-04-29 07:35:15 +01:00
Asger F
3e7bac465b JS: fix join ordering in SimpleParameter.getJSDocTag 2019-04-26 16:56:04 +01:00
Asger F
db3060d336 JS: Add missing override 2019-04-26 16:56:04 +01:00
Asger F
a17756c3d5 JS: Fix formatting 2019-04-26 16:56:04 +01:00
Asger F
9086dfdc6f JS: TypeAnnotation.getType() for backwards compatibility 2019-04-26 16:56:04 +01:00
Asger F
e9fcb670ff JS: Provide source locations for JSDocTypeExpr 2019-04-26 16:56:04 +01:00
Asger F
cf8c327a10 JS: make TypeAnnotation extend Locatable 2019-04-26 16:56:04 +01:00